Scribd Logo
Upload

Welcome to Scribd!

  • 394 views

    PTS Syllabus

    Uploaded by

    Brian Janitra
    The document outlines the syllabus for a Penetration Testing Course for Students offered by eLearnSecurity. The course is divided into two main sections: Preliminary Skills and Penetration Testing. Each section covers multiple chapters on topics such as networking, vulnerability assessment, information gathering, footprinting and scanning, attacks and exploitation, web servers, SQL injection, and using Metasploit. The course includes slides, videos, quizzes, exercises and provides students access to a virtual lab environment to apply the skills learned.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd

    PTS Syllabus

    Uploaded by

    Brian Janitra
    394 views6 pages
    The document outlines the syllabus for a Penetration Testing Course for Students offered by eLearnSecurity. The course is divided into two main sections: Preliminary Skills and Penetration Testing. Each section covers multiple chapters on topics such as networking, vulnerability assessment, information gathering, footprinting and scanning, attacks and exploitation, web servers, SQL injection, and using Metasploit. The course includes slides, videos, quizzes, exercises and provides students access to a virtual lab environment to apply the skills learned.

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document outlines the syllabus for a Penetration Testing Course for Students offered by eLearnSecurity. The course is divided into two main sections: Preliminary Skills and Penetration Testing. Each section covers multiple chapters on topics such as networking, vulnerability assessment, information gathering, footprinting and scanning, attacks and exploitation, web servers, SQL injection, and using Metasploit. The course includes slides, videos, quizzes, exercises and provides students access to a virtual lab environment to apply the skills learned.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    394 views6 pages

    PTS Syllabus

    Uploaded by

    Brian Janitra
    The document outlines the syllabus for a Penetration Testing Course for Students offered by eLearnSecurity. The course is divided into two main sections: Preliminary Skills and Penetration Testing. Each section covers multiple chapters on topics such as networking, vulnerability assessment, information gathering, footprinting and scanning, attacks and exploitation, web servers, SQL injection, and using Metasploit. The course includes slides, videos, quizzes, exercises and provides students access to a virtual lab environment to apply the skills learned.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 6

    Penetration Testing Course for Students

    Syllabus

    eLearnSecurity s.r.l. Via Carnelutti 11, 56124, Pisa, Italy | www.elearnsecurity.com

    The Penetration Testing Course for Student is divided into two main section:

    Preliminary Skills Penetration Testing


    Every chapter in the above sections contains:
    Interactive slides (650) Video training (total 3 hours of video training) Self assessment quizzes Practical exercises (where possible) References and books for further studies

    All examples, videos and exercises are based on Backtrack 4. A Lab module will allow the student to set up a lab environment with Backtrack 4 and a vulnerable virtual machine.

    eLearnSecurity s.r.l. Via Carnelutti 11, 56124, Pisa, Italy | www.elearnsecurity.com

    1. Preliminary Skills
    1.1. Understanding the Penetration Testing Process
    1.1.1. How penetration testers work

    1.2. Vulnerability Assessment


    1.2.1. Tools: 1.2.1.1. Nessus

    1.3. Technical Background


    1.3.1. Networking 1.3.1.1. 1.3.1.2. 1.3.1.3. 1.3.1.4. 1.3.1.5. 1.3.1.6. 1.3.1.7. 1.3.1.8. 1.3.1.9. Packets IP Address Routing Forwarding ARP TCP UDP Firewalls Wireshark Wireshark configuration Exercises: Studying networking with Wireshark

    1.3.1.9.1. 1.3.1.9.2.

    1.3.2. Web Applications 1.3.2.1. 1.3.2.2. 1.3.2.3. 1.3.2.4. 1.3.2.5. HTTP Protocol basics Cookies Sessions Same Origin Study web applications and http with Burp Suite

    eLearnSecurity s.r.l. Via Carnelutti 11, 56124, Pisa, Italy | www.elearnsecurity.com

    2. Penetration Testing
    2.1. Information Gathering
    2.1.1. Open Source Information Gathering

    2.2. Footprinting & Scanning


    2.2.1. Mapping The Remote Network 2.2.2. OS Fingerprinting with nmap 2.2.3. Port Scanning 2.2.3.1. Nmap

    2.3. Attacks & Exploitation


    2.3.1. Malware 2.3.1.1. 2.3.1.2. 2.3.1.3. 2.3.1.4. 2.3.1.5. 2.3.1.6. 2.3.1.7. 2.3.1.8. 2.3.1.9. 2.3.1.10. 2.3.1.11. 2.3.1.12. 2.3.1.13. 2.3.1.14. 2.3.2. XSS 2.3.2.1. 2.3.2.2. 2.3.2.3. 2.3.2.4. Finding vulnerable websites Reflected XSS Persistent and XSS Exploitation Virus Trojan Horses Rootkit Bootkit Backdoors Adware Spyware Greyware Dialer Key-logger Botnet Ransomware Data-Stealing Malware Worm

    2.3.3. Password Cracking 2.3.3.1. Brute Force Attack

    eLearnSecurity s.r.l. Via Carnelutti 11, 56124, Pisa, Italy | www.elearnsecurity.com

    2.3.3.2. 2.3.3.3.

    Dictionary Attack Using Hydra and John the ripper to crack passwords

    2.3.4. Breaking into Windows machines with Null Sessions 2.3.4.1. Exploiting Null Sessions with Windows tools Net, Nbtstat, Enum, Winfo

    2.3.4.1.1. 2.3.4.2.

    Exploiting Null Sessions with Linux tools

    2.3.5. Web Servers 2.3.5.1. Fingerprinting Netcat HttpRecon

    2.3.5.1.1. 2.3.5.1.2. 2.3.5.2.

    Exploiting misconfigurations Finding hidden files Uploading PHP shells Using Google Hacking to discover hidden files

    2.3.5.2.1. 2.3.5.2.2. 2.3.5.2.3.

    2.3.6. Buffer Overflows 2.3.6.1. 2.3.6.2. Understanding Buffer overflow and the stack Exploitation

    2.3.7. Guide to Metasploit 3.6 2.3.8. SQL Injection 2.3.8.1. 2.3.8.2. 2.3.8.3. Understanding SQL injection Finding SQL injections in websites Retrieve data from remote databases through: Sqlninja sqlmap

    2.3.8.3.1. 2.3.8.3.2.

    eLearnSecurity s.r.l. Via Carnelutti 11, 56124, Pisa, Italy | www.elearnsecurity.com

    eLearnSecurity
    Information Security Training Solutions eLearnSecurity is a global Information Technology Security Training Solutions provider, catering to Government bodies, Educational Institutions and IT Security Professionals around the world. Website: E-mail: Phone: Address: http://www.elearnsecurity.com [email protected] +39 050 574113 Head Office Pisa, Italy

    eLearnSecurity s.r.l. Via Carnelutti 11, 56124, Pisa, Italy | www.elearnsecurity.com

    You might also like