Network Whitehat Hacking & Penetration Testing
This course (WHH101) prepares you to be a professional ethical hacker and penetration tester who is able to conduct comprehensive and complete penetration testing either for your own organizations or for your clients. The course covers in depth techniques and methodologies, along with state-of-the-art tools, for a high-quality ethical hacking engagement. The course starts with pre-engagement preparatory works, then, it dives into reconnaissance, where you will learn how to build an information profile of your target. After that, you will learn advanced network scanning and vulnerability assessment methods. Then, you will be taught how you can effectively exploit vulnerable systems and maintain access. Furthermore, you will learn all the technical details of password cracking. Finally, and in addition to all the previous skills, you will learn how to break wireless networks.
The uniqueness of this course is that it combines theoretical knowledge with practical hand-on labs. Students will learn about the theories of vulnerabilities and exploitations, in addition, they will practice all the techniques of a standard penetration testing in labs simulating real-world scenarios. In addition, each student will get an eBook, authored by Semurity’s Security Expert team, as a course material covering all topics. At the end of the course, the students become confident at utilizing the best cyber security and hacking tools in the industry.
- Lectures 97
- Quizzes 0
- Duration 30 hours
- Skill level All levels
- Language English
- Students 25
- Certificate No
- Assessments Self
MODULE 01: INTRODUCTION TO PENETRATION TESTING
MODULE 02: PENETRATION TESTING METHODOLOGIES & STANDARDS
MODULE 03: PRE-ENGAGEMENT PREPARATION
MODULE 04: INTELLIGENCE GATHERING
MODULE 05: NETWORK TRAFFIC SNIFFING & INTERCEPTION
MODULE 06: SCANNING & ENUMERATION
- Host Discovery: ICMP-Based Techniques
- Host Discovery: TCP-Based Techniques
- Host Discovery: UDP-Based Techniques
- Port Scanning: TCP vs. UDP Scanning
- Port Scanning: Windows vs. Unix/Linux Scanning
- Port Scanning: Full/Connect Scan
- Port Scanning: Half/SYN Scan
- Port Scanning: FIN, NULL, and XMAS Scans
- Port Scanning: ACK Scan
- Port Scanning: Idle Scan
- Service Identification
- OS Fingerprinting
- Tools: nmap, tcpdump, amap, netcat, and hping.
MODULE 07: VULNERABILITY ANALYSIS
- What Vulnerabilities are and How they are Discovered
- Input Validation Vulnerabilities
- Cryptographic Vulnerabilities
- Configuration Vulnerabilities
- Session Management Vulnerabilities
- Authentication Vulnerabilities
- Authorization Vulnerabilities
- Availability Vulnerabilities
- Protocol Errors
- Vulnerability Database: Common Vulnerabilities and Exposure (CVE)
- Vulnerability Score: Common Vulnerability Scoring System (CVSS)
- Finding Vulnerabilities: Manual Process vs. Automated Process
- Tools: Nessus, and OpenVAS
MODULE 08: EXPLOITATION
- The Purpose of Exploitation
- Exploits and their Categories
- Remote Exploits: client-side vs. server-side.
- Local Exploits
- Privilege Escalation
- Overview of Shellcode/Payload
- Types of Shell:Direct Shell
- Types of Shell:Bind Shell
- Types of Shell:Reverse Shell
- Metasploit’s Exploits
- Metasploit’s Payloads
- Metasploit’s Encoders
- Metasploit Auxiliar Modules
- Understanding Metasploit’s Sessions
- Metasploit Database Integration
MODULE 09: POST-EXPLOITATION
MODULE 10: PASSWORD CRACKING
- Local Authentication vs. Remote Authentication.
- Local Authentication Attack Vectors.
- Remote Authentication Attack Vectors.
- Offline Cracking Windows Hashes.
- Offline Cracking Linux Hashes.
- Online Cracking RDP Authentication.
- Online Cracking SMB Authentication.
- Online Cracking PostgreSQL Authentication.
- Online Cracking HTTP Authentication.
- Online Cracking SSH Authentication.
- Tools: Cain, John, Hydra.
MODULE 11: HACKING WIRELESS NETWORK