Overview

In this online, instructor led training course students will get a hands-on feel for penetration testing. The instructor goes through many of the tools available through demonstrations allowing you to better understand how exploits work and what exploits you and others can utilize. This course will be useful for any students who are wanting to do penetration testing in the real world.

Course Instructor: Alex Achs

Course Outline

  • What is MITRE
  • Drive-by compromise
  • What is it?
  • Watering hole attacks
  • SETookit – Clone websites
  • Malicious advertisements
  • SSLStrip
  • Exploit public-facing application
  • Use of software, data, or commands to take advantages of weaknesses
  • Buffer overflows
  • FuzzDB
  • Web exploits
  • Enumeration – Nikto
  • Enumeration – OWASP ZAP
  • Enumeration – Burp
  • WPSploit
  • FIMap
  • Kadabra
  • Liffy
  • SQL injection
  • SQLmap
  • SQLninja
  • Hardware additions
  • Computer accessories, computers, or networking hardware may be introduced into a system as a vector to gain exexution
  • Wifi Pineapple
  • MiTM
  • Responder
  • DNSChef
  • MiTMProxy
  • Morpheus
  • SSH MiTM
  • Ettercap
  • Bettercap
  • MiTM wireless
  • Aircrack-ng
  • Wifiti
  • MANA Toolkit
  • Replication through removable media
  • Rubber ducky
  • Spearfishing attachment
  • Unicorn
  • Spearfishing Link
  • GoPhish, Phishing Frenzy, SET
  • Domain monitoring

Skills Learned

After completing this online training course, students will be able to:

  • Introduction to MITRE
  • Watering hole attacks
  • SSL Strip
  • Buffer overflows
  • Web exploits
  • SQL injection
  • MiTM
  • Spearphishing