Ethical Hacking si Penetration Testing pe intelesul tuturor

In acest curs vei invata unelte, metodologii si tehnici de hacking. Un curs practic, pas cu pas.

   Watch Promo

Pentru a te proteja de hackeri, este nevoie sa gandesti ca unul.

In acest curs vei invata unelte de hacking, metodologii si tehnici. Un curs practic, explicat pas cu pas. Acest curs are o abordare practica cu situatii care se intalnesc zi de zi in viata unui penetration tester. Vor fi furnizate masini virtuale pentru laborator.

Obiectivul cursului este sa te ajute sa gandesti ca un hacker si sa actionezi ca unul. Vom porni la drum intelegand ce inseamna un proiect de penetration testing, care sunt pasii acestuia, care sunt avantajele, si vom trece prin urmatoarele videouri:

  • Introducere in pentetration testing
  • Pregatirea laboratorului (Kali + Nessus, Windoes, Metasploitable)
  • Strangerea de informatii, OSINT (Open Source Inteligence)
  • Enumerarea serviciilor
  • Enumerarea directoarelor din serverul web. Spidering vs brute forcing directoare
  • Scanarea pentru vulnerabilitati de sistem si servicii
  • Scanarea pentru vulnerabilitati ale serverului web
  • Cautare manuala pentru vulnerabilitati - baze de date de exploituri
  • Prezentarea framework-ului de exploatare Metasploit
  • Exploatearea ftp serverului folosind metasploit
  • Exploatarea smb folosind Metasploit
  • Post Exploatare manuala vs automat
  • Demo armitage
  • Spargerea parolelor online - crearea unui dictionar propriu personalizat
  • Spargerea hashurilor de parole offline
  • Interceptarea pachetelor - Man in the Middle. Introducere in Cain si Abel, Ethereal. HTTP si HTTPS (sslstrip)
  • Cross site scripting - Interceptarea sesiunilor web
  • Stored XSS - Demo beef si social engieering
  • Vulnerabilitati Web - file upload, local file inclusion, web backdoors
  • CSRF demo - vulnerabilitati web
  • Command Execution - vulnerabilitati web
  • Introducere in Burp Suite: Proxy, Spidering, Import CA certificat, Extensii, Repeater module
  • SQL Injection - vulnerabilitati web
  • Brute force pe aplicatii web
  • Backdoors de windows, android
  • Alte atacuri de tip Social Engineering
  • Demo wifi - Mana Toolkit
  • Demo Backdoors and Social Engineering - Empire and Rubber Ducky
  • Demo phising - SocialPhish


Your Instructor


Gabriel Avramescu
Gabriel Avramescu

Senior Information Security Consultant

  • I work in the Internet security team, focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
  • Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking).
  • Make recommendations on security weaknesses and report on activities and findings.
  • Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
  • Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
  • Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
  • Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
  • Assist with the development of remediation services for identified findings
  • Customize, operate, audit, and maintain security related tools and applications

IT Trainer

  • CEH, ECSA, CHFI from EC-Council
  • Cisco CCNA, CCNA Security, Linux Essentials
  • Various Custom Trainings

Certifications

  • OSWE
  • OSCE
  • OSWP
  • CREST Registered Penetration Tester (CRT)
  • OSCP
  • CHFI (Computer Hacking Forensic Investigator)
  • ISO 270001 Lead Auditor
  • ECSA (EC-Council Security Analyst)
  • CEH (Certified Ethical Hacker)
  • CCNA and CCNA Security
  • CCNP Routing and CCNP Switching
  • Advanced Linux&InfoSEC
  • VMWare vSphere Install, Configure, Manage
  • Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.

Course Curriculum



Frequently Asked Questions


When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund.

Get started now!