Penetration testing – detecting and exploiting vulnerabilities Training Course

How to test network and service security

• Penetration testing – what is it?
• Penetration test vs. audit – similarities, differences, what is appropriate?
• Practical problems – what can go wrong?
• Scope of tests – what do we want to check?
• Sources of best practices and recommendations.

Penetration testing – reconnaissance

• OSINT – acquiring information from public sources.
• Passive and active network traffic analysis methods.
• Identification of services and network topology.
• Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on tests.

Penetration testing – vulnerability identification

• Identification of systems and their versions.
• Vulnerability scanning in systems, infrastructure, and applications.
• Vulnerability assessment – 'which ones hurt?'?
• Exploit sources and customization possibilities.

Penetration testing – attack and gaining control

• Types of attacks – how are they conducted and what are their outcomes?
• Attacks using remote and local exploits.
• Attacks on network infrastructure.
• Reverse shell – how to manage the compromised system.
• Privilege escalation – how to become an administrator.
• Ready-made 'hacking tools'.
• Analyzing the compromised system – interesting files, stored passwords, private data.
• Special cases: web applications, WiFi networks.
• Social engineering – how to 'break' a person if the system cannot be breached?

Penetration testing – cover-tracks and maintaining access

• Login and activity monitoring systems.
• Cleaning logs and cover-tracks.
• Backdoor – how to leave yourself an open entry point.

Penetration testing – summary

• Preparing the report and its structure.
• Delivering and consulting the report.
• Verifying the implementation of recommendations.