Advanced Penetration Testing (APT)

Tools Covered in this Course

Course Details

• Why APT?

  This program is meticulously designed to demonstrate the advanced concepts including that of scanning against defenses, pivoting between networks, deploying proxy chains, and using web shells.

  The “virtual cyber ranges” bring 100% practicality into the training sessions and are designed to provide professional skills that demonstrate how professional pentesters determine the attack surface of targets within required time frames and complexities and gain access to the machines and escalate privileges.

  The practical environment ranges progress in difficulty and reflects enterprise network architectures. This environment includes defenses and challenges which candidates of the LPT program must defeat and overcome. This is not done through a typical FLAT network! As candidates progress through the various range levels, each encounter will present the top defenses of today and they will learn the latest best practices, tips and tricks, and even evasion techniques.

  This training format will help build thousands of penetration testers globally and will prove to be effective!

  Who is it For?

  This new program is built for ECSA credentialed members who require advanced pentesting skills and a professional level certification to attest their skills to employers.

  • Penetration Testers
  • Network Administrators
  • IT Auditors
  • Information Security Engineers
  • Security Consultants

  
  

  Course Outline

  
  

  Introduction to Vulnerability Assessment and Penetration Testing

  Review of vulnerability assessment

  • Types of vulnerability scanners
  • Challenges faced by vulnerability scanners
  • Creating a Security Testing Plan
  • Explaining the Hacking Methodology
  • Concepts of Evasion

  Information Gathering Methodology

  • Information Gathering with NSLOOKUP and Dig
  • DNS Enumeration with dnsenum and dnsrecon
  • Enumeration with fierce
  • Creating a Security Testing Plan
  • Registrars and Whois
  • Google Hacking Database
  • Enumeration with Metagoofil
  • Cloud Scanning with Shodan

  Scanning and Enumeration

  • Scanning with Nmap
  • Scanning with the Tool Dmitry
  • Scanning with the Tool Netdiscover
  • Scanning with the Tool sslscan
  • Scanning and Scripting with the Tool hping3
  • Scanning the Internet
  • Using Metasploit Databases and Workspaces
  • Enumeration of Targets
  • Mastering the Nmap Scripting Engine

  Identify Vulnerabilities

  • Vulnerability Sites
  • Vulnerability Analysis with OpenVAS
  • Web Application Vulnerability Scanners
  • Customizing and Optimizing Scan Policies
  • Web Vulnerability Scanning within Metasploit
  • Analysis of Vulnerability Findings
  • Custom Script Design

  Exploitation

  • Exploit Sites
  • Manual Exploitation
  • Exploitation with Metasploit
  • Searching for Exploits
  • Remote Exploitations with SMB, RDP and SSH
  • Web Application Exploitation
  • Customization of Shells
  • Staged and Stageless Payloads
  • Custom Exploits

  Post Exploitation

  • Disabling protections
  • Local Assessment
  • Harvesting Information
  • Scripts for pilfering
  • Leveraging backdoors
  • Mangling log files
  • Escalation of privileges
  • Data search and extraction techniques
  • Achieving an advanced shell
  • File transfers

  Advanced Tips and Techniques

  • Scanning with Nmap against Defenses
  • Session routing
  • Performing pivoting
  • Executing a double pivot
  • Custom payloads for network traversal
  • Using proxies
  • Leveraging web shells
  • Custom web shells to avoid detection

  Preparing a Report

  • Importance of a report
  • Avoiding the common mistakes
  • Compiling data in Magic Tree
  • Designing the report structure
  • Essential report components

  Practice Ranges

  • Practice Ranges

FAQ