Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Introduction
- Overview of Kali Linux.
- Installing and configuring Kali Linux.
- Using and updating Kali Linux.
Penetration Testing Standards and Classification
- Open Web Application Security Project (OWASP).
- Licensee Penetration Testing (LPT).
- White box and black box testing approaches.
- Difference between penetration testing and vulnerability assessment.
Advanced Penetration Methodology
- Defining the target framework and scope.
- Gathering client requirements.
- Test plan checklist.
- Profiling test boundaries.
- Executing advanced penetration testing using Kali Linux.
Information Discovery
- Advanced Google hacking techniques.
- Gathering DNS and WHOIS information.
- Collecting route and network information.
- Consolidating all-in-one information gathering.
Scanning and Enumerating the Target
- Advanced network scanning.
- Port and UDP port scanning.
- Stealth port scanning techniques.
- Packet crafting with Hping.
- Nmap scanning and plugins.
- Active and passive banner and OS enumeration.
- Enumerating users, groups, and shares.
- Enumerating DNS resource records and network devices.
Vulnerability Assessment Tools
- Nessus.
- OpenVAS.
Target Exploitation
- Setting up Metasploit.
- Exploitation with Metasploit.
- Meterpreter sessions.
- VNC exploitation.
- Stealing password hashes.
- Adding custom modules to Metasploit.
- Using Immunity Debugger.
- Writing exploits.
Privilege Escalation and Access Maintenance
- Cracking password hashes.
- Cracking Telnet, SSH, and FTP passwords.
- Using Metasploit post-exploitation modules.
- Protocol tunneling.
- Proxy configuration.
- Installing persistent backdoors.
Advanced Sniffing
- ARP poisoning.
- DHCP starvation.
- MAC flooding.
- DNS poisoning.
- Sniffing credentials from secured websites.
Denial of Service (DoS) Attacks
- SYN flood attacks.
- Application request flood attacks.
- Service request floods.
- Permanent denial of service attacks.
Penetration Testing Focus Areas
- Web penetration testing.
- Wireless penetration testing.
Exploitation and Client-Side Attacks
- Exploiting browser vulnerabilities.
- Buffer overflow techniques.
- Fuzzing.
- Fast-track hacking.
- Phishing for passwords.
- Generating backdoors.
- Java applet attacks.
Firewall Testing
- Firewall overview.
- Testing firewalls and ports.
- Rules for testing firewalls.
Management and Reporting
- Documentation and results verification.
- Dradis framework.
- Magic Tree and Maltego.
- Data collection and evidence management.
- Report types and presentation.
- Post-testing procedures.
Summary and Next Steps
Requirements
- Basic familiarity with using Kali Linux for penetration testing.
- Fundamental understanding of Linux/Unix operating systems and networking concepts.
- Awareness of network vulnerabilities.
Target Audience
- Ethical hackers.
- Penetration testers.
- Security engineers.
- IT professionals.
21 Hours
