This course you will learn how to perform effective penetration tests in business environments and how they can be attacked, exploited, avoided and defended.
The course is intended for technical personnel who perform logical audits and security operators and analysts who must participate in the detection and response to incidents.
The students will perform logical audits and security operators and analysts who must participate in the detection and response to incidents.
Good skills of how systems work together.
(não existem exames)
Recognition
• Active recognition
• Passive recognition
Identification of vulnerabilities
• Tools
• Exploitation
o Metasploit
o Rapid pentesting
o Windows oneliners
• Attacking the perimeter
o Bypass firewall
Attacking the endpoint
• Creating malicious documents
• Bypass antivirus
Escalation of privileges
• UAC bypass
Lateral movement
• DCOM
• WMI, PSEXEC
Information gathering
• Domain admin
• Identifying where the information is
Web Audit
• Vulnerabilities
• Automated identification
• Exploitation
WIFi Audit
• PSK attacks
o WEP, WPA
o WPS
• EAP attacks
o Rogue Aps