In this online, instructor led training course students will get a hands-on feel for penetration testing. The instructor goes through many of the tools available through demonstrations allowing you to better understand how exploits work and what exploits you and others can utilize. This course will be useful for any students who are wanting to do penetration testing in the real world.
Overview
Skills Learned
After completing this online training course, students will be able to:
Introduction to MITRE
Watering hole attacks
SSL Strip
Buffer overflows
Web exploits
SQL injection
MiTM
Spearphishing
Network Admins, Security team members, risk managers, and IT directors
None, but we recommend that students have a working knowledge of logical and physical network architectures, networking components, and TCP/IP.
What is MITRE
Drive-by compromise
- What is it?
- Watering hole attacks
- SETookit – Clone websites
- Malicious advertisements
- SSLStrip
Exploit public-facing application
- Use of software, data, or commands to take advantages of weaknesses
- Buffer overflows
- FuzzDB
- Web exploits
- Enumeration – Nikto
- Enumeration – OWASP ZAP
- Enumeration – Burp
- WPSploit
- FIMap
- Kadabra
- Liffy
- SQL injection
- SQLmap
- SQLninja
Hardware additions
- Computer accessories, computers, or networking hardware may be introduced into a system as a vector to gain exexution
- Wifi Pineapple
- MiTM
- Responder
- DNSChef
- MiTMProxy
- Morpheus
- SSH MiTM
- Ettercap
- Bettercap
- MiTM wireless
- Aircrack-ng
- Wifiti
- MANA Toolkit
Replication through removable media
- Rubber ducky
Spearfishing attachment
- Unicorn
Spearfishing Link
- GoPhish, Phishing Frenzy, SET
- Domain monitoring
Skills Learned
After completing this online training course, students will be able to:
Introduction to MITRE
Watering hole attacks
SSL Strip
Buffer overflows
Web exploits
SQL injection
MiTM
Spearphishing
Network Admins, Security team members, risk managers, and IT directors
None, but we recommend that students have a working knowledge of logical and physical network architectures, networking components, and TCP/IP.
What is MITRE
Drive-by compromise
- What is it?
- Watering hole attacks
- SETookit – Clone websites
- Malicious advertisements
- SSLStrip
Exploit public-facing application
- Use of software, data, or commands to take advantages of weaknesses
- Buffer overflows
- FuzzDB
- Web exploits
- Enumeration – Nikto
- Enumeration – OWASP ZAP
- Enumeration – Burp
- WPSploit
- FIMap
- Kadabra
- Liffy
- SQL injection
- SQLmap
- SQLninja
Hardware additions
- Computer accessories, computers, or networking hardware may be introduced into a system as a vector to gain exexution
- Wifi Pineapple
- MiTM
- Responder
- DNSChef
- MiTMProxy
- Morpheus
- SSH MiTM
- Ettercap
- Bettercap
- MiTM wireless
- Aircrack-ng
- Wifiti
- MANA Toolkit
Replication through removable media
- Rubber ducky
Spearfishing attachment
- Unicorn
Spearfishing Link
- GoPhish, Phishing Frenzy, SET
- Domain monitoring