GB
/
GBP
/
EN

Shaping the future of IT skills

Maximising IT performance through learning

NotSoSecure The Art of Hacking - AoH

WGAC-CSI-AOH

NotSoSecure

Description

Show Tabs
Introduction

Securing customer data is often crucial when deploying and managing web applications and network infrastructure. As such, IT administrators and web developers require security knowledge and awareness in order to secure their environment. Due to this requirement, operational staff often require hands-on course and experience to identify, control and prevent organisational threats.

This introductory/intermediate technical course brings together Infrastructure Security and Web Application Security into a 5-day “Art of Hacking” course designed to teach the fundamentals of hacking.  This hands-on course was written to address the market need around the world for a real hands-on, practical and hacking experience that focuses on what is really needed when conducting Pen Testing.

This course teaches attendees a wealth of techniques to compromise the security of various operating systems, networking devices and web application components. The course starts from the very basic and builds up to the level where attendees can not only use the tools and techniques to hack various components involved in infrastructure and web hacking, but also gain solid understanding of the concepts on which these tools are based. This course combines a formal hacking methodology with a variety of tools to teach the core principles of ethical hacking.

Prerequisites & Audience
  • Basic Familiarity With Windows And Linux Systems E.g. How To View A System’s Ip Address, Installing Software, File Management
  • Basic Understanding Of Network Fundamentals E.g. Ip Addressing, Knowledge Of Protocols Such As Icmp, Http And Dns
  • Basic Understanding Of Http Fundamentals E.g. Structure Of An Http Request, Http Method Verbs, Http Response Codes

The Above Requirements Are Not Mandatory But Are Recommended Due To The Pace Of The Course. 
Course Benefits

•   Discover And Fingerprint Systems And Services Available Within Their Infrastructure

•   Discover And Exploit Windows And Linux Operating Systems Through A Variety Of Well-known Vulnerabilities

•   Conduct Password Brute Force Attacks To Compromise Services And Gain Access To A Host

•   Hack Application Servers And Content Management Systems To Gain Access To Customer Data

•   Conduct Client-side Attacks And Execute Code On A Victim’s Machine

•   Identify Common Web Application Vulnerabilities And Introduce Security Within Their Software Development Life-cycle In A Practical Manner.

Delegates Receive

•   A Pdf Copy Of All Course Materials Used During The Course Including Instructor Slide Deck, Tool Cheat Sheets And Walkthrough Guides.

•   Access To Notsosecure’s Art Of Hacking Lab For 30 Days After Course Completion.

Course Topics

The Art Of Port Scanning

•   Basic Concepts Of Hacking Methodology

•   Enumeration Techniques And Port Scanning

The Art Of Online Password Attacks

•   Configure Online Password Attack

•   Exploiting Network Service Misconfiguration

The Art Of Hacking Databases

•   Mysql, Postgres

•   Attack Chaining Techniques

Metasploit Basics

•   Exploitation Concepts, Manual Exploitation Methodology

•   Metasploit Framework

Password Cracking

•   Understanding Basic Concepts Of Cryptography,

•   Design Offline Brute Force Attack

Hacking Unix

•   Linux Vulnerabilities, Misconfiguration

•   Privilege Escalation Techniques

Hacking Application Servers On Unix

•   Web Server Misconfiguration

•   Multiple Exploitation Techniques

Hacking Third Party Cms Software

•   Cms Software

•   Vulnerability Scanning & Exploitation

Windows Enumeration

•   Windows Enumeration Techniques & Configuration Issues

•   Attack Chaining

Client-side Attacks

•   Various Windows Client-side Attack Techniques

Privilege Escalation On Windows

•   Post Exploitation

•   Windows Privilege Escalation Techniques

Hacking Application Servers On Windows

•   Web Server Misconfiguration

•   Exploiting Application Servers

Post Exploitation

•   Metasploit Post Exploitation Techniques

•   Window 10 Security Features & Different Bypass Techniques

Hacking Windows Domains

•   Understanding Windows Authentication

•   Gaining Access To Domain Controller

Understanding The Http Protocol

•   Http Protocol Basics

•   Introduction To Proxy Tools

Information Gathering

•   Enumeration Techniques

•   Understanding Web Attack Surface

Username Enumeration & Faulty Password Reset

•   Attacking Authentication And Faulty Password Mechanisms

Issues With Ssl/tls

•   Ssl/tls Misconfiguration

Authorization Bypass

•   Logical Bypass Techniques

•   Session Related Issues

Cross Site Scripting (Xss)

•   Various Types Of Xss

•   Session Hijacking & Other Attacks

Cross Site Request Forgery (Csrf)

•   Understanding Csrf Attack

Sql Injection

•   Sql Injection Types

•   Manual Exploitation

Xml External Entity (Xxe) Attacks

•   Xxe Basics

•   Xxe Exploitation

Insecure File Uploads

•   Attacking File Upload Functionality

Deserialization Vulnerabilities

•   Serialization Basics

•   Php Deserialization Attack

NotSoSecure courses


NotSoSecure Advanced Infrastructure Hacking - AIH
CODE: WGAC-CSI-AIH
NotSoSecure The Art of Hacking - AoH
CODE: WGAC-CSI-AOH
NotSoSecure Advanced Web Hacking - AWH
CODE: WGAC-CSI-AWH
NotSoSecure Hacking and Securing Cloud Infrastructure
CODE: WGAC-CSI-HSCI
NotSoSecure AppSec for Developers - APPSEC
CODE: WGAC-CSI-APPSEC
NotSoSecure DevSecOps - DEVSECOPS
CODE: WGAC-CSI-DEVSECOPS
NotSoSecure Hacking 101
CODE: WGAC-CSI-HACKING101
Webinar Hacking and Securing Cloud Infrastructure : The Anatomy of a Cloud Hack
CODE: WGAC-CSI-HSCI-WEBINAR
Webinar Basic Infrastructure Hacking : Through an Attacker's Eyes: Your Infrastructure
CODE: WGAC-CSI-BIH-WEBINAR
Webinar Basic Web Hacking : Through an Attacker's Eyes: Your Web Applications
CODE: WGAC-CSI-BWH-WEBINAR
We use cookies to understand how you use our site and to improve your experience. To learn more, click here. Read our revised Privacy Policy and Terms and Conditions.