19
Lessons
120h
Duration
English
Language
Share This Class:
OBJECTIVE
Upon completion of all three modules, students will have a thorough understanding of
penetration testing and red teaming, equipped with practical experience in using advanced tools and techniques.
Learning Path
MODULE 1 - Beginner
Introduce students to basic penetration testing concepts, methodologies, and tools.
- What is Penetration Testing?
- Differences Between Penetration Testing and Red Teaming
- Legal and Ethical Considerations
- Penetration Testing Methodologies (OSSTMM, PTES, OWASP)
- Virtualization and Lab Setup (VMware, VirtualBox)
- Introduction to Kali Linux
- Installing and Configuring Security Tools
- Setting Up a Target Environment (Metasploitable, DVWA)
- Passive vs. Active Reconnaissance
- Open Source Intelligence (OSINT)
- Network Scanning and Enumeration (Nmap, Netcat)
- Web Reconnaissance (Whois, Shodan)
- Identifying Vulnerabilities
- Using Vulnerability Scanners (Nessus, OpenVAS)
- Manual Vulnerability Analysis
- Prioritizing Vulnerabilities
- Exploitation Fundamentals
- Exploit Development Basics
- Introduction to Metasploit Framework
- Gaining Initial Access
- Maintaining Access
- Privilege Escalation Techniques
- Covering Tracks
- Writing Penetration Testing Reports
- Conducting Reconnaissance on a Target Network
- Performing Vulnerability Scans
- Basic Exploitation using Metasploit
- Post-Exploitation Tasks and Cleanup
MODULE 2 - intermediate
Build on foundational knowledge and delve deeper into advanced penetration
testing techniques and tools.
- Bypassing Firewalls and Intrusion Detection Systems (IDS)
- Network Sniffing and Traffic Analysis (Wireshark, tcpdump)
- Man-in-the-Middle (MITM) Attacks
- Exploiting Network Services (SMB, RDP)
- Deep Dive into OWASP Top 10
- SQL Injection and Cross-Site Scripting (XSS)
- Session Hijacking and Cross-Site Request Forgery (CSRF)
- Web Application Firewalls (WAF) Evasion Techniques
- Wireless Network Fundamentals
- Wi-Fi Encryption and Authentication
- Cracking Wireless Networks (WEP, WPA/WPA2)
- Attacking Wireless Clients
- Principles of Social Engineering
- Phishing and Spear Phishing Attacks
- Pretexting and Impersonation Techniques
- Physical Security and Red Teaming
- Buffer Overflow Exploits
- Shellcode Development
- Exploiting Web and Network Applications
- Advanced Metasploit Techniques
- Advanced Privilege Escalation
- Lateral Movement Techniques
- Persistence Mechanisms
- Data Exfiltration Methods
- Advanced Network and Web Application Testing
- Exploiting Wireless Networks
- Conducting Social Engineering Campaigns
- Developing and Using Custom Exploits
MODULE 3 - ADVANCED
Equip students with the skills and knowledge required to conduct comprehensive
red team operations and sophisticated penetration tests.
- Differences Between Red Teaming and Penetration Testing
- Red Team Planning and Execution
- Understanding Blue Team Tactics
- Developing Red Team Strategies
- Simulating Advanced Persistent Threats (APTs)
- Adversary Emulation
- Using Threat Intelligence in Red Teaming
- Custom Attack Simulations
- Evading Modern Security Solutions (EDR, SIEM)
- Advanced Anti-Forensics Techniques
- Bypassing Two-Factor Authentication (2FA)
- Exploiting Misconfigurations in Cloud Environments
- Developing Custom Tools and Scripts
- Automation in Red Team Operations
- Using Programming Languages (Python, PowerShell)
- Leveraging Existing Tools (Empire, Cobalt Strike)
- Working in Red Teams
- Effective Communication with Stakeholders
- Comprehensive Reporting Techniques
- Developing Actionable Recommendations
- Purple Teaming Concepts
- Coordinating with Blue Teams
- Sharing Intelligence and Insights
- Improving Organizational Security Posture
- Real-World Red Team Engagement Simulation
- Full Scope Penetration Testing
- Developing and Delivering a Red Team Report
- Peer Review and Presentation