Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Tutorial Exploitation course
In Advanced Penetration Testing, Exploit Writing, and Ethical Hacking, people will learn the ability to test secure networks.

In the advanced network penetration testing period, passing the layer 2 and 3 security mechanisms such as NAC, 802.1x and evaluating the coded mechanisms for proper implementation will be examined. In the other part of the advanced network penetration testing period, the level of access in different operating systems will increase. The new buffer overflow mechanisms are examined

Course Title :

Section1: Network Attacks for Penetration Testers

Bypassing network access/admission control (NAC)

Impersonating devices with admission control policy exceptions

Exploiting EAP-MD5 authentication

Custom network protocol manipulation with Ettercap and custom filters

Multiple techniques for gaining man-in-the-middle network access

IPv6 for penetration testers

Exploiting OSPF authentication to inject malicious routing updates

Using Evilgrade to attack software updates

Overcoming SSL transport encryption security with Sslstrip

Remote Cisco router configuration file retrieval
Section 2: Crypto, Network Booting Attacks, and Escaping Restricted Environments

Pen testing cryptographic implementations

Exploiting CBC bit flipping vulnerabilities

Exploiting hash length extension vulnerabilities

Delivering malicious operating systems to devices using network booting and PXE

PowerShell Essentials

Enterprise PowerShell

Post Exploitation with PowerShell and Metasploit

Escaping Software Restrictions

Two-hour evening Capture the Flag exercise against a modern network with hardened servers, desktops, and vApp targets
Section 3: Python, Scapy, and Fuzzing

Becoming familiar with Python types

Leveraging Python modules for real-world pen tester tasks

Manipulating stateful protocols with Scapy

Using Scapy to create a custom wireless data leakage tool

Product security testing

Using Taof for quick protocol mutation fuzzing

Optimizing your fuzzing time with smart target selection

Automating target monitoring while fuzzing with Sulley

Leveraging Microsoft Word macros for fuzzing .docx files

Block-based code coverage techniques using Paimei
Section 4: Exploiting Linux for Penetration Testers

Stack and dynamic memory management and allocation on the Linux OS

Disassembling a binary and analyzing x86 assembly code

Performing symbol resolution on the Linux OS

Identifying vulnerable programs

Code execution redirection and memory leaks

Identifying and analyzing stack-based overflows on the Linux OS

Performing return-to-libc (ret2libc) attacks on the stack

Return-oriented programming

Defeating stack protection on the Linux OS

Defeating ASLR on the Linux OS
Section 5: Exploiting Windows for Penetration Testers

The state of Windows OS protections on Windows 7, 8, 10, Server 2008 and 2012

Understanding common Windows constructs

Stack exploitation on Windows

Defeating OS protections added to Windows

Creating a Metasploit module

Advanced stack-smashing on Windows

Using ROP

Building ROP chains to defeat DEP and bypass ASLR

Windows 7 and Windows 8 exploitation

Porting Metasploit modules

Client-side exploitation

Windows Shellcode

Course duration: ‌30 hours

Prerequisites for Network Concepts Course

Course level: ‌ Advanced

Send me a private message to buy

Users browsing this thread: 1 Guest(s)