DIS10-2 Penetration Testing And Security Analyst Certification



Penetration Testing Certification


DIS10.2 : Penetration Testing and Security Analyst Certification include In-depth Penetration Testing Process used in current industry to counter various network and web based attack. Penetration testing process includes type of penetration testing and vulnerability Assessments which are done by Security Auditors. (25 Credits towards DIS10 Diploma)


Course Content


1: How to Plan your Penetration Testing


  • What is Penetration Testing?
  • Various Types of Penetration Testing.
  • Best Industry Practices for Penetration Testing.
  • Tool-set required for Penetration Testing
  • Penetration Testing Check Lists (Very Important)


2: Scoping Your Penetration Testing


  • Scope of Penetration Testing
  • Information Gathering Using the Latest Reconnaissance Tools
  • Rules of Engagements
  • Detailed Reporting documents(Samples)
  • Search Engine Digging and Information Extraction


3. Network and Web-Application Scanning Techniques


  • What is Scanning?
  • What are the Best Tool sets for Scanning- Network Scanning Tool.
  • What are the Best Tool sets for Scanning- Web Application Scanning Tool.
  • How to Use extract information from TCP Headers : TCP Dump.
  • Networking Mapping Tool NMAP
  • Nmap Scripting Engine (Using them in your Pentest)
  • Nmap : Version Scanning/ OS Scanning/ Services Scanning/
  • Finding Vulnerability in Network : GFI / Nessus
  • Packet Crafting Tool : Scappy/ Colasoft Packet Builder
  • User Name Enumeration
  • Swizz Knife : Netcat(All in one tool)


4. Network Exploitation Attack Vectors


  • Network Exploitation Tools
  • Understanding exploits/Payload
  • In-dept Metasploiting Windows / Linus Systems
  • Metasploitable : Exercise
  • Using various Metasploit Modules like Exploits/Payloads/auxiliary
  • AV evasion Techniques in metasploit
  • In-Depth Meterpreter payload Using, Hands-On
  • Gaining Access to Target System using meterpreter Sessions.


5.Post Exploitation Phase


  • Windows Hidden Commands.
  • Using NC as a backdoor.
  • Attacking Passwords using word-list and Brute force
  • Automated Password Guessing with THC-Hydra/John the ripper
  • Retrieving and Manipulating Hashes from Windows, Linux, and Other Systems


6. In-depth Password Attacks


  • Password Cracking with John the Ripper
  • Password Cracking with Hydra
  • Sniffing and Cracking Windows Authentication Exchanges Using Cain
  • Dictionary Table Generation
  • Using Rainbow Tables to Maximum Effectiveness
  • Pass-the-Hash Attacks with Metasploit and More


7. Web Application Penetration Testing


  • Finding and Exploiting Cross-Site Scripting
  • Cross-Site Request Forgery
  • SQL Injection
  • Leveraging SQL Injection to Perform Command Injection
  • Maximizing Effectiveness of Command Injection Testing
  • Web Application Exploitation Using w3af/Acuteness/Burp suite/Proxy application
  • How to use Burp Suite?
  • Capturing and replaying request and responses.
  • Various Modules in Burp like /sequencer/repeater/Dir scanning/splitting response
  • Finding and Exploiting Cross-Site Scripting
  • Cross-Site Request Forgery
  • SQL Injection
  • Performing Command Injection
  • Source Code Disclosure attack
  • Hidden form Field Exploitation Attacks


8: Penetration Test Reporting


  • Penetration Testing Deliverable and Conclusion
  • Penetration Testing Report and Documentation Writing
  • Penetration Testing Report Analysis
  • Post Testing Actions
  • Ethics of a  Penetration Tester
  • Standards and Compliance