Among the many topics covered are:
- Discovering and exploit vulnerabilities in network services
- Generating backdoors that bypass anti-virus software
- Generating payloads for spear-phishing campaigns
- Attacking Active Directory and user accounts
- Finding and exploiting vulnerabilities in web applications and APIs
The content taught in this course has been extensively tested against hundreds of computer networks and applications and proved highly effective against targets with a low or moderate defence. In other words, unless your target has an endpoint detection and response (EDR) product deployed across their network, a secure standard operating environment (SSOE), and a professional team of security analysts detecting and responding to breaches, your chances of hacking them, completely, will be high!
If you work on the defensive side of security, this course will teach you many of the most common techniques and tools used by penetration testers and offer you tactics and strategies on how you may protect your network against those techniques.
Aspiring penetration testers and professional penetration testers.
This course is taught by experienced Mossé Security’s instructors. Our instructors have over 10 years of experience delivering penetration testing, red teaming and incident response services for a multitude of industries that have involved complex and multi-faceted approaches. Our instructors each possess the right balance of corporate experience and are competently skilled in presenting and teaching to groups.
Beyond their technical abilities and years of professional experience, our instructors are also trained teachers and public speakers. Their manner of teaching easily conveys their passion for computer security to every one of our students.
Module 1: Professional Penetration Testing
We begin the course by teaching you structured methodologies to deliver penetration testing engagements based on the OWASP Testing Guide, the Penetration Testing Execution Standard (PTES), the PCI Penetration Testing Guide, and the Information Systems Security Assessment Framework (ISSAF).
We will clarify the different types of penetration tests that exist (web application, web services, mobile application, network infrastructure, wireless infrastructure, and other types), and provide practical advice on how one may go about designing, proposing, and obtaining authorization to test and compromise critical IT assets.
Some other important points covered in this module include:
- How do we professionally setup our testing environment in the cloud?
- How are we going to demonstrate a return-on-investment (ROI) on the penetration test(s) we’ll run?
- How are do we identify IT risks that the penetration tests may trigger, and mitigate them ahead of the engagement?
- What can we do to increase the likelihood of the end-client fixing or mitigating the critical issues we’ll identify?
- How do we build a team of penetration testers?
They are hundreds, if not thousands, of free penetration testing tools available online. Mossé Security will also clarify why it selected the tools that it did for this Master Course.
Module 2: Metasploit Masterclass
Begin the course by teaching you about the most famous penetration testing framework: Metasploit.
- Installing, configuring and updating Metasploit
- Understanding the basic concepts in Metasploit (i.e. exploits, auxiliaries, modules, payloads, listeners, and Meterpreter)
- Using Metasploit to exploit known vulnerabilities and obtain a reverse-shell
- Selecting and generating payloads
- Guessing credentials and attacking user accounts
- Password dumping, lateral movement, and pivoting into segmented network zones
- Using Metasploit for Social Engineering attacks
- Navigating your way around Metasploit’s source code to understand its internal workings
Module 3: NMAP & OpenVAS Masterclass
In this module we teach you everything you need to know to discover and fingerprint network services using NMAP and identify whether they are vulnerable to known vulnerabilities using OpenVAS. Topics covered include:
- Installing NMAP and OpenVAS
- Scanning for open ports and fingerprinting network services
- Generating and parsing NMAP XML outputs
- All the different types of scans that NMAP can perform, and how and when to use them
- Scanning for vulnerabilities using OpenVAS
- Cross-referencing results from OpenVAS and NMAP
Module 4: PowerShell Offensive Tools Masterclass
We teach you top PowerShell tools for penetration testing:
- PowerShell Empire, an alternative to Meterpreter
- PoshC2, another alternative to Meterpreter
- PowerSploit, a post-exploitation framework
- Bloodhound, a tool for Active Directory reconnaissance and exploitation
Module 5: Burp Suite Masterclass
The final lecture is on Burp Suite – the leading web application penetration testing proxy:
- Installing and running Burp
- The differences between the Community and Professional Editions
- Introduction to the interface, and the different tools available
- Forwarding traffic through proxies and test machines located in the cloud
- Mastering the Proxy and Target tools
- Mastering the Intruder tool
- Using the Repeater, the Decoder and the Comparer tools
- Structured penetration testing approaches when using Burp Suite
Module 6: Penetration Test Simulation Exercise
We end the class with a penetration testing simulation against a procedurally generated network in the cloud using Dragon-Net. This simulation is like a capture-the-flag competition, but more realistic. Students will have to compromise machines using the techniques they’ve learnt during the class to win points and try to win our friendly competition!
Bring a laptop running the Windows or UNIX operating system with the OpenVPN or Tunnelblick client to connect into our training lab in the cloud.