Advanced Penetration Testing Course in Ahmedabad

Advanced Penetration Testing

As technology advances, so do the threats to our systems. In order to stay ahead of the curve, we need to be constantly upgrading our skills and learning new techniques. That’s why the IONX Institute offers advanced penetration testing training in Ahmedabad, India and also provide Online Training in world. in this course we will explore the benefits of advanced penetration testing training and how it can help you stay ahead of the curve. The Advanced Penetration Testing is an all-embracing course that expertly explains to optimize Kali Linux and its powerful tools for advanced wired and wireless networks. The course focuses to demonstrate advanced techniques to perform penetration testing. You learn to use Metasploit Framework and practices used in exploiting Windows. Vulnerability scanning forms an integral part of this comprehensive training and demonstrates how a system is targeted and exploited. The training also empowers you with detailed understanding of diverse post-exploitation techniques and modernistic techniques to evade antivirus while understanding the customization of attacks.

The course focuses to demonstrate advanced techniques to perform penetration testing. You learn to use Metasploit Framework and practices used in exploiting Windows. Vulnerability scanning forms an integral part of this comprehensive training and demonstrates how a system is targeted and exploited. The training also empowers you with detailed understanding of diverse post-exploitation techniques and modernistic techniques to evade antivirus while understanding the customization of attacks.

Enroll for Advanced Penetration Testing Traning Free Demo Class

Request Demo Class

₹39000/- | $550/- Duration: 150 Days
[Note: Prices displayed are after Discount and includes GST]

Advanced Penetration Testing Brochure

Download

Fundamental of Redhat Linux, kali linux, parrot OS
Ethical Hacking Training
WAPT - Web Application Penetration Testing
NAPT - Netwok Vulnerability Pentrartion testing
vAPI - Vulnerable Adversely Programmed Interface

Detailed Syllabus of for Advanced Penetration Testing Course

Managing physical storage

Install and configure software components and services

Establish network connections and control firewall restrictions

Monitor and manage running processes

Manage and secure files and file systems

Administer users and groups

Review the system log files and journal for issues

Troubleshoot problems and analyze systems with Red Hat Insight

Introduction

Building a LAB: Concepts

Building a LAB: Networking

Deploy a Kali Linux VM

Adding Metasploitable to Your Lab

Adding Windows to Your Lab

Configure a Static IP on Kali

Windows Evaluations

Deploy Windows 8.1

Deploy Windows 2012

Deploy Windows 10

Deploy Windows 2016

Ethics and Hacking

Hacking Vocabulary

InfoSec Concepts

Attack Categories, Types, and Vectors

5 Phases of Hacking

Footprinting and Reconnaissance Concepts

Search Engine Tools

Hacking using Google

Website Recon Tools

Metagoofil Metadata Tool

Email Headers for Footprinting

Using WHOIS for Recon

DNS Tools

Network Scanning Overview

Network Scanning Methodology

Port Discovery

Network Scanning Tools

Stealth Idle Scanning

OS and Application Fingerprinting

Vulnerability Scanning

Network Mapping Tools

Proxy Servers

Using Public Proxy Services

Enumeration Concepts

NetBIOS Enumeration

SNMP Enumeration Concepts

SNMP Enumeration Tools

LDAP Enumeration Concepts

LDAP Enumeration Example

NTP Enumeration

SMTP Enumeration

System Hacking Overview

Password Cracking Concepts

Password Attack Example: MITM and Sniffing

Rainbow Crack Lab Setup

Rainbow Crack Demonstration

Password Reset Hacking

DHCP Starvation

Remote Access

Spyware

NTFS Alternate Data Streams Exploit

Steganography with OpenPuff

Steganography with SNOW

Covering Tracks

Malware Overview

Trojan Overview

Creating a Trojan

Virus Overview

Virus Creation

Detecting Malware

Malware Analysis

Hash File Verification

Sniffing Overview

CAM Table Attack and Port Security

DHCP Snooping

Dynamic ARP Inspection

Social Engineering

Denial of Service (DoS) Attacks

Session Hijacking

Hacking Web Servers

Buffer Overflow

OWASP Broken Web Application Project

Shell shock

SQL Introduction

SQL Injection

Web App Vulnerabilities: WordPress

Wireless Hacking

Using an Android VM

Malware for Mobile

Mobile Device Risks and Best Practices

Firewall Evasion

Firewall ACL Example

NAT and PAT fundamentals

IDS/IPS Evasion

Honeypots

Cloud Computing

CIA: Confidentiality, Integrity, and Availability

Policies

Quantifying Risk

Separation of Duties

Symmetrical Encryption Concepts

Asymmetrical Encryption Concepts

Control Types

Multi-factor Authentication

Centralized Identity Management

Kerberos and Single Sign On (SSO)

Backups and Media Management

Operations Security Controls

Physical Security Controls

Incident Response

VPN

Disaster Recovery Planning

Pen Testing Tips

OWASP Top 10 Vulnerabilities
Threat Modelling Principle
Site Mapping & Web Crawling
Server & Application Fingerprinting
Identifying the entry points
Page enumeration and brute forcing
Looking for leftovers and backup files

Authentication vulnerabilities

Authentication scenarios
User enumeration
Guessing passwords – Brute force & Dictionary attacks
Default users/passwords
Weak password policy
Direct page requests
Parameter modification
Password flaws
Locking out users
Lack of SSL at login pages
Bypassing weak CAPTCHA mechanisms
Login without SSL

Authorization vulnerabilities

Role-based access control (RBAC)
Authorization bypassing
Forceful browsing
Client-side validation attacks
Insecure direct object reference

Improper Input Validation & Injection vulnerabilities

Input validation techniques
Blacklist VS. Whitelist input validation bypassing
Encoding attacks
Directory traversal
Command injection
Code injection
Log injection
XML injection – XPath Injection | Malicious files | XML Entity
bomb
LDAP Injection
SQL injection
Common implementation mistakes – authentication
Bypassing using SQL Injection
Cross Site Scripting (XSS)
Reflected VS. Stored XSS
Special chars – ‘ & < >, empty

Insecure file handling

Path traversal
Canonicalization
Uploaded files backdoors
Insecure file extension handling
Directory listing
File size
File type
Malware upload

Session & browser manipulation attacks

Session management techniques
Cookie based session management
Cookie properties
Cookies – secrets in cookies, tampering
Exposed session variables
Missing Attributes – httpOnly, secure
Session validity after logoff
Long session timeout
Session keep alive – enable/disable
Session id rotation
Session Fixation
Cross Site Request Forgery (CSRF) – URL Encoding
Open redirect

Information leak

Web Services Assessment
Web Service Testing
OWASP Web Service Specific Testing
Testing WSDL
Sql Injection to Root
LFI and RFI]
OWASP Top 10 Revamp

TCP/IP Packet Analysis
Overview of Network Security
Port and Protocols & Analysis
Linux Server Installation
Windows Client / Linux Installation
Basic commands (Windows / Linux)
Kali Linux Installation

Wireshark

Introduction
ICMP Packet Analysis
ARP Packet Analysis
3 way handshake Analysis
Tracert Command Analysis
Packet Forensics
Nmap Packet Forensics

NMAP Basics

Network Sweeping
OS Discovery
SYN Scan
UDP Scan
XMAS Scan
FIN Scan
NULL Scan

Nmap Firewall Scan

Fragment Scan
Data Length Scan
TTL Scan
Source Port Scan
Decoy Scan
Spoof IP Scan
Spoof MAC Scan
Data String Scan
Hex String Scan
IP Options Scan

Metasploit

Metasploit Basic
Msfvenom
Auxiliary scanner
Windows Reverse TCP
Windows HTTPS Tunnel
Hidden Bind TCP
Macro Payloads
Shell on the Fly (Transport)
Bypass User Access Control
Pass the Hash
Post Exploitation

Dictionary & Passwords Attacks

Hydra
Medussa
Crunch
CeWL
WCE
Mimikatz
cUPP
Online attacks

FTP Penetration Testing (Port 21)

Introduction & Lab setup
Banner Grabbing/Banner Hiding
Port forwarding /Time Scheduling
Brute forcing/Secure
Pivoting/Tunneling [windows]

SSH Penetration Testing (Port 22)

Introduction & Lab setup
Banner Grabbing/Banner Hiding
Port forwarding /Time Scheduling
Brute forcing/Secure
Pivoting/Tunneling
Multiple way to secure ssh

Telnet Penetration Testing (Port 23)

Introduction & Lab setup
Banner Grabbing/Banner Hiding
Port forwarding /Time Scheduling
Brute forcing/Secure
Pivoting/Tunneling

SMTP Penetration Testing (Port 25)

Introduction & Lab setup
Banner Grabbing/Banner Hiding
Port forwarding /Time Scheduling
Brute forcing/Secure
Penetration testing with SWAKS

DNS & DHCP Penetration Testing (Port 53, 67, 68)

Introduction & Lab setup
DNS Enumeration
DHCP Packet Analysis with Wireshark
DHCP Starvation attack
Rogue DHCP Server
Tools (Gobbler, responder, Yersinia)

NetBIOS & SMB Penetration Testing (Port 135-445)

Introduction & Lab setup
SMB Enumeration
SMB Null Sessions
Enum4Linux
NetBIOS Spoofing
Banner Grabbing/Banner Hiding
Brute forcing/Secure
Pivoting/Tunneling
Penetration Testing with (PS exec, eternal blue )
Multiple way to connect smb

SNMP Penetration Testing (Port 161, 162)

Introduction & Lab setup
Banner Grabbing/Banner Hiding
Port forwarding /Time Scheduling
Brute forcing/Secure
Penetration Testing with Metasploit and Nmap

MSSQL Penetration Testing (Port 1433)

MSSQL Brute force Attack
Enumerate MSSQL configuration setting
Identifying SQL Server logins
Identify Database owner
Identify a User With masquerade privilege
Execute SQL Statement
Retrieve MSSQL Password Hashes of Users
Decode Password Hashes of Users
Extracting MYSQL Schema Information

MySQL Penetration Testing (Port 3306)

Introduction and Lab setup
MYSQL Brute Force Attack
mysql banner user/file/ Enumeration
Stealing MYSQL information
Check File Privileges
Enumerate MYSQL writeable directories
Extract MYSQL Username with Hash Password
Crack Hash Password with John the Ripper
Secure MYSQL through port forwarding
Prevent Mysql against brute force attack

Remote Desktop Penetration Testing (Port 3389)

Introduction & Lab setup
Banner Grabbing/Banner Hiding
Port forwarding /Time Scheduling
Brute forcing/Secure
Pivoting/Tunneling
DOS Attack

VNC Penetration Testing (Port 5900, 5901)

Introduction & Lab setup
Banner Grabbing/Banner Hiding
Port forwarding /Time Scheduling
Brute forcing/Secure
Penetration Testing with Metasploit and Nmap
Pivoting/Tunneling

Sniffing & Spoofing

Introduction
ARP Poisoning
MAC Address Snooping
DNS Spoofing
DNS Poisoning
Capture NTLM Hashes
Xerosploit

Socks Proxy Penetration Testing

Socks proxy lab setup
SSH
FTP
HTTP

IDS, Firewall, Honeypots

Setup Snort Lab in Ubuntu
Understanding Snort Rules
Introduction to IPtables
Introduction to Windows Firewall
ICMP Detect
TCP Packet Detect
Detect Nmap Scan
Detect Dos Attack
Antivirus Evasion with veil

DOS Attack Penetration Testing

Introduction to DOS Attack
Botnet
D-DOS Attack
SYN Flood Attack
UDP Flood
Smurf Attack
Packet Crafting
Others DOS Attack Tools

Social Engineering Attack

Introduction to Social Engineering Attack
Payload and Listener Attack
Java Applet Attack
HTA Attack
MSFPC
DOS Attack
PowerShell Attack Vector
VNC Attack

Covering Tracks & Maintaining access

Persistence
s4u_persistence
VSS_Persistence
Registry Persistence
Netcat
Clear Event Logs

Network Vulnerability Assessment Tool

Nessus
GFI Languard
Nexpose
Openvas
MBSA

This Course your knowledge and skills related to implementing core enterprise network technologies, including:

Intelligence Gathering

Scanning and Enumeration

What is hashing?

Scripting

Exploitation

The Metasploit Framework

Post -Exploitation

Wireless Exploitation and Wireless auditing

Web Application Penetration Testing

Data Collection,Evidence Management, and Reporting

Advanced Penetration Testing

Advanced Penetration Testing Course Overview

Now get CCNA 200-301 + CCNP Combo @ ₹40K Only. Offer for Limited period!