Ethical Penetration Testing
95-883
Units: 6
Description
This course will introduce students to professional penetration testing by teaching offensive tactics along with the appropriate methodologies and responsibilities it takes to ethically attack systems. The majority of time will be spent in hands-on labs performing reconnaissance, discovering vulnerabilities, developing exploits, and carefully penetrating targets.
Learning Outcomes
- Becoming a penetration tester
- Methodologies
- Penetration testing lifecycle
- Scoping
- Rules of Engagement
- Pen testing vs. red teaming
- External vs. internal
- Ethics
- Confidentiality
- Handling PII
- Business continuity
- Staying within scope
- Confidentiality
- Hacking within the law
- Statutes and Acts
- Disclosure policies
- Reporting
- Technical vs. business level language
- Client interaction
- Methodologies
- Reconnaissance
- Knowing your target
- Public information
- DNS, site cache, public hosted docs, etc.
- Google Dorks
- Maltego and other tools
- Network scanning
- Host/port discovery
- Using Nmap
- Data analysis
- Interpreting results
- Parsing results
- EyeWitness
- Dirbuster
- Brute-force attacks
- Hydra
- SNMP
- Vulnerability Scanning
- Identifying and testing false positives
- Vulnerability signatures
- CVSS scores
- OpenVAS
- Ethical exploitation
- Attacking network services
- Anonymous FTP
- Default Credentials
- Metasploit Framework
- Background
- Community development
- Structure
- Using exploits
- Configuring options
- Payloads/Shellcode
- Meterpreter/reverse shells/bind shells
- Singles vs. stagers
- Msfvenom
- Session management
- Background
- C2 Frameworks
- Anti-virus evasion
- Understanding AV signatures
- Using Veil
- Windows AD Overview
- Intro to post-exploitation
- Searching for sensitive files
- Privilege Escalation
- Local exploits
- Group Policy Preferences
- Extracting passwords
- Hashdump
- Mimikatz
- Persistence
- Intro to Web Exploitation
- Identifying vulnerabilities
- Dirbuster
- Nikto
- SQL injection
- Background
- SQLMap
- Cross-site Scripting
- Reflected vs. persistent
- Session hijacking
- Web shells
- File inclusion
- Remote vs. Local
- Identifying vulnerabilities
- Additional Topics
- WiFi
- IoT
- Cloud
Prerequisites Description
None