TN-315: Complete Hack and Defend

 

Course Overview:

Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network.  This course is heavily based on Kali and primarily on Metasploit.  In TN-315: Complete Hack and Defend class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it in mixed-platform environment including Windows, Linux, Solaris, and Cisco.  This course is 90% hacking, but  defenses for demonstrated hacks will be discussed.  If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.

Attendees to TN-315: Complete Hack & Defend Class Attendees will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Introduction to Pen Testing using the PTES model
  • Metasploit Basics
    • MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
  • Intelligence Gathering
    • Nmap, Databases in Metasploit, Port Scanning with Metasploit
  • Quick Intro to Ruby
    • Writing a simple Ruby script to create a custom scanner
  • Vulnerability Scanning
    • Importing Nessus Results
    • Scanning with Nessus from Within Metasploit
  • Exploitation
    • Using the Metasploit Framework and console to exploit
  • Meterpreter
    • Compromising a Windows System
    • Attacking MS SQL, xp_cmdshell
    • Dumping Usernames and Passwords, extracting and dumping hashes
    • Pass the Hash and Token Impersonation
    • Pivoting
    • Railgun
    • Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
  • Avoiding Detection
    • Creating Stand-Alone Binaries with MSFpayload
    • Encoding with MSFencode and Packers (go Green Bay:)
  • Exploitation Using Client Side Attacks
    • Introduction to Immunity Debugger
    • Using Immunity Debugger to Decipher NOP Shellcode
  • Metasploit Auxiliary Modules
  • Social Engineer Toolkit (SET)
    • Spear-Phishing, Web Attack
    • Creating a Multipronged Attack
  • Creating Your Own Module
    • Adapt an existing Module
    • Add some PowerShell and Run the Exploit
  • Meterpreter Scripting
  • Capture The Flag Exercise

Prerequisites:

  • This is an advanced Information Security Course which requires basic Windows & UNIX competency
  • Certification or 2 years of experience in these operating systems is highly recommended
  • An understanding of TCP/IP

Comments

Latest comments from students

User: dhonore

Instructor comments: Dave's presentation style is engaging and lively.

Facilities comments: The room was adequate for the needs of the class.

User: phouck

Instructor comments: David was very good. Although he went very fast at times.

Facilities comments: The room was ok. it was bit dark.

 

Liked the class?  Then let everyone know!

TN-345: Python for Penetration Testers

 

Course Overview:

 

This Python for Penetration Testing course is designed to give you the skills you need for maintaining or developing Python Penetration Testing tools oriented towards offensive operations.  We have a suite of courses and certifications that help  understand a problem, this course prepares the student to rapidly develop prototype code to attack or defend against it.

The course concludes with a Capture the Flag event that will test both your ability to apply your new tools and coding skills in a Python Penetration Testing challenge.

This course is not intended to be an Advanced Python course, but to exemplify penetration techniques utilizing Python.  The course covers Threading, Sockets, OOP, and third party modules that facilitate the offensive operator’s objective.

This course utilizes the “Violent Python” text book.

Attendees to TN-345: Python for Penetration Testers Class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 3 Days

Course Objectives:

  • Python Lanuage Refress
  • Network Sockets
  • Exception Handling
  • Hashes and Cracking Passwords
  • Threading
    • Concepts and Python Implementation
    • Queues and Synchronization
    • urlparse and httplib to probe URLs
    • Crack a password protected zip file
  • Port Scanner
    • Threading a Port Scanner
  • nmap integration
  • Deploying shellcode
  • Mechanize, BeautifulSoup
    • HTTP Form Password Guessing
    • HTTP Proxies (Burp Suite)
    • HTTP Cookies Session Hijacking
      • CookieMonster
  • Images and Metadata
  • Justniffer
  • SQL Injection
    • sqlmap
    • SQLBrute
  • Antivirus and IDS evasion
    • PyInstaller
    • Metasploit
  • Scapy
    • Deploy shellcode
    • DNS Cache Poisoning
    • Packety Violence

Prerequisites:

Comments

Latest comments from students

  

Liked the class?  Then let everyone know!

Specialized

TechNow provides an array of courses to meet our customer's requirements.  Courses that do not fit into our major course categories and custom or specialized courses appear here.  

Here are courses about specilaized Software or Hardware:

in   

MS-10231: Designing a Microsoft SharePoint 2010 and 2013 Infrastructure

 

Course Overview:

This course is intended for IT Professionals who use Microsoft SharePoint 2010 in a team-based, medium-sized to large environment. While they may have implemented a SharePoint deployment, they have limited experience in designing a SharePoint infrastructure. They likely work as a senior administrator who acts as a technical lead over a team of administrators. Members of this audience should have at least 6 months experience with SharePoint 2010 (including pre-released versions of the product).

Attendees to MS-10231: Designing a Microsoft SharePoint 2010/2013 Infrastructure will receive TechNow approved course materials and expert instruction.

Date/Location:

No Events

Duration: 5 days

Course Objectives:

  • Designing a Logical Architecture
  • Planning Service Application Architecture
  • Planning for Performance and Capacity
  • Designing a Physical Architecture
  • Designing a Security Plan
  • Planning Authentication
  • Planning Managed Metadata
  • Planning Social Computing
  • Designing Enterprise Search Strategy
  • Planning Enterprise Content Management
  • Developing a Plan for Governance
  • Designing a Maintenance and Monitoring Plan

Prerequisites:

  • At least 2 years experience administering, deploying, managing, monitoring, upgrading, migrating, and designing SharePoint servers
  • At least one year’s experience of mapping business requirements to logical and physical technical design
  • Working knowledge of network design, including network security

Comments

Latest comments from students

 

Liked the class?  Then let others know!

PP-244:CIPM + CIPP/E 4 Day GDPR Ready

PP-244: CIPM + CIPP/E 4 Day GDPR Ready

 

Course Overview:

A combined course of CIPM + CIPP/E. Achieving a CIPM credential shows that you have a comprehensive knowledge of how data protection programs should work across an organization. Combine with a CIPP/E credential and prove that you not only can manage a data protection program, but you understand the regulations that govern them.

With a CIPM and CIPP/E combined you’ll be uniquely equipped to fulfill the DPO requirements of the GDPR. The CIPP/E relates to the knowledge a DPO must have concerning the European legal framework of the legislation, and the CIPM provides theoretical aspects necessary to lead an organization’s data protection policy.

The General Data Protection Regulation (GDPR) takes effect in 2018. Among its mandates is the requirement to appoint a knowledgeable Data Protection Officer (DPO) tasked with monitoring compliance, managing internal data protection activities, training data processing staff, conducting internal audits and more. There’s a lot to know, there’s a lot at stake and there’s a lot of opportunity for data protection professionals with the right training and education. 

What’s Included:

  • Authorized courseware
  • 2 Exam vouchers
  • IAPP membership

**GDPR Regulation Mandated May 25, 2018**

Course Objectives:

See individual courses for details: PP-212: CIPP/E Certified Information Privacy Professional Europe and GDPR Compliance

See individual courses for details: PP-222 CIPM Certified Information Privacy Manager and GDPR Compliance

Attendees to PP-244: CIPM + CIPP/E 4 Day GDPR Ready will receive TechNow approved course materials and expert instruction, and certification test vouchers and certificate of course completion.

TechNow is a International Association of Privacy Professionals (IAPP) Partner, and utilizes official curriculum from International Association of Privacy Professionals (IAPP).

TechNow has taught security courses for over 20 years, before most certifications existed and has successfully moved students through certification programs associated with IAPP, SANS, EC-Council and ISC2. Our instructor maintains over a dozen security certifications and has been the director of a company with international sales and compliance.

 

Document Flow Chart iconsm

Dates/Locations:

No Events

Duration: 4 Days

Course Content:

 

Prerequisites: None

Target Audience:

Data Protection Officers, Data Protection Managers, Auditors, Data Protection Lawyers, Records Managers, Information Officers, Legal Compliance Officers, Human Resource Officers, Security Manager, Information Manager, Anyone who uses processes and maintains personal data

Comments

Latest comments from students

Liked the class?  Then let everyone know!