Advanced Ethical Hacking / Penetration Testing

You already know your three N’s back and forward: Nessus, Nmap and Netcat. You have experience with ethical hacking and penetration testing. You can run l0phtcrack in your sleep. But, you want to learn more. You are ready for the next step in penetration testing training!

In Advanced Ethical Hacking: Expert Penetration Testing, you will delve deep into the less well-known, less obvious, and consequently more difficult to master techniques that are available today to penetration testers. It is a commonly known fact that malicious hackers and disgruntled employees have become increasingly sophisticated and efficient. Even the most plugged-in security pros have trouble keeping up with every new vulnerability; there are only 24 hours in a day!

After taking this information security course, you will walk out the door with the skills to identify and prevent the latest complex and complicated attacks by doing them yourself in our lab with your own two hands. After completing the penetration testing training in this course, you will be at the top 5%-10% in terms of information security knowledge and ethical hacking skills.

Hands on instructor led lab exercises coupled with effective and insightful lectures are the best way to learn advanced penetration testing and ethical hacking skills. In this course, you will get high quality penetration testing training by “learning by doing” in hands-on labs, complemented by expert in class instruction. You will also have a chance to put all of your new skills to test in nightly capture the flag exercises.

Some of the topics you will learn to master during the course:

• Writing buffer overflow exploits
• dlmalloc Heap Overflow exploits
• Win32 Heap Overflow exploits
• Linux stack overflow exploits
• Defeating non-exec stacks
• Return-to-libc shellcode
• Function pointer overwrites
• Crafting Injectable Shellcode
• Defeating non-executable stacks
• Linux LKM Rootkits
• Windows Kernel Rootkits
• Reverse engineering training
• Vulnerability development and discovery
• Attacking and blinding IDSs
• Hiding your attacks from IDSs
• Encrypted covert channels
• Global Offset Table Overwrites
• Windows Shellcode
• Integer Overflows
• Linux shellcode
• “no listening port” trojans
• A whole day on breaking through enterprise DMZs
• Reconstructing binaries from sniffed traffic
• Circumventing antivirus
• Bi-directional Spoofed Communication
• Session fixation
• Advanced SQL Injection
• Justifying a penetration test to management and customers
• Defensive technique

Some of the instructor-led hands-on lab exercises:

• Capture the Flag exercises every night !
• Writing a stack buffer overflow
• Porting exploits to metasploit modules
• Find socket shellcode
• Writing shellcode for Linux
• Using Ollydbg for Win32 Exploits
• Using IDA Pro for Reversing
• Reconstructing sniffed images
• Reverse engineering Windows PE Binaries
• Session hijacking
• Passive Network Analysis
• Exploitation with a remote GUI
• Sniffing SSL Encrypted Sessions
• Format string exploits
• Heap overflow exploits
• Windows exploits
• Calculating offsets
• Reversing with SoftIce
• OS determination without touching the target
• SQL Injection timing attacks
• Port redirection
• ASP source disclosure attacks
• Call-Back Backdoors
• Encrypted covert channels
• Remote keyloggers
• PHP/MySQL SQL Injection
• Inserting Malicious Code Into Unix Binaries

How You Benefit:

• Gain the in-demand career skills of a highly skilled and specialized penetration tester.
• Master the latest advanced level methodologies, tools, and manual techniques used by ethical hackers to enter the top 10% of security professionals in terms of skill.
• Move beyond the most well known ethical hacking techniques and into the realm of an expert penetration tester.
• More than interesting theories and lectures; get your hands dirty in our dedicated hacking lab.
• Learn hands-on skills that are difficult to gain in a corporate or government working environment, such as compromising border routers and testing your own buffer overflow exploits.
• Preparation for the Certified Expert Penetration Tester (CEPT) certification.

Required Prerequisites:

• Firm understanding of the Windows Operating System
• Exposure to the Linux Operating System or other Unix-based OS
• Firm understanding of the TCP/IP protocols.
• Exposure to network reconnaissance and associated tools (nmap, nessus, netcat)
• Programming knowledge is NOT required
• Desire to learn about ethical hacking, and get great penetration testing training!