Ethical Hacking Practitioner

Ethical Hacking Practitioner course

Training & Exam

What will you learn?

  • Move from hacking to professional penetration testing
  • penetration testing process, from defining your project’s scope to drafting a final penetration test report for your management
  • hands-on experience in each main stage of a penetration test

Information

  • 5 days of training
  • 20 hours of self study
  • Exam voucher included

About this Course

Overview

Ethical Hacking Practitioner takes you deeper into the art of penetration testing. In this course, you will gain a full understanding of the penetration testing process, from defining your project’s scope to drafting a final penetration test report for your management. As you move along in the course, you will gain hands-on experience in each main stage of a penetration test. You will analyse network traffic, hack wireless networks, scan networks, and exploit vulnerabilities to penetrate computer systems and websites. At the end of the course, you will use your newly acquired skills to hack into a company’s systems and steal valuable business secrets. Finally, you will draft a management report on the vulnerabilities you have encountered on your hacking journey.

Who should attend?

This course is ideal for individuals who need to test and protect their business systems against vulnerabilities and leaks.

What’s included?

  • 5 days of training from a senior instructor that will practice what he/ she preaches
  • Official SECO–Institute course materials
  • Practice exam
  • Ethical Hacking Practitioner exam
  • “S-EHP” digital Acclaim badge when you pass the exam
  • 1- year free SECO Membership

Course modules

Module 1 – Introduction to Ethical Hacking Practitioner

  • Students understand the processes involved in performing a penetration test
  • Students can discern the different types of penetration tests
  • Students are able to report on a penetration test
  • Students are familiar with the basics of cyberspace law
  • Students are able to discuss the ethics of hacking

Module 2 – Reconnaissance and Intelligence Gathering

  • Students learn the ins and outs of intelligence gathering
  • Students gain insight into Open Source Intelligence (OSINT)
  • Students familiarise themselves with WHOIS and DNS enumeration
  • Students develop knowledge about Reconnaissance
  • Students develop basic knowledge about port scanning
  • Students gain insight into system and service identification and fingerprinting

Module 3 – Infrastructure Security Part I

Students learn the basics of TCP/IP

Students understand basic network protocols, such as DNS, DHCP, ARP

Students familiarise themselves with the workings of Wi-Fi and the ways it can be abused

Students understand the principle of port scanning and network mapping

Module 4 – Infrastructure Security Part II

Students understand what vulnerability scanning does and does not do

Students know how networking is made more secure with secure protocols, such as SSL/TLS and VPNs

Students understand how cryptography and Public Key Infrastructure work

Students understand what hashing is and how salts improve hashing strength

Students are able to do basic hash cracking

Module 5 – Web Applications I

  • Students acquire a basic understanding of web application architecture: front-end, application, database, server, etc.
  • Students develop a basic understanding of the HTTP protocol and its methods: GET, POST, etc.
  • Students familiarise themselves with OWASP
  • Students explore web application testing tools
  • Cross-Site Scripting
  • Authentication

Module 6 – Web Applications II

  • Students learn how to use HTTP in man-in-the-middle (MitM) proxies
  • Students gain insight into databases and SQL Injection attacks
  • Students learn about the benefits and dangers of web shells

Module 7 – Systems and Applications

  • Students know how to use Metasploit to exploit vulnerabilities and perform actions on a compromised system
  • Students know how to perform client-side attacks, such as file-type exploitation and drive-by downloads
  • Students familiarise themselves with pivoting / Lateral Movement

Module 8 – Exploiting Buffer Overflows

  • Students understand how buffer overflow exploits work
  • Students are able to find a simple buffer overflow (Use Fuzzing)
  • Students can create an exploit from a buffer overflow
  • Students gain an overview of countermeasures (DEP, ASLR)

Capture the Flag

Students demonstrate their skills in a lab environment: Using the knowledge acquired during the course, students discover hosts, identify services, access and, eventually, exploit services. The ultimate goal is to find a secret recipe

About the exam

Exam information

  • Language: English
  • Delivered: Online via a certified proctor
  • Questions: 10 multiple choice, 5 open questions, 1 case
  • Time: 120 minutes
  • In addition to the theory exam, a practical exam will also be held on the last day of this course in the form of a “Capture the flag challenge”

Why SECO-Institute?

Our courses are very hands on oriented and aimed at gaining actionable knowlegde and skills. We only work with freelance, senior instructors that spend the majority of their time as specialist in the topic. SECO- Institute instructors have gone through a scrutinous accreditation process, where they’re tested on domain expertise as well as communication- and presentation skills.

At SECO- Institute, we believe in life long learning. Once you’ve taken a training and exam you’re a member of the SECO- Community. We’ll continue to support you with invite- only webinars, templates, expert interviews and much more.

Training Schedule, Information and Registration

Find a training partner

  • Find a SECO-Institute accredited training partner in your country

Partner with us

  • Benefit from our global network, comprehensive content and certifications to increase engagement with your students

Become a trainer

  • Join the global community of SECO- Institute accredited Trainer