Ethical Hacking – Pentest Training (Penetration Testing)

Categories: , ,

Ethical Hacking - Pentest Training (Penetration Testing) Training

Get Information

With the development of technology, the need for competent human resources has arisen in all sectors where the importance of cyber security has increased. With this training, you can make a quick entry into the sector; you can improve yourself from entry level to advanced level with the concept of cyber security from an ethical hacking perspective.

In this training, which we aim to train experts who adopt proactive approaches to cyber security by using the tools and techniques used in today’s cyber attacks, all processes and applications for the protection of networks, programs, devices and data are covered.
It includes general information on security of operating systems, network, endpoint security, mobile systems and their security, national and international standards, attack and defense methods.

Penetration testing is the imitation of possible attacks on information systems and sensitive data by cyber hackers. As a result of this exercise, companies can eliminate the vulnerabilities in their systems and become protected against attacks by hackers.

The main outlines of penetration tests are generally the detection and analysis of applications or software running in the system and the assessment of whether they contain vulnerabilities.

PenetrationTesting, also known as Pen Testing, is a simulated cyber attack on your computer system to check for vulnerabilities. In the context of web application security, penetration testing is often used to harden and increase the effectiveness of a Web Application Firewall(WAF).

Penetration tests have many benefits for organizations, for example:

– Companies are provided with a detailed report on the vulnerabilities of their systems, as a result of this report, companies can close the vulnerable points of their systems, strengthen their systems and become protected against possible attacks.

– Companies should take the necessary precautions before they are attacked, not after they are attacked. Otherwise, moral (reputation, trust, etc.) and large financial losses constitute a major disadvantage for the company.

– In our country, when data leakage is encountered as a result of possible attacks within the scope of KVKK (Personal Data Protection Law) numbered 6698, serious financial sanctions are imposed on the relevant institution and its corporate reputation is damaged. Within the scope of KVKK, companies are obliged to carry out various security tests and especially to keep their customers’ data confidential.

With this training, you will be able to see the most detailed content of all the topics you can think of, from the details of the penetration test types of the test, penetration test methods, penetration test stages, to what to do to protect yourself.

By the end of the training, you will be able to conduct a real hacking attack and protect yourself and organizations against these attacks.

About Education

Education Objectives:

  • Specialize in Penetration Testing,
  • Spinning around the network axis, running exploit codes in your favor, or grasping Bash, Python, Perl and Ruby scripts,
  • Ability to perform advanced techniques and attacks to identify SQL injection, Cross-site scripting (XSS), LFI, RFI vulnerabilities in web applications,
  • To be able to submit a professional and industry-accepted report with management and technical involvement,
  • To learn and comprehend internationally recognized penetration testing methodologies in the best way,
  • Write exploit code to gain access to a vulnerable system or application,
  • Exploiting vulnerabilities in operating systems such as Windows and Linux,
  • To be able to perform privilege escalation to gain root access to a system,
  • Learning to think like a “pentester”,
  • To be able to perform penetration tests using vulnerability discovery methodologies and penetration methods by exploiting these vulnerabilities,
  • In addition, developing modules and custom Meterpreter scripts with the Metasploit Framework to further improve their penetration testing knowledge,
  • It is aimed that the participants will be able to reach the level of knowledge to have CPENT, Certified Ethical Hacker (CEH), Licensed Penetration Tester (LPT) Master Credential or an equivalent certificate or skill.

Training Content – GENERAL TITLES

ETHICAL HACKING & PENETRATION TESTING

  • Introduction to Ethical Hacking
  • Discovery
  • Network Scans
  • What is Ethical Hacking?
  • Cyber Security
  • Ethical Hacking and Information Security
  • Careers in Ethical Hacking
  • Introduction to Linux
  • Introduction to Cryptology
  • Passive Information Gathering in Ethical Hacking
  • Port and Services Scans
  • Application Security in Ethical Hacking
  • XSS Attacks
  • File Include Attacks
  • CSRF Attacks
  • HTTP Parameter Pollution (HPP) Attacks
  • CRLF Injection Attacks
  • Application Logic Attacks
  • Application Logic Attacks – Examples
  • Race Conditions Attacks
  • XML External Entity Attacks
  • Remote Code Execution (RCE) Attacks
  • Enumeration
  • Vulnerability Analysis
  • System Hacking
  • Malware Threats
  • Sniffing
  • Social Engineering
  • Denial-of-Services
  • Session Hijacking
  • IDS, Firewall and Honeypot Bypassing
  • Web Server Hacking
  • Web Application Hacking
  • SQL Injection
  • Wireless Network Hacking
  • Mobile Platform Hacking
  • IoT Hacking
  • Cloud Computing
  • System Security in Ethical Hacking
  • Network Security in Ethical Hacking
  • Reverse Engineering
  • Red Team (Introduction to Red Team Attacks)

  • Introduction to Penetration Testing
  • Penetration Testing Scoping and Interaction
  • Open Source Intelligence (OSINT)
  • Social Engineering Penetration Testing
  • Network Penetration Test – External
  • Network Penetration Test – Internal
  • Network Penetration Testing – Peripheral Devices
  • Web Application Penetration Testing
  • Wireless Penetration Test
  • IoT Penetration Testing
  • OT/SCADA Penetration Test
  • Cloud Penetration Testing
  • Binary Analysis and Exploitation
  • Report Writing and Post-Testing Actions

 

Training Content – DETAILED TITLES

ETHICAL HACKING & PENETRATION TESTING

  • Definitions : Threat, Vulnerability, Risk, Vulnerability
  • Attack Types:Active Attack, Passive Attack, Internal Attack, External Attack
  • Ethical Hacking and Penetration Testing Concept
  • Ethical Hacking and Penetration Testing Types: Network Security Tests, Web Application Tests,
  • Client Tests, Wireless Security Tests
  • Shortcomings of Ethical Hacking and Penetration Testing Approaches
  • Other Approaches to Detecting Security Vulnerabilities
  • Overview of Test Methodologies (OSSTMM, NIST 800-42, OWASP, Penetration Testing Framework)
  • Ethical Hacking Test Tools and Exploit Resources
  • The Environment to be Used During the Tests and Things to Consider
  • Overview of Ethical Hacking and Penetration Testing Steps
  • Scope and “Rules of Engagement” in Ethical Hacking and Penetration Testing
  • Test Steps to be Applied in Ethical Hacking and Penetration Tests
  • Reporting process, Mandatory Information in the Report and Matters to be Considered
  • Legal Considerations During Tests
  • First Step in Ethical Hacking andPenetration Testing: Information Gathering
  • Inventorying in Scope
  • Search Engines and Information Extraction on the Web
  • Whois Usage
  • IP Block Assignments and Regional Internet Registration Authorities (ARIN, RIPE, etc.)
  • Information Collection via DNS (nslookup, Recurse-Norecurse queries, Dig, Zone Transfer)
  • Information Collection with Maltego
  • Google Hacking and GHDB (Google Hacking Database)

**

  • Screening Phase and Screening Types
  • Scan Step Tips
  • Using Sniffer During Scanning, Advantages and tcpdump
  • Network Scanning Tools (Angry IP and ICMPQuery)
  • Network Scanning with Hping
  • Using Network Trace and Traceroute
  • Port Scanning
  • TCP and UDP Basic Features and Their Effects on Port Scanning
  • Introduction to Advanced Port Scanning Techniques with Nmap (Packet trace, timing, ping, traceroute features)
  • TCP Port Scan Types with Nmap (Connect Scan, SYN Scan, ACK Scan, FTP Bounce Scan)
  • UDP Port Scanning with Nmap
  • Operating System Detection
  • Operating System Detection with Active and Passive Methods
  • Version Scanning
  • Version Scanning with Amap
  • Vulnerability Scanning
  • Vulnerability Scanning Approaches
  • Nmap Scripting Engine (NSE) Overview
  • NSE Script Categories
  • NSE Usage
  • Vulnerability Scanning with Nessus
  • Overview of Other Vulnerability Scanning Software
  • Import User Accounts (via Windows Null Session, Finger, LDAP)
  • Netcat Usage and Advanced Netcat Usage Scenarios

**

  • Exploitation
  • What is an Exploit?
  • Exploit Categories (Server Side, Client Side, Local Upgrade)
  • Introduction to Metasploit
  • Metasploit Modules (Exploit, Payload, Stager, Stage)
  • Meterpreter Details
  • Non-Metasploit Exploits
  • Shell and Terminal Access Dilemma, Problems and Solutions
  • Relay Scenarios with Netcat
  • What Can Be Done After Exploit (File Transfer, Collecting Extra Data on the Compromised System)
  • Remote Command Execution Methods on Windows Systems (using psexec, at, schtasks, sc, wmic)
  • Advanced Windows Command Line Techniques for Ethical Hacking and Penetration Testing
  • Client Hijacking Methods with Client-Side Exploits and Sample Application

**

  • Password Attacks
  • Introduction to Password Cracking and Password Guessing
  • Tips for Password Attacks
  • Account Lockout Scenarios in Windows and Linux (Account Policy and PAM)
  • Password Prediction with THC-Hydra
  • Using Pw-inspector
  • Password Formats
  • Password Formats in Windows SAM Database
  • Password Formats in Active Directory
  • LANMAN Hash Algorithm
  • NT Hash Algorithm
  • Challenge/Response in Windows Networks (LANMAN Challenge/Response, NTLMv1, NTLMv2,
  • Microsoft Kerberos)
  • LANMAN and NTLMv1 Challenge/Response
  • NTLMv2 Challenge/Response
  • Password Formats in Linux and Unix
  • Intercepting Password Hashes
  • Pwdump6, Fgdump, Metasploit Priv Module
  • John the Ripper
  • John the Ripper Configuration File and Password Cracking Modes
  • pot and john.rec Files
  • John the Ripper Patches, John the Ripper in Speed and Distributed Structure
  • Cain as a Password Cracking Tool
  • Cain’s Sniffer Features
  • ARP-Poisoned Routing with Cain
  • Auxiliary Tools in Cain
  • Rainbow Tables, Creation Logic and Usage
  • Using Rainbow Table with Ophcrack
  • Pass-the-Hash Technique
  • Pass-the-Hash with pshtoolkit, SAMBA and Metasploit

**

  • Wireless Networks
  • Vulnerabilities in Wireless Networks
  • Hardware Selection in Wireless Security Tests (Wireless Cards, Antennas, GPS)
  • Wireless Network Basics (802.11 b/g Channels, SSID, Handshake Steps in 802.11)
  • Methods for Detecting Wireless Networks (Managed/Monitor Interface Modes)
  • Using Sniffer in Wireless Networks
  • Wireless Sniffing with Kismet
  • Wireless Network Detection with NetStumbler and Cain
  • SSID Cloaking
  • Crypto Attacks on Wireless Networks
  • Wired Equivalent Privacy Protocol (WEP) Basics, Operation, Weaknesses
  • Wifi Protected Access (WPA)
  • Attack Tools with WPA1 and WPA2
  • Aircrack-ng
  • Dictionary Attacks with CoWPAtty
  • Wireless Client Attacks (Airpwn, AirJack, Karma, Karmasploit)
  • Web Applications
  • Introduction to Web Applications
  • Web Server Vulnerabilities and Nikto
  • Examples of Manual Confirmation of Nikto Results
  • Paros Proxy and Features (HTTP Request and Response Capture, Vulnerability Scanning, Request Editor, Hash Calculator)
  • Injection Attacks
  • Cross Site Request Forgery (XSRF)
  • Cross-Site Scripting Attacks (Reflected, Stored XSS Attacks)
  • Command Injection (Non-Blind, Blind Command Injection)
  • SQL Injection (Executing Commands on the Server with SQL Injection, Blind SQL Injection)

Who Should Receive the Training?

  • Information Security Experts,
  • IT Professionals Who Want to Perform In-House Penetration Testing,
  • Experts Who Want to Perform Professional Penetration Testing,
  • Network Experts,
  • Application Security Experts
  • Those who want to learn Ethical Hacker Basics,
  • Those who want to learn and use Penetration Testers,
  • Network Server Administrators,
  • Firewall Administrators,
  • Those who want to learn about Safety Test Equipment,
  • System Administrators
  • Risk Assessment Specialists,
  • Those who want to have knowledge about cyber security,
  • Those who plan a career in penetration testing and want to enter this sector,
  • Those who want to have knowledge about information security,
  • Those who want to protect themselves from hacker attacks,
  • Anyone who wants to learn the latest hacking methods and software.

Requirements

  • Participants should have a basic knowledge of Computer Networks, Network Protocols, Server Network Services, Virtualization, Database Concepts as well as Web Sites.
  • Familiarity with Kali or Parrotos and Common Penetration Testing Tools,
  • To have basic knowledge of utilization of Windows and Linux Hosts,
  • To have knowledge about Privilege Escalation in Linux and Windows,
  • Getting Familiar with Wireless Penetration Testing,
  • Basic knowledge of systems, cloud and networking is required.

Plan this training institutionally!

This training can be planned in different durations and content specific to your organization. Please contact us for detailed rich content and planning to realize your training objectives.

Get in touch

Additional information

Lokasyon

Online

Kontenjan

20

Eğitmen

Academy Club