Advanced Ethical Hacking Training Boot Camp

You've now graduated to the industry's most advanced ethical hacking course and it's time to take your pen testing skills to a new level. Learn how to orchestrate Advanced Persistent Threat (APT) attacks and defend against them.

Analysts Recommended

IDC lists InfoSec Institute as Major Player in their Security Training Vendor Assessment.

Award Winning Training

For 17 years InfoSec has been one of the most awarded and trusted information security training vendors - 42 industry awards!

Exam Pass Guarantee

We offer peace of mind with our Exam Pass Guarantee for Flex Pro students.

Advanced Ethical Hacking Overview

Modern networks and systems are fully patched, hardened from attack, and armored to the hilt with expensive security gear—- but the bad guys still get in on a daily basis! How do they do this? Why is there a news release every day of another Fortune 500 company hacked, more government secrets lost to the adversary?

InfoSec Institute’s Advanced Ethical Hacking Boot Camp aims to train you on how to successfully attack fully patched and hardened systems, how to circumvent common security controls, and how to get to confidential data. This is all possible if you have 0day exploits, or the ability to create your own exploit code. In this class, you will learn how to exploit modern operating system protections, such as ASLR and DEP, using ROP attacks, egghunter shellcode and heap spraying.

You take this knowledge back to your organization and can then formulate a way to defend against these sophisticated attacks. In this hands-on training class, you will learn how to:

  • Create 0day (private unreleased exploits) attacks as part of the “Advanced Persistent Threat”
  • Run sophisticated attacks against client side applications
  • Use fuzzers and dynamic analysis to discover vulnerabilities
  • Reverse engineer binaries to find new vulnerabilities never discovered before
  • Exploit secured web applications
  • Run chained exploits to pivot from multiple exploitable systems
  • Attack and defeat VPNs, IDS/IPS and other security technologies

All of this against fully patched, fully hardened systems.

You will learn how to chain a few commonly ignored low severity vulnerabilities into a highly critical remote exploit. Once your attacks are successful, you will practice data capture. Then, learn how to intercept and replay confidential data, for example, learn how to VoIP network traffic and data mine it for authentication information.

Every evening you will put everything you learned during the day together in an all-encompassing Capture the Flag (CTF) exercise. This enables you to test that you really understand how to use what you have learned in a real world situation, with an expert instructor by your side to assist your efforts.

The goal of this course is to help you master a more efficient and effective penetration testing process. By learning how to fully utilize 0day attacks that replicate an APT attack, you become a very valuable member of any penetration testing team. This course also supports and prepares you for the CEPT and CPT certification exams.

HANDS-ON LABS WITH IN-CLASSROOM EQUIPMENT:

Hundreds of exercises in over 31 separate Hands-On Labs bring up to speed with the latest threats your organization is most vulnerable to. Practice penetration testing on our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to compromise web servers, virtual machines, databases, routers, firewalls, and then put it all together in an unscripted evening CTF (Capture The Flag) exercise.

Nightly Capture the Flag Exercises:

Capture The Flag exercises are an opportunity for you to practice your hacking skills in a real world environment. InfoSec Institute sets up a mock company that you can attack freely without having to worry about damaging production systems. The purpose of the Capture The Flag exercises is to ensure you understand how to apply the skills you learned during the day to a real world ethical hacking scenario. The Capture The Flags usually take place after catered dinner.

Best Course Evaluations In the Industry:

Over 98% of InfoSec Institute students attending our Ethical Hacking course give 10 out of 10 positive feedback. It is quite frequent that we hear that students feel this is the best IT course they have ever attended, even with students with over 20 years of experience in the IT field.

Advanced Ethical Hacking Boot Camp

Rated 4.9/5 based on 22 customer reviews

Award-Winning Training

View Pricing

We will never share any of your information, spam you or annoy you with pushy sales pitches.

The most current, up-to-date Advanced Ethical Hacking training available anywhere:

    Black Hat hackers are always changing their tactics to get one step ahead of the good guys. InfoSec Institute updates our course materials regularly to ensure that you learn about the most current threats to your organization’s networks and systems.This course focuses on advanced exploitation techniques. A brief introduction to system exploitation theory and process will be covered, the rest of the course covers advanced topics, such as:

    • Attacking fully patched systems
    • 0day attacks
    • Attacking DMZs and other secured infrastructure
    • Port Redirection
    • Compromising secured infrastructure
    • Using egghunter and meterpreter shellcode
    • Metasploit scripting and automation
    • NMAP automation
    • Running exploits in RAM vs. on disk
    • Hiding from IDSs
    • Covert Channels
    • Advanced Man In The Middle Attacks
    • Traffic Interception
    • Hijacking SSL encrypted sessions
    • MiTM VoIP attacks
    • Intercepting VoIP traffic and attacking Ethernet enabled PBXs
    • 0day vuln discovery process
    • Format String attacks
    • Windows SEH Stack Overflows
    • Writing Windows Shellcode
    • Heap Spraying / JIT Spraying
    • Fuzzer selection and comparison
    • Fuzzing with peachfuzz and SPIKE
    • Binary Auditing with IDA Pro
    • Portable Executable (PE) Compression and Encoding
    • Using a Disassembler
    • Anti-disassembling Detection circumvention
    • Egghunter and ROP payloads
    • Attacking SafeSEH
    • Defeating ASLR, DEP
    • Cross Site Request Forgery Attacks
    • XSS Attacks and XSS Redirection
    • RFI and Source Code Injection Attacks
    • Proxy cache poisoning

    Our Major Clients

    Certifications & Compliance

    IACRB’s Certified Expert Penetration Tester (CEPT) Certification:

    This course prepares you for two top hacking certifications in the industry, the CEPT and the CPT. Both exams are given on-site, we have achieved a 93% pass rate for these ethical hacker and penetration testing certifications.

    The exam consists of two parts, a traditional multiple choice, true/false and multiple answer examination and a take-home practical exam. The multiple choice exam consists of 50 questions randomly pulled from a master list of questions. The certification candidate has 2 hours to complete the exam. The 9 Certified Expert Penetration Tester (CEPT) Domains are as follows:

    * Penetration Testing Methodologies
    * Network Attacks
    * Network Recon
    * Windows Shellcode
    * Linux & Unix Shellcode
    * Reverse Engineering
    * Memory Corruption/Buffer Overflow Vulnerabilities
    * Exploit Creation – Windows Architecture
    * Exploit Creation – Linux/Unix Architecture
    * Web Application Vulnerabilities

    Any candidate that answers 70% of the questions correctly is considered to have passed the multiple choice exam.Upon completion of the multiple choice exam, candidates are then distributed a take-home practical, in which they will be tested on their ability on three Challenges. Candidates have 60 days from the completion of the multiple choice exam to complete the practical examination. The three challenges are as follows:

    Challenge #1: Discover and create a working exploit for Microsoft Windows Vulnerability.

    Challenge #2: Discover and create a working exploit for Linux Vulnerability.

    Challenge #3: Reverse engineer a Windows Binary.

    Candidates are instructed to submit a working exploit for Challenges #1 and #2. Partial credit is given for non-working exploits, when submitted with detailed documentation.

    The practical is then submitted to an exam proctor, who will grade the exam. A 70% is considered a passing grade. Generally, candidates that submit working exploits as well as a properly reversed binary will pass the exam.

    Prerequisites:

    • Firm understanding of the Windows Operating System
    • Exposure to the Linux Operating System or other Unix-based OS
    • Firm understanding of the TCP/IP protocols.
    • Exposure to network reconnaissance and associated tools (nmap, nessus, netcat)
    • Programming knowledge is NOT required
    • Desire to learn about Ethical Hacking, and get great penetration testing training!

    Book your course

      What Our Students Are Saying

      Without any question, InfoSec has the most gifted individual instructors. Our instructor for this class was both an excellent educator and a premier/world class security expert. He was able to clearly explain and impart to the students, the most complicated security techniques I have ever heard of or imagined. I simply can not find the words to recommend him and Infosec security training more highly.
      JH

      John Hollan GE

      Advanced Ethical Hacking Training Boot Camp

      Career Tracks

      • Hacker Track

        The InfoSec Institute Hacker Track will take you from 0 to 60 in your security career. By the time you successfully complete this track you will be highly credential-ed and in the top 5-10% of hackers in the world.
      Ready to get started? Get instant pricing for this award-winning boot camp. View course pricing