This Course is available in the following format:
Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training Course Hands-on
Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training is designed as a logical progression point for those who have completed Network Penetration Testing and Ethical Hacking Training Hacking, or for those with existing penetration testing experience. Students with the prerequisite knowledge to take this Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training course will walk through dozens of real-world attacks used by the most seasoned penetration testers. The methodology of a given attack is discussed, followed by exercises in a hands-on lab to consolidate advanced concepts and facilitate the immediate application of techniques in the workplace. Each day of the Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training course includes a two-hour evening boot camp to drive home additional mastery of the techniques discussed. A sample of topics covered includes weaponizing Python for penetration testers, attacks against network access control (NAC) and virtual local area network (VLAN) manipulation, network device exploitation, breaking out of Linux and Windows restricted environments, IPv6, Linux privilege escalation and exploit-writing, testing cryptographic implementations, fuzzing, defeating modern OS controls such as address space layout randomization (ASLR) and data execution prevention (DEP), return-oriented programming (ROP), Windows exploit-writing, and much more!
Attackers are becoming more clever and their attacks more complex. To keep up with the latest attack methods, you need a strong desire to learn, the support of others, and the opportunity to practice and build experience. This Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training course provides attendees with in-depth knowledge of the most prominent and powerful attack vectors and furnishes an environment to perform these attacks in numerous hands-on scenarios. The Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training course goes far beyond simple scanning for low-hanging fruit and shows penetration testers how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.
• If you are familiar with some aspects of this Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the course in manner understandable to lay audiences.
This is a fast-paced, Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training course that requires a strong desire to learn advanced penetration testing and custom exploitation techniques. The following SANS courses are recommended either prior to or as a companion to taking this course:
• Hacker Tools, Techniques, Exploits, and Incident Handling
• Network Penetration Testing and Ethical Hacking
Experience with programming in any language is highly recommended. At a minimum, students are advised to read up on basic programming concepts. Python is the primary language used during class exercises, while programs written in C and C++ code are the primary languages being reversed and exploited. The basics of programming will not be covered in this course, although there is an introductory module on Python.
You should also be well versed with the fundamentals of penetration testing prior to taking this course. Familiarity with Linux and Windows is mandatory. A solid understanding of TCP/IP and networking concepts is required
Audience / Target Group:
The target audience for this Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training course:
• Network and Systems Penetration Testers: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training provides penetration testers with the training they need to perform advanced testing against known or unknown applications, services, and network systems. And the course gives students the expertise to perform complex attacks and develop their own exploits for existing and new frameworks.
• Incident Handlers: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training gives incident handlers the knowledge they need to understand advanced threats, as handlers are often tasked with determining the threat level associated with an attack. The ability to understand advanced attack techniques and analyze exploit code can help a handler identify, detect, and respond to an incident.
• Application Developers: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training teaches developers the ramifications of poor coding. Often, a developer or code reviewer is required to clearly demonstrate the threat and impact of a coding error. This course provides developers with the knowledge to create proof-of-concept exploit code and document their findings.
• IDS Engineers: This Course teaches IDS professionals how to analyze exploit code and identify weaknesses. This knowledge can be used to write better IDS signatures and understand the impact of an alert.
What You Will Learn:
Upon completing this Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training course, learners will be able to meet these objectives:
• How to perform penetration testing safely against network devices such as routers, switches, and NAC implementations.
• How to test cryptographic implementations.
• How to exploit environments using virtualization and network booting technology such as PXE.
• How to fuzz network and stand-alone applications.
• How to write exploits against applications running on Linux and Windows systems.
• How to bypass exploit mitigations such as ASLR, DEP, and stack canaries.
Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Training – Course Syllabus:
Network Attacks for Penetration Testers
Bypassing network access/admission control (NAC)
Impersonating devices with admission control policy exceptions
Exploiting EAP-MD5 authentication
Custom network protocol manipulation with Ettercap and custom filters
Multiple techniques for gaining man-in-the-middle network access
IPv6 for penetration testers
Exploiting OSPF authentication to inject malicious routing updates
Using Evilgrade to attack software updates
Overcoming SSL transport encryption security with Sslstrip
Remote Cisco router configuration file retrieval
Crypto, Network Booting Attacks, and Escaping Restricted Environments
Pen testing cryptographic implementations
Exploiting CBC bit flipping vulnerabilities
Exploiting hash length extension vulnerabilities
Delivering malicious operating systems to devices using network booting and PXE
Post Exploitation with PowerShell and Metasploit
Escaping Software Restrictions
Two-hour evening Capture the Flag exercise using PXE, network attacks, and local privilege escalation
Python, Scapy, and Fuzzing
Becoming familiar with Python types
Leveraging Python modules for real-world pen tester tasks
Manipulating stateful protocols with Scapy
Using Scapy to create a custom wireless data leakage tool
Product security testing
Using Taof for quick protocol mutation fuzzing
Optimizing your fuzzing time with smart target selection
Automating target monitoring while fuzzing with Sulley
Leveraging Microsoft Word macros for fuzzing .docx files
Block-based code coverage techniques using Paimei
Exploiting Linux for Penetration Testers
Stack and dynamic memory management and allocation on the Linux OS
Disassembling a binary and analyzing x86 assembly code
Performing symbol resolution on the Linux OS
Identifying vulnerable programs
Code execution redirection and memory leaks
Identifying and analyzing stack-based overflows on the Linux OS
Performing return-to-libc (ret2libc) attacks on the stack
Defeating stack protection on the Linux OS
Defeating ASLR on the Linux OS
Exploiting Windows for Penetration Testers
The state of Windows OS protections on Windows 7, 8, 10, Server 2008 and 2012
Understanding common Windows constructs
Stack exploitation on Windows
Defeating OS protections added to Windows
Creating a Metasploit module
Advanced stack-smashing on Windows
Building ROP chains to defeat DEP and bypass ASLR
Windows 7 and Windows 8 exploitation
Porting Metasploit modules
Capture the Flag Challenge
This day will serve as a real-world challenge for students by requiring them to utilize skills they have learned throughout the course, think outside the box, and solve a range of problems from simple to complex. A web server scoring system and Capture the Flag engine will be provided to score students as they capture flags. More difficult challenges will be worth more points. In this offensive exercise, challenges range from local privilege escalation to remote exploitation on both Linux and Windows systems, as well as networking attacks and other challenges related to the course material.