With rising security threats and increasing demand for information security professional around the globe, it is important to get deep understanding of different penetration techniques and tools. This expert course can benefit the administrators seeking career shift to information security domain and can also help the professionals already in the information security domain by gaining further knowledge in the field. Below are few benefits:

1. Learn penetration testing methodology
2. Ensure system/network security
3. Identify the vulnerable systems and mitigate them
4. Assess your network from a hackers perspective
5. Apply countermeasures to protect an organization from security breaches

Target Audience

• Windows administrators, UNIX/Linux administrators, Desktop Engineers, Network Engineers, IT Managers, other professionals interested in gaining expert network security skills

Mandatory Pre-requisites

• Familiarity with both Windows and Linux operating systems
• Understanding of TCP/IP

Helpful Pre-requisites

• Knowledge of Networking Protocols

Course Content

Establishing the Base

• Information Security Goals
• Five Principles to Remember
• TCP/IP Stack Review
• Network Security Basics
• What are Vulnerabilities?
• Understanding the Risks Posed by Vulnerabilities

Vulnerability Assessment

• Introduction
• Footprinting
• Scanning
• Enumeration
• Discovering Vulnerabilities
• Importance of seeking out Vulnerabilities

Footprinting

• Introduction
• Why is Footprinting Necessary?
• WHOIS & DNS Enumeration
• DNS Interrogation
• Network Reconnaissance

Footprinting Tools

• Whois lookup, Wikto
• Online Tools – Samspade, What is MyIP
• DNS Enumerator – nslookup
• Traceroute – Neo Trace, VisualRoute
• Tracing Emails – VisualRoute Mail Tracer, eMailTracker Pro

Google Hacking

• Google Searching with Advanced Operators
• Directory Listings
• Locating Directory Listings
• Finding Specific Directories
• Finding Specific Files
• Server Versioning
• Directory Traversal
• Extension Walking
• Network Mapping
• Locating Vulnerable Targets
• Searching for Usernames, Password & Secrets
• Google Hacking Database (GHDB)
• Tools- Site Digger, Google Hacks

Scanning

• Determining if the System is Alive
• Determining which Services are Running or Listening
• Scan Types
• Identifying TCP and UDP Services Running
• Windows-Based Port Scanners
• Port Scanning Breakdown
• Daemon Banner Grabbing
• Firewall Detection
• Detecting the Operating System
• Active Stack Fingerprinting
• Passive Stack Fingerprinting
• Behind the Proxies
• Proxy Servers
• Anonymizers
• Proxy Chaining- The Onion Routing (TOR)
• Scanning Tools- Superscan, Xprobe, Netcat, TOR, Nmap, GFI Languard, Nessus

Enumeration

• Enumerating Remote Maintenance Services
• FTP
• SSH
• Telnet
• R-Services
• X-Windows
• Remote Desktop
• VNC

Enumerating Remote Information Service

• DNS
• Finger
• Auth
• NTP
• SNMP
• LDAP
• rwho

Enumerating Web Servers

• Fingerprinting Web Servers
• Enumerating Virtual Hosts
• Investigating known Vulnerabilities
• Basic Web Server Crawling

Enumerating Database Services

• MS SQL Server
• MySQL
• Oracle

Enumerating Mail Services

• SMTP
• POP3
• IMAP

Enumerating Windows Networking Services

• RPC
• NetBIOS
• Tools- Nbtstat, Httprint, Wikto, Brutus, RpcScan

Penetrating the System

• Sniffing
• Man In The Middle Attack
• Buffer Overflows
• Exploiting Network Services with Metasploit
• Exploiting End User Applications with Metasploit
• Extracting and Cracking Passwords
• Privilege Escalation
• Gaining Access to Remote Control

Executing Applications

• Key Loggers
• Spywares
• Trojans and Backdoors
• Hiding and Covering the Tracks
• Tools- Wireshark, Cain and Abel, Hydra, John the Ripper, Metasploit, VNC, Fpipe

For customized trainings as per your business requirements, kindly contact This e-mail address is being protected from spambots. You need JavaScript enabled to view it