About the courseThis course gives you a practical understanding of penetration testing.
- Learn how network protocol attacks and network reconnaissance works.
- Learn web penetration testing.
- Understand how database injections work.
- Get knowledge about web application vulnerabilities.
- One should have a basic understanding of windows/ Linux environment.
- Basic knowledge of the TCP/IP protocols.
- Strong desire to learn hacking and network security.
This course is designed for
Who is the target audience?
- Security Analyst, Security Consultant
- Individuals looking to learn penetration testing.
- Anyone want to start a career in IT Security with the knowledge of penetration testing.
Module 1: Introduction to Pen Testing
- 1.1 The need for Pen Testing
- 1.2 Methodology of Pen Testing
- 1.3 Ethics and Compliance to Legal Systems
Module 2: Pen Testing Engagement Lifecycle
- 2.1 Pen Testing Scope and Boundaries
Module 3: The Basics
- 3.1 Networking Concepts
- 3.2 Operating System Security
- 3.3 Application Layer Protocols
- 3.4 Cryptography Concepts Review
- 3.5 Wireless and Database Concepts Review
Module 4: Information Gathering & Social Engineering
- 4.1 Creating USB Payloads for Social Engineering Attacks
- 4.2 Gathering DNS Registration Information
- 4.3 Gathering Router
- 4.4 Firewall and IPS Information
- 4.5 Gathering Email Addresses from Public and Social Websites
- 4.6 Reading Metadata of Files Revealing Target Information
- 4.7 Hiding Attacks Using Onion Routing Network
Module 5: Target Discovery Fingerprinting & Enumeration
- 5.1 Discovering the Operating System Details
- 5.2 Port and Services Discovery using NMAP
Module 6: Vulnerability Mapping
- 6.1 Understanding Vulnerability Taxonomy
- 6.2 Discovering and Analyzing Weaknesses
Module 7: Target Exploitation & Privilege Escalation
- 7.1 Escalation for Windows and Linux
- 7.2 Choosing Attack Vectors
- 7.3 Performing Local and Remote Attacks
- 7.4 Gathering and Cracking Password Hashes using Mimikatz and John the Ripper
- 7.5 Attacking a Target through a Compromised Target (Pivoting)
- 7.6 Creating Man In The Middle Attacks through Spoofing
- 7.7 Sniffing Authentication Packets Revealing Passwords
- 7.8 Cracking Default Passwords with Password Lists and Rainbow Tables
Module 8: Maintaining Access & Covering Tracks
- 8.1 Creating Metasploit Backdoor Payloads
- 8.2 Antivirus
- 8.3 Firewall
- 8.4 and IPS Evasion Techniques
Module 9: Web Pen Testing & Database Injection
- 9.1 Bypassing Authentication using Cross Site Scripting
- 9.2 Revealing User Accounts and Passwords through Database Injection
Module 10: Documentation, Reporting & Presentation
- 10.1 Writing Pen Testing Reports
Request a detailed syllabus.
Get Answers (Answering their questions)
What kind of learning does ITlearn360.com provide?
ITlearn360.com offers instructor-led online live sessions and classroom-based corporate trainings and bootcamps for various courses and certifications to the learners.
Who are the instructors @ITlearn360.com?
@ITlearn360.com, we have an instructor community of industry professionals who are working in leading organizations and are veterans in their respective fields. These experts belong to various industries and are willing to share their talent with learners like you.
Are classes @ITlearn360.com conducted through online video streaming?
Yes, the classes @ITlearn360.com are conducted through online video streaming where there is two-way communication between users and instructors. The users can speak by using a microphone, chat by sending a message through a chat window and share their screens with an instructor. For better understanding, users also get recorded video of the class.