CONTATTACI ORA
per ricevere tutti i dettagli e per richiedere, senza alcun impegno, di parlare direttamente con uno dei nostri docenti Penetration Test
OBIETTIVI DEL CORSO
La cybersicurezza è uno dei temi più caldi nell’ambito IT e trasversalmente riguarda tutti gli ambiti industriali. Ogni settimana vengono segnalate nuove violazioni della privacy e della sicurezza con accesso a dati sensibili e interruzioni di servizio. In questo scenario le aziende corrono ai ripari per proteggere il proprio business e tutelare la propria immagine e i propri clienti. La capacità di pianificare e condurre penetration test diventa quindi un’abilità sempre più ricercata e remunerativa. Il corso Penetration Test permette di acquisire le conoscenze necessarie per progettare un penetration test e portarlo avanti seguendo tutte le fasi di cui si compone:
- Planning and scoping
- Information gathering and vulnerability identification
- Exploit vulnerabilities
- Perform post-exploit techniques
- Analyze tool output, data, etc
- Reporting
Inoltre, permette, di avere una panoramica degli strumenti utilizzati nell’attività di penetration test e delle tecnologie di supporto durante le diverse fasi.
L’apprendimento è facilitato da un accesso ai laboratori continuativo e dalla possibilità di ricreare scenari realistici di penetration test, simulando un ingaggio da parte di un’azienda fittizia che vuole mettere alla prova la sicurezza della propria infrastruttura.
TIPOLOGIA DEL CORSO
Lezioni frontali Presenza in Aula e Laboratorio;
Lezioni a distanza in Video Presenza Tempo Reale e Laboratorio.
CONTENUTI DEL CORSO
Corso Penetration Test
Planning and Scoping Penetration Tests
Introduction to Penetration Testing Concepts
Plan a Pen Test Engagement
Scope and Negotiate a Pen Test Engagement
Prepare for a Pen Test Engagement
Conducting Passive Reconnaissance
Gather Background Information
Prepare Background Findings for Next Steps
Performing Non-Technical Tests
Perform Social Engineering Tests
Perform Physical Security Tests on Facilities
Conducting Active Reconnaissance
Scan Networks
Enumerate Targets
Scan for Vulnerabilities
Analyze Basic Scripts
Analyzing Vulnerabilities
Analyze Vulnerability Scan Results
Leverage Information to Prepare for Exploitation
Penetrating Networks
Exploit Network-Based Vulnerabilities
Exploit Wireless and RF-Based Vulnerabilities
Exploit Specialized Systems
Exploiting Host-Based Vulnerabilities
Exploit Windows-Based Vulnerabilities
Exploit *nix-Based Vulnerabilities
Testing Applications
Exploit Web Application Vulnerabilities
Test Source Code and Compiled Apps
Completing Post-Exploit Tasks
Use Lateral Movement Techniques
Use Persistence Techniques
Use Anti-Forensics Techniques
Analyzing and Reporting Pen Test Results
Analyze Pen Test Data
Develop Recommendations for Mitigation Strategies
Write and Handle Reports
Conduct Post-Report-Delivery Activities
Attività Laboratoriali
Exploring the pentest+ lab environment
Exploring the pentest+ lab environment: kali linux
Planning and scoping penetration tests
Preparing to go live
Conducting passive reconnaissance
Gathering open source intelligence (osint) using whois
Gathering open source intelligence (osint) using domain name resolution
Gathering open source intelligence (osint) using shodan search engine
Gathering osint on a domain using recon-ng
Gathering osint on a domain using maltego
Strategizing usage of osint findings (analysis activity)
Preparing background findings for next steps (analysis activity)
Performing non-technical tests
Baiting users with usb thumb drives
Crafting malicious payload with msfvenom
Harvesting credentials through phishing
Pharming attack with social engineering tool (set)
Performing physical security tests on facilities (analysis activity)
Conducting active reconnaissance
Scanning networks with nmap: ping sweep, port scan, stealth scan
Services fingerprinting and os detection with nmap: nmap scripting engine (nse)
Scanning networks with metasploit modules
Banner grabbing through telnet
Os fingerprinting through ping and ttl
Enumerating targets with metasploit
Enumerating targets with rpcclient
Scanning for system vulnerabilities using openvas
Scanning for web app vulnerabilities using arachni
Website enumeration with dirbuster
Website enumeration with nikto
Analyzing a basic port scan script in python
Analyzing vulnerabilities
Analyzing vulnerability scan results (analysis activity)
Using common vulnerabilities and exposures (cve) to analyze vulnerabilities
Using common vulnerability scoring system (cvss) for risk assessment
Leveraging information to prepare for exploitation (analysis activity)
Penetrating networks
Sniffing cleartext protocols
Intercepting file transmissions on the network
Man in the middle through arp poisoning
Using arpspoof and ettercap for arp poisoning
Using dsniff and wireshark for traffic sniffing
Exploiting host-based vulnerabilities
Exploiting smb vulnerabilities in windows
Managing meterpreter sessions
Exploiting password vulnerabilities in windows
Dumping credential hashes and the security account manager (sam)
Gaining access throuhg pass the hash attack
Exploiting linux-based vulnerabilities: hail mary attack with armitage
Online credential cracking with hydra
Offline crdential cracking with john the ripper
Offline crdential cracking with hashcat
Brute forcing credentials with a dictionary list
Customizing masks and charset for credential brute force
Generating customized dictionary lists with crunch
Testing applications
Exploiting security misconfigurations in web apps
Leveraging missing access controls
Poison null byte
Directory traversal
Command injection
Exploiting sql injection vulnerabilities in web apps
Stacking sql queries with union select
Exploiting xss vulnerabilities in web apps
Reflected cross site scripting (xss)
Persistent cross site scripting (xss)
Dom-based cross site scripting (xss)
Cross site request forgery (csrf)
Exploiting authentication and authorization vulnerabilities in web apps
Predicting weakly constructed session identifier (sid) in web sessions
Session hijacking through cookie grabbing and manipulation
Attacking a web application using an interceptor proxy: burp suite
Fuzzing a compiled application
Conducting static and dynamic analysis
Completing post-exploit tasks
Pivoting from one host to another
Migrating malicious code between running processes
Installing a persistent backdoor and gaining persistence
Bind and reverse shell with netcat
Exfiltrating sensitive data and capturing keystroke
Anti-forensics techniques: tampering timestamps, stealing process identifiers (pids), clearing logs
Analyzing and reporting pen test results
Analyzing pen test data (analysis activity)
Recommending mitigation strategies (analysis activity)
Writing and handling reports (analysis activity)
Performing post-engagement cleanup tasks
Performing additional follow-up activities (analysis activity)
PREREQUISITI
Non ci sono prerequisiti.DURATA E FREQUENZA
Durata 36h.
Varie tipologie di Frequenza Estensiva ed Intensiva.DOCENTI
I docenti sono Istruttori Autorizzati e Certificati e in altre tecnologie IT, con anni di esperienza pratica nel settore e nella Formazione.MODALITÀ DI ISCRIZIONE
Ci si iscrive contattando la sede.
Le iscrizioni sono rivolte ad un massimo di 12 partecipanti.
Il costo del corso non comprende gli esami di certificazione che il corsista può sostenere alla fine del percorso formativo.Calendario
Corso Penetration Test
05/06/2020-05/06/2020
Ven. 18:30/21:30 – Sab. 10:00/13:00
Posti Rimanenti: 0/12
Corso Penetration Test
12/06/2020-12/06/2020
Ven. 18:30/21:30 – Sab. 10:00/13:00
Posti Rimanenti: 10/12
Corso Penetration Test
19/06/2020-20/06/2020
Ven. 18:30/21:30 – Sab. 10:00/13:00
Posti Rimanenti: 8/12