Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Introduction
- Overview of Kali Linux.
- Installation and configuration of Kali Linux.
- Usage and updates for Kali Linux.
Penetration Testing Standards and Classification
- Open Web Application Security Project (OWASP).
- Licensee Penetration Testing (LPT).
- White box and black box testing.
- Distinction between penetration testing and vulnerability assessment.
Advanced Penetration Methodology
- Defining the target framework and scope.
- Collecting client requirements.
- Creating a test plan checklist.
- Defining test boundaries.
- Conducting advanced penetration testing using Kali Linux.
Information Discovery
- Advanced Google hacking techniques.
- Collecting DNS and WHOIS information.
- Gathering routing and network data.
- Consolidating comprehensive information.
Scanning and Enumerating Targets
- Advanced network scanning.
- Port and UDP port scanning.
- Stealth port scanning techniques.
- Packet crafting with Hping.
- Nmap scanning and plugin usage.
- Active and passive banner grabs for system OS enumeration.
- Enumerating users, groups, and shared resources.
- Enumerating DNS resource records and network devices.
Vulnerability Assessment Tools
- Nessus.
- OpenVAS.
Target Exploitation
- Setting up Metasploit.
- Executing exploits with Metasploit.
- Managing Meterpreter sessions.
- VNC exploitation.
- Extracting password hashes.
- Adding custom modules to Metasploit.
- Utilizing the Immunity Debugger.
- Writing custom exploits.
Privilege Escalation and Access Maintenance
- Cracking password hashes.
- Cracking passwords for Telnet, SSH, and FTP.
- Using Metasploit post-exploitation modules.
- Protocol tunneling.
- Proxy usage.
- Installing persistent backdoors.
Advanced Sniffing
- ARP poisoning.
- DHCP starvation.
- MAC flooding.
- DNS poisoning.
- Sniffing credentials from secured websites.
Denial of Service (DoS) Attacks
- Syn flood attack.
- Application request flood attack.
- Service request flood.
- Permanent denial of service attacks.
Penetration Testing Techniques
- Web penetration testing.
- Wireless penetration testing.
Exploitation and Client-Side Attacks
- Exploiting browser vulnerabilities.
- Buffer overflow techniques.
- Fuzzing.
- Fast-track hacking.
- Phishing for passwords.
- Generating backdoors.
- Java applet attacks.
Firewall Testing
- Overview of firewalls.
- Testing firewalls and ports.
- Rules and guidelines for firewall testing.
Management and Reporting
- Documentation and result verification.
- Dradis framework.
- Magictree and Maltego.
- Data collection and evidence management.
- Report types and presentation strategies.
- Post-testing procedures.
Summary and Next Steps
Requirements
- Foundational knowledge of using Kali Linux for penetration testing.
- Basic understanding of Linux/Unix operating systems and networking concepts.
- Familiarity with network vulnerabilities.
Target Audience
- Ethical hackers.
- Penetration testers.
- Security engineers.
- IT professionals.
21 Hours
