Vulnerability Assessmet And Penetration Testing

Course Content

Module 1

  • Basics of Linux
  • Linux architecture
  • File directory architecture
  • Basic commands of Linux
  • Installation of Linux
  • Introduction to file password and shadow

Module 2

  • Hacking networks
  • VAPT
  • Information gathering tools
  • Secure network design
  • OS and Database security
  • LINUX server hardening

Module 3

  • Hacking networks
  • VAPT
  • Information gathering tools
  • Secure network design
  • OS and Database security
  • LINUX server hardening

Module 4

  • Windows server hardening
  • Database security
  • Hijacking windows with using RAT and Trojan
  • Web Application Security
  • Burp suit tool
  • SQL injection

Module 5

  • XSS Attack
  • The Defence mechanism of SQL Injection and XSS attack
  • Broken authentication and session hijacking
  • Security misconfiguration
  • Session Hijacking
  • Malicious file inclusion

Module 6

  • Insecure direct object reference
  • Information leakage and improper error handling
  • Failure to restrict URL access
  • Request forgery attack and countermeasures
  • Remote code execution
  • Vulnerability study

Module 7

  • RFI & LFI (remote file inclusion & local file inclusion) vulnerability
  • Denial of service (DOS) and distributed denial of service (DDOS) attacks
  • Countermeasures of DoS and DDoS
  • Web platform security issues and countermeasures
  • Website code review and secure coding principles
  • FORENSICS

Module 8

  • Legal study of evidence acquisition
  • Disk-based forensics
  • Network Forensics
  • Data packet analysis
  • Browser forensics
  • USB forensics

Module 9

  • Memory analysis
  • windows forensics
  • Tools based on forensic study
  • Deleted data recovery
  • Image Forensics
  • Case investigation

Module 10

  • Evidence Recovery
  • Protocol standards.
  • Firewalls
  • WLAN Security
  • Dead vs Live forensics
  • Computer Investigation process.

Module 11

  • COMPLIANCE
  • Basic principles of assessment & auditing
  • IT LAWS and ACTS
  • ISO 27001:2005:2013 basics
  • PCI DSS

Laptop requirements

Important! Set up your own system according to these guidelines.
To effectively engage in this course, your system must be properly configured. If you do not properly read and follow these directions, you will be unable to fully engage in the course’s hands-on tasks. Please ensure that you are available with a system that meets all of the mentioned requirements.Make a backup of your system before attending class. Better better, use a system that does not contain any sensitive or critical data. Dark ExploiT is not liable for your system or data.

MANDATORY WAPT SYSTEM HARDWARE REQUIREMENTS

CPU: 64-bit Intel i5/i7 (8th generation or later), or Ryzen equivalent. This class requires an x64-bit processor with a clock speed of 2.0 GHz or above.CRITICAL: Apple Silicon devices cannot execute the required virtualization and so cannot be used for this course.BIOS settings must be changed to allow virtualisation technologies, such as the “Intel-VTx” or “AMD-V” extensions. If your BIOS is password protected, make sure you can access it in case you need to make modifications.At least 8GB of RAM is necessary.At least 50GB of free storage space is required.There is at least one accessible USB 3.0 Type-A port. A Type-C to Type-A converter may be required for modern laptops.Some endpoint protection software does not allow the usage of USB devices, so test your system with a USB drive before class.Wireless networking (802.11) is required. There is no wired internet access in the classroom.

You cannot copy content of this page