Caricamento...
CAST611

CAST - Advanced Penetration Testing

Prezzo

€ 3,500.00
(Iva esclusa)

Scheda tecnica

Scarica

Giorni

5 gg
Il corso è Hands-On al 100%.
 
Il corso insegnerà come fare un test di sicurezza professionale e produrre la cosa più importante da un test: i risultati e la relazione.

Man mano che il corso andrà avanti, aumenterà il livello di difficoltà.
Ci saranno difese da sconfiggere e sfide da superare. Questa non sarà la tipica rete FLAT.
Si incontreranno le migliori difese di oggi e si impareranno le più recenti tecniche di evasione.

Il formato utilizzato si è dimostrato valido ed efficae ed è stato utilizzato per addestrare più di 1000 penetration tester a livello mondiale
 
Gli studenti, dopo la frequenza di questo corso avranno una profonda conoscenza delle seguenti aree:
 
  • Advanced Scanning methods
  • Attacking from the Web
  • Client Side Pen-testing
  • Attacking from the LAN
  • Breaking out of Restricted Environments
  • Bypassing Network-Based IDS/IPS
  • Privilege Escalation
  • Post-Exploitation


Il corso è rivolto a Information security professionals, Penetration Testers, IT managers, IT auditors


  • CONTENUTI

1. Information gathering and OSINT

  • Nslookup
  • Dig
  • dnsenum
  • dnsrecon
  • dnsmap
  • reverseraider
  • Enumeration of DNS with fierce
  • Internet registrars and whois
  • Enumeration with the Harvester
  • ServerSniff
  • Google Hacking Database
  • metagoofil
  • Cloud Scanning with Shodan

2. Scanning

  • Scanning with the Nmap tool
    • Scan for live systems
    • Scan for open ports
    • Identify services
    • Enumerate
    • Output the scanner results in an XML format for display
  • Scanning with autoscan
  • Scanning with Netifera
  • Scanning with sslscan
  • Scanning and Scripting with Hping3
  • Building a Target Database

RANGE: Live Target Range Challenge Level One

3. Enumeration

  • Enumerating Targets
  • Enumerating SNMP
  • Using the nmap scripting engine
  • Enumerating SMB
  • OS Fingerprinting

4. Vulnerability Analysis

  • Vulnerability Sites
  • Vulnerability Analysis with OpenVAS
  • Vulnerability Analysis with Nessus
  • Firewalls and Vulnerability Scanners
  • Vulnerability Analysis of Web Applications
    • XSS
    • CSRF
    • SQL Injection
    • Others
  • Vulnerability Scanning with W3AF
  • Vulnerability Scanning with Webshag
  • Vulnerability Scanning with Skipfish
  • Vulnerability Scanning with Vega
  • Vulnerability Scanning with Proxystrike
  • Vulnerability Scanning with Owasp-zap

RANGE: Live Target Range Challenge Level Two

5. Exploitation

  • Exploit Sites
  • Manual Exploitation
    • Scanning the target
    • Identifying vulnerabilities
    • Finding exploit for the vulnerability
    • Prepare the exploit
    • Exploit the machine
  • Exploitation with Metasploit
    • Scan from within Metsaploit
    • Locate an exploit, and attempt to exploit a machine
  • Exploiting with Armitage
    • Scan from within Armitage
    • Managing targets in Armitage
    • Exploiting targets with Armitage
  • Exploitation with SET
    • Setup SET
    • Access compromised web site using Java attack vector
    • Gain user-level access to the latest Windows machines
    • Perform privilege escalation
    • Gain system-level access to the latest Windows machines
    • Extract data with scraper
    • Extract data with winenum
    • Analyze the pilfered data
    • Kill the antivirus protection

6. Post Exploitation

  • Conduct local assessment
    • Conduct the scanning methodology against the machine
    • Identify vulnerabilities
    • Search for an exploit
    • Compile the exploit
    • Attempt to exploit the machine
    • Migrate the exploit to another process
    • Harvest information from an exploited machine
    • Capture and crack passwords
    • Copy files to and from an exploited machine

RANGE: Live Target Range Challenge Four

7. Data Analysis and Reporting

  • Compiling Data in MagicTree
    • Take tool output and store it in a usable form
  • Compiling Data in Dradis
    • Storing OpenVAS results
  • Developing a Professional Report
    • Identify the components of a report.
      • Cover Page
      • Table of Contents
      • Executive Summary
      • Host Table
      • Summary of findings
      • Detailed Findings
      • Conclusion
      • Appendices
  • Reviewing findings and creating report information
    • Conducting systematic analysis
      • Validation and verification
      • Severity
      • Description
      • Analysis/Exposure
      • Screenshot
      • Recommendation
  • Reviewing sample reports
  • Creating a custom report

8. Advanced Techniques

  • Scanning against defenses
    • Routers
    • Firewalls
    • IPS
  • Exploitation through defenses
    • Source port configuration
  • Detecting Load Balancing
    • DNS
    • https
  • Detecting Web Application Firewalls
    • wafW00f
  • Evading Detection
    • Identifying the threshold of a device
    • Slow and controlled scanning
    • Obfuscated exploitation payloads
  • Exploit writing
    • Writing custom exploits
    • Exploit writing references

Practical Phase One

  • External penetration testing

Practical Phase two

  • External and Internal testing

Practical Phase Three

  • Internal testing


Sede Data P