HG225: Network Penetration Test & Ethical Hacking

HG225 is designed to get you ready to perform a full-scale, high-value network penetration test, and at the end of the course you’ll do just that. After building your skills in comprehensive and challenging network labs. After this course you will be able to conduct an end-to-end penetration test, applying techniques, tools, and principles from throughout the course as you find and exploit security loopholes in a realistic target organization, demonstrating the skills you’ve gained during this training.

You Will Be Able To

• Develop scoping and rules of engagement for penetration testing projects to ensure that the work is focused, well defined, and conducted in a safe manner.

• Conduct in-depth reconnaissance using document metadata, search engines, and other publicly available information sources to build a technical and organizational understanding of the target environment.

• Utilize the Nmap scanning tool to conduct in-depth network scans, port scans, OS fingerprinting, and version detection to develop a map of target environments.

• Choose and properly execute Nmap Scripting Engine (NSE) scripts to extract detailed information from target systems.

• Analyze the output of scanning tools to manually verify results and perform false positive reduction using Netcat and the Scapy packet crafting tools.

• Utilize the Windows and Linux command lines to plunder target systems for critical information that can further overall penetration test progress, establish pivots for deeper exploitation, and help determine business risks.

• Configure the Metasploit framework to scan, exploit, and then pivot through a target environment.

• Execute Kerberos attacks such as Kerberoasting, Golden Ticket, and Silver Ticket attacks.

• Use Mimikatz to execute domain domination attacks, such as golden ticket abuse, DCSync, etc.

• From an unauthenticated network position to authenticated domain access and mapping the attack path throughout domain.

• Attack Active Directory and use your domain domination to target the on-premise integration.

Hands-on Labs

• Linux for Penetration Testers
• Formulating Scope of Work and Rules of Engagement
• Organizational Recon
• Infrastructure Recon
• User Recon
• Automated Recon with Spiderfoot
• Network Scanning with Nmap
• Faster Scanning with Masscan
• OS Fingerprinting and Version Gathering
• Nmap Scripting Engine
• GhostPack Seatbelt
• Netcat for the Pen Tester
• Initial Access and Password Guessing with Hydra
• Client-Side Attacks using Metasploit
• Exploiting Network Services and Meterpreter
• Port Pivoting Relays
• PowerShell Empire for Post-Exploitation
• Bypassing Application Controls Using Built-in Windows Features
• Creating Malicious Services using WMIC Toolset
• Metasploit Psexec, Hash Dumping
• Pivoting with Metasploit and SSH
• Password Cracking Using Hashcat and John the Ripper
• Sniffing and Cracking Windows Authentication Exchanges
• Credential Harvesting using Metasploit Pivoting and Mimikatz Kiwi
• PowerShell for Pen Testers
• Kerberos Attacks
• Domain Dominance
• Silver Tickets
• Attacking Nearby Clients with Responder
• Domain Mapping and Exploitation
• Effective Domain Privilege Escalation