-
-
- WEEK 2
Week Two Accomplishments:
Gain the knowledge and skills that make Pentesters good at what they do – reconnaissance.
Week Two Blueprint:
When it comes to Network Footprinting it is all about performing reconnaissance on your target without actually having to interact with it yet. This is the most important piece of any pentest; the better are you are at recon, the better pentester you are. Week two you will focus on how to conduct recon.
Career Benefit:
Since reconnaissance is the most important piece of any pentest, you can almost guarantee a lot of interview questions regarding this but rest assured that after week two you will be ready to answer all they ask. Looking at getting your certification? This is also where many of your certification testing questions comes from as well.
Course Sneak Peak:
These are just a few of the items we will cover:
• ARIN (Secret weapon to perform recon)
• Netcraft (This will make your life much simpler)
• Network Solutions (Valuable info without much effort)
• Way Back Machine (Go back in time to find what you need)
• NSLOOKUP (Your best friend during a Footprinting exercise)
• Discover Scripts (Automate much of your Footprinting)
-
-
- WEEK 3
Week Three Accomplishments:
Engage any target.
Week Three Blueprint:
Enumeration is taking Network Footprinting a step further where we actually start engaging the target. Enumeration goes hand-in-hand with Footprinting and this is why many of your certification and interview questions come from here as well.
Career Benefit:
You will develop the crucial skills needed that will not only get you through the toughest interview questions, but have the knowledge to land a job in InfoSec!
Course Sneak Peak:
These are just a few of the items we will cover:
• NMAP (One of the simplest but most powerful tools)
• Wireshark (See the attack in real-time)
• Security Camera Recon
• Maltego (Map out your target network)
- WEEK 4
Week Four Accomplishments:
Exploit our targets.
Week Four Blueprint:
Exploitation is the pinnacle of any pentest, the most fun and is our endgame. We gain those exploitation fundamentals and take a look at the various tactics most likely to succeed.
Career Benefit:
If you can exploit it you can also defend it. Preventing exploitation is the cornerstone of any InfoSec job.
Course Sneak Peak:
These are just a few of the items we will cover:
• Metasploit (The most powerful exploit tool)
• Armitage (GUI interface that uses Metasploit)
• Exploit Database (How to use the largest database of exploits)
- WEEK 5
Week Five Accomplishments:
Effectively assess and scan any target.
Week Five Blueprint:
Vulnerability Scanning is a must have skill in InfoSec and you learn everything you need to get the job done here.If you work in a hospital you need to continually scan your attack surface to see if you are vulnerable to prevent an attacker from stealing important patient records. If you are working for a bank you need to scan to make sure private customer information isn’t stolen. And if you are a 3rd party pentester you will also use this as a catch-all at the end to make sure you didn’t miss anything during the initial part of your pentest.By the end of week 5 you’ll know everything there is to know about vulnerability scanners and how to operate them like a pro.
Career Benefit:
Whether you want to be a system admin or a penetration tester, almost all InfoSec careers have a need for vulnerability scanning.
- Week 6
Week Six Accomplishments:
Attack web applications
Week Six Blueprint:
After week 6 you will have gained the skills that are most needed and sought after right now in the pentesting world which are Web Application Penetsting skills. We step right through all the popular attacks and OWASP Top 10.
Career Benefit:
If you take a look at some recent pentesting job postings you will see Web Application Pentesting as one of the most sought after skills. Once you gain these skills you will become highly sought after.
Course Sneak Peak:
These are just a few of the items we will cover:
• OWASP Top 10 (#1 Web App Job Application questions come from here)
• WebGoat (Premier Vulnerable Web Application)
• XSS – Cross Site Scripting
• SQL Injection
• CSRF – Cross-Site Request Forgery
• RFI Remote File Include – LFI Local File Include
• Packets
• HTTP
• OWASP Broken Web Application Project (Our Testing Platform)
• Reporting
- BONUS: WiFi Pentesting
WiFi Accomplishments:
Perform a proper pentest against any target WiFi networks
WiFi Blueprint:
We step right through the WiFi attacks that give the best probability of succeeding.
Career Benefit:
Knowing how to properly pentest WiFi networks is a must have skill and is often done improperly. Knowing how to properly attack WiFi will give you a leg up on the competition.
Course Sneak Peak:
These are just a few of the items we will cover:
• Pixie Dust WiFi Attack
• WPS Brute Force Attack
• Web Attack
• WPA2 Dictionary Attack
- BONUS: Mobile Pentesting
Mobile Accomplishments:
Pentest any mobile device.
Career Benefit:
The world is moving mobile and those who know mobile penetration testing with be those that are most attractive to a hiring manager.
Course Sneak Peak:
These are just a few of the items we will cover:
• Android Attacks
• IOS Architecture and Attacks
• Mobile Attacks put into action