Penetration testing – detecting and exploiting vulnerabilities Training Course

How to test network and service security

• Penetration testing – what is it?
• Penetration test vs. audit – similarities, differences, and which is appropriate?
• Practical issues – what can go wrong?
• Scope of tests – what do we want to check?
• Resources for best practices and recommendations

Penetration testing – reconnaissance

• OSINT – obtaining information from open sources
• Passive and active network traffic analysis methods
• Identification of services and network topology
• Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on tests

Penetration testing – vulnerability searching

• System and version identification
• Searching for vulnerabilities in systems, infrastructure, and applications
• Vulnerability assessment – "does it hurt?"
• Exploit sources and customization possibilities

Penetration testing – attack and control takeover

• Types of attacks – how are they conducted and what are their consequences?
• Attacks using remote and local exploits
• Attacks on network infrastructure
• Reverse shell – how to manage a taken-over system
• Privilege escalation – how to become an administrator
• Ready-made "hacking tools"
• Analyzing a taken-over system – interesting files, saved passwords, private data
• Special cases: web applications, WiFi networks
• Social engineering – how to "break" a human if the systems cannot be?

Penetration testing – covering tracks and maintaining access

• Logging systems and activity monitoring
• Log clearing and covering tracks
• Backdoor – how to leave an open entry point

Penetration testing – summary

• Report preparation and its structure
• Report delivery and consultation
• Verification of recommendation implementation