• 708.689.0131
  • Contact us
  • Login
Infosec Logo
  • Infosec Logo
  • Products
  • Solutions
  • Resources
  • Company
  • Product overview
  • Infosec IQ logo Security awareness & culture
  • Infosec Skills logo On-demand training & cyber ranges
  • Infosec Skills Live Boot Camps logo On-demand training & cyber ranges
  • Infosec IQ overview
  • Security awareness training
  • Phishing simulator
  • Reporting & assessments
  • Integrations & automation
  • Global administration
  • Browse all training
  • Pricing & features
  • Demo
  • Infosec Skills overview
  • Role-guided training
  • Infosec Skills Teams
  • Cyber ranges & labs
  • Certifications & CPEs
  • Skill assessments
  • Browse all training
  • Pricing & features
  • Book a meeting
  • Live boot camps
  • Infosec Institute certifications
  • DoD 8570 certifications
  • Get team boot camp pricing
  • View boot camp schedule
  • Book a meeting
  • Pre-built training plans
  • Compliance, industry & role-based training
  • Custom education
  • Personalized learning
  • Languages
  • Gamified learning
  • 1000+ phishing templates
  • Simulation types
  • Phishing email reporter
  • Dashboard reports
  • Security culture survey
  • Assessments
  • Learner analytics
  • Learner management
  • Threat response orchestration
  • Integrations
  • 52 NICE Work Roles
  • SOC Analyst
  • Cloud Security Engineer
  • Security Manager
  • ICS Security Practitioner
  • Security Engineer
  • Penetration Tester
  • Digital Forensics Analyst
  • Information Risk Analyst
  • Security Architect
  • Secure Coder
  • Boot camp overview
  • CISSP Boot Camp
  • Security+ Boot Camp
  • Ethical Hacking Boot Camp
  • CCNA Dual Cert Boot Camp
  • CASP+ Boot Camp
  • CCSP Boot Camp
  • CISM Boot Camp
  • CySA+ Boot Camp
  • PMP Boot Camp
  • Browse all boot camps
Choose Your Own Adventure

Security awareness games by Infosec

Click to Play

On-demand training for every cybersecurity role

Download Catalog

Certification training from industry experts

Get Pricing
  • Solutions overview
  • By organization type
  • By need
  • For business teams
  • For government & contractor teams
  • For MSPs & resellers
  • Security awareness
  • Phishing simulation
  • Technical skill development
  • IT certification
  • Compliance & framework
  • CMMC certification

    2021 IT & Security Talent Pipeline Study

    Download Now
    • Cyber Work
    • Webcasts
    • Case studies
    • Reports & whitepapers
    • Blog
    • Community
    • Infosec Inspire
    • Free tools
    • Cyber Work Podcast
    • Cyber Work Applied
    • Infosec Insiders
    • TechExams
    • YouTube
    • LinkedIn
    • Facebook
    • Twitter
    • Phishing Risk Test
    • Security awareness ROI calculator
    • Security awareness training plans
    • Security awareness buyer’s guide

      Cyber Work Podcast

      New cybersecurity career conversations every week

      Listen Now
      • About us
      • Events & webcasts
      • Careers
      • Scholarships & awards
      • Infosec Gives
      • Infosec Gives Partner Program
      • About us
      • Leadership
      • Newsroom
      • Recognition
      • Industry alliances
      • Infosec Hall of Fame
      • Infosec Security Awareness Awards
      • Infosec Accelerate Scholarship Program

        We’re hiring!

        Join a team dedicated to making a difference.

        Get To Know Us

        Advanced Ethical Hacking Training Boot Camp

        Take your penetration testing skills to a new level! The industry’s most advanced ethical hacking training teaches you how to orchestrate and defend against advanced persistent threats (APT) attacks.

        ★★★★☆
        4.3
        (138 ratings)
        View Pricing Book a Boot Camp
        advanced-ethical-hacking-boot-camp

        Become a Certified Expert Penetration Tester — guaranteed!

        • Five days of expert, live Advance Ethical Hacking training
        • Exam Pass Guarantee
        • Exam vouchers
        • Unlimited practice exam attempts
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Pre-study learning path
        • Knowledge Transfer Guarantee

        Hands-on labs

        Hundreds of exercises in over 30 separate hands-on labs bring you up to speed with the latest threats to which your organization is most vulnerable. Practice penetration testing in our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to compromise web servers, virtual machines, databases, routers and firewalls, and then put it all together in an unscripted evening Capture the Flag (CTF) exercise.

        Nightly capture the flag exercises

        CTF exercises are an opportunity for you to practice your hacking skills in a real-world environment. Infosec sets up a mock company that you can freely attack without having to worry about damaging production systems. The purpose of the CTF exercises is to ensure you understand how to apply the skills you learned during the day to a real-world, ethical hacking scenario.

         

        View full course schedule

        Training overview

        Modern networks and systems are fully patched, hardened from attack and armored to the hilt with expensive security gear — but the bad guys still get in on a daily basis! How do they do this?

        Infosec’s Advanced Ethical Hacking Boot Camp will teach you how to successfully attack fully patched and hardened systems, circumvent common security controls and access confidential data. You’ll bring this knowledge back to your organization so you can formulate ways to defend against these sophisticated attacks. By learning how to fully utilize zero-day attacks that replicate an APT attack, you become an extremely valuable member of any penetration testing team. This course also supports and prepares you for the Certified Penetration Tester (CPT) and Certified Expert Penetration Tester (CEPT) exams.

        What you'll learn

        • System exploitation process
        • Replicating the process and architecture of APT attacks
        • Attacking fully patched systems
        • Attacking DMZs and other secured infrastructure
        • Port redirection
        • Compromising secured infrastructure
        • Using egghunter and Meterpreter shellcode
        • Metasploit scripting and automation
        • NMAP automation
        • Running exploits in RAM vs. on disk
        • Hiding from IDSs
        • Covert channels
        • Privilege escalation attacks on Windows
        • Advanced man-in-the-middle (MiTM) attacks
        • Traffic interception
        • Hijacking SSL encrypted sessions
        • MiTM VoIP attacks
        • Intercepting VoIP traffic and attacking ethernet-enabled PBXs
        • Zero-day vulnerability discovery process
        • Format string attacks
        • Windows SEH stack overflows
        • Writing Windows shellcode
        • Heap spraying / JIT spraying
        • Fuzzer selection and comparison
        • Binary auditing with IDA Pro
        • Portable Executable (PE) compression and encoding
        • Using a disassembler
        • Anti-disassembling detection circumvention
        • Web app fuzzing
        • Advanced SQL injection
        • Cross-Site Request Forgery (CSRF) attacks
        • XSS attacks and XSS redirection
        • RFI and Source Code Injection attacks
        • Proxy cache poisoning

        Who should attend

        • Penetration testers
        • Security analysts
        • Cybersecurity consultants
        • Anyone with a desire to learn advanced ethical hacking skills!

        Prerequisites

        • Firm understanding of the Windows Operating System
        • Exposure to the Linux Operating System or other Unix-based operating systems
        • Grasp of the TCP/IP protocols
        • Exposure to network reconnaissance and associated tools (nmap, nessus, netcat)
        • Programming knowledge is NOT required

        Everything you need to earn your certified expert penetration tester

        • Five days of expert, live Advance Ethical Hacking training
        • Exam Pass Guarantee
        • Exam vouchers
        • Unlimited practice exam attempts
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Pre-study learning path
        • Knowledge Transfer Guarantee
        Everything you need to earn your certified expert penetration tester
        View Pricing

        Exam Pass Guarantee

        We guarantee you’ll pass your exam on the first attempt. Learn more. 

        Advanced Ethical Hacking training schedule

        Infosec’s Advanced Ethical Hacking training materials are always up to date because black hat hackers are always changing their tactics to get one step ahead of the good guys. We update our course materials to ensure that you learn about the current threats to your organization’s networks and systems. More than 93% of Infosec students pass their certification exams on their first attempt.

        • Before your boot camp
          • Start learning now. You’ll get immediate access to all the content in Infosec Skills the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

        • During your boot camp
          • Introduction to Advanced Hacking 

            Overview of current security

            Advanced recon 

            • Stealth strategies
            • Evading IDS/IPS
            • Passive network recon
            • Idle scanning
            • Automated metadata gathering

            Blinding IDSs

            • Intrusion detection overview
            • Intrusion prevention
            • Blinding IDSs
            • Hiding from IDSs

            Vulnerability mapping

            • Using nessus
            • Manual vulnerability discovery
            • Mapping client-side vulnerabilities

            x86 assembly for exploit development 

            • Computing fundamentals
            • CPU registers
            • Memory segments
            • Assembly instructions

            Finding vulnerabilities with debuggers

            • Debuggers
            • Hardware vs software breakpoints
            • Keygens
            • Attacking keygen algorithms
            • Protections against these attacks

            Reversing win32 applications with IDA

            • Windows apps
            • Breakpointing on APIs
            • Breakpointing on messages
            • IDA
            • IDA FLIRT
            • Other IDA features

            Fuzzing/fault injection

            • Manual fault injecting
            • Advances in fault injection
            • Attacking complicated protocols

            Memory architecture and stack-based overflows

            • Memory segments
            • Introduction to stack
            • Functions and stack
            • Programming

            SEH exploits

            • Introduction
            • Structured exception handling
            • Controlling SEH chains
            • SEH exploit mitigation techniques
            • SEHOP

            Return oriented programming

            • Operating system protections
            • What is ROP?
            • Why do we need it?
            • How do we go about it?

            Writing shellcode

            • Introduction
            • Null Bytes

            Egghunters

            • What are egghunters
            • Why do we need them
            • Notable egghunter code
            • How do we go about it
            • Bonus content

            Restricted character set exploitation

            • What is restricted character set exploitation
            • Bad characters
            • Unicode filtering
            • Alphanumeric shellcode

            Attacking format strings 

            • Introduction to format strings
            • Using format functions
            • Format string vulnerability
            • Reading the stack
            • Reading arbitrary memory addresses

            Payloads

            • Payload use
            • Bind shell
            • Reverse connect
            • SysCall proxy
            • DLL injection
            • Advanced exploitation

            Metasploit payloads

            • Metasploit meterpreter
            • Meterpreter scripts
            • Windows adduser payload
            • Writing metasploit module

            Advanced metasploit 

            • Metasploit framework
            • Labs for programming

            More advanced metasploit 

            • Metasploit framework
            • Auxiliary modules
            • Post exploitation

            Compressors and encryptors

            • Background on packers
            • Why use a packer
            • How a packer works
            • Strategies for defeating packers
            • Removing the packer with SofIce and ProcDump
            • The JMP EIP trick
            • Deleting the encryptor code segment

            Advanced client side exploits

            • Client side vs server side
            • Why client side is popular
            • The advanced persistent threat
            • Anatomy of a client side attack
            • Types of defenses

            Attacking network-based protocols

            • Attacking ARP
            • Attacking SSL
            • Traffic manipulation

            Exploiting web apps

            • Web app scanning
            • Tools for tracking vulnerabilities
            • Manual investigation

            Web application hacking

            • OWASP top 10
            • Eshoplifting
            • Deconstructing Java
            • Manipulating GETs
            • Manipulating POSTs
            • Attacking Cookies

            SQL injection in MS SQL

            • SQL command structure
            • Discovering vulnerable apps
            • Circumventing authentication
            • Attacking availability
            • Inserting data
            • Retrieving data
            • Deleting data
            • Local system access

            SQL injection in MySQL

            • Introduction
            • SQL injection in string fields
            • Circumventing strings
            • Attacking the application

            CD & DVD-ROM protections

            • Common CD check routines
            • Cracking CD checks
            • A commercial protection scheme- SafeDisc
            • Cracking SafeDisc

             

        • After your boot camp
          • Your boot camp includes a 1-year subscription to Infosec Skills, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.

        Free ethical hacking training resources

        Ethical hacking Resource Hub

        Explore our ethical hacking resource hub to learn all about ethical hacking, including exam information, study resources, salary data, job outlook and more.

        See Resources

        What’s new in Ethical Hacking: Latest careers, skills and certifications

        Put on your white hat and learn how to hack for the good guys! Ethical hackers use the same techniques used by cybercriminals to assess an organization’s vulnerabilities and help keep them safe. Join Keatron Evans, Infosec instructor and Managing Partner at KM Cyber Security, in this audio rebroadcast of a popular webinar. You'll learn about getting started in ethical hacking, in-demand ethical hacking skills, popular ethical hacking training and certifications, common ethical hacking jobs and career paths, and more.

        Keatron Evans is regularly engaged in training, consulting, penetration testing and incident response for government, Fortune 50 and small business. In addition to being the lead author of the best selling book, Chained Exploits: Advanced Hacking Attacks from Start to Finish, you will see Keatron on major news outlets such as CNN, Fox News and others on a regular basis as a featured analyst concerning cybersecurity events and issues. For years, Keatron has worked regularly as both an employee and consultant for several intelligence community organizations on breaches and offensive cybersecurity and attack development. Keatron also provides world class training for the top training organizations in the industry, including Infosec Flex live boot camps and the Infosec Skills on-demand skill development platform.

        Listen Now

        Red Team Operations: Attack and think like a criminal

        Are you red team, blue team — or both? Get an inside look at the offensive and defensive sides of information security. Senior security researcher and Infosec instructor Jeremy Martin digs into the mindset of an attacker during this on-demand webinar, "Red Team Operations: Attack and Think Like a Criminal."

        Listen Now

        Find your boot camp

        Take the course online?
        Learn more about online
        866.471.0059
        • Today
        • Next week
        • Next month
        See additional dates

        Sign up

        Enroll in a boot camp

          See additional dates
          Infosec logo

          Products

          Infosec IQ Security awareness, culture & phishing simulator Infosec Skills Hands-on skill development & boot camps

          Resources

          Cyber Work Blog Infosec Inspire Events & webcasts

          Company

          Contact us About Infosec Careers Newsroom Partners
          • ©2022 Infosec Institute, Inc.
            • Trademarks
            • Privacy Policy

          Infosec, part of Cengage Group