Managing security has always been a challenge for any security professional. Penetration testing is not only about networks but also web applications. Begin your journey by familiarizing yourself with the well-known tools to perform a vulnerability assessment. There are many tools available on the market for detecting security loopholes and networking attacks. Selecting the right tools and methods might seem confusing, but this course is designed to help navigate through those choices
This learning path follows a practical approach with typical penetration test scenario throughout. You will start by setting up the environment and learn to identify and tackle the flaws and vulnerabilities within the Windows OS (versions 7, 8.1, 10) using Metasploit and Kali Linux tools. Along with this, you will also learn to proxy traffic and implement the most famous hacking technique: the pass-the-hash attack. You will then take a deep dive into understanding the Metasploit Framework and learn how to maintain access on the target machine when successfully exploited. Finally, you will learn how to hack each type of wireless security commonly used in today’s networks, including WEP, WPA, and WPA2.
Contents and Overview
This training program includes 2 complete courses, carefully chosen to give you the most comprehensive training possible.
The first course, Practical Windows Penetration Testing is hands-on to guarantee that you gain practical knowledge. You will start by setting up the environment and learn service identification and network scanning techniques. You will master various exploitation and post exploitation techniques. You will also learn to proxy traffic and implement the most famous hacking technique: the pass-the-hash attack.By the end of this video tutorial, you will be able to successfully identify and tackle the flaws and vulnerabilities within the Windows OS (versions 7, 8.1, 10) using Metasploit and Kali Linux tools.
The second course, Pentesting Web Applications will help you start your journey by familiarizing yourself with the well-known tools to perform a vulnerability assessment. Take a deep dive into understanding the Metasploit Framework and learn how to maintain access on the target machine, when successfully exploited. Documentation is always essential and so is creating an effective report for submission to the customer. You will learn what to include in reports. Finally, you will be all set to perform penetration testing in a real-time scenario and will try to crack a challenge, summing up everything you have learned so far and applied it in real-time.
The third course, Wireless Penetration Testing for Ethical Hacker will demonstrate how to perform wireless penetration attacks against wireless networks and their protocols in order to build strong and robust security systems from the ground up using the most popular tools in the penetration testing community.You’ll learn some basic wireless theory before learning how to hack each type of wireless security commonly used in today’s networks, including WEP, WPA, and WPA2. Using commonly available open source toolsets, you’ll understand the key components of the wireless penetration testing process, including setting up your own wireless penetration testing lab, conducting wireless network reconnaissance (WLAN discovery), packet sniffing and injection, and client attacks..
By end of this course youll be able to perform a full website and server vulnerability test, perform wireless penetration testing with popular tools and explore wireless pentesting techniques, develop encryption-cracking skills and gain insights into methods used by top pentesters and ethical hackers.
About the Authors:
Gergely Révay, the instructor of this course, hacks stuff for fun and profit at Multinational Corporation in Germany and in the USA. He has worked as a penetration tester since 2011; before that, he was a quality assurance engineer in his home country, Hungary. As a consultant, he did penetration tests and security assessments in various industries, such as insurance, banking, telco, mobility, healthcare, industrial control systems, and even car production.
Tajinder Kalsi, with more than 9 years of working experience in the field of IT, Tajinder has conducted Seminars in Engineering Colleges all across India, on topics such as Information Security and Android Application Development at more than 120 colleges and teaching 10,000+ students. Apart from training, he has also worked on VAPT projects for various clients. When talking about certifications, Tajinder is a certified ISO 27001:2013 Auditor. Prior to this course, Tajinder has authored Practical Linux Security Cookbook published by Packt Publishing. He has also reviewed the following books: Web Application Penetration Testing with Kali Linux and Mastering Kali Linux for Advanced Penetration Testing. He has also authored 2 Video courses with Packt – Getting Started with Pentensing and Finding and Exploiting Hidden Vulnerabilities. He is best described as dedicated, devoted, and determined and a person who strongly believes in making his dreams come true. He defines himself as a tireless worker, who loves to laugh and make others laugh. I am also very friendly and level-headed.
Jason Dion, CISSP No. 349867, is an Adjunct Instructor at Liberty University’s College of Engineering and Computational Science and Anne Arundel Community College’s Department of Computing Technologies with multiple information technology professional certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Network Defense Architect (CNDA), Digital Forensic Examiner (DFE), Digital Media Collector (DMC), Security+, Network+, A+, and Information Technology Infrastructure Library v3. With networking experience dating back to 1992, Jason has been a network engineer, Deputy Director of a Network Operations Center, and an Information Systems Officer for large organizations around the globe.