In Advanced Penetration Testing, Exploit Writing, and Ethical Hacking, people will learn the ability to test secure networks.
In the advanced network penetration testing period, passing the layer 2 and 3 security mechanisms such as NAC, 802.1x and evaluating the coded mechanisms for proper implementation will be examined. In the other part of the advanced network penetration testing period, the level of access in different operating systems will increase. The new buffer overflow mechanisms are examined
Course Title :
Course duration: 30 hours
Prerequisites for Network Concepts Course
Course level: Advanced
* This article was originally published here
In the advanced network penetration testing period, passing the layer 2 and 3 security mechanisms such as NAC, 802.1x and evaluating the coded mechanisms for proper implementation will be examined. In the other part of the advanced network penetration testing period, the level of access in different operating systems will increase. The new buffer overflow mechanisms are examined
Course Title :
Code:
Section1: Network Attacks for Penetration Testers
Bypassing network access/admission control (NAC)
Impersonating devices with admission control policy exceptions
Exploiting EAP-MD5 authentication
Custom network protocol manipulation with Ettercap and custom filters
Multiple techniques for gaining man-in-the-middle network access
IPv6 for penetration testers
Exploiting OSPF authentication to inject malicious routing updates
Using Evilgrade to attack software updates
Overcoming SSL transport encryption security with Sslstrip
Remote Cisco router configuration file retrieval
Section 2: Crypto, Network Booting Attacks, and Escaping Restricted Environments
Pen testing cryptographic implementations
Exploiting CBC bit flipping vulnerabilities
Exploiting hash length extension vulnerabilities
Delivering malicious operating systems to devices using network booting and PXE
PowerShell Essentials
Enterprise PowerShell
Post Exploitation with PowerShell and Metasploit
Escaping Software Restrictions
Two-hour evening Capture the Flag exercise against a modern network with hardened servers, desktops, and vApp targets
Section 3: Python, Scapy, and Fuzzing
Becoming familiar with Python types
Leveraging Python modules for real-world pen tester tasks
Manipulating stateful protocols with Scapy
Using Scapy to create a custom wireless data leakage tool
Product security testing
Using Taof for quick protocol mutation fuzzing
Optimizing your fuzzing time with smart target selection
Automating target monitoring while fuzzing with Sulley
Leveraging Microsoft Word macros for fuzzing .docx files
Block-based code coverage techniques using Paimei
Section 4: Exploiting Linux for Penetration Testers
Stack and dynamic memory management and allocation on the Linux OS
Disassembling a binary and analyzing x86 assembly code
Performing symbol resolution on the Linux OS
Identifying vulnerable programs
Code execution redirection and memory leaks
Identifying and analyzing stack-based overflows on the Linux OS
Performing return-to-libc (ret2libc) attacks on the stack
Return-oriented programming
Defeating stack protection on the Linux OS
Defeating ASLR on the Linux OS
Section 5: Exploiting Windows for Penetration Testers
The state of Windows OS protections on Windows 7, 8, 10, Server 2008 and 2012
Understanding common Windows constructs
Stack exploitation on Windows
Defeating OS protections added to Windows
Creating a Metasploit module
Advanced stack-smashing on Windows
Using ROP
Building ROP chains to defeat DEP and bypass ASLR
Windows 7 and Windows 8 exploitation
Porting Metasploit modules
Client-side exploitation
Windows ShellcodeCourse duration: 30 hours
Prerequisites for Network Concepts Course
Course level: Advanced
Send me a private message to buy
* This article was originally published here
Comments
Post a Comment