Penetration testing – detecting and exploiting vulnerabilities Training Course

How to test the security of networks and services

• Penetration testing – what is it?
• Penetration test vs. audit – similarities, differences, what is appropriate?
• Practical issues – what can go wrong?
• Scope of tests – what do we want to check?
• Sources of best practices and recommendations

Penetration testing – reconnaissance

• OSINT – obtaining information from open sources
• Passive and active methods of network traffic analysis
• Identifying services and network topology
• Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on testing

Penetration testing – vulnerability discovery

• Reconnaissance of systems and their versions
• Searching for vulnerabilities in systems, infrastructure, and applications
• Vulnerability assessment – 'what will it hurt'?
• Exploit sources and possibilities for customization

Penetration testing – attack and taking control

• Types of attacks – how they are conducted and their consequences
• Attack using remote and local exploits
• Attacks on network infrastructure
• Reverse shell – managing a compromised system
• Privilege escalation – becoming an administrator
• Ready-made 'hacking tools'
• Analyzing the compromised system – interesting files, saved passwords, private data
• Special cases: web applications, WiFi networks
• Social engineering – how to 'break' a person if the system can't be?

Penetration testing – covering tracks and maintaining access

• Logging and activity monitoring systems
• Cleaning logs and covering tracks
• Backdoor – how to leave an open entry point

Penetration testing – summary

• Preparing the report and its structure
• Delivering and consulting the report
• Verifying the implementation of recommendations