Home About
Services
Consulting and Expertise Security Management Security Governance Business Continuity Security Awareness
Formations
SECURITE OFFENSIVE - ETHICAL HACKING
Cybersecurity Awareness Hacking & Security: Fundamentals Hacking & Security: Advanced Hacking & Security: Expert Certified Ethical Hacker v10 Penetration Testing: Audit Simulation Web Site Audit Social Engineering and Countermeasures Conducting a Security Audit: SI Audit Method Certified Web Application Security Pentester Python for Pentesting Advanced Exploitation with Metasploit Certified of Cloud Security Knowledge Intelligent Android Application Testing
FORENSICS
Computer Hacking Forensic Investigator v9 Advanced Forensic Analysis and Incident Response Mobile Device Forensics
MANAGEMENT
ISO 27001: Certified Lead Implementer ISO 27001: Certified Lead Auditor ISO 27005: Certified Risk Manager ISO 27005: Certified Risk Manager + EBIOS Method Certified Information Systems Auditor Certified Information Systems Security Professional Certified Data Protection Officer Certified Information Security Manager ISO 31000: Certified Risk Management ISO/IEC 22301 Certified Lead Auditor ISO/IEC 22301 Certified Lead Implementer ISO/IEC 27032 Certified Cybersecurity Manager ISO/IEC 27034 Certified Lead Auditor ISO/IEC 27034 Certified Lead Implementer ISO/IEC 27035 Lead Incident Manager Certified Lead Pen Test Professional ISO 9001 Certified Lead Auditor ISO 9001 Certified Lead Implementer
SECURITE DEFENSIVE
Android Device Security Awareness >Linux Security Windows Security Network Security Technology Watch Security SIEM Implementation Secure Web Development: Python Session Secure Web Development: PHP Session
Team Contact

Language

FR EN AR
Home / Training / Advanced Exploitation with Metasploit

Advanced Exploitation with Metasploit

Master advanced penetration testing techniques using Metasploit.

Penetration Testing
Security
Advanced Training

Objective

A penetration test involves evaluating the security of an IT infrastructure by safely attempting to exploit vulnerabilities that may exist in operating systems, application flaws, or end-user behavior. The penetration test is an attempt to assess the effectiveness of security measures and discover any potential exploit or backdoor that may be present in the IT systems—through which hackers and cybercriminals could gain unauthorized access or perform malicious activity.

Specific Objectives:

  • Identify and analyze the organization's exposure to cybersecurity threats
  • Enhance your basic cybersecurity auditing skills

Prerequisites

  • Identify vulnerabilities and successfully carry out attacks
  • Perform security functions in responsible information systems

General Information

  • Code: C-WAST
  • Duration: 3 days
  • Schedule: 8:30 AM - 5:30 PM
  • Location: 4-star hotel, Tunis

Target Audience

  • System and network administrators
  • Security auditors/technicians
  • CIOs (Chief Information Officers)

Resources

  • Training materials
  • 40% demonstration
  • 40% theory
  • 20% hands-on exercises

Training Program

  • Introduction to penetration testing
  • Basic Windows commands
  • Basic Linux commands
  • Login bypass using SQL injection
  • SQL injection chaining, sqlmap
  • Blind SQL injection, Python script
  • Command execution: netcat, commix
  • Password attack methods. Tools: Hydra, Python Script, BurpSuite
  • POST method password attack. Tools: Hydra, Python Script, BurpSuite
  • HTTP verb tampering. Tools: Live HTTP Header (Firefox Addon), curl
  • Unvalidated redirection and forwarding. Tools: NoRedirect (Firefox Addon), curl
  • File upload
  • Filtered uploads. Tools: payloads for evasion
  • Loose PHP comparison. Tools: Qcunetix, Dirb, Tamper Data (Firefox Addon)
  • Time-based attack
  • Reflected XSS
  • Stored XSS. Tool: XWotP Xenotix OWASP Exploit Framework
  • Filtered stored XSS. Tool: BurpSuite
  • LFI (Local File Inclusion)
  • RFI (Remote File Inclusion). Tools: Apache, fimap
  • CSRF attack
  • Exam session
  • The exam will be held at a 4-star hotel in Tunis.
  • Exam title: ECSAv10
  • Exam format: MCQs and lab-based assessment
  • Number of questions: 30 multiple-choice questions
  • Duration: 1 hour for MCQ, 1 hour for LAB
  • Language: French
  • Required score: 60%

Contact our experts for additional information, free audit studies, and cost estimates.

Information security is essential for any organization that needs to protect and enhance its information assets.

Contact Us