Penetration testing – detecting and exploiting vulnerabilities Training Course

How to test the security of networks and services

• Penetration testing – what is it?
• Penetration testing versus audit – similarities, differences, and what is appropriate?
• Practical challenges – what can go wrong?
• Scope of tests – what do we want to check?
• Sources of best practices and recommendations.

Penetration testing – reconnaissance

• OSINT – obtaining information from public sources.
• Passive and active network traffic analysis methods.
• Identifying services and network topology.
• Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on testing.

Penetration testing – vulnerability hunting

• Recognizing systems and their versions.
• Searching for vulnerabilities in systems, infrastructure, and applications.
• Assessing vulnerabilities – 'does it hurt?'
• Exploit sources and possibilities for customization.

Penetration testing – attack and gaining control

• Types of attacks – how they are conducted and their consequences.
• Attacks using remote and local exploits.
• Attacks on network infrastructure.
• Reverse shell – managing a compromised system.
• Privilege escalation – becoming an administrator.
• Ready-made 'hacking tools'.
• Analyzing a compromised system – interesting files, saved passwords, private data.
• Special cases: web applications, Wi-Fi networks.
• Social engineering – how to 'break' a human if systems can't be compromised?

Penetration testing – erasing traces and maintaining access

• Logging and activity monitoring systems.
• Cleaning logs and erasing traces.
• Backdoor – how to leave yourself an open entry point.

Penetration testing – summary

• Preparing the report and its structure.
• Delivering and discussing the report.
• Verifying the implementation of recommendations.