This course is provided by our partner, The InfoSec Institute. |
Instructor: Jack Koziol - Senior Instructor and Security Program Manager at the InfoSec Institute and a provider of advanced ethical hacking training. He regularly is called upon to train members of the United States intelligence community, military, and federal law enforcement agencies. Additionally, Jack provides training for Fortune 500 companies, such as Microsoft, HP and Citibank on how to better secure their networks and applications. Jack has appeared in USA Today, CNN, MSNBC, First Business and other media outlets for his expert opinions on information security. Jack is the lead author of The Shellcoder's Handbook. |
AKA Advanced Ethical Hacking
You already know your three N's backwards and forwards: Nessus, Nmap and Netcat. You have experience with ethical hacking and penetration testing. You can run l0phtcrack in your sleep. But, you want to learn more. You are ready for the next step in penetration testing training!
In Advanced Ethical Hacking: Expert Penetration Testing, you will delve deep into the less well-known, less obvious, and consequently more difficult to master techniques that are available today to penetration testers. It is a commonly known fact that malicious hackers and disgruntled employees have become increasingly sophisticated and efficient. Even the most plugged-in security pros have trouble keeping up with every new vulnerability, there are only 24 hours in a day!
After taking this information security course, you will walk out the door with the skills to identify and prevent the latest complex and complicated attacks by doing them yourself in our lab with your own two hands. After completing the penetration testing training in this course, you will be at the top 5%-10% in terms of information security knowledge and ethical hacking skills.
Hands on instructor led lab exercises coupled with effective and insightful lectures are the best way to learn advanced penetration testing and ethical hacking skills. In this course, you will get high quality penetration testing training by "learning by doing" in hands-on labs, complemented by expert in class instruction.
Some of the topics you will learn to master during the course:
- Writing buffer overflow exploits
- dlmalloc Heap Overflow exploits
- Win32 Heap Overflow exploits
- Linux stack overflow exploits
- Defeating non-exec stacks
- Return-to-libc shellcode
- Function pointer overwrites
- Crafting Injectable Shellcode
- Defeating non-executable stacks
- Linux LKM Rootkits
- Windows Kernel Rootkits
- Reverse engineering training
- Vulnerability development and discovery
- Attacking and blinding IDSs
- Hiding your attacks from IDSs
- Encrypted covert channels
|
- Global Offset Table Overwrites
- Windows Shellcode
- Integer Overflows
- Linux shellcode
- "no listening port" trojans
- A whole day on breaking through enterprise DMZs
- Reconstructing binaries from sniffed traffic
- Circumventing antivirus
- Bi-directional Spoofed Communication
- Session fixation
- Advanced SQL Injection
- Justifying a penetration test to management and customers
- Defensive techniques
|
Some of the instructor-led hands-on lab exercises (we have 27 hacking labs totaling 54 separate exercises for 30+ hours of hands on content):
- Capture the Flag exercises every night !
- Writing a stack buffer overflow
- Porting exploits to metasploit modules
- Find socket shellcode
- Writing shellcode for Linux
- Using Ollydbg for Win32 Exploits
- Windows Kernel-Mode Rootkits
- LKM Rootkits
- Using IDA Pro for Reversing
- Reconstructing sniffed images
- Reverse engineering Windows PE Binaries
- Session hijacking
- Passive Network Analysis
- Exploitation with a remote GUI
- Sniffing SSL Encrypted Sessions
|
- Format string exploits
- Heap overflow exploits
- Windows exploits
- Calculating offsets
- Reversing with SoftIce
- OS determination without touching the target
- SQL Injection timing attacks
- Port redirection
- ASP source disclosure attacks
- Call-Back Backdoors
- Encrypted covert channels
- Remote keyloggers
- PHP/MySQL SQL Injection
- Inserting Malicious Code Into Unix Binaries
|
How You Benefit:
- Gain the in-demand career skills of a highly skilled and specialized penetration tester.
- Master the latest advanced level methodologies, tools, and manual techniques used by ethical hackers to enter the top 10% of security professionals in terms of skill.
- Move beyond the most well known ethical hacking techniques and into the realm of an expert penetration tester.
- More than interesting theories and lecture, get your hands dirty in our dedicated hacking lab.
- Learn hands-on skills that are difficult to gain in a corporate or government working environment, such as compromising border routers and testing your own buffer overflow exploits.
- Prep for the Certified Expert Penetration Tester (CEPT) certification.
What's Included:
- 5 Days of Expert Instruction from an instructor with real-world penetration testing and ethical hacking experience with deep knowledge of course content.
- Guaranteed small class size, so you get an intimate learning setting not offered at any of our competitors.
- Bootcamp style training.
- Most meals, snacks and refreshments included.
- Certified Expert Penetration Tester (CEPT) exam fees.
- Lecture, Lab Exercise and Text book --- Deliver penetration testing training your friends and co-workers!
- InfoSec's Custom Advanced Hacking Tools CD-ROM, includes every program covered in the course for at home study. (798 Tools). Advanced Hacking Tools Enterprise Suite available for individual purchase for only $1,899! Note: You must complete a background check prior purchasing this software package.
Certified Expert Penetration Tester (CEPT) Certification:
Required Prerequisites:
- Firm understanding of the Windows Operating System
- Exposure to the Linux Operating System or other Unix-based OS
- Firm understanding of the TCP/IP protocols.
- Exposure to network reconnaissance and associated tools (nmap, nessus, netcat)
- Programming knowledge is NOT required
- Desire to learn about ethical hacking, and get great penetration testing training!
If you are unsure if you meet the required prerequisites, contact us for a quick skill check.
|
