Penetration testing – detecting and exploiting vulnerabilities Training Course

How to test the security of networks and services

• What is penetration testing?
• Penetration test vs. audit – similarities, differences, and what is appropriate?
• Practical issues – what can go wrong?
• Scope of tests – what exactly do we want to check?
• Sources of best practices and recommendations

Penetration Testing – Reconnaissance

• OSINT – obtaining information from public sources
• Passive and active methods of network traffic analysis
• Identifying services and network topology
• Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on tests

Penetration Testing – Vulnerability Identification

• Identifying systems and their versions
• Searching for vulnerabilities in systems, infrastructure, and applications
• Vulnerability assessment – "what hurts the most"?
• Exploit sources and the possibility of customizing them

Penetration Testing – Attack and Taking Control

• Types of attacks – how they are conducted and their consequences
• Attacks using remote and local exploits
• Attacks on network infrastructure
• Reverse shell – how to manage a compromised system
• Privilege escalation – how to become an administrator
• Ready-made "hacking tools"
• Analyzing a compromised system – interesting files, saved passwords, private data
• Special cases: web applications, WiFi networks
• Social engineering – how to "break" a person if systems cannot be broken?

Penetration Testing – Covering Tracks and Maintaining Access

• Logging systems and activity monitoring
• Cleaning logs and covering tracks
• Backdoor – how to leave yourself an open entry point

Penetration Testing – Summary

• Report preparation and its structure
• Handover and consultation of the report
• Verification of recommendations implementation