Request Info

Salutation

First Name

Last Name

Job Title

Department

Mailstop

Company

Address

P.O. Box

City

Province

Postal Code

Country
List

Work Telephone

Ext.

E-mail Address

Information provided will be used to communicate with you about our products.
Privacy Statement

A representative will contact you to follow up your request.

 
Special offer: Free Courses with Training Vouchers.

 

Penetration Testing:
Tools and Techniques

Defending Your Network Using Hacking Techniques


Course 5374 Days

 E-mail E-mail  Print Print  Q&A Q&A  PDF PDF  Facebook Facebook  Twitter Twitter

Quick Enrol

You Will Learn How To

  • Deploy ethical hacking to expose weaknesses in your organization and select countermeasures
  • Gather intelligence by employing reconnaissance, published data and scanning tools
  • Probe and compromise your network using hacking tools to test and improve your security
  • Discover how malicious hackers exploit weaknesses to "own" the network
  • Protect against privilege escalation to prevent intrusions
  • Evade antivirus software, firewalls and IDS

Course Benefits

As network breaches become increasingly sophisticated, proactive defenses are essential to counter malicious attacks. In this course, you learn to discover weaknesses in your network using the same mindset and methods as hackers. You acquire the knowledge to systematically test and exploit internal and external defenses. You learn countermeasures and how to reduce risk to your enterprise.

Who Should Attend

Security consultants, Information Assurance auditors, firewall/IDS personnel, programmers, PCI security testers and those involved in cybersecurity measures and implementation. Security knowledge at the level of Course 468, "System and Network Security Introduction," and strong TCP/IP experience is assumed.

Hands-On Training

Hands-on exercises model hacking methods and countermeasures, including:
  • Preparing the hacker toolkit
  • Executing advanced port scanning
  • Linking vulnerabilities and exploits
  • Determining the vulnerabilities of a network
  • Performing injection attacks
  • Predicting and hijacking Web sessions
  • Poisoning DNS to lure clients
  • Configuring and using the Metasploit Framework
  • Defeating stateless firewalls, IDS and antivirus software
  • Cloning a Web site and stealing passwords

Course 537 Content

Introduction to Ethical Hacking

  • Defining a penetration testing methodology
  • Creating a security testing plan
  • Adhering to PCI standards
  • Assembling the hacking tools

Footprinting and Intelligence Gathering

Acquiring target information

  • Locating useful and relevant information
  • Scavenging published data
  • Mining archive sites

Scanning and enumerating resources

  • Identifying authentication methods
  • Analyzing firewalls
  • Harvesting e-mail information
  • Interrogating network services
  • Scanning from the inside out with HTML

Identifying Vulnerabilities

Correlating weaknesses and exploits

  • Researching databases
  • Determining target configuration
  • Evaluating Vulnerability Assessment tools

Leveraging opportunities for attack

  • Discovering exploit resources
  • Attacking with Metasploit

Attacking Servers and Devices to Build Better Defenses

Bypassing router access control lists (ACLs)

  • Discovering filtered ports
  • Manipulating ports to gain access
  • Connecting to blocked services

Compromising operating systems

  • Examining Windows protection modes
  • Analyzing Linux/UNIX processes

Subverting Web applications

  • Injecting SQL and HTML code
  • Hijacking Web sessions by prediction and fixation
  • Bypassing authentication mechanisms

Manipulating Clients to Uncover Internal Threats

Baiting and snaring inside users

  • Poisoning DNS
  • Executing Cross-Site Scripting (XSS)
  • Gaining control of browsers

Creating custom malware

  • Harvesting client information
  • Enumerating internal data

Deploying the Social Engineering Toolkit

  • Cloning a legitimate site
  • Diverting clients by poisoning DNS
  • Delivering customized payloads to users

Exploiting Targets to Increase Security

Initiating remote shells

  • Selecting reverse or bind shells
  • Leveraging the Metasploit Meterpreter

Pivoting and island hopping

  • Deploying portable media attacks
  • Routing through compromised clients
  • Forwarding and redirecting ports

Pilfering target information

  • Stealing password hashes
  • Extracting infrastructure routing, DNS and NetBIOS data

Uploading and executing payloads

  • Controlling memory processes
  • Utilizing the remote file system

Testing Antivirus and IDS Security

Masquerading network traffic

  • Obfuscating vectors and payloads
  • Sidestepping perimeter defenses

Evading antivirus systems

  • Falsifying file headers to inject malware
  • Discovering the gaps in antivirus protection

Mitigating Risk and Next Steps

  • Reporting results and creating an action plan
  • Managing patches and configuration
  • Recommending cybersecurity countermeasures
  • Staying current with tools, trends and technology

<< Back to Security Course List
 

Related Courses

 
Penetration Testing: Tools and Techniques

Training Dates

Live online classroom training. Participate in person or in live, online events (highlighted) via Learning Tree AnyWareTM.
May 1 - 4Ottawa enrol
Aug 28 - 31Ottawa enrol

US Dates

Feb 21 - 24Rockville, MD enrol
Apr 2 - 5New York enrol
Apr 17 - 20Reston, VA enrol
Apr 24 - 27Rockville, MD enrol
Jul 10 - 13Reston, VA enrol
Jul 31 - Aug 3New York enrol
Aug 14 - 17Rockville, MD enrol
Oct 2 - 5Reston, VA enrol
Nov 27 - 30New York enrol
Dec 11 - 14Rockville, MD enrol

For AnyWare enrolments, please register at least 10 days prior to the start of the course.

More Dates and Locations.

Tuition

$ 3,220Standard Tuition
Tuition with a Savings Plan
$ 2,2952-Course Passport
$ 1,8353-Course Passport
$ 1,7604-Course Passport
$ 2,950Voucher 5-Pack
$ 2,830Government Discount

On-Site &
Custom Training

Bring this or any Learning Tree course to your location or have it customized for your organization.

Penetration Testing: Tools and Techniques

Course participants analyzing browser security.


Average Attendee Evaluation

Evaluations in the last 12 months

5 stars:
87%
4 stars:
13%
3 stars:   0%
2 stars:   0%
1 star:   0%

 
"The Learning Tree instructor I had was willing to come in early to work with you if you had questions or didn't grasp the material. That's a real plus."

– K. Upperman
NJVC

 
Ten Questions to Ask Your Training Provider - Position Paper