Penetration
Testing Training - 10 Day Boot Camp
InfoSec Institute: Network Security Training
Penetration Testing Training - 10 Day Boot
Camp Version
InfoSec Institute's Penetration Testing Training,
delivered in the form of a 10 Day Boot Camp style course, is the
information security industry's most comprehensive penetration testing
course available.
You will learn everything there is to know about penetration
testing, from the use of network reconnaissance tools, to the writing
of custom zero-day buffer overflow exploits.
The goal of this course is to help you master a repeatable, documentable
penetration testing methodology that can be used in an ethical penetration
testing or hacking situation. This penetration testing training
course has a significant Return on Investment, you walk out the
door with hacking skills that are highly in demand, as well as up
to four certifications (CEH, CEPT, ECSA and the LPT)!
Learn from Experts in the field of Information Security:
We don't just have great instructors, our instructors have years
of industry experience and are recognized as experts. InfoSec Institute
instructors have authored two of the top Network Security and Penetration
Testing books:
 
Read more about what independent outside sources have to say about our network security training:
"The Shellcoder’s Handbook is far from the first book to talk about holes and weaknesses in applications and operating systems; it is just simply the best." "These guys know what they are writing about because they live it" - Unix Review
"If you want to dig deeply into the subject matter and sharpen your pen testing skills, the InfoSec Institute will give you more of a chance to do just that." - Ask the Expert, Search Security
"Highly Recommended Status" - IEEE Computer Society: Technical Committee on Security and Privacy
"If you need to get serious about IDS, you need to read Koziol." - Linux Journal
Information Security Magazine interviews InfoSec's Program Manager - Information Security Magazine
"Highly recommended from this reviewer.." - Slashdot
"Delves into more arcane exploit-writing topics that are not commonly discussed" - PC World Magazine
"Had the technical detail I was in desperate need of..." Slashdot
Run hacking attacks in our classroom labs, be a hacker for a week:
Some of the hacking concepts you will learn to master during this hands on hacking course...
- Security testing methodologies
- Stealthy network recon
- Passive traffic identification
- Remote root vulnerability exploitation
- Privilege escalation hacking
- IPv6 Vulnerabilities
- Remote access trojan hacking
- Running shellcode in RAM vs. on disk
- Wireless insecurity
- Breaking IP-based ACLs via spoofing
- Abusing Windows Named Pipes for Domain Impersonation
|
- Evidence removal and anti-forensics
- Attacking network infrastructure devices
- Hacking by brute forcing remotely
- Hiding exploit payloads in jpeg and gif image files
- Hacking Web Applications
- Breaking into databases with SQL Injection
- Cross Site Scripting hacking
- Justifying a penetration test to management and customers
- CEH review
- Defensive techniques
|
- Writing buffer overflow exploits
- dlmalloc Heap Overflow exploits
- Win32 Heap Overflow exploits
- Linux stack overflow exploits
- Defeating non-exec stacks
- Return-to-libc shellcode
- Function pointer overwrites
- Crafting Injectable Shellcode
- Defeating non-executable stacks
- Linux LKM Rootkits
- Windows Kernel Rootkits
- Reverse engineering training
- Vulnerability development and discovery
- Attacking and blinding IDSs
- Hiding your attacks from IDSs
- Encrypted covert channels
|
- Global Offset Table Overwrites
- Windows Shellcode
- Integer Overflows
- Linux shellcode
- "no listening port" trojans
- A whole day on breaking through enterprise
DMZs
- Reconstructing binaries from sniffed traffic
- Circumventing antivirus
- Bi-directional Spoofed Communication
- Session fixation
- Advanced SQL Injection
- Justifying a penetration test to management and customers
- Defensive techniques
|
Some of the instructor-led hands-on hacking lab exercises in this
security training experience.
- Capture the Flag hacking exercises every night
!
- Abusing DNS for host identification
- Leaking system information from Unix and Windows
- Windows 2003 Server & Vista DNS Cache Poisoning Attacks
- Unix, Windows and Cisco password cracking
- Remote buffer overflow exploit lab - heap vs. stack overflows
- Attacking Kerberos Pre-Auth Hashes
- Spoofing endpoints of communication tunnels
- Impersonation of other Users- Hijacking kernel tokens
|
- Attacking RDP (Remote Desktop Protocol) in Windows XP,
2003 & Vista
- Remote keylogging
- Data mining authentication information from clear-text
protocols
- Sniffing and hijacking SSL encrypted sessions
- Breaking wireless security via hacking
- Malicious event log editing
- Client side IE & Firefox exploits
- Hacking into Cisco routers
- Tunneling through IPSec VPNs by abusing ESP
- Data retrieval with SQL Injection Hacking
- Calculating the Return on Investment (ROI) for an ethical
hack
|
- Writing a stack buffer overflow
- Porting exploits to metasploit modules
- Find socket shellcode
- Writing shellcode for Linux
- Using Ollydbg for Win32 Exploits
- Windows Kernel-Mode Rootkits
- LKM Rootkits
- Using IDA Pro for Reversing
- Reconstructing sniffed images
- Reverse engineering Windows PE Binaries
- Session hijacking
- Passive Network Analysis
- Exploitation with a remote GUI
- Sniffing SSL Encrypted Sessions
|
- Format string exploits
- Heap overflow exploits
- Windows exploits
- Calculating offsets
- Reversing with SoftIce
- OS determination without touching the target
- SQL Injection timing attacks
- Port redirection
- ASP source disclosure attacks
- Call-Back Backdoors
- Encrypted covert channels
- Remote keyloggers
- PHP/MySQL SQL Injection
- Inserting Malicious Code Into Unix Binaries
|
Immunity CANVAS:
All students receive a fully licensed copy of Immunity's CANVAS to take home. Immunity's CANVAS makes available hundreds of exploits, many of which are not publicly released. It is an automated exploitation system, and a comprehensive, reliable exploit development framework for penetration testers. CANVAS sells for $1244, and is included in most student quotes. Some restrictions to apply, contact us for details.
Up to 4 Ethical Hacking Certifications:
In InfoSec Institute's Penetration Testing Training course, you
have the opportunity to test for up to 4 certifications:
- CEH - Certified Ethical Hacker
- CEPT - Certified Expert Penetration Tester
- ECSA - EC-Council Certified Security Analyst
- LPT - Licensed Penetration Tester
Testimonials from Past Students:
-
" The class was great! The instructor knew his his information very well. It was nice to have someone who is more than just book knowledge, someone who is just giving you the info for the cert test. His hands on experience in real world pen-testing was invaluable, as it gave a touch-stone to how the methods learned in class can be extended to real pen-testing."
Aaron Bento, IBM Global Services
How You Benefit:
- Gain the in-demand career skills of a professional security tester. Learn the methodologies, tools, and manual hacking techniques used by penetration testers.
- Stay ethical! Get hands-on hacking skills in our lab that are difficult to gain in a corporate or government working environment, such as anti-forensics and unauthorized data extraction hacking.
- Move beyond automated vulnerability scans and simple security testing into the world of ethical penetration testing and hacking.
- More than interesting theories and lecture, get your hands dirty in our dedicated hacking lab in this network security training course.
What's Included:
- 10 Days of Expert Security Training Instruction from a hacking
instructor with real-world hacking experience and deep knowledge
of course content.
- Guaranteed small class size (less than 10-16 Students), you get an intimate learning setting not offered at any of our competitors.
- InfoSec's Custom Hacking Tools Enterprise Suite, includes every program covered in the course for at home study. (558 Tools). Hacking Tools Enterprise Suite available for individual purchase for only $1,499!
- Immunity CANVAS Full license
- Core
Impact SEL License
- Boot camp style training --- our instructors teach from 8am to 10:30pm every day. Course runs from 8am to 5pm daily with optional ethical capture the flag hacking exercises to 10:30pm.
- All meals, snacks and refreshments included.
- Packages that can include exam fees for up to 4 certifications (CEH, CEPT, ECSA and LPT)
- Lecture, Lab Exercise and Text book --- Train your ethical friends and co-workers hacking!
Required Prerequisites:
- Firm understanding of the Windows Operating System
- Exposure to the Linux Operating System or other Unix-based OS
- Grasp of the TCP/IP protocols
- Desire to learn about the hacking and network security profession, stay ethical, and get great security training!
If you are unsure if you meet the required prerequisites, contact us for a quick network security training skill check.
Current Course List:
Current Pricing (Call 866-471-0059 for
up-to-date network security training deals):
Tuition -
(Includes: 10 days of expert ethical network security training, 3
daily meals, text book, course book, lab manual, snacks, certified
ethical hacker certification voucher)
|
