Penetration Testing with Kali Linux

DOWNLOAD PDF

Penetration Testing with Kali Linux (PEN-200) is the foundational course at Offensive Security. Those new to OffSec or penetration testing should start here.

This online ethical hacking course is self-paced. It introduces penetration testing tools and techniques via hands-on experience. PEN-200 trains not only the skills, but also the mindset required to be a successful penetration tester. Students who complete the course and pass the exam earn the coveted Offensive Security Certified Professional (OSCP) certification.

Course Objectives

After completing this course, students will be able to :

  • Using multiple information gathering techniques to identify and enumerate targets running various operating systems and services.
  • Ability to write basic scripts and tools to aid in the penetration testing process
  • How to analyze, correct, modify, cross-compile, and port public exploit code.
  • Ability to successfully conduct both remote and client side attacks.

  • Ability to identify and exploit XSS, SQL injection, and file inclusion vulnerabilities in web applications – Expertise in deploying tunneling techniques to bypass firewalls

Target Audience

  • IT Professionals
  • System Administrator
  • Network Engineer
  • SOC Analyst
  • Pentesters

Course Pre-requisite

  • Penetration Testing with Kali Linux is a foundational course, but still requires students to have certain knowledge prior to attending the online class.
  • A solid understanding of TCP/IP , networking, and reasonable Linux skills are required.
  • Familiarity with Bash scripting along with basic Perlor Python is considered a plus.
 

Course Duration

  • 40 Hours
  • 16 Classes
  • 2.30 Hours per Class
Enquiry
Fee15,000/=
TypeOffline/Online
Module14
Duration40 Hours
Session16
Per Class2.30 Hours

Details Course Outlines

Module-01

Learning Network Penetration Testing with Kali Linux

  • Introducing Kali Linux
  • Getting Familiar with Hardware Requirements and Recommendations
  • Installing Kali Linux in VirtualBox
  • Installing Kali Linux on Raspberry Pi
  • Introducing Kali Linux Interface and Tools
  • Updating Kali Linux
  • Networking Fundamentals
  • Creating a Pen-Testing Lab Environment
  • What Is Penetration Testing?
  • Reconnaissance
  • Getting Familiar with Vulnerability Scanning
  • Gaining and Maintaining Access
  • Covering Tracks
  • Gathering Initial Information
  • Identifying Live Hosts
  • Discovering Open Ports
  • Uncovering Services and Fingerprinting the OS
  • Vulnerability Scanning with OpenVAS
  • Vulnerability Scanning with Nessus
  • Exploiting the Target System
  • Cracking the System Passwords
  • Post Exploitation
  • Defensive CounterMeasures

Module-02

Kali Linux Penetration Testing Recipes

  • Installing VirtualBox & Kali Linux
  • Getting Used to Kali
  • Password Dictionaries
  • WordPress Vulnerability Testing
  • Burp Suite – Web Application Security Testing
  • Web Application Penetration Testing
  • Analysing the Source Code
  • Wireshark – Port Scanning
  • Domain Name Information and More
  • Testing SQL Injections
  • Deploying JSP Shell Attacks
  • Password Testing & Security Scanning
  • Searching for Outdated Software
  • DNS Spoofing & Reconnaissance
  • False Logins & Physical Location
  • Calling & Emailing
  • Social Gathering
  • Viewing Hidden SSID’s
  • Wireless Password Cracking- Part One
  • Wireless Password Cracking- Part Two
  • Intercepting Connections
  • IP Address Search
  • WhoIS and Domain Name WhoIS
  • Site Background
  • Finding Emails and Social Media Accounts
  • Stealth Reconnaissance on Protected Network
  • Intercepting Connections
  • Building Our Report
  • Test your Knowledge

Module-03

Hands-On Web Penetration Testing with Kali Linux

  • Web Application and Security
  • OWASP Top 10
  • Vulnerability Assessment versus Penetration Testing
  • Ethical Hacker Responsibilities and Customer Expectations
  • Software and Hardware Requirements
  • Diagram and Design
  • Connectivity and Testing
  • Getting to Know the DVWA Interface
  • Brute Force, CSRF, and File Inclusion
  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Command Execution
  • OWASP-ZAP
  • OWASP-ZAP Authenticated Scan
  • Burp Suite – Part 1 and Part 2
  • Development Security
  • Web Application Firewalls
  • Mod_Security

Module-04

Practical Windows Penetration Testing

  • Disclaimer
  • Test Lab Architecture
  • Setting Up Kali
  • Setting Up Target Win 10 and Windows 16
  • Creating the Domain
  • Scanning and Service Identification
  • Using Public Exploits
  • Exploiting with Metasploit
  • Social Engineering
  • Evading Anti-Virus
  • Final Word on Exploitation
  • About Post-Exploitation
  • Meterpreter
  • Privilege Escalation
  • Collecting Credentials
  • Password Brute-Force
  • Achieving Persistence
  • Pivoting and Pass-the-Hash Attack
  • Bonus Lecture and Test your Knowledge