Security Testing Training MODULES

PLANS AND PRICING

Total modules

10

Total Duration (hrs)

10

Total assignments

10

Getting Started with Security Testing

Training Video - 1

Duration 45 mins

Overview of Security Testing

  • Prerequisites for this Course
  • What is Hacking?
  • Introduction to Hacking
  • Is hacking legal?
  • Different hats/colors of Hacking
Watch Video

Training Video - 2

Duration 30 min

Installation and Configuration

  • How to Download and Install VMware and Kali Linux?
  • How to update Kali?
  • Installing VMware Tools in Kali Linux
  • Install Kali on Mac
  • Going through the settings in Kali Linux and VMware
  • What are VMware Snapshots?
Watch Video

Training Video - 3

Duration 30 mins

Creating Labs for Security Testing

  • Downloading and Installing Windows XP, 2000, 7, 8.1, 10
  • Downloading and Installing Metasploitable

Linux Commands

Training Video - 4

Duration 1 hrs

Basic Linux Commands

  • How to change directory in terminal?
  • How to find current directory?
  • How to clear terminal window?
  • How to create a directory?
  • How to list all the files in current directory?
  • How to create a empty file?

Training Video - 5

Duration 1:30 hrs

Intermediate Linux Commands

  • How to install and remove software?
  • How to create a text file using native Linux text editors (vim and nano)?
  • How to install a software via git?
  • How to Start a program in foreground and background through Terminal?
  • How to output the result to a file via terminal?
  • How to print in a file?

Training Video - 6

Duration 1:30 hrs

Advanced Linux Commands

  • What is shell/bash?
  • How to write shell scripts?
  • Creating Variables
  • What is the path variables?
  • What is and how to do command substitution?
  • Creating arrays, for loops, case, while select statement etc. in bash scripts

Networking

Training Video - 7

Duration 2 hrs

Networking Basics

  • What is IP Address? What is difference between IPv4 and IPv6?
  • What is TCP protocol?
  • What is DNS?
  • What is UDP protocol?
  • What is public and private IP Address?
  • What is DHCP server?

Training Video - 8

Duration 1 hr

Staying Anonymous

  • What is Tor and Proxy Chains?
  • What is Tor and Proxy Chains?
  • How check for DNS leaks?
  • Why HTTP is insecure protocol?
  • How to spoof a MAC address?
  • What is a Virtual Private Network (VPN)?

Training Video - 9

Duration 1:30 hrs

Networking Advanced

  • How to do network packet analysis using wireshark?
  • What is wireshark? and how to use it?
  • Analyzing some major network protocols and services including TCP, UDP, IPv4.

Training Video - 10

Duration 2:30 hrs

Netcat

  • Create outbound or inbound connections, through TCP or UDP, to or from any ports
  • How to Chat between 2 computers?
  • How to do File Transfer between 2 computers?
  • How to execute commands on the victim machine?
  • How to getting information on the open port for services running?
  • How to set up a relay?

Information Gathering

Training Video - 11

Duration 3:30 hrs

Information Gathering - Footprinting

  • What are hacking phases? What is footprinting and recon?
  • What is passive information gathering?
  • What is Google hacking?
  • What is whois lookup tool?
  • How to use social networking sites to gather information?
  • What are some social engineering attacks?

Training Video - 12

Duration 3:40 hrs

Information Gathering - Nmap

  • What is Nmap?
  • How to find all the computers on a network?
  • How to choose which ports and hosts to scan?
  • How to run a simple, a UDP scan, 3-way handshake scan?
  • How to scan the computer using SYN, SYN-ACK and ACK scan?
  • What are Nmap services?

Training Video - 13

Duration 2.30 hrs

Information Gathering - Enumeration

  • What is SNMP? How to Enumerate SNMP?
  • Tools used for SNMP Enumeration - snmp walk, onesixtyone, snmpulkwalk, snmptranslate
  • What is SMB? how to Enumerate SMB?
  • how to take advantage of SMB null sessions?
  • Tools used for SMB Enumeration - nbtscan, rpclient, nmap, smbmap, nbtstat, enum4linux, winfingerprint
  • What is SMTP? how to Enumerate SMTP?

Vulnerability Analysis

Training Video - 14

Duration 2.30 hrs

Vulnerability Analysis - OpenVas and Nessus

  • What are some different vulnerability scanners?
  • How to install and configure OpenVas, Nessus, Nexpose?
  • How to use OpenVas and Nessus?
  • How to configure the scan in OpenVas and Nessus?
  • How to add and remove ports from a scan?
  • How to schedule and run the scan in OpenVas and Nessus

Training Video - 15

Duration 2.5 hrs

Vulnerability Analysis - Nexpose, InsightVM and Nmap

  • How to use Nexpose and InsightVM?
  • How to configure the scan in Nexpose and InsightVM?
  • How to add and remove ports from a scan?
  • How to schedule and run the scan in Nexpose and InsightVM?
  • Explaining the reports generated by scans in Nexpose and InsightVM
  • Generating an Executive Report in Nexpose

Exploitation

Training Video - 16

Duration 1 hr

Exploitation - Metasploit Introduction

  • How to install and start Metasploit in Kali?
  • Checking connection with Metasploit database.
  • Creating a new workspace in Metasploit
  • How to integrating Nmap with Metasploit database?
  • Running Nmap service discovery in Metasploit
  • Using Nmap Metasploit Database wrapper

Training Video - 17

Duration 3.5 hrs

Exploitation - Assembly Language and Buffer Overflows

  • Introduction to Assembly Language
  • What are mnemonic and operands?
  • What is endianess? what is difference between big and little endian?
  • What are registers, stacks and heap?
  • What is the difference between At&t and Intel notation for Assembly Language?
  • how to debug a program using GDB?

Training Video - 18

Duration 1.2 hrs

Exploitation - Buffer Overflow Advanced

  • How to install immunity debugger?
  • How to debug a program using immunity debugger?
  • What is fuzzing? how to do it via python?
  • How to exploit a buffer manually?
  • How to add modules in immunity debugger?
  • Getting payload shellcode from msfvenom

Training Video - 19

Duration 1.5 hrs

Exploitation - Metasploit Advanced

  • Hacking SLMail 5.5 through Metasploit
  • What is the difference between staged and non-staged payload?
  • How to create Portable executable through Metasploit?
  • How to achieve anti-virus avoidance?
  • What is encoding? how to encode a payload?
  • How to create payload through msfvenom?

Post-Exploitation

Training Video - 20

Duration 1 hr

Post Exploitation - File Upload and Download

  • How to upload and download files onto the victim machine using different methods?
  • How to upload using FTP?
  • Setting up FTP server
  • Downloading files non interactively
  • Using debug.exe, exe2bat, and exe2powershell to send files
  • Writing powershell scripting to download files

Training Video - 21

Duration 2.5 hrs

Post Exploitation - Privilege Escalation, Pivot and Backdoor

  • What are Privilege Escalation attacks?
  • How to Escalate Privileges in windows and Linux using locally run exploit?
  • Create a exploit standalone executable using pyinstaller
  • Privilege escalation of windows 7 via Metasploit
  • What is pivoting?
  • How to do pivoting through Metasploit?

Attacks

Training Video - 22

Duration 1 hr

Wireless Attacks

  • How to connect to VMware machines with wireless adapters directly?
  • How to put wireless adapters into monitor mode?
  • How to hack into wireless network (WPA2-PSK)?
  • What are the security flaws of open network?
  • How to get credentials from unencrypted communication between to machines?

Training Video - 23

Duration 3.5 hrs

Password Attacks

  • How are passwords stored? Different Ways of storing the passwords?
  • What are hashes? what are different formats of hashes?
  • Getting the hashes from windows and linux?
  • Using John the ripper to crack the password?
  • What are the different modes of John? single, wordlist and incremetal mode.
  • What are mangling rules? how to to add mangling rules to john?

Training Video - 24

Duration 1.5 hrs

Website Attacks -SQL Injection Part 1

  • How to install Mutillidae and Xampp in windows 10?
  • updating mutillidae in metasploitable2.
  • What is SQL? Some basic commands - Select statement, where clause, orderby clause etc
  • How to install mutillidae in kali?
  • What is SQL injection? what are the basics of sql injection?
  • What are tautologies in sql injection?

Training Video - 25

Duration 1 hr

Website Attacks -SQL Injection Part 2

  • What are union based sql injection?
  • How to find corresponding values for each column?
  • How to get all the table names?
  • How to get all the column names?
  • How to get the values of those columns?
  • How to increase the text value of the text box?