Students Penetration Tester Course

Summary

CYBER-GRADUATE  PROGRAM

Network Penetration Testing and Introduction Web App Penetration Testing v2

  • In this course the student will learn everything necessary to incorporate or redirect their skills within the job market with the highest growth projection in the coming years
  • This course provides in-depth analysis of the phases, methodology and techniques used during infrastructure pentesting and an introduction to the web application pentesting.
  • For absolute beginners in IT Security
  • The course material includes access to the academy, complementary material, exercises, videos and access to laboratories
  • On-line instructors to answer questions and provide follow-up
  • The course is 100% oriented to practice and exposes real-life professional scenarios
  • Theoretical and practical exams that, once passed, will award ICSP certification to the student
  • 90 days of access to virtual laboratories
Pre-Requisites

PRE-REQUISITES

  • Interest in cybersecurity
  • Basics of computing
  • Basic computer science
  • Basics of Computer Security is not mandatory
Information

COURSE INFORMATION

  • This course prepares students to handle audits and infrastructure pentesting that occur daily in the professional world
  • The course covers broad topics in the field of methodology, attack techniques and post-exploitation and reporting
  • You will learn to use the tools most used by malicious attackers and to use them as security auditors
  • The course material includes access to the academy, complementary material, exercises, videos and access to both laboratories
  • Exercises help put into practice the knowledge needed to locate and exploit vulnerabilities
Material

MATERIAL

  • +3 hours of video
  • Multi-platform access to the academy
  • online instructors to address concerns and offer follow-up
  • Practical exercises and concept tests
  • Final theoretical and practical exams to obtain ICSP certification
  • Private access to the labs 24×7 via VPN
This training course is for

THIS TRAINING  COURSE IS FOR

  • Pentester juniors
  • IT Professionals
  • Students who want to get started in the world of security
  • Security enthusiasts who want to expand their knowledge
You will be able to

Upon completion of this course you will be able

  • Develop a personalized scope and implement commitment rules for penetration testing projects to ensure that work is focused, well defined and performed securel
  • Learn how to carry out detailed recognition using metadata documents, search engines and other publicly available information sources to develop a technical and organizational understanding of the target environment
  • Learn methodologies and how to write high-level executive and technical reports
  • Learn about C and Python languages €‹€‹to build our tools and scripts
  • Use Nmap to perform full network scans, port scanning, operating system fingerprints.
  • Learn how to correctly execute Nmap Scripting Engine scripts to extract detailed information from target systems
  • Configure and deploy Nessus to discover vulnerabilities through authenticated and unauthenticated scans safely
  • Analyze the output of the scanning tools to manually verify the findings and perform a false positive reduction
  • Use the Windows and Linux command lines to loot target systems to obtain vital information that can further improve the progress of penetration tests.
  • Set up the Metasploit exploit tool to scan, explode and then pivot through a deep target environment
  • Apply a detailed methodology in your web application penetration tests: recognition, application map, discovery and exploitation.
  • Successfully analyze the results of the tools.
  • Validate the findings, determine their impact on the business and eliminate false positives
  • Discover and exploit web vulnerabilities manually
Hands-on Training

Real-Life Training Scenarios

  • Penetration Testing Labs
  • Vulnerable Networks
  • Student´s Labs
  • Web Application Labs
  • Microsoft Windows Labs
  • Exploiting Labs

VIRTUAL LABS

The most sophisticated virtual lab on Penetration Testing is now made available to practice as securely and realistically as possible, simulating real situations in the everyday life of a professional pentester. The student will connect via VPN to the remote virtual lab network where vulnerable workstations/servers will be made available for testing

Syllabus

Module 1: Introduction to penetration tests
Module 2: Review of Concepts
Module 3: Gathering phase
Module 4: Enumeration Phase
Module 5: Exploitation Phase
Module 6: Post-Exploitation Phase
Module 7: Systems
Module 8: Introduction to the Pentest of Web Applications
Module 1: Introduction to penetration tests
  • Basic concepts of a penetration test
  • Types of penetration tests and methodologies
  • Phases of a penetration test
  • Types of reports, presentation and deliverables
Module 2: Review of Concepts
  • OSI model and communication protocols
  • Sockets, introduction and exercises
  • Introduction to C ++. and exercises
  • Introduction to Python and exercises
Module 3: Gathering phase
  • Description of the gathering or collection phase
  • Most common methods and tools
  • Planning and management of information
  • Active and passive collection
  • Discovery of services and banners and evasion of detection systems
  • Useful videos and handling of Gathering tools
  • Use and management of Nmap
Module 4: Enumeration Phase
  • Discovery and enumeration services and banners and evasion of detection systems
  • Most common services and methods of exploitation SMTP, NetBIOS, SMB, X-Windows, etc.
  • Enumeration of Microsoft SQL, MySQL and Oracle databases
  • +15 exercises and practical videos with different tools and methods of the audited services
Module 5: Exploitation Phase
  • More extensive phase handled with greater depth
  • Most common tools: integration and use
  • Nessus, Nmap, OpenVAS, social engineering, brute force, analysis with Wireshark
  • Concept tests, videos and practical exercises
Module 6: Post-Exploitation Phase
  • Manual penetration test: techniques and tips
  • Review of services, system variables, configuration files and logs
  • Elevation of Pivoting privileges and port forwarding techniques
  • We will also look at Pivoting techniques and learn how to do Port Forwarding
  • Traffic redirection techniques, pass the hash, how to get out of a limited prompt, among others
  • Concept tests, videos and practical exercises
Module 7: Systems
  • Manual penetration test: techniques and tips
  • Introduction to cryptography and algorithm analysis
  • Review of services, system variables, configuration files and logs
  • Attacks on passwords, use of dictionaries
  • Attacks on online services
  • Concept tests, videos and practical exercises
Module 8: Introduction to the Pentest of Web Applications
  • Introduction to web application pentesting
  • Basic concepts of web infrastructure and most common vulnerabilities
  • SQLi, XSS, LFI or RFI attacks
  • Videos, exercises and concept tests
  • Dedicated frameworks where you can practice and learn new techniques
CYBER-GRADUATE PROGRAM
399€
Menu