Presentazione del corso

Il Corso Penetration Test – CompTIA Pentest+ ha come obiettivo principale fornire ai partecipanti le conoscenze e le competenze necessarie per condurre test di penetrazione efficaci su sistemi informatici e reti aziendali. Durante il corso, i partecipanti acquisiranno una comprensione approfondita dei principi e delle tecniche dei test di penetrazione, come i vari approcci, le fasi del test e i modelli di minaccia. Inoltre, i partecipanti acquisiranno familiarità con le varie tecniche di test di penetrazione, tra cui il footprinting, la scansione delle porte, la raccolta di informazioni, l’ingegneria sociale, la valutazione delle vulnerabilità e l’esecuzione dell’attacco. Il corso coprirà anche le metodologie e gli strumenti utilizzati per i test di penetrazione, inclusi gli strumenti open source e commerciali. I partecipanti apprenderanno a raccogliere, analizzare e riportare i risultati dei test di penetrazione in modo chiaro e accurato. Inoltre, il corso fornirà una panoramica delle tecniche di mitigazione dei rischi e della gestione dei risultati dei test di penetrazione. Durante il corso, i partecipanti acquisiranno anche familiarità con le normative e le norme in materia di sicurezza informatica, tra cui la conformità regolamentare. Il corso contribuisce alla preparazione dell’esame di Certificazione CompTIA PenTest+.

Obiettivi

Di seguito una sintesi degli obiettivi principali del Corso Penetration Test CompTIA PenTest+:

  • Fornire conoscenze e competenze per condurre test di penetrazione efficaci su sistemi informatici e reti aziendali.
  • Approfondire i principi e le tecniche dei test di penetrazione, inclusi approcci, fasi e modelli di minaccia.
  • Imparare l’uso di tecniche di test di penetrazione come footprinting, scansione delle porte e ingegneria sociale.
  • Acquisire competenze nell’uso di strumenti di test di penetrazione, sia open source che commerciali.
  • Sviluppare abilità nella raccolta, analisi e reporting dei risultati dei test di penetrazione.

Prerequisiti di frequenza

È un requisito fondamentale essere in possesso di conoscenze di Cybersecurity CBROPS oppure aver partecipato al corso CompTIA Security+.

Destinatari

Il corso è rivolto a chi vuole apprendere conoscenze e competenze per condurre test di penetrazione efficaci su sistemi informatici e reti aziendali, approfondendone i principi e le tecniche tramite l’utilizzo di strumenti sia open source che commerciali.

Contenuti del corso

Planning and Scoping Penetration Tests

  • Introduction to Penetration Testing Concepts
  • Plan a Pen Test Engagement
  • Scope and Negotiate a Pen Test Engagement
  • Prepare for a Pen Test Engagement

Conducting Passive Reconnaissance

  • Gather Background Information
  • Prepare Background Findings for Next Steps

Performing Non-Technical Tests

  • Perform Social Engineering Tests
  • Perform Physical Security Tests on Facilities

Conducting Active Reconnaissance

  • Scan Networks
  • Enumerate Targets
  • Scan for Vulnerabilities
  • Analyze Basic Scripts

Analyzing Vulnerabilities

  • Analyze Vulnerability Scan Results
  • Leverage Information to Prepare for Exploitation

Penetrating Networks

  • Exploit Network-Based Vulnerabilities
  • Exploit Wireless and RF-Based Vulnerabilities
  • Exploit Specialized Systems

Exploiting Host-Based Vulnerabilities

  • Exploit Windows-Based Vulnerabilities
  • Exploit *nix-Based Vulnerabilities

Testing Applications

  • Exploit Web Application Vulnerabilities
  • Test Source Code and Compiled Apps

Completing Post-Exploit Tasks

  • Use Lateral Movement Techniques
  • Use Persistence Techniques
  • Use Anti-Forensics Techniques

Analyzing and Reporting Pen Test Results

  • Analyze Pen Test Data
  • Develop Recommendations for Mitigation Strategies
  • Write and Handle Reports
  • Conduct Post-Report-Delivery Activities

Attività Laboratoriali

  • Exploring the pentest+ lab environment
  • Exploring the pentest+ lab environment: kali linux
  • Planning and scoping penetration tests
  • Preparing to go live
  • Conducting passive reconnaissance
  • Gathering open source intelligence (osint) using whois
  • Gathering open source intelligence (osint) using domain name resolution
  • Gathering open source intelligence (osint) using shodan search engine
  • Gathering osint on a domain using recon-ng
  • Gathering osint on a domain using maltego
  • Strategizing usage of osint findings (analysis activity)
  • Preparing background findings for next steps (analysis activity)
  • Performing non-technical tests
  • Baiting users with usb thumb drives
  • Crafting malicious payload with msfvenom
  • Harvesting credentials through phishing
  • Pharming attack with social engineering tool (set)
  • Performing physical security tests on facilities (analysis activity)
  • Conducting active reconnaissance
  • Scanning networks with nmap: ping sweep, port scan, stealth scan
  • Services fingerprinting and os detection with nmap: nmap scripting engine (nse)
  • Scanning networks with metasploit modules
  • Banner grabbing through telnet
  • Os fingerprinting through ping and ttl
  • Enumerating targets with metasploit
  • Enumerating targets with rpcclient
  • Scanning for system vulnerabilities using openvas
  • Scanning for web app vulnerabilities using arachni
  • Website enumeration with dirbuster
  • Website enumeration with nikto
  • Analyzing a basic port scan script in python
  • Analyzing vulnerabilities
  • Analyzing vulnerability scan results (analysis activity)
  • Using common vulnerabilities and exposures (cve) to analyze vulnerabilities
  • Using common vulnerability scoring system (cvss) for risk assessment
  • Leveraging information to prepare for exploitation (analysis activity)
  • Penetrating networks
  • Sniffing cleartext protocols
  • Intercepting file transmissions on the network
  • Man in the middle through arp poisoning
  • Using arpspoof and ettercap for arp poisoning
  • Using dsniff and wireshark for traffic sniffing
  • Exploiting host-based vulnerabilities
  • Exploiting smb vulnerabilities in windows
  • Managing meterpreter sessions
  • Exploiting password vulnerabilities in windows
  • Dumping credential hashes and the security account manager (sam)
  • Gaining access throuhg pass the hash attack
  • Exploiting linux-based vulnerabilities: hail mary attack with armitage
  • Online credential cracking with hydra
  • Offline crdential cracking with john the ripper
  • Offline crdential cracking with hashcat
  • Brute forcing credentials with a dictionary list
  • Customizing masks and charset for credential brute force
  • Generating customized dictionary lists with crunch
  • Testing applications
  • Exploiting security misconfigurations in web apps
  • Leveraging missing access controls
  • Poison null byte
  • Directory traversal
  • Command injection
  • Exploiting sql injection vulnerabilities in web apps
  • Stacking sql queries with union select
  • Exploiting xss vulnerabilities in web apps
  • Reflected cross site scripting (xss)
  • Persistent cross site scripting (xss)
  • Dom-based cross site scripting (xss)
  • Cross site request forgery (csrf)
  • Exploiting authentication and authorization vulnerabilities in web apps
  • Predicting weakly constructed session identifier (sid) in web sessions
  • Session hijacking through cookie grabbing and manipulation
  • Attacking a web application using an interceptor proxy: burp suite
  • Fuzzing a compiled application
  • Conducting static and dynamic analysis
  • Completing post-exploit tasks
  • Pivoting from one host to another
  • Migrating malicious code between running processes
  • Installing a persistent backdoor and gaining persistence
  • Bind and reverse shell with netcat
  • Exfiltrating sensitive data and capturing keystroke
  • Anti-forensics techniques: tampering timestamps, stealing process identifiers (pids), clearing logs
  • Analyzing and reporting pen test results
  • Analyzing pen test data (analysis activity)
  • Recommending mitigation strategies (analysis activity)
  • Writing and handling reports (analysis activity)
  • Performing post-engagement cleanup tasks
  • Performing additional follow-up activities (analysis activity)

 

Durata del corso

5 gg

 

 

 

 

Scopri tutti i corsi Microsoft per professionisti IT .

 

 

PRIVATE COURSE
  • 10 Hours
  • PRIVATE

Docenti

0 STUDENTI ISCRITTI

    Richiesta informazioni




      Template Design © VibeThemes. All rights reserved.