Pentest. Penetration testing practice - free course from Otus, training 5 months, date of December 1, 2023.
Miscellaneous / / December 05, 2023
In practice, you will learn to conduct a detailed analysis of network resources, software, and web resources for the presence of vulnerabilities, their exploitation and further elimination. You will become familiar with the most common attack scenarios and will subsequently be able to easily recognize them.
You will participate in online workshops, where the teacher will show you step by step how to work with different vulnerabilities in the life coding format, and you can repeat these steps on your virtual machine or in special service. You will study each vulnerability on the real service that contains it.
WHAT IS PENTEST?
Pentesting (penetration testing or penetration testing) is the process of authorized hacking of information systems at the request of the customer, during which the pentester (auditor) identifies vulnerabilities of the information system and gives the customer recommendations on how to eliminate them.
Who is this course for?
For developers who want to optimize their applications. The course will help you understand how the OS and frameworks work from the inside. As a result, you will create reliable, intelligent solutions that cannot be used by attackers.
For administrators and devops engineers who are faced with the task of setting up a reliable, secure infrastructure. The course will strengthen your competencies with the ability to identify vulnerabilities.
For information security specialists and those who want to develop as a professional pentester. The course will give you the necessary knowledge in the field of ethical hacking and will allow you to practice Pentesting skills under the supervision of an experienced specialist.
You will master
Main stages of penetration testing
Using modern tools to analyze the security of an information system or application
Classification of vulnerabilities and methods for fixing them
Programming skills to automate routine tasks
Knowledge needed to prepare for self-certifications: CEH (Ethical Hacking), OSCP
Start of a new stream of the course - as the group is recruited.
Introduction. Basics that will be useful during the course
-Topic 1.Introduction to the course structure, software used
-Topic 2. What is penetration testing and why is it needed?
-Topic 3. Useful online services for passive collection of information
-Topic 4. Toolkit for conducting Pentest
-Topic 5. Toolkit for conducting Pentest
-Topic 6. Fundamentals of TCP/IP network interaction
-Topic 7. Scanning and identifying services, how it works
-Topic 8. Setting up a laboratory for the second module
Network Security
-Topic 9. Basic protocols, network protocols. Traffic analysis
-Topic 10.Windows network subsystem
-Topic 11.Modification of packages and working with their structure. Basic techniques for studying network traffic
-Topic 12. Linux network subsystem
-Topic 13.Android network subsystem
-Topic 14. Basic methods of traffic modification
-Topic 15. Attacks on network communication
-Topic 16. Study of the capabilities of standard Firewalls of Linux and Windows operating systems
Privilege escalation
-Topic 17. Structure of the Windows operating system. Basic access control mechanisms Part 1
-Topic 18. Structure of the Windows operating system. Basic access control mechanisms Part 2
-Topic 19.Structure of the Windows operating system. Basic access control mechanisms. Part 3
-Topic 20. Structure of the Windows operating system. Basic access control mechanisms. Part 4
-Topic 21. Structure of the Linux operating system. Basic access control mechanisms Part 1
-Topic 22. Structure of the Linux operating system. Basic access control mechanisms Part 2
-Topic 23. Structure of the Linux operating system. Basic access control mechanisms Part 3
-Topic 24. Structure of the Linux operating system. Basic access control mechanisms Part 4
Web Pentest
-Topic 25.What is a web application and what does it consist of? Basic approaches to building web applications
-Topic 26. Types of vulnerabilities Part 1
-Topic 27. Types of vulnerabilities Part 2
-Topic 28. Analysis of web application vulnerabilities
-Topic 29. Analysis of web application vulnerabilities
-Topic 30. Analysis of web application vulnerabilities
-Topic 31. Analysis of web application vulnerabilities
-Topic 32. Analysis of web application vulnerabilities
Reverse for pentest
-Topic 33.Testing Windows
-Topic 34.Linux testing
-Topic 35.Android testing
-Topic 36.Testing iOS
Graduation consultations
-Topic 37.Protection of design work