Preferred method of contact:

Penetration Testing: Tools and Techniques

COURSE TYPE

Intermediate

Course Number

537

Duration

4 Days

PDF Add to WishList

The most effective way to discover weaknesses in your own network is using the same mindset and methods as hackers. In this cyber security training course, you learn how hackers compromise operating systems and evade antivirus software, and acquire the skills to test and exploit your defenses, and implement countermeasures to reduce risk in your enterprise.

You Will Learn How To

  • Deploy ethical hacking to expose weaknesses in your organization
  • Gather intelligence by employing reconnaissance, published data, and scanning tools
  • Test and improve your security by compromising your network using hacking tools
  • Protect against privilege escalation to prevent intrusions

Important Course Information

Requirements:

  • Experience with security issues at the level of:
    • Course 468, System and Network Security Introduction, or
    • Course 446 CompTIA Security+ Certification Exam Preparation

Recommended Experience:

  • Knowledge in TCP/IP concepts

Course Outline

  • Introduction to Ethical Hacking
  • Defining a penetration testing methodology
  • Creating a security testing plan
  • Footprinting and Intelligence Gathering

Acquiring target information

  • Locating useful and relevant information
  • Scavenging published data
  • Mining archive sites

Scanning and enumerating resources

  • Identifying authentication methods
  • Harvesting e–mail information
  • Interrogating network services
  • Scanning from the inside out with HTML and egress busting
  • Identifying Vulnerabilities

Correlating weaknesses and exploits

  • Researching databases
  • Determining target configuration
  • Evaluating vulnerability assessment tools

Leveraging opportunities for attack

  • Discovering exploit resources
  • Attacking with Metasploit
  • Attacking Servers and Devices to Build Better Defenses

Bypassing router Access Control Lists (ACLs)

  • Discovering filtered ports
  • Manipulating ports to gain access
  • Connecting to blocked services

Compromising operating systems

  • Examining Windows protection modes
  • Analyzing Linux/UNIX processes

Subverting web applications

  • Injecting SQL and HTML code
  • Hijacking web sessions by prediction and Cross–Site Scripting (XSS)
  • Bypassing authentication mechanisms
  • Manipulating Clients to Uncover Internal Threats

Baiting and snaring inside users

  • Executing client–side attacks
  • Gaining control of browsers

Manipulating internal clients

  • Harvesting client information
  • Enumerating internal data

Deploying the social engineering toolkit

  • Cloning a legitimate site
  • Diverting clients by poisoning DNS
  • Exploiting Targets to Increase Security

Initiating remote shells

  • Selecting reverse or bind shells
  • Leveraging the Metasploit Meterpreter

Pivoting and island–hopping

  • Deploying portable media attacks
  • Routing through compromised clients

Pilfering target information

  • Stealing password hashes
  • Extracting infrastructure routing, DNS and NetBIOS data

Uploading and executing payloads

  • Controlling memory processes
  • Utilizing the remote file system
  • Testing Antivirus and IDS Security

Masquerading network traffic

  • Obfuscating vectors and payloads
  • Side–stepping perimeter defenses

Evading antivirus systems

  • Discovering stealth techniques to inject malware
  • Uncovering the gaps in antivirus protection
  • Mitigating Risks and Next Steps
  • Reporting results and creating an action plan
  • Managing patches and configuration
  • Recommending cyber security countermeasures
Show complete outline
Show Less

Convenient Ways to Attend This Instructor-Led Course

Hassle-Free Enrollment: No advance payment required to reserve your seat.
Tuition due 30 days after you attend your course.

In the Classroom

Live, Online

Private Team Training

In the Classroom — OR — Live, Online

Tuition — Standard: $2990   Government: $2659

Oct 24 - 27 (4 Days)
9:00 AM - 4:30 PM EDT
Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

Nov 6 - 9 (4 Days)
9:00 AM - 4:30 PM EST
Online (AnyWare) Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online

Jan 16 - 19 (4 Days)
9:00 AM - 4:30 PM EST
Online (AnyWare) Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online

Feb 13 - 16 (4 Days)
9:00 AM - 4:30 PM EST
Rockville, MD / Online (AnyWare) Rockville, MD / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

Apr 10 - 13 (4 Days)
9:00 AM - 4:30 PM EDT
New York / Online (AnyWare) New York / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

Apr 24 - 27 (4 Days)
9:00 AM - 4:30 PM EDT
Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

Jun 26 - 29 (4 Days)
9:00 AM - 4:30 PM EDT
Online (AnyWare) Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online

Aug 14 - 17 (4 Days)
9:00 AM - 4:30 PM EDT
Rockville, MD / Online (AnyWare) Rockville, MD / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

Guaranteed to Run

Show all dates
Show fewer dates

Private Team Training

Enrolling at least 3 people in this course? Consider bringing this (or any course that can be custom designed) to your preferred location as a private team training.

For details, call 1-888-843-8733 or Click Here »

Tuition

Standard

Government

In Classroom or
Online

Standard

$2990

Government

$2659

Private Team Training

Contact Us »

Course Tuition Includes:

After-Course Instructor Coaching
When you return to work, you are entitled to schedule a free coaching session with your instructor for help and guidance as you apply your new skills.

Free Course Exam
You can take your Learning Tree course exam on the last day of your course or online at any time after class and receive a Certificate of Achievement with the designation "Awarded with Distinction."

Prev
Next

Training Hours

Standard Course Hours: 9:00 am – 4:30 pm
*Informal discussion with instructor about your projects or areas of special interest: 4:30 pm – 5:30 pm

FREE Online Course Exam (if applicable) – Last Day: 3:30 pm – 4:30 pm
By successfully completing your FREE online course exam, you will:

  • Have a record of your growth and learning results
  • Bring proof of your progress back to your organization
  • Earn credits toward industry certifications (if applicable)

Enhance Your Credentials with Professional Certification

Learning Tree's comprehensive training and exam preparation guarantees that you will gain the knowledge and confidence to achieve professional certification and advance your career.

This course is approved by CompTIA for continuing education units (CEUs). For additional information and to confirm which courses are eligible towards your CompTIA certification, click here.

Earn 23 Credits from NASBA

This course qualifies for 23 CPE credits from the National Association of State Boards of Accountancy CPE program. Read more ...

“Our company benefits from having someone with IT security skills in-house. Thanks to this penetration testing course, we can now do security audits more frequently and at a lower cost than when we were contracting out the work.”

- D. Caswell, Programmer/Analyst
North Carolina Housing Finance Agency

Prev
Next
Chat Now

Please Choose a Language

Canada - English

Canada - Français