Penetration testing – detecting and exploiting vulnerabilities Training Course

How to Test Network and Service Security

• Penetration testing – what is it?
• Penetration testing versus audit – similarities, differences, and determining the appropriate approach?
• Practical challenges – what can go wrong?
• Scope of testing – defining what needs to be assessed?
• Sources of best practices and recommendations

Penetration Testing – Reconnaissance

• OSINT – gathering information from publicly available sources
• Passive and active methods of network traffic analysis
• Identification of services and network topology
• Security systems (firewalls, IPS/IDS, WAF, etc.) and their impact on testing

Penetration Testing – Vulnerability Discovery

• System and version identification
• Searching for vulnerabilities in systems, infrastructure, and applications
• Vulnerability assessment – determining potential impact
• Sources of exploits and methods for customising them

Penetration Testing – Exploitation and Gaining Control

• Types of attacks – how they are executed and their consequences?
• Remote and local exploitation techniques
• Attacks on network infrastructure
• Reverse shell – managing a compromised system
• Privilege escalation – how to become an administrator
• Ready-made "hacking tools"
• Analysis of a compromised system – interesting files, saved passwords, private data
• Special cases: web applications and Wi-Fi networks
• Social engineering – how to "break" the human element when systems cannot be compromised?

Penetration Testing – Covering Tracks and Maintaining Access

• Logging and monitoring systems
• Log clearing and evidence removal
• Backdoors – how to leave an open entry point

Penetration Testing – Summary

• Report preparation and structure
• Report delivery and consultation
• Verification of recommended actions