Penetration testing – detecting and exploiting vulnerabilities Training Course

How to test network and service security

• Penetration testing – what is it?
• Penetration testing vs. audit – similarities, differences, what is correct?
• Practical problems – what could go wrong?
• Scope of tests – that is, what do we want to check?
• Sources of best practices and recommendations.

Penetration testing – reconnaissance

• OSINT – that is, obtaining information from public sources.
• Passive and active methods of network traffic analysis.
• Identifying services and network topology.
• Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on testing.

Penetration testing – vulnerability searching

• Reconnaissance of systems and their versions.
• Searching for vulnerabilities in systems, infrastructure, and applications.
• Vulnerability assessment – that is, "will it hurt?"
• Exploit sources and the ability to customize them.

Penetration testing – attack and gaining control

• Types of attacks – how are they conducted and what are the consequences?
• Attacking using remote and local exploits.
• Attacks on network infrastructure.
• Reverse shell – how to manage a taken-over system.
• Privilege escalation – that is, how to become an administrator.
• Ready-made "hacking tools".
• Analysing a taken-over system – interesting files, saved passwords, private data.
• Special cases: web applications, Wi-Fi networks.
• Social engineering – that is, how to "break" a person if the systems cannot be broken.

Penetration testing – covering tracks and maintaining access

• Logging and activity monitoring systems.
• Cleaning logs and covering tracks.
• Backdoor – that is, how to leave yourself an open entry.

Penetration testing – summary

• Preparing the report and its structure.
• Delivering and consulting the report.
• Verifying the implementation of recommendations.