The course teaches infrastructure security concepts, including the techniques on how to attack and how to respond with an appropriate countermeasure implementation. Our course has been developed around professional penetration testing and security awareness in the business and IT fields. To make sure that all participants gain the necessary infrastructure security knowledge, our classes have an intensive hands-on format.
All labs are always up to date and have 3 levels of difficulty. They can be easily adjustable to the overall level of the group. Every exercise is supported with lab instructions and multiple tools, both traditional and specialized. CQURE trainers recommend students have some knowledge of security concepts, such as operating system services and architecture. However, all required concepts will be covered throughout the course.
Penetration Test combines a lot of components that make a test to be a bit more professional. Starting with report templates, attitude, being legal and first steps, ending up with great tools and techniques. This course is fun but with a value! Paula Januszkiewicz, CEO, CQURE
Network administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security, Chief Security Officers.
Author’s unique tools, over 150 pages of exercises and presentations slides with notes.
Module 1: Evolution of Hacking
a. Evolution of vulnerabilities
b. Persistent Threats
c. Malware evolution
Module 2: Operating System Services Security Overview
a. Services Security
b. Active Directory Security
Module 3: Operating System Internal Security
a. Permissions and Privileges
b. Password Security
c. Offline Attacks
d. Pass-The-Hash Attacks with custom CQURE Tools
e. Pass-The-Ticket Attacks
f. DPAPI Attacks with custom CQURE Tools
g. Cached Logons Attacks with custom CQURE Tools
h. Exploiting a lack of access controls
Module 4: Databases Security
a. SQL Server Service
b. Authentication Modes
c. Stored Procedures
Module 5: Reconnaissance and Target Profiling
a. Network Scanning
b. Man-in-the-middle Attacks
Module 6: Tampering with Communication (Wired and Wireless)
a. Wireless Protocols Security
b. NetBIOS Spoofing
c. SMB Security
Module 7: Malicious Files Execution
a. Anti-antimalware techniques
b. Non-exe Malware Module
8: Google Hacking
a. Open Source Intelligence
b. Possible Targets
c. Building Advanced Queries
Module 9: HTTP Request Building
a. Cross Site Scripting
b. Injection Attacks
c. Information Leakage and Error Handling
Module 10: Legal Issues
360 degrees Penetration Testing Course is delivered by our partner CQURE:
CQURE Team consists of highly talented Experts, who collectively have over 300 years of experience in the IT security field.
Our passion makes us hard workers and our curiosity push us to solve difficult problems or to keep trying till we do. Basically, we are always tracking current threats. We proudly use our knowledge to make sure your infrastructure stays tight and secure.
This masterclass is proudly presented together with CQURE.
Mika on kouluttanut ja konsultoinut Microsoft-teknologioita Soveltolla ja maailmalla jo yli kaksikymmentä vuotta. Viime vuodet Mika on keskittynyt Microsoftin identiteetti- ja tietoturvateknologioiden (Azure AD, AD FS, PKI) ja pilvipalveluiden (Microsoft Azure ja Microsoft 365) koulutukseen ja konsultointiin. Mika vastaa Sovelton teknologiat-osaamisalueen kehittämisestä.
DI, M.Sc., MCSE: Productivity, Microsoft Certified: Azure Fundamentals, Azure Administrator Associate, MCT, ITIL Foundation 2011.