Ethical Hacking Practitioner
Hands on Penetration Testing course, delivered in a simulated environment
What’s in a name? Well the Ethical Hacking Practitioner is really not so much an Ethical Hacking- but a professional penetration testing course. It’s purely focused on advanced offensive techniques and skills. Any fundamental hacking skills and theoretical knowledge required to apply them are either presumed, and there where appropriate offered as self-study during your training. You will practice all tasks during each stage of a professional penetration test and present your findings in a technical- as well as high level report towards management. This is an advanced level course. If you’re new to offensive techniques and / or are looking for an introduction in Ethical Hacking, please have a look at the Ethical Hacking Foundation training.
Bas van den Berg
Author & Trainer
CTO at Skopos.AI
Chief Hacking Officer
CEO at SPARTA
CEO at Responsible Cyber
At a Glance
Ethical Hacking Practitioner
Security professionals looking for a professional and heavily hands on driven training in Penetration Testing
Deep understanding and practice of the various stages during a professional penetration test
Hands on experience performing the hands on tasks during each stage
In- class assignments in presenting your findings in a technical- as well as high level report towards management
Purely focused on advanced offensive techniques and skills, with some homework assignments on the theory to leave more time for the hands on in class. Course delivered in a Capture the Flag format in our cloudified pen testing environment
Day 1 – Passive reconnaissance, Linux and Python
Introduction to the course, its learning objectives and the topics covered.
This module evaluates the types of pen-tests, how you can use them, what is involved in a warranty and how you determine the scope, time and costs of a pen-test. You will learn how to gather information about specific targets that you can use during the exploration phase of your pen-test.
- Use open sources to find (more) information on the target and use this knowledge to gather information with relevance to the pen-test (scope).
- Efficiently apply advanced scanning techniques (concrete techniques) to find (more) information on the target and use this knowledge to gather information
- Combine the information found into a profile that can be used in the next module as a basis for an attack planning.
- Report any vulnerabilities found while researching the information or combining the information in to a report.
This module takes you into the world of Linux and in particular the distribution of Kali Linux, the most widely used distro (short for distribution) in hacking. We will look at the structure of Linux (file locations) and the basic functionalities that exist to execute commands, the tooling that is used and how you maintain your own environment as a pen-tester. We are also going to look at Bash. How does it work? What functionalities exist for the pen-tester? How do you work with scripts? In addition, we take you along the path of Python scripting. Although this is not a programmer course, it is good to know how Python works and which basic scripts and commands you can run to make life as a pen-tester a lot easier.
- Know about various Linux distributions
- Work with terminal commands
- Work with Bash
- Familiar with the most basic Bash commands
- Understand how different tools can work together with different scripts
- Script with Python
Day 2 – Testing network services
Module 4 dives into finding and exploiting vulnerabilities in common network services.
- Know about different protocols and how they work together
- Find information on a certain protocol in order to find vulnerabilities
- Perform a low level spoofing attacking
- Perform a man in the middle attack using lower level protocols
- Attack devices using vulnerabilities in the Bluetooth protocols
- Utilise different aspect of the HTTP protocols
- Use Burp Suite and ZAP as a man in the middle proxy
- Find FTP vulnerabilities and to exploit these
- Find SSH vulnerabilities and to exploit these
- Find SMB vulnerabilities and to exploit these
- Find NetBIOS vulnerabilities and to exploit these
Day 3 – Testing Devices and Access Control
In module 5 you will learn how to find and exploit vulnerabilities in mobile devices, IoT devices, and other types of hardware
- Know mobile device architecture
- Understand the security architecture of Android and IOS
- Use Android developer tools to exploit vulnerabilities in these devices
- Reverse engineer mobile apps in order to find and exploit vulnerabilities in these apps (or the backend services/system).
This module will focus on weaknesses in identification, authentication, authorisation and session management, how to find vulnerabilities and exploit them.
- Familiar with the IAM process (enrolment, identification, authentication, authorisation, permitting access, accounting)
- Describe possession factors (have), knowledge factors (know), and inherence factors
- Describe multi-factor and multi-step authentication
- Attack directory services using common tools
- Familiar with Protocols: Kerberos, SAML, OAuth2, tokens (sliding tokens), certificate pinning (HSTS) and know how these protective measures are used.
- Find broken authentication controls in desktop applications / mobile applications / OS calls / Single Signon algorithm + implementations and can exploit the vulnerabilities.
- Find broken session controls in desktop applications / DLL (calls) / API calls / mobile applications / web applications / REST services and SOAP services. Also thin client based services like RDP, Citrix, SSH, VNC, etc. and are able to exploit the vulnerabilities.
Day 4 – Testing software and databases
Module 7 dives into finding and exploiting vulnerabilities in databases and software in general. This will cover how software actually works and how to find weaknesses in code or binaries by using techniques like fuzzing, static/dynamic analysis, or reverse engineering/decompiling.
- Understand software architecture and structure
- find weaknesses in code or binaries by using techniques as fuzzing, static code analysis and reverse engineering and decompiling
- Reproduce attack vectors on software
- Apply fuzzing techniques and use them to find vulnerabilities, such as overflows
- Solid understanding of database servers and hands on practice in attacking databases and software
- Hands on practice in Metasploit exploit modules
Day 5 – Wrapping up the Pen Test & Capture the Flag
- Writing the report
- Using a CvSS calculators to score vulnerabilities
- Reasonable (overall) risk rating
- Explain the risks to stakeholders, like management
- Advise on mitigations
During the CTF, all steps of the penetration test are combined into an exercise where you’ll demonstrate your understanding of underlying principles of penetration testing, are able to apply them, and effectively analyse unknown/new situations to find potential weaknesses. After the exercise you will write a report that would be sent to an actual customer.
Collect your badge of honor
- Language: English
- Delivered: Online via a certified proctor
- Questions: 10 multiple choice, 5 open questions, 1 case
- Time: 120 minutes
- In addition to the theory exam, a practical exam will also be held on the last day of this course in the form of a “Capture the flag challenge”