CENTRO DE FORMACIÓN
MODALIDAD
- Presencial
DURACIÓN
- 21 horas
LUGAR DE IMPARTICIÓN
- Aula Virtual
DOCENTES
- No disponible
Al final de esta capacitación, los participantes podrán:
- Comprenda y utilice la metodología avanzada de Kali Linux para las pruebas de penetración.
- Aprenda a utilizar las herramientas de evaluación de vulnerabilidades.
- Administre evidencia, recopilación de datos e informes con Kali Linux.
- Obtenga información sobre explotaciones, ataques y escaladas de privilegios.
Introduction
- Overview of Kali Linux
- Installing and configuring Kali Linux
- Using and updating Kali Linux
Penetration Testing Standards and Classification
- Open Web Application Security Project (OWASP)
- Licensee Penetration Testing (LPT)
- White box and black box
- Penetration testing vs vulnerability assessment
Advanced Penetration Methodology
- Target framework and scope
- Gathering client requirements
- Checklist for test plan
- Profiling test boundaries
- Advance penetration testing using Kali Linux
Information Discovery
- Hacking Google
- Gathering DNS and who information
- Gathering route and network information
- Gathering all-in-one information
Scanning and Enumerating Target
- Advance network scanning
- Port and Udp port scanning
- Stealth port scanning techniques
- Packet crafting with Hping
- Nmap scanning and plug-ins
- Active and passive banners and system OS enumeration
- Enumerating users, groups, and shares
- Enumerating DNS resource records and network devices
Vulnerability Assessment Tools
- Nessus
- Open Vas
Target Exploitation
- Setting up Metaslpoit
- Exploitation with Metaslpoit
- Meterpreter session
- VNC exploitation
- Stealing password hash
- Adding custom modules to Metaslpoit
- Using immunity debugger
- Writing exploit
Privileges Escalation and Access Maintenance
- Breaking password hash
- Cracking telnet, ssh, and FTP password
- Using Metasploit post-exploitation modules
- Protocol tunneling
- Proxy
- Installing persistent backdoor
Advance Sniffing
- ARP poisoning
- DHCP starvation
- Mac flooding
- DNS poisoning
- Sniffing credentials from a secured website
DOS Attack
- Syn attack
- Application request flood attack
- Service request flood
- Service attack permanent denial
Penetration Testing
- Web penetration testing
- Wireless penetration testing
Exploitation and Client Side Attack
- Exploiting browser vulnerability
- Buffer overflow
- Fuzzing
- Fast-track hacking
- Phishing passwords
- Generating backdoors
- Java applet attack
Firewall Testing
- Firewall overview
- Testing firewall and ports
- Rules of testing firewall
Management and Reporting
- Documentation and results verification
- Dradis framework
- Magic tree and Maltego
- Data collection and evidence management
- Report types and presentation
- Post testing procedure
Summary and Next Steps
Otros cursos bonificables de NobleProg:
¡Bonifica este curso!
Nosotros nos encargamos de gestionar la bonificación de estos cursos. Para información sobre la inscripción, CONTACTA CON EL CENTRO.