کاربر گرامی، برای دانلود فایل ها ابتدا از طریق این لینک در وبسایت ثبت نام بفرمایید.

برچسب: Pentest

دوره PEN-300: Advanced Evasion Techniques and Breaching Defenses

Evasion Techniques and Breaching Defenses (PEN-300) is an advanced penetration testing course. Learners who complete the course and pass the exam will earn the OffSec Experienced Pentester (OSEP) certification. This course builds on the knowledge and techniques taught in Penetration Testing with Kali Linux, teaching learners to perform advanced penetration tests against mature organizations with an established security function and focuses on bypassing security mechanisms that are designed to block attacks. The OSEP is one of three certifications making up the OSCE certification along with the OSWE for advanced web attacks and OSED for exploit development.

Syllabus

  • Operating System and Programming Theory
  • Client Side Code Execution With Office
  • Client Side Code Execution With Jscript
  • Process Injection and Migration
  • Introduction to Antivirus Evasion
  • Advanced Antivirus Evasion
  • Application Whitelisting
  • Bypassing Network Filters
  • Linux Post-Exploitation
  • Kiosk Breakouts
  • Windows Credentials
  • Windows Lateral Movement
  • Linux Lateral Movement
  • Microsoft SQL Attacks
  • Active Directory Exploitation
  • Combining the Pieces
  • Trying Harder: The Labs

PEN-300: Advanced Evasion Techniques and Breaching Defenses

ادامه مطلب

دوره PEN-210: Foundational Wireless Network Attacks

Wireless Attacks (PEN-210) introduces learners to the skills needed to audit and secure wireless devices and is a foundational course alongside PEN-200 and benefits those who would like to gain more skills in network security. Learners will identify vulnerabilities in 802.11 networks and execute organized techniques and those who complete the course and pass the exam will earn the OffSec Wireless Professional (OSWP) certification.

Syllabus

  • IEEE 802.11
  • Wireless Networks
  • Wi-Fi Encryption
  • Linux Wireless Tools, Drivers, and Stacks
  • Wireshark Essentials
  • Frames and Network Interaction
  • Aircrack-ng Essentials
  • Cracking Authentication Hashes
  • Attacking WPS Networks
  • Rogue Access Points
  • Attacking WPA Enterprise
  • Attacking Captive Portals
  • bettercap Essentials
  • Kismet Essentials
  • Determining Chipsets and Drivers
  • Manual Network Connections
ادامه مطلب

دوره PEN-200: Penetration Testing with Kali Linux

The industry-leading Penetration Testing with Kali Linux (PWK/PEN-200) course introduces penetration testing methodologies, tools, and techniques in a hands-on, self-paced environment. Access PEN-200’s first Learning Module for an overview of course structure, learning approach, and what the course covers. Learners who complete the course and pass the exam will earn the OffSec Certified Professional (OSCP) certification which requires holders to successfully attack and penetrate various live machines in a safe lab environment. The OSCP is considered to be more technical than other ethical hacking certifications and is one of the few that requires evidence of practical penetration testing skills.

Syllabus

Penetration Testing with Kali Linux : General Course Introduction

Introduction to Cyber security

Effective Learning Strategies

Report Writing for Penetration Testers

Information Gathering

Vulnerability Scanning

Introduction to Web Applications

Common Web Application Attacks

SQL Injection Attacks

Client-Side Attacks

Locating Public Exploits

Fixing Exploits

Antivirus Evasion

Password Attacks

Windows Privilege Escalation

Linux Privilege Escalation

Port Redirection and SSH Tunneling

Advanced Tunneling

The Metasploit Framework

Active Directory Introduction and Enumeration

Attacking Active Directory Authentication

Attacking Active Directory Authentication

Lateral Movement in Active Directory

Assembling the Pieces

Trying Harder: The Labs

PEN-200: Penetration Testing with Kali Linux

ادامه مطلب

دوره RTFM – Red Team Field Manual

The RTFM Video Library is an invaluable resource for serious Red Team members who find themselves on critical missions. Led by a seasoned Red Team operator, this high-quality video series delves into various aspects of offensive security, providing practical guidance and insights.

Syllabus

1: Infrastructure Setup
2: Initial Access
3: Situational Awareness
4: User Level Persistence
5: Escalation
6: Lateral Movement
7: Active Directory Enumeration
8: Domain Fortification
9: Hunting for User Workstations
10: Active Directory Forest Compromise
11: Secret Enclave Compromise
12: Pivoting through Tunnels

RTFM – Red Team Field Manual

ادامه مطلب

دوره Antisyphon: Enterprise Attack Initial Access w/ Steve Borosh

Enterprises have been working tirelessly to improve their security postures through defense-in-depth approaches. Offensive teams have also been putting in long hours of research into bypassing the latest EDR’s and defensive products that keep them on their toes. Long gone “hopefully” are the days of hurdling an HTA file laced with a download cradle at a mature organization with a “Free iPad” ruse and watching your screen fill with incoming agents. An offense-in-depth approach may be applied to offensive practitioner’s looking for success against organizations well-versed in defending a large enterprise. Today’s organizations have assets in multiple geo regions, networks, cloud services, border hosts, and many of them are tied to the internal network in some way. This course aims to help offensive practitioners successfully exercise their client environments from a multi-faceted approach using the latest TTPs blended with esoteric practices to gain the upper hand on your assessments.

Antisyphon: Enterprise Attack Initial Access w/ Steve Borosh

ادامه مطلب

جستجو در سایت