Advanced Penetration Testing
Offered By: Cybrary
Course Description
Overview
"Those who continuously acquire new and better forms of knowledge that they can apply to their work and to their lives will be the movers and shakers in our society for the indefinite future." - Brian Tracy
Penetration testing is one of the most in-demand skill sets of the cybersecurity industry. There are more jobs that require advanced-level hacking than there are people who have the ability to fill them, and this class prepares you to confidently step into one of those roles.
Penetration testing and ethical hacking subject matter expert, published author, and industry event speaker, Georgia Weidman teaches you advanced penetration testing based on her classic book, "Penetration Testing: a Hands-On Introduction to Hacking".
About this Online Advanced Penetration Testing Training
This course is a deep-dive into the world of advanced pen-testing, and there are no life jackets - only binaries. Real-world unethical hackers are becoming increasingly more devious and cunning when it comes to technology. That means that more advanced level ethical hackers are needed to penetration test and help create more secure networks and systems for our modern, high-security environments. Georgia Weidman, penetration testing and hacking subject matter expert, author, and well-known industry event speaker will teach you everything you need to know!
If you're looking for a comprehensive introduction to penetration testing, please see we also have our Ethical Hacking and Penetration Testing course.
What Is Involved in this Advanced Penetration Testing Course?
In our online Advanced Penetration Testing training class, you'll learn how to use advanced techniques and well-known pen-testing tools in more sophisticated ways. You’ll learn to exploit networks using various methods, including SQL injection attacks, cross-site scripting, and local and remote file inclusion while also gaining the knowledge of how to defend the network you are penetrating. You’ll learn how to use social engineering to bypass technology controls and break into a network. You'll also learn the post-exploitation process, such as how to backdoor SSH logins, enable RDP, and use other data exfiltration techniques.
The Advanced Penetration Testing course has a total clock time of 14 hrs. and 26 mins. and you will receive a certificate of completion upon finishing the course.
Are There Prerequisites for the Advanced Penetration Testing Training?
While there are no prerequisites for this course, it is primarily designed for penetration testers who are looking for more advanced level techniques that will help them better protect high-security organizations. It's recommended that students are familiar with IT security best practices and have a working knowledge of TCP/IP and common web technologies, including:
- Windows administration for servers and workstations
- Linux/ NIX system administration
- Command-line proficiency on both Windows and NIX systems
They should also have some basic knowledge of the following languages:
- Python
- HTML
- JavaScript
- SQL
What Does an Advanced Penetration Tester Do?
An advanced penetration tester is an IT professional who identifies the vulnerabilities in network and software security and then provides suggestions and methods for how to resolve those gaps.
Advanced penetration testers use the same exploitation techniques as a cyber attacker but with the motivation to help prevent those attacks. Just as a criminal hacker takes a high-level look at an organization's technical landscape to determine how to proceed with an attack, penetration testers investigate the complexities of the infrastructure to identify attacks before they happen. Because penetration testers use the same tools and strategies that criminal attackers use to identify vulnerabilities, they are able to uncover the areas within systems, networks, and applications that are most at risk for attack. Penetration tests are now essential in corporate environments with a mature cybersecurity strategy.
Why Take the Advanced Penetration Testing Course?
As one of the categories of illegal activities, Cybercrime now ranks third in dollar value worldwide. In 2018, a study by the Center for Strategic and International Studies (CSIS), in partnership with McAfee, concluded that close to $600 billion, nearly one percent of global GDP, is lost to cybercrime each year. To combat the ever-rising threat of cyberattacks, more organizations are working to develop strategies to fight and prevent these attacks. As a result, the cybersecurity job market is expanding. It is no longer sufficient to deal with attacks as they happen, companies need professional penetration testers to perform penetration testing proactively.
Taking the Advanced Penetration Testing course will help prepare you to enter a field where you will be in demand, making the potential for advancement greater than in other industries. If you have a passion for information security and you want to be a pen tester, this is definitely the course for you.
Syllabus
- Module 1 - Linux
- Linux (part 1)
- Linux (part 2) Kali Linux Commands
- Linux (part 3) - Directories, myfile and Nano
- Linux (part 4) chmod, manipulation and packages
- Linux (part 5) IP Addressing and netcat
- Linux (part 6) Copy Commands and crontab
- Module 2 - Programming
- Programming (part 1) Fundamentals for Pen Testers
- Programming (part 2) Bash Scripting and If/Then Command
- Programming (part 3) Network Pings
- Programming (part 4) Python for Port Scanning
- Programming (part 5) Python Import Command
- Module 3 - Metasploit
- Metasploit (part 1) Introduction
- Metasploit (part 2) Fundamentals
- Metasploit (part 3) Operation
- Metasploit (part 4) Auxiliary Module
- Metasploit (part 5) msfcli
- Metasploit (part 6) msfvenom
- Module 4 - Information Gathering
- Information Gathering Intro (part 1)
- Information Gathering (part 2) Domain Name Services
- Information Gathering (part 3) Targeting Email and Maltego
- Information Gathering (part 4) recon-ng and google operators
- Information Gathering (part 5) NMAP and PortScanning
- Module 5 - Vulnerability Discovery/Scanning
- Vulnerability Scanning Intro (part 1)
- Vulnerability Scanning (part 2) Nessus
- Vulnerability Scanning (part 3) Nmap Scripting Engine
- Vulnerability Scanning (part 4) Metasploit
- Vulnerability Scanning (part 5) WebApp, XAMPP, WEBDAV, nikto
- Vulnerability Scanning (part 6) Directory Transversals
- Module 6 - Traffic Capture
- Traffic Capture Introduction (part 1)
- Traffic Capture (part 2) Analyzing Network Protocol with Wireshark
- Traffic Capture (part 3) Address Resolution Protocol ARP
- Traffic Capture (part 4) DNS
- Traffic Capture (part 5) ettercap
- Traffic Capture (part 6) SSL Stripping
- Module 7 - Exploitation
- Exploitation (part 1) Direct Exploitation
- Exploitation (part 2) SQL Commands
- Exploitation (part 3) Directory Traversal
- Exploitation (part 4) Open Source Vulnerability
- Exploitation (part 5) Using Backdoor to Access an FTP Server
- Exploitation (part 6) Attaching to an IP Address
- Module 8 - Passwords
- Passwords (part 1) Password Attacks
- Passwords (part 2) Online Password Cracking
- Passwords (part 3) Offline Password Attacks
- Passwords (part 4) Using oclhashcat
- Module 9 - Advanced Exploitation
- Advanced Exploitation (part 1) Introduction
- Advanced Exploitation (part 2) Client Side Attacks
- Advanced Exploitation (part 3) Exploiting Java
- Advanced Exploitation (part 4) Social Engineering
- Advanced Exploitation (part 5) Bypassing Antivirus Software
- Module 10 - Post Exploitation
- Post Exploitation (part 1) File Transfer without and Interactive Shell
- Post Exploitation (part 2) Exploit Development
- Post Exploitation (part 3) Pivoting
- Post Exploitation (part 4) Setting Up a Domain Controller
- Module 11 - WebApps
- WebApp Introduction (part 1) Web App Testing
- WebApp (part 2) Vulnerable Web Applications
- WebApp (part 3) SQL Injection
- WebApp (part 4) File Inclusion
- WebApp (part 5) Cross Site Scripting XSS
- Module 12 - Exploit Development
- Exploit Development Introduction (part 1)
- Exploit Development (part 2) A Program in Memory
- Exploit Development (part 3) Stack Frame for Function
- Exploit Development (part 4) GNU Compilers
- Exploit Development (part 5) Python
- Exploit Development (part 6) Executing Unintended Code
- Exploit Development (part 7) Network Based Exploits and Debuggers
- Exploit Development (part 8) Creating a Cyclic Pattern
- Exploit Development (part 9) Verifying Offsets
- Exploit Development (part 10) Creating Shell Code in Kali Linux
- Exploit Development (part 11) Fuzzing
- Exploit Development (part 12) Public Exploits and Perl
- Exploit Development (part 13) Turning a 3Com Exploit into a Metasploit Module
- Exploit Development (part 14) Structured Exception Handler Over-Write
- Module 13 - Smartphone Pentest Framework
- SPF Introduction (part 1)
- SPF (part 2) Attach to Smartphone Based Apps
- SPF (part 3) Turning an Android App into a SPF Agent
- SPF (part 4) Functionality for Agents
- SPF (part 5) Pentesting Mobile Devices
Taught by
Georgia Weidman
Related Courses
2D image processingHigher School of Economics via Coursera Abstraction, Problem Decomposition, and Functions
University of Colorado System via Coursera AWS Alexa Skill Builder Essentials
A Cloud Guru Azure Cosmos DB Deep Dive
A Cloud Guru PostgreSQL Administration Deep Dive
A Cloud Guru