Our five-day ethical hacking 7Safe Certified Security Testing Associate Training (CSTA) course is a hands-on journey into the hacking mind-set, examining and practically applying the tools and techniques that an external threat may use to launch “infrastructure” attacks on your organisation.
The various stages of that attack, or equally a penetration test, are explored from initial information gathering, target scanning and enumeration through to gaining access, exploitation, privilege escalation and retaining access. Practical in-depth hands-on exercises using various tools reinforce the theory as you experiment with a Windows 2012 domain (server and workstation) plus a Linux server.
The 7Safe Certified Security Testing Associate Training (CSTA) course demonstrates cyber-attack techniques but this is always done with defence in mind and countermeasures are discussed throughout, enabling delegates to identify the threats and understand the strategies, techniques and policies required to defend their critical information.
Duration: 5 days
• If you are familiar with some aspects of this 7Safe Certified Security Testing Associate Training (CSTA) course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the 7Safe Certified Security Testing Associate Training (CSTA) course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the 7Safe Certified Security Testing Associate Training (CSTA) course in manner understandable to lay audiences.
Audience / Target Group:
The target audience for this 7Safe Certified Security Testing Associate Training (CSTA) course is defined here:
If you are looking to improve your career prospects by starting or transitioning into a cyber security role e.g.
• Network engineers
• Systems administrators
• Systems architects or developers
• IT security officers
• Information security professionals
• Budding penetration testers
7Safe Certified Security Testing Associate Training (CSTA) - Prerequisites:
The knowledge and skills that a learner must have before attending this 7Safe Certified Security Testing Associate Training (CSTA) course are:
Basic understanding of TCP/IP networking:
• Are you familiar with the OSI model?
• Can you name a layer 2 and layer 3 protocol?
• What function does ARP perform?
• Can you describe at a high-level how a request reaches a web server through Ethernet, IP and TCP?
• How does a system know whether or not a gateway is required? zz What is a TCP port?
7Safe Certified Security Testing Associate Training (CSTA) - Objectives:
After completing this 7Safe Certified Security Testing Associate Training (CSTA) course, attendees will be able to:
• You will learn a series of attack methodologies and gain practical experience using a range of tools to undertake an infrastructure penetration test across a multi-OS environment
• Once you are able to identify and exploit vulnerabilities in a safe manner, you will be introduced to a range of defensive countermeasures, allowing you to protect your network and respond to cyber threats
• An understanding of the risks and how to mitigate them
• Learn a number of methodologies for undertaking an infrastructure penetration test
• Acquire effective techniques to identify exploits and vulnerabilities
• Improve your ability to respond effectively to cyber threats
• Valuable preparation and hands-on practice in preparation for the CREST Registered Penetration Tester (CRT) examination
7Safe Certified Security Testing Associate Training (CSTA) - Course Content:
a. Motivations behind hacking
b. The hacking scene
2. Networking Refresher
a. Sniffing Traffic – Wireshark, Ettercap
3. Information Discovery
a. Information Gathering – wget, metadata, pdfinfo and extract
b. DNS – dig, zone transfers, DNSenum and Fierce
4. Target Scanning
a. Host Discovery – Nmap and Netdiscover
b. Port Scanning with Nmap – Connect, SYN and UDP scans, OS detection
c. Banner Grabbing – Amap, Netcat, Nmap, Nmap scripts (NSE)
5. Vulnerability Assessment
6. Attacking Windows
a. Windows Enumeration – (SNMP, IPC$)
c. RID Cycling – Enum4linux, Cain
e. Client-side Exploits – Internet Explorer, Metasploit Auxiliary modules
7. Privilege Escalation – Windows
a. Information Gathering with Meterpreter – Stuxnet exploit, Meterpreter scripts
b. Privilege Escalation – Keylogging, Service Configuration
c. Password Cracking – John The Ripper, Cain, Rainbow tables
d. Brute-Force Password Attacks
e. Attacks on Cached Domain Credentials
f. Token Stealing – PsExec, Incognito, local admin to domain admin
g. Pass the Hash
8. Attacking Linux
a. Linux User Enumeration
b. Linux Exploitation without Metasploit
c. Online Password Cracking – Medusa
d. User Defined Functions
e. ARP Poisoning Man in the Middle – clear-text protocols, secured protocols
9. Privilege Escalation – Linux
a. Exploiting sudo through File Permissions
b. Exploiting SUID and Flawed Scripts – logic errors
c. Further Shell Script Flaws – command injection, path exploits
d. Privilege Escalation via NFS
e. Cracking Linux Passwords
10. Pivoting the Connection
a. Pivoting with Meterpreter
b. Port Forwarding
11. Retaining Access
a. Netcat as a Backdoor
b. Dark Comet RAT – Metasploit Handlers, a full end-to-end attack
12. Covering Tracks
a. Alternative Data Streams
b. Dark Comet