Course Overview: 

Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network.  This course is heavily based on Kali and primarily on Metasploit.  In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco.  This course is 90% hacking, but  defenses for demonstrated hacks will be discussed.  If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.

Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

• Introduction to Pen Testing using the PTES model
• Metasploit Basics
  • MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
• Intelligence Gathering
  • Nmap, Databases in Metasploit, Port Scanning with Metasploit
• Quick Intro to Ruby
  • Writing a simple Ruby script to create a custom scanner
• Vulnerability Scanning
  • Importing Nessus Results
  • Scanning with Nessus from Within Metasploit
• Exploitation
  • Using the Metasploit Framework and console to exploit
• Meterpreter
  • Compromising a Windows System
  • Attacking MS SQL, xp_cmdshell
  • Dumping Usernames and Passwords, extracting and dumping hashes
  • Pass the Hash and Token Impersonation
  • Pivoting
  • Railgun
  • Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
• Avoiding Detection
  • Creating Stand-Alone Binaries with MSFpayload
  • Encoding with MSFencode and Packers (go Green Bay:)
• Exploitation Using Client Side Attacks
  • Introduction to Immunity Debugger
  • Using Immunity Debugger to Decipher NOP Shellcode
• Metasploit Auxiliary Modules
• Social Engineer Toolkit (SET)
  • Spear-Phishing, Web Attack
  • Creating a Multipronged Attack
• Creating Your Own Module
  • Adapt an existing Module
  • Add some PowerShell and Run the Exploit
• Meterpreter Scripting
• Capture The Flag Exercise

Prerequisites:

• This is an advanced  Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
• Certification or 2 years of experience in these operating systems is highly recommended
• An understanding of TCP/IP

Comments

Latest comments from students

Liked the class?  Then let everyone know!