Duration
20.0 hours
Regular fee
$250
Objectives of the training
Penetration testing has become essential in the context of cybersecurity. The realization of these tests requires technical skills in certain areas such as Wi-Fi networks or the Web. The objective of this course is to provide you with the basic technical knowledge in these areas, necessary or even essential to conduct an intrusion test.Targeted audience
Computer scientistsPrerequisite
Knowledge of systems and networks is essential for a good understanding of this course.Trainers
Upcoming information
Course architecture
Wi-Fi Security
• Introduction to wireless networks
• 802.11 principles - part 1
• 802.11 principles - part 2
• Demonstration - Flow analysis with wireshark
• Context of Wi-Fi security
• Demo - Presentation of the aircrack-ng suite
• Demo - Hidden SSID
• The WEP protocol
• The WPA/WPA2 protocols
• The WPS authentication mechanism
• The WPA3 protocol
• Demonstration - Attack on the WPA2 protocol
• 802.1X
• Secure Wi-Fi architecture
• Demonstration - Chellam
Introduction to web applications
• The components of the web
• The HTTP(S) protocol - part 1
• The HTTP(S) protocol - part 2
• Introduction to Burp Suite
• Demonstration - BurpSuite Overview
OWASP Top 10 2017
• OWASP and Injections
• SQL injections
• Other injections (LDAP, CRLF, code, Header Spoofing, Xpath)
• Demonstration - Manual SQL Injection
• Demonstration - Automated SQL Injection
• Case Study - SQL Injection
• Weakness of the authentication system
• Demo - Bruteforce with Burp Suite
• Exposure of sensitive data
• Demo - Searching for sensitive files
• Practical Learning Statement - Searching for sensitive files
• XML External Entities (XXE)
• Weaknesses in access controls
• Practical Learning Statement - Exploiting Access Control Weaknesses
• Improper security configuration
• Cross-Site Scripting (XSS)
• Demonstration - Cookie theft via XSS
• Practical Learning Statement - XSS Exploitation
• Insecure deserialization
• Vulnerable components
• Practical Learning Statement - Exploiting Vulnerable Components
• Lax logging and monitoring
Fuzzing and post-exploitation
• Post web exploitation
• Web fuzzing
• Demonstration - Presentation of fuzzing tools
Analysis and report
• Putting the results into perspective
• Demonstration - Presentation of the Scoring framework for ESD pentesting
• Report writing
• Restitution of deliverables usable by a CODIR
• Recommendations, action plan and follow-up
• Presentation of the practical work - Web intrusion test
• Introduction to wireless networks
• 802.11 principles - part 1
• 802.11 principles - part 2
• Demonstration - Flow analysis with wireshark
• Context of Wi-Fi security
• Demo - Presentation of the aircrack-ng suite
• Demo - Hidden SSID
• The WEP protocol
• The WPA/WPA2 protocols
• The WPS authentication mechanism
• The WPA3 protocol
• Demonstration - Attack on the WPA2 protocol
• 802.1X
• Secure Wi-Fi architecture
• Demonstration - Chellam
Introduction to web applications
• The components of the web
• The HTTP(S) protocol - part 1
• The HTTP(S) protocol - part 2
• Introduction to Burp Suite
• Demonstration - BurpSuite Overview
OWASP Top 10 2017
• OWASP and Injections
• SQL injections
• Other injections (LDAP, CRLF, code, Header Spoofing, Xpath)
• Demonstration - Manual SQL Injection
• Demonstration - Automated SQL Injection
• Case Study - SQL Injection
• Weakness of the authentication system
• Demo - Bruteforce with Burp Suite
• Exposure of sensitive data
• Demo - Searching for sensitive files
• Practical Learning Statement - Searching for sensitive files
• XML External Entities (XXE)
• Weaknesses in access controls
• Practical Learning Statement - Exploiting Access Control Weaknesses
• Improper security configuration
• Cross-Site Scripting (XSS)
• Demonstration - Cookie theft via XSS
• Practical Learning Statement - XSS Exploitation
• Insecure deserialization
• Vulnerable components
• Practical Learning Statement - Exploiting Vulnerable Components
• Lax logging and monitoring
Fuzzing and post-exploitation
• Post web exploitation
• Web fuzzing
• Demonstration - Presentation of fuzzing tools
Analysis and report
• Putting the results into perspective
• Demonstration - Presentation of the Scoring framework for ESD pentesting
• Report writing
• Restitution of deliverables usable by a CODIR
• Recommendations, action plan and follow-up
• Presentation of the practical work - Web intrusion test
Private or personalized training
If you have more than 8 people to sign up for a particular course, it can be delivered as a private session right at your offices. Contact us for more details.
Request a quoteDuration
20.0 hours
Regular fee
$250
Private or personalized training
If you have more than 8 people to sign up for a particular course, it can be delivered as a private session right at your offices. Contact us for more details.
Request a quote