Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
How to test network and service security
- Penetration testing – what is it?
- Penetration test and audit – similarities, differences, what is right?
- Practical problems – what could go wrong?
- Scope of tests – what do we want to check?
- Sources of good practices and recommendations
Penetration test - reconnaissance
- OSINT – i.e. obtaining information from open sources
- Passive and active methods of network traffic analysis
- Identification of services and network topology
- Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on tests
Penetration test – finding vulnerabilities
- Recognition of systems and their versions
- Searching for vulnerabilities in systems, infrastructure and applications
- Susceptibility assessment – or “will it hurt”?
- Sources of exploits and possibilities of adapting them
Penetration test – attack and taking control
- Types of attacks – how are they conducted and what do they result in?
- Remote and local exploit attack
- Attacks on network infrastructure
- Reverse shell – how to manage a compromised system
- Escalation of privileges - how to become an administrator
- Gonew "hacking tools"
- Analysis of the compromised system – interesting files, saved passwords, private data
- Special cases: web applications, WiFi networks
- Social engineering - how to "break" a person if you can't break systems?
Penetration test – covering traces and maintaining access
- Login and activity monitoring systems
- Cleaning logs and covering traces
- Backdoor – or how to leave the entrance open
Penetration test – summary
- Preparation of the report and its structure
- Submission and consultation of the report
- Verification of implementation of recommendations
Requirements
- Knowledge of basic issues related to computer networks (IP addressing, Ethernet, basic services - DNS, DHCP) and operating systems Knowledge of Windows and Linux (basic administration, system terminal)
target group
- people responsible for the security of networks and services, network and system administrators who want to learn how to test security, everyone interested in the subject.
28 Hours
Testimonials (1)
The instructor's knowledge, practical experience, variety of topics and examples of practical use of new knowledge.
Kamil - Komenda Główna Straży Granicznej
Course - Testy penetracyjne – wykrywanie i wykorzystywanie podatności
Machine Translated
