Penetration Testing

Digital technologies have brought about unprecedented transformation in the way we live, work, and communicate. Businesses are being disrupted everywhere. Almost everything we do is generating data, making the data a precious commodity. There’s a growing concern for data security as the risk and dangers of our data becoming exposed steadily increases. If a system is not secured, then any attacker can disrupt or gain unauthorized access to that system. Security risk is normally an accidental error that occurs while developing and implementing the software. For example, configuration errors, design errors, and software bugs, etc. Penetration testing normally evaluates a system's ability to protect its networks, applications, endpoints and users from external or internal threats.

Penetration testing is a type of security testing that is performed to discover security vulnerabilities in a network, application or system. It also attempts to protect the security controls and ensures only authorized access. Penetration testing is an essential step that needs to be performed regularly for securing the uninterrupted functioning of a system.

Penetration testing is one of the important skills expected from every IT security position like network administrators and security professionals. Star Penetration Testing Experts (SPTE) is a comprehensive certification program that will take the learners through everything they need to know about penetration testing and ethical hacking. It helps learners master the skillset they need to establish a successful career as a penetration tester. SPTE explains different facets of pen testing, which are majorly used for preparing a defence mechanism of network systems. The program discusses latest techniques that are applied by security experts and ethical hackers during pen testing.

Audience

• Intermediate – Advanced

Course Objectives

In this course, you will learn about:

• Penetration testing
• Information gathering from different sources
• Analysis and documentation based on information gathered
• Hacking systems/web apps to prepare for their defence
• Securing the system from future attacks
• Metasploit exploitation
• Firewall and IDS for securing network systems
• Post exploitation procedures
• Security design principles

Course Outcome

After competing this course, you will be able to:

• Gather sensitive information in websites
• Identify the reasons of vulnerabilities
• Hack web applications with vulnerabilities and patch them
• Use penetration testing tools to exploit vulnerable systems
• Demonstrate how to crack passwords given the hashes in password file
• Perform exploitation with Metasploit
• Configure firewall and IDS for secure network systems
• Employ security design principles for securing network systems

Table Of Contents Outline

• Introduction to Penetration Testing (Pen Testing)
• Information Gathering
• Scanning the Systems to Know the Loop Holes
• Applying Enumeration Techniques on the Network Systems
• Performing the Threat and Vulnerabilities Assessment Using Metasploit
• Exploiting the Systems to Prepare for Defence
• Exploiting Web Apps
• Preventing Systems Using Strong Passwords Techniques
• Performing Pen Testing on Mobile Devices
• Advanced Exploitation Techniques
• Performing Analysis and Documentation