0

  • No products in the cart.

Cyber Security Network Security Penetration Test Vulnerability Assessment

HG225: Network Penetration Test & Ethical Hacking

With comprehensive coverage of security tools, techniques, and methodologies for network exploitation, HG225 truly prepares you to perform high-value pen-testing step by step. Every business requires skilled cyber security personnel who can discover vulnerabilities and mitigate them, and this entire training course is specially designed to get you ready for that role. The course starts with proper planning, scoping, and reconnaissance, then dives deep into network and vulnerability scanning, target exploitation, password attacks, Windows Domain attacks, and Azure Active Directory, with over 30+ hands-on labs. This training course is full of practical, real-world tips from some of the world's best pen-testers to help you do your job safely, efficiently, and skilfully.

(

ratings )

20

students

This Course Includes

Unlimited Duration
74

Items in Curriculum

Preview Certificate

Course Badge

Created by

Utkarsh Bhargava
06/06/2021
Unlimited Duration
HG225 is designed to get you ready to perform a full-scale, high-value network penetration test, and at the end of the course you'll do just that. After building your skills in comprehensive and challenging network labs. After this course you will be able to conduct an end-to-end penetration test, applying techniques, tools, and principles from throughout the course as you find and exploit security loopholes in a realistic target organization, demonstrating the skills you've gained during this training.  

You Will Be Able To

 
  • Develop scoping and rules of engagement for penetration testing projects to ensure that the work is focused, well defined, and conducted in a safe manner.
 
  • Conduct in-depth reconnaissance using document metadata, search engines, and other publicly available information sources to build a technical and organizational understanding of the target environment.
 
  • Utilize the Nmap scanning tool to conduct in-depth network scans, port scans, OS fingerprinting, and version detection to develop a map of target environments.
 
  • Choose and properly execute Nmap Scripting Engine (NSE) scripts to extract detailed information from target systems.
 
  • Analyze the output of scanning tools to manually verify results and perform false positive reduction using Netcat and the Scapy packet crafting tools.
 
  • Utilize the Windows and Linux command lines to plunder target systems for critical information that can further overall penetration test progress, establish pivots for deeper exploitation, and help determine business risks.
 
  • Configure the Metasploit framework to scan, exploit, and then pivot through a target environment.
 
  • Execute Kerberos attacks such as Kerberoasting, Golden Ticket, and Silver Ticket attacks.
 
  • Use Mimikatz to execute domain domination attacks, such as golden ticket abuse, DCSync, etc.
 
  • From an unauthenticated network position to authenticated domain access and mapping the attack path throughout domain.
 
  • Attack Active Directory and use your domain domination to target the on-premise integration.
   

Hands-on Labs

 
  • Linux for Penetration Testers
  • Formulating Scope of Work and Rules of Engagement
  • Organizational Recon
  • Infrastructure Recon
  • User Recon
  • Automated Recon with Spiderfoot
  • Network Scanning with Nmap
  • Faster Scanning with Masscan
  • OS Fingerprinting and Version Gathering
  • Nmap Scripting Engine
  • GhostPack Seatbelt
  • Netcat for the Pen Tester
  • Initial Access and Password Guessing with Hydra
  • Client-Side Attacks using Metasploit
  • Exploiting Network Services and Meterpreter
  • Port Pivoting Relays
  • PowerShell Empire for Post-Exploitation
  • Bypassing Application Controls Using Built-in Windows Features
  • Creating Malicious Services using WMIC Toolset
  • Metasploit Psexec, Hash Dumping
  • Pivoting with Metasploit and SSH
  • Password Cracking Using Hashcat and John the Ripper
  • Sniffing and Cracking Windows Authentication Exchanges
  • Credential Harvesting using Metasploit Pivoting and Mimikatz Kiwi
  • PowerShell for Pen Testers
  • Kerberos Attacks
  • Domain Dominance
  • Silver Tickets
  • Attacking Nearby Clients with Responder
  • Domain Mapping and Exploitation
  • Effective Domain Privilege Escalation

Course Currilcum

    • 01: Introduction 00:00:00
    • 02: Key Definitions 00:00:00
    • 03: Types of Pentests 00:00:00
    • 04: Penetration Test Methodologies 00:00:00
    • 05: Lab – Building Pentest Environment 00:00:00
    • 06: Pentest Process 00:00:00
    • 07: Scope of Work 00:00:00
    • 08: Rules of Engagement 00:00:00
    • 09: Pentest Report Writing 00:00:00
    • 10: Pentesters Toolkit 00:00:00
    • 11: Intro to Recon 00:00:00
    • 12: Document Metadata Analysis 00:00:00
    • 13: Whois Lookups 00:00:00
    • 14: Web Searches 00:00:00
    • 15: DNS Lookup 00:00:00
    • 16: Search Engine Vulnerability Findings 00:00:00
    • 17: Recon-ng 00:00:00
    • 18: Lab – Recon-ng for DNS Analysis 00:00:00
    • 19: Account Stuff 00:00:00
    • 20: File System 00:00:00
    • 21: Running Programs 00:00:00
    • 22: Network 00:00:00
    • 23: Building Tools 00:00:00
    • 24: Miscellaneous 00:00:00
    • 25: Scanning Goals 00:00:00
    • 26: Scanning Types & Tips 00:00:00
    • 27: Packet Sniffing with tcpdump 00:00:00
    • 28: Port Scanning 00:00:00
    • 29: Lab – Nmap 00:00:00
    • 30: OS Fingerprinting & Version Gathering 00:00:00
    • 31: Nmap Script Engine 00:00:00
    • 32: Lab – NSE 00:00:00
    • 33: Nessus 00:00:00
    • 34: Other Vuln Scanners 00:00:00
    • 35: NetCat for Pentesters 00:00:00
    • 36: Lab – NetCat 00:00:00
    • 37: Powershell for Hackers 00:00:00
    • 38: Lab – Powershell Scripting 00:00:00
    • 39: Why Exploitation ? 00:00:00
    • 40: Exploit Categories 00:00:00
    • 41: Metasploit 00:00:00
    • 42: Lab – Metasploit 00:00:00
    • 43: Meterpreter 00:00:00
    • 44: Lab – Meterpreter 00:00:00
    • 45: AV Evasion with Veil 00:00:00
    • 46: Post Exploitation Activities 00:00:00
    • 47: Port Pivot Relay 00:00:00
    • 48: Lab – Port Pivot Relays 00:00:00
    • 49: Post Exploitation with Empire 00:00:00
    • 50: Lab – Empire 00:00:00
    • 51: Windows CMD 00:00:00
    • 52: Running Commands Remotely 00:00:00
    • 53: Moving Files with Exploits 00:00:00
    • 54: Pilfering from Target Machines 00:00:00
    • 55: Password Attacks 00:00:00
    • 56: Password Guessing with Hydra 00:00:00
    • 57: Lab – Hydra 00:00:00
    • 58: Password Representation Formats 00:00:00
    • 59: Obtaining Hashes & Dumping 00:00:00
    • 60: Lab – MSF psexec, hashdump, and kiwi 00:00:00
    • 61: Pivoting 00:00:00
    • 62: Lab – MSF Pivots 00:00:00
    • 63: John The Ripper 00:00:00
    • 64: Hashcat 00:00:00
    • 65: Lab – Cracking with John & Hashcat 00:00:00
    • 66: Lab – Sniffing & Cracking 00:00:00
    • 67: Pass The Hash Attack 00:00:00
    • 68: Lab – Pass The Hash 00:00:00
    • 69: Kerberos Attacks 00:00:00
    • 70: Responder 00:00:00
    • 71: BloodHound 00:00:00
    • 72: Privilege Escalation & UAC 00:00:00
    • 73: Domain Dominance Attacks 00:00:00
    • 74: Web App Attacks 00:00:00
2021 © Aristi Cybertech Private Limited. All rights reserved.