So you think you can pen test? PROVE IT! The course will teach you how to do a professional security test and produce the most important thing from a test ... the findings and the report!. The ranges progresses in difficulty and reflect an enterprise level architecture. There will be defenses to defeat and challenges to overcome. This is not your typical FLAT network! As the range levels increase you will encounter the top defenses of today and learn the latest evasion techniques. The format you will use has been used to train 1000s penetration testers globally, it is proven and effective!
How will this course benefit you?
• Understanding what it REALLY takes to break into a highly secured organization from the outside
• Reviewing proven methods on how to move around the network without being detected by IDS/IPS
• Appreciating best practices that are applied for mitigating or circumventing common security implementations such as Locked Down desktops, GPOs, IDSs/IPSs/WAFs, among others
• Having an in depth know-how on Pen-testing “High Security environments” such as government agencies, financial institutions, and other key installations
The course is ALL Hands-On - 100%.
The format is practice the professional security testing methodology for the first half of the class.
The sample methodology:
- Information gathering and OSINT
- Scanning Building a Target Database
- Vulnerability Analysis
- Post exploitation
- Advanced techniques
- Data Analysis
Once you have practiced this then you will go against a "live" range. The process is as follows:
Access the range:
- You will be provided a scope of work
- Have 2-3 hours on the range and then be provided a debrief
The ranges are progressive and increase in difficulty at each level. There are 3-4 levels to complete then you are ready for the challenge range practical!
- Three phases
- Scope of work for each phase.
- 6 hours to complete the practical.
- Save all of the data and build a target database of your findings. At completion of the range section.
- Two hours for written exam base on ranges
- Pass exam : Receive CAST Advanced Penetration Tester Certification
Who should attend?
• Information security professionals
• Penetration Testers
• IT managers
• IT auditors
• Government & Intelligence Agencies interested in real world attack and defense in today’s complex and highly secure IT environments
Students completing this course will gain in-depth knowledge in the following areas:
01 Advanced Scanning methods
02 Attacking from the Web
03 Client Side Pen-testing
04 Attacking from the LAN
05 Breaking out of Restricted Environments
06 Bypassing Network-Based IDS/IPS
07 Privilege Escalation
4 dagen, inclusief hands-on examen
Rooster komende maanden: