Course Outline
Penetration testing methodologies and types
Standards and guidelines:
- Using methodologies such as OSSTMM and OWASP.
- Using documents describing good practices, such as NIST or CIS.
Differences between pentests and audits:
- Key differences between penetration tests and audits.
Organization of penetration tests
- Legal aspects:
- Required legal aspects of conducting penetration tests.
- Penetration testing planning:
- Preparation of a penetration testing plan.
- Common problems during penetration testing:
- Common problems encountered during testing.
Individual stages of a penetration test
- Reconnaissance:
- Collecting information about the target passively and actively.
- Vulnerability analysis:
- Identification of vulnerabilities, types of vulnerabilities and bypassing security mechanisms.
- Attacking:
- Using various attack techniques on computer systems and networks.
Attack techniques on computer systems and networks
- Attacks in various network environments:
- Attacks on LAN/WAN/Wi-Fi networks and network devices.
- Denial of Service attacks:
- Methods of carrying out DoS attacks.
- Attack support tools:
- Use of specialized attack tools.
Analysis and reporting
- Preparation of reports:
- Preparing technical reports and reports for the management board.
- Attack Protection:
- Use of protection methods such as honeypots, IDS/IPS systems and hardening methods of Windows and Linux systems.
Testimonials (8)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Lot's of information explained very well. Good examples, interesting exercises. Trainer showed us his real world experience.
Gergely Bathó - GE Medical Systems Polska Sp. Z O.O.
Course - Application Security for Developers
Lap Qradar
Sutthikan Noisombat - NTT
Course - IBM Qradar SIEM: Beginner to Advanced
The simple explanation of the trainer
Mohammed salem - Palestinian Police
Course - Open Source Intelligence (OSINT) Advanced
Accessing tools and being able to ask questions to someone friendly who I felt wouldn't judge me
Kiara
Course - Open Source Cyber Intelligence - Introduction
The Burpe suite i need more training in this
Gontse Ntshegi - Vodacom
Course - Android Security
Azure web security, it was more what i was expecting, the penetration testing i would never do in my job