HANDS ON PRACTICAL ON PENETRATION TESTING – Fee 40 Thousand Rupees (Course of 40 Hours, 2 Hour each day, 5 days a week. Total One Month Course)
YouTube Demo Link on Penetration testing : https://www.youtube.com/watch?v=bh-7qR-ZmpQ
1. Introduction to Network Security Assessment
2. Assessment Workflow and Tools (kali linux)
3. Vulnerabilities and Adversaries
4. Internet Network Discovery
4.1 DNS enumaration
4.2 IP WHOIS
4.3 BGP Enumaration
4.4 SMTP probing
5. Local Network Discovery
5.1 Data link protocols (STP,VLAN,STP,CDP,etc)
5.2 Local IP protocols (DHCP,LLMNR, NBT-NS, and mDNS, WPAD,HSRP, VRRP, EIGRP, and OSPF, IPv6 network discovery protocols)
6. IP Network Scanning
6.1 Initial Network Scanning with Nmap(ICMP,TCP,UDP)
6.2 Low-Level IP Assessment (Crafting Arbitory Packets, TCP/IP stack Fingerprinting, IP IDS Analysis, Manipulating TTL to Reverse Engineer ACLs, Reveal Internal IP addresses)
6.3 Vulnerability Scanning with NSE/nmap
6.4 Bulk Vulnerability Scanning
6.5 IDS and IPS Evasion
7. Assessing Common Network Services (FTP, TFTP,SSH,Telnet, IPMI, DNS, Multicast DNS, NTP, SNMP,LDAP, Kerberos, VNC, Unix RPC Services)
8.Assessing Microsoft Services(NetBIOS Name Service, SMB, Microsoft RPC Services, Remote Desktop Services)
9. Accessing Mail Services( SMTP, POP3, IMAP, etc)
10. Assesing VPN Services(IPsec,PPTP,etc)
11. Assesing TLS Services (TLS Mechanics, Understanding TLS Vulnerability)
12. Web Application Architecture
13. Assessing Web Servers (Identifying Proxy Mechanisms, Enumerating Valid Hosts, Webserver Profiling, Qualifying Web server vulnerabilities)
14. Assesing Web Application Frameworks (Framework and Data Store Profiling, Understanding common flaws, Apache, Nodejs, Django, Rail, ASP.NET, PHP, Tomcat,etc)
15. Accesing Data Store( MySQL, PostgresSQL, Microsoft SQL Server, Oracle Database, Mongo DB, Redis, Memcached, NFS,etc)
16. Buffer Overflow vulnerability mechanism
17. Advance Web Application Penetration OWASP Top 10 (Open Redirect, Parameter Pollution, Race condition, Logic Flow, XSS/Cross site scripting, CSRF Attack, SQL Injection, Code/HTML Injection, Server Side Forgery, Domain Take Over,etc + SAST/Source Code Analysis and SAST Tools/DEVOPSEC
18. Metasploit
19. Wireless Pentest
20. Social Engineering
21. Kubernetes/Docker Security (Kubernetes cluster/service, Docker Image)
Note: BOOK REFERENCE TO FOLLOW THIS COURSE
Network Security Assessment 3rd Edition, Author is Chris Mcnab, Publication is O’Reilly Media, Inc
Book Real-World Bug Hunting Author is Peter Yaworski and publication No Starch Press
The Ultimate Kali Linux Book , Second Edition, Author is Glen D. Singh and Publication : Packt Publishing
I will also share some advance digital material as well
You can contact me here also
Your message has been sent
Email: amit@amitdhanani.in
Linkedin: @amitdhanani
Meetup: @information technology meetup group
YouTube: @ittraining2023
Instagram: @ittraining2023
IT Consulting & IT Training 