Get in Touch

Course Outline

Introduction

  • Overview of Kali Linux.
  • Installing and configuring Kali Linux.
  • Using and updating Kali Linux.

Penetration Testing Standards and Classification

  • Open Web Application Security Project (OWASP).
  • Licensee Penetration Testing (LPT).
  • White box and black box testing methodologies.
  • Distinctions between penetration testing and vulnerability assessment.

Advanced Penetration Methodology

  • Defining target frameworks and scope.
  • Gathering client requirements.
  • Test plan checklists.
  • Profiling test boundaries.
  • Executing advanced penetration testing using Kali Linux.

Information Discovery

  • Google hacking techniques.
  • Gathering DNS and WHOIS information.
  • Gathering routing and network data.
  • Aggregating comprehensive intelligence.

Scanning and Enumerating Target

  • Advanced network scanning.
  • Port and UDP port scanning.
  • Stealth port scanning techniques.
  • Packet crafting with Hping.
  • Nmap scanning and plugins.
  • Active and passive banner grabbing, including system OS enumeration.
  • Enumerating users, groups, and shares.
  • Enumerating DNS resource records and network devices.

Vulnerability Assessment Tools

  • Nessus.
  • OpenVAS.

Target Exploitation

  • Setting up Metasploit.
  • Exploitation with Metasploit.
  • Meterpreter sessions.
  • VNC exploitation.
  • Stealing password hashes.
  • Adding custom modules to Metasploit.
  • Using Immunity Debugger.
  • Writing exploits.

Privilege Escalation and Access Maintenance

  • Breaking password hashes.
  • Cracking Telnet, SSH, and FTP passwords.
  • Utilizing Metasploit post-exploitation modules.
  • Protocol tunneling.
  • Proxy configurations.
  • Installing persistent backdoors.

Advanced Sniffing

  • ARP poisoning.
  • DHCP starvation.
  • MAC flooding.
  • DNS poisoning.
  • Sniffing credentials from secured websites.

DoS Attacks

  • SYN attacks.
  • Application request flood attacks.
  • Service request floods.
  • Permanent denial of service attacks.

Penetration Testing

  • Web penetration testing.
  • Wireless penetration testing.

Exploitation and Client-Side Attacks

  • Exploiting browser vulnerabilities.
  • Buffer overflow techniques.
  • Fuzzing.
  • Fast-track hacking.
  • Phishing for passwords.
  • Generating backdoors.
  • Java applet attacks.

Firewall Testing

  • Firewall overview.
  • Testing firewalls and ports.
  • Rules of firewall testing.

Management and Reporting

  • Documentation and results verification.
  • Dradis framework.
  • Magic tree and Maltego tools.
  • Data collection and evidence management.
  • Report types and presentation strategies.
  • Post-testing procedures.

Summary and Next Steps

Requirements

  • Foundational knowledge of using Kali Linux for penetration testing.
  • Basic understanding of Linux/Unix operating systems and networking concepts.
  • Familiarity with network vulnerabilities.

Audience

  • Ethical hackers.
  • Penetration testers.
  • Security engineers.
  • IT professionals.
 21 Hours

Number of participants


Price per participant

Provisional Upcoming Courses (Require 5+ participants)

Related Categories