Penetration Testing
About
In this module, the participants will learn about the cyber kill chain and practice its different steps and components. The participants will analyse case studies and most importantly, understand the attacker's mindset and way of thinking. An analyst who can think like an attacker and appreciate their TTPs will better identify possible weaknesses, spot anomalies, define alerts and understand the attacker's behaviour during investigation.
Syllabus Summary
Penetration Testing Methodology
Subjects Covered:
- The cyber kill chain
- External recon
- Initial compromise: Credentials, Hashes, Client-side exploits
- Internal reconnaissance: Local machine, Info gathering, Screen capture, Keylogging
- Initial foothold: Privilege escalation, Persistence
- Lateral movements: Port scanning, Fingerprinting, Pivoting, Attack
- Establish foothold: Command and control, Multistaging
- Endpoint evasion
- Protocol vulnerabilities
- Network Evasion
- Case studies
Category: Specialized Training