It is continuously becoming harder to circumvent the security controls on externally facing systems and gain full access to the internal network. With the different types of technologies, hardening techniques, and detection; the job of a penetration tester continues to get more advanced. This course is designed to teach advanced techniques in order to bypass security defenses, gain access to an organization, and further penetrate into the network. Learn the techniques, tricks, and secrets from the author of the Social-Engineer Toolkit (SET) and one of the top penetration testers. What you’ll learn in this course:
• Fundamental penetration testing concepts and an overview on methodologies and techniques.
• Basics of open-source tools and technologies and understanding attack avenues.
• Understanding of the Social-Engineer Toolkit (SET) and advanced features.
• Bypassing security technologies such as whitelisting/blacklisting, anti-virus, and other preventative measures.
• Develop a solid understanding of penetration testing techniques and tricks of the trade.
• High-level development concepts of Python and basics to programming.
• Creating your own exploits and tools in Python and utilizing them in attack vectors.
• An understanding of post exploitation and utilizing different tools and technologies in order to further penetrate a network.
The course is designed for beginner and intermediate levels. Basic concepts of Linux and maneuvering in Kali Linux is required.
The student must have a working machine with Kali Linux as well as a Windows machine with Java loaded. These can be virtualized and one can be the primary. No anti-virus on the Windows machine (we will need to write bypass payloads first to evade). Ensure connectivity between the two virtual machines and that networking is working properly. VMWare is required for the virtualization, demo/trial versions can be used with VMWare Workstation (Windows) or VMWare Fusion (MAC).
The student must have a working machine with Kali Linux as well as a Windows machine with Java loaded. These can be virtualized and one can be the primary. No anti-virus on the Windows machine (we will need to write bypass payloads first to evade). Ensure connectivity between the two virtual machines and that networking is working properly. VMWare is required for the virtualization, demo/trial versions can be used with VMWare Workstation (Windows) or VMWare Fusion (MAC).
Code samples, vulnerable applications, electronic copy of the Metasploit: The Penetration Testers Guide book, anti-virus safe payloads, custom tools, and more.
David Kennedy (@hackingdave) is founder and principal security consultant of TrustedSec - An information security consulting firm located in Cleveland Ohio. David was the former Chief Security Officer (CSO) for a Fortune 1000 where he ran the entire information security program. Kennedy is a co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery. Kennedy has presented on a number of occasions at Black Hat, Defcon, DerbyCon, ShmooCon, BSIDES, Infosec World, Notacon, AIDE, ISACA, ISSA, RSA, Infragard, Infosec Summit, Hack3rCon and a number of other security-related conferences. Kennedy has been interviewed by several news organizations including CNN, The Katie Couric Show, CNBC, Fox News, Fox Business, Bloomberg, Huffington Post, Neil Cavuto, Special Report with Bret Baier, Anderson Cooper Show, and BBC World News. Kennedy was formally on the Back|Track development team and Exploit-DB team and co-host of the Social-Engineer.org podcast. Kennedy is one of the co-authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. Kennedy is the co-founder of DerbyCon, a large-scale conference in Louisville Kentucky. Prior to Diebold, Kennedy was a VP of Consulting and Partner of a mid-size information security consulting company running the security consulting practice. Prior to the private sector, Kennedy worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.