Penetration testing – detecting and exploiting vulnerabilities Training Course

How to test network and service security

• What is penetration testing?
• Penetration testing vs. audit – similarities, differences, and what is appropriate?
• Practical problems – what can go wrong?
• Scope of tests – what do we want to check?
• Sources of best practices and recommendations

Penetration Testing – Reconnaissance

• OSINT – acquiring information from open sources
• Passive and active network traffic analysis methods
• Service and network topology identification
• Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on testing

Penetration Testing – Vulnerability Discovery

• Identifying systems and their versions
• Discovering vulnerabilities in systems, infrastructure, and applications
• Vulnerability assessment – i.e., 'what will hurt'?
• Exploit sources and customization possibilities

Penetration Testing – Attack and Gaining Control

• Types of attacks – how they are conducted and their effects
• Attacking using remote and local exploits
• Attacks on network infrastructure
• Reverse shell – how to manage a compromised system
• Privilege escalation – i.e., how to become an administrator
• Ready-made 'hacking tools'
• Analyzing the compromised system – interesting files, saved passwords, private data
• Special cases: web applications, WiFi networks
• Social engineering – i.e., how to 'break' a human if the systems cannot be attacked?

Penetration Testing – Covering Tracks and Maintaining Access

• Logging systems and activity monitoring
• Cleaning logs and covering tracks
• Backdoor – i.e., how to leave yourself an open entry point

Penetration Testing – Summary

• Report preparation and its structure
• Report delivery and consultation
• Verification of recommendation implementation