Network Security: Penetration Attack Testing
Request information about bringing this course to your site.
This two-day course is meant to bring security professionals up to speed with tools, tactics, and skills of today’s hackers. It also serves as an introduction to the methodology of penetration testing and how to conduct and manage such test. The skills learnt throughout this course are the first steps towards being an effective penetration tester. We will learn about the characteristics of social engineering attacks, how they exploit human emotions, how a successful attack is conducted, and proper defense mechanisms against them. We will also discuss physical and logical penetration, the tactics hackers follow to place themselves physically or logically inside an organization, and proper defense mechanisms. Insider attacks are one of the most dangerous as they involve entities that already have some level of access. We will discuss examples of insider attacks and how to defend against them. Finally, we will learn about vulnerability analysis (scanning and fuzzing), exploitation (software buffer/heap overflow), and Wi-Fi penetration.
This is an experiment-oriented course where we will be conducting experiments in a lab environment for every topic discussed. Students will participate in experiments, which the instructor will prepare, to show how a given attack is conducted and how to defend against it.
Upon completing the course you will be able to:
- Understand the ethics of penetration testing
- The legal system and how it might affect a penetration test
- Social engineering attacks, how one is conducted, and proper defense mechanism (Lab: using the Social Engineering Toolkit)
- Insider attacks, the potential damage, how such attack is carried, and proper defense mechanisms (Lab: password cracking)
- Vulnerability analysis (using Nessus and OpenVAS) and fuzzing
- Vulnerability exploitation (using Metasploit/W3AF/custom exploits)
- Wi-Fi penetration testing (scanners, password crackers, DoS)
- Managing a successful penetration test
Professionals such as engineers, product developers, managers, security officers, city/state government or law enforcement professional, and network administrators who have a special interest in quickly getting up to speed with the penetration testing methodology, skills, and techniques