Infrastructure & Network: Bug Bounty and Penetration Testing
What you'll learn
- Understand and perform the basic steps in order to performa penetration testing of an infrastructure or other computers in the network
- Be able to gather information about your target
- You will learn how to find open ports your target
- You will learn how to find vulnerabilities in your target infrastructure
- Exploit found vulnerabilities
- Sniff and analyze network traffic
- You will learn how to exploit Windows and Linux Systems
- Understand and perform attacks using Metasploit
- Understand cryptography
- Understand the difference between backdoors, viruses and worms. Learn the basics of how to analyse them
- Hack wireless networks
- Understand the penetration testing process
- As a network administrator you will learn how to secure your network
- Basic IT skills
- Basic knowledge of Linux and/or Windows
- Understand basic computer networking
In order to protect yourself from hackers, you must think as one.
In this course, you will start as a beginner with no previous knowledge about penetration testing or hacking.
You will learn hacking tools, methodologies and techniques. This is a both practical and theoretical step-by-step course.
This course is focused on the practical side of penetration testing without neglecting the theory behind each attack. Before jumping into penetration testing, you will first learn how to set up a lab and install needed software to practice penetration testing on your own machine.
Below are the main topics, both theoretical and practical, of this course:
Introduction to Ethical Hacking, Footprinting and Reconnaissance
This section will teach you how to gather information about your target server, you will learn how to discover the DNS server used, open ports and services, un-published directories, sensitive files. This information is very important as it increases the chances of being able to successfully gain access to the target website.
Scanning Networks, Enumeration and Vulnerabilities and System Hacking
In this section you will learn how to discover and exploit a large number of vulnerabilities, this section is divided into a number of sub-sections, each covering a specific vulnerability, firstly you will learn what is that vulnerability, then you will learn how to exploit this vulnerability.
Learn how to capture encrypted and unencrypted data, passwords and such (HTTP, telnet, HTTPS, etc)
Use This framework to exploit numerous vulnerabilities and crate backdoors
Trojans, Backdoors, Viruses and Worms
Penetration testing on Wireless Networks
NOTE: This course is created only for educational purposes and all the attacks are launched in an isolated lab environment.
Who this course is for:
- Anyone who want to learn the ethical hacking and penetration testing process
- Network and Security Engineers
- IT students
- Anyone who wants to start a career in it security field or as "ethical hacker"
Senior Information Security Consultant
- I work in the Internet security team, focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
- Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking).
- Make recommendations on security weaknesses and report on activities and findings.
- Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
- Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
- Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
- Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
- Assist with the development of remediation services for identified findings
- Customize, operate, audit, and maintain security related tools and applications
- CEH, ECSA, CHFI from EC-Council
- Cisco CCNA, CCNA Security, Linux Essentials
- OSWE (Offensive Security Web Expert)
- CREST Registered Penetration Tester (CRT)
- CHFI (Computer Hacking Forensic Investigator)
- ISO 270001 Lead Auditor
- ECSA (EC-Council Security Analyst)
- CEH (Certified Ethical Hacker)
- CCNA and CCNA Security
- CCNP Routing and CCNP Switching
- Advanced Linux&InfoSEC
- VMWare vSphere Install, Configure, Manage
- Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.