Penetration testing – detecting and exploiting vulnerabilities Training Course

How to test network and service security

• Penetration testing – what is it?
• Penetration testing vs. audit – similarities, differences, and what is appropriate?
• Practical issues – what can go wrong?
• Scope of tests – what do we want to check?
• Sources of best practices and recommendations.

Penetration testing – reconnaissance

• OSINT – obtaining information from public sources.
• Passive and active methods of network traffic analysis.
• Identification of services and network topology.
• Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on tests.

Penetration testing – vulnerability discovery

• System and version identification.
• Vulnerability discovery in systems, infrastructure, and applications.
• Vulnerability assessment – 'how much does it hurt?'.
• Exploit sources and customization possibilities.

Penetration testing – attack and takeover

• Types of attacks – how are they conducted and what are the outcomes?
• Attacks using remote and local exploits.
• Attacks on network infrastructure.
• Reverse shell – how to manage a compromised system.
• Privilege escalation – how to become an administrator.
• Ready-made 'hacking tools'.
• Compromised system analysis – interesting files, saved passwords, private data.
• Special cases: web applications, WiFi networks.
• Social engineering – how to 'break' a person if systems cannot be hacked?

Penetration testing – evidence elimination and persistence

• Logging systems and activity monitoring.
• Cleaning logs and eliminating evidence.
• Backdoor – how to leave yourself an open entry point.

Penetration testing – summary

• Report preparation and its structure.
• Report delivery and consultation.
• Verification of recommendation implementation.