Penetration Tester

Discover the way cybercriminals think and learn how to use various techniques to increase the security of an organization.

Level: Basic

In collaboration with

Security audit is becoming more and more difficult every year. Until recently, almost any server or website could be compromised using basic knowledge. Nowadays, most companies have several protection mechanisms and solutions in place that make compromise much more difficult.

The role of reconnaissance has become central to the penetration testing process. The more information you collect before actively interacting with a network, the more likely you will be to successfully compromise your target.

Thorough reconnaissance can provide all the information required to gain access to the network, even without exploiting any vulnerabilities.

The course teaches how to conduct thorough reconnaissance and how to apply its results. We also look at the difference between attacking and defending approaches to security when considering infrastructure. In our experience, blue teams struggle to protect their network from intruders because they do not understand how hackers think. We strive to fill this gap.

Key Topics

Reconnaissance approaches
Importance of reconnaissance and its role in the attack chain
Cyber kill chain and MITRE ATT&CK models from an attacker’s point of view
Penetration testing process
DNS enumeration
SSL enumeration
(Sub)domain discovery
Network discovery
Asset discovery
Virtual host enumeration
Services discovery
Fuzzing
Cloud enumeration
Custom wordlist compilation

Format

Duration

Requirements

Skills Acquired

Understanding of the penetration testing process
Understanding of approaches used by attackers and how they operate
Ability to conduct full-fledged reconnaissance
Ability to use reconnaissance results as a way of ensuring faster and easier exploitation
Ability to compile custom wordlists
Ability to assess your own infrastructure and protect it against various attacks