This course comprises 2 components – Infrastructure and Web Application Ethical Hacking.
This course in particular will give you: Valuable preparation and hands- on practice in preparation for the CREST Practitioner Security Analyst (CPSA) and CREST Registered Penetration Tester (CRT) examination.
Infrastructure Ethical Hacking
1.Introduction
- Motivations behind hacking
- The hacking scene
- Methodology
2.Networking Refresher
- Sniffing Traffic – Wireshark, Ettercap
3.Information Discovery
- Information Gathering – wget, metadata, pdfinfo & extract
- DNS – dig, zone transfers, DNSenum and Fierce
4.Target Scanning
- Host Discovery – Nmap and Netdiscover
- Port Scanning with Nmap – Connect, SYN and UDP scans, OS detection
- Banner Grabbing – Amap, Netcat, Nmap, Nmap scripts (NSE)
5.Vulnerability Assessment
- Nikto
- Nessus
6.Attacking Windows
- Windows Enumeration – (SNMP, IPC$)
- Enum4linux
- RID Cycling – Enum4linux, Cain
- Metasploit
- Client-side Exploits – Internet Explorer, Metasploit Auxiliary modules
7.Privilege Escalation – Windows
- Information Gathering with Meterpreter – Stuxnet exploit, Meterpreter scripts
- Privilege Escalation – Keylogging, Service Configuration
- Password Cracking – John The Ripper, Cain, Rainbow tables
- Brute-Force Password Attacks
- Attacks on Cached Domain Credentials
- Token Stealing – PsExec, Incognito, local admin to domain admin
- Pass the Hash
8.Attacking Linux
- Linux User Enumeration
- Linux Exploitation without Metasploit
- Online Password – Cracking – Medusa
- User Defined Functions
- ARP Poisoning Man in the Middle – clear-text protocols, secured protocols
9.Privilege Escalation – Linux
- Exploiting sudo through file Permissions
- Exploiting SUID and Flawed Scripts – logic errors
- Further Shell Script Flaws – command injection, path exploits
- Privilege Escalation via NFS
- Cracking Linux Passwords
10.Pivoting the Connection
- Pivoting with Meterpreter
- Port Forwarding
11.Retaining Access
- Netcat as a Backdoor
- Dark Comet RAT – Metasploit Handlers, a full end-to-end attack
12.Covering Tracks
- Alternative Data Streams
- Dark Comet
Web App. Ethical Hacking
1.Principles
- Web refresher
- Proxies
- The OWASP Top Ten
- Web application security auditing
- Tools and their limitations
- HTTP request and response modification
- Logic flaws
2.Injection
- Types
- Databases overview – data storage, SQL
- SQL injection – data theft, authentication
- Bypass, stored procedures
- Information leakage through errors
- Blind SQL injection
3.Broken Authentication and Session Management
- Scenarios
Attacking authentication pages
Insecure Direct Object Reference - Direct vs indirect object references
- Authorization
- Cross-site Request Forgery (CSRF)
- Exploiting predictable requests
4.Cross-site Scripting (XSS)
- JavaScript
- Email spoofing
- Phishing
- Reflected and Stored/Persistent XSS
- Cookies, sessions and session hijacking
5.Insecure Direct Object Reference
- Scenarios
- Information leakage through logs
6.Security Misconfiguration
- Scenarios
7.Sensitive Data Exposure
- Identifying sensitive data
- Secure storage methods
8.Un-validated Redirects and Forwards
- Scenarios
9.Conclusions
WHO SHOULD ATTEND?
Anyone with responsibility for, or an interest in, the security of infrastructure / web applications, including: Network Engineers, System Administrators, System Architects, Software Developers, Budding Penetration Testers, etc.
Prerequisite
Basic understanding of TCP/IP networking and comfortable with Windows & Linux command line.
An understanding of how a web page is requested and delivered.
An understanding of databases and SQL would be an advantage.
Singapore
- 5 – 8 Feb 2018
- 12 – 15 Mar 2018
- 7 – 10 May 2018
- 30 Jul – 3 Aug 2018
- 10 – 13 Sep 2018
- 3 – 6 Nov 2018
- Duration 4 Days
Course Fee
All Singapore Citizens and Permanent Residents* |
$3,363.00 |
For International Students |
$6,313.00 |
Certification Body

This course is supported by


Need more information?
- +65 6635 5590
- enquiry@bridgingminds.net