This training is a first approach to the practices and methodologies used in intrusions into corporate networks. We focus on technical understanding and putting into practice the different forms of existing attacks. The goal is to provide you with the first basic technical skills necessary for conducting security audits (penetration tests), judging for yourself the criticality and the real impact of the vulnerabilities. discoveries on the SI.
In particular, the objectives of the training are as follows:
• Knowledge of Windows
• Code : HSF
• duration : 2 days
• schedule : 8h30 - 17h30
• place : training center, Center Urbain Nord
• Course materials
• 40% demonstration
• 40% of theory
• 20% practical exercises
• Definitions
• objectives
• Vocabulary...
• Passive information capture (WHOIS,social networks, Google Hacking,Shodan, etc.)
• Active information taking (traceroute,social engineering, etc.)
• Vulnerabilities and exploits database
• OSI and TCP / IP model reminders
• Vocabulary
• Protocoles ARP, IP, TCP etUDP
• NAT
• Port Scan
• Sniffing
• ARP Cache Poisoning
• DoS / DDoS
• Breakage of passwords
• Privilege escalation
• Attack of the GRUB
Use of human weaknesses to recover sensitive information and / or compromise systems (Phishing, Remote Control Tools)
• Introduction to Metasploit Framework
• Vulnerability scanner
• Attacks on a client workstation
• Attacks from a server
• Introduction to Web vulnerabilities
• Updates
• Default configurations and best practices
• Introduction to cryptography
• Presentation of steganography
•Anonymity (TOR)
Do not hesitate to contact our experts for any additional information, study and free calculation of an audit service.