Home About
Services
Consulting and Expertise Security Management Security Governance Business Continuity Security Awareness
Formations
SECURITE OFFENSIVE - ETHICAL HACKING
Cybersecurity Awareness Hacking & Security: Fundamentals Hacking & Security: Advanced Hacking & Security: Expert Certified Ethical Hacker v10 Penetration Testing: Audit Simulation Web Site Audit Social Engineering and Countermeasures Conducting a Security Audit: SI Audit Method Certified Web Application Security Pentester Python for Pentesting Advanced Exploitation with Metasploit Certified of Cloud Security Knowledge Intelligent Android Application Testing Computer Hacking Forensic Investigator v9
INFORENSIQUE
Computer Hacking Forensic Investigator v9 Advanced Forensic Analysis and Incident Response Mobile Device Forensics
MANAGEMENT
ISO 27001: Certified Lead Implementer ISO 27001: Certified Lead Auditor ISO 27005: Certified Risk Manager ISO 27005: Certified Risk Manager + EBIOS Method Certified Information Systems Auditor Certified Information Systems Security Professional Certified Data Protection Officer Certified Information Security Manager ISO 31000: Certified Risk Management ISO/IEC 22301 Certified Lead Auditor ISO/IEC 22301 Certified Lead Implementer ISO/IEC 27032 Certified Cybersecurity Manager ISO/IEC 27034 Certified Lead Auditor ISO/IEC 27034 Certified Lead Implementer ISO/IEC 27035 Lead Incident Manager Certified Lead Pen Test Professional ISO 9001 Certified Lead Auditor ISO 9001 Certified Lead Implementer
SECURITE DEFENSIVE
Android Device Security Awareness >Linux Security Windows Security Network Security Technology Watch Security SIEM Implementation Secure Web Development: Python Session Secure Web Development: PHP Session
Team Contact

Language

FR EN AR
Home / Training / Hacking & Security: Advanced v6

Hacking & Security: Advanced v6

Advanced and practical approach to penetration testing and offensive security in the enterprise.

Offensive
Pentesting
Advanced Training

Objective

This course provides an advanced and practical approach to the methodologies used in corporate network intrusions. We emphasize understanding and practicing various forms of attacks. The goal is to equip you with the technical skills needed to conduct security audits (penetration testing), and to assess the criticality and real impact of discovered vulnerabilities on the IT system.

Specific Objectives:

  • Understand and detect attacks on an IT system.
  • Conduct a penetration test.
  • Remediate vulnerabilities.

Prerequisites

  • Windows/Linux administration/Command-line usage of Linux/TCP/IP

General Information

  • Code: HSA
  • Duration: 5 days
  • Schedule: 8:30 AM - 5:30 PM
  • Location: Training Center, Centre Urbain Nord, Tunis

Target Audience

  • Information Security Officers, Chief Information Security Officers
  • Security consultants
  • Engineers / technicians
  • System network administrators/Developers

Resources

  • Course materials
  • 40% demonstration
  • 40% theory
  • 20% practical exercises

Training Program

  • Day 1
    • Introduction
    • TCP/IP / Network Hardware Review
    • Protocols / OSI - IP Addressing
    • Introduction to Threat Intelligence
    • Vocabulary
    • Vulnerability and Exploit Databases
    • Information Gathering
    • Public Information
    • Search Engines
    • Active Information Gathering
    • Scanning and Fingerprinting
    • Machine Enumeration
    • Operating System Fingerprinting
    • Service Fingerprinting
  • Day 2
    • Network Attacks
    • Idle Host Scanning
    • Network Sniffing
    • Hijacking
    • Attacks on Secure Protocols
    • Denial of Service
    • Network Spoofing
    • System Attacks
    • Vulnerability Scanners
    • Exploiting a Remote Vulnerable Service
    • Privilege Escalation
    • System Espionage
    • Malware Attacks
    • Malware Generation via Metasploit
    • Controlling EIP
    • Encoding Payloads
    • Detection Methods
  • Day 3
    • Web Attacks
    • Site Mapping and Information Leakage Identification
    • PHP Vulnerabilities (include, fopen, upload, etc.)
    • SQL Injections
    • Cross-Site Scripting (XSS)
    • Cross-Site Request Forgery (CSRF)
    • Best Practices
  • Day 4
    • Application Attacks
    • Escape Shell
    • Linux Buffer Overflow
    • Intel x86 Architecture
    • Registers
    • The Stack and Its Operation
    • Standard Attack Methods
    • Variable Overwriting
    • Controlling EIP
    • Executing Shellcode
    • Gaining Root Access
  • Day 5
    • Final Challenge

Contact our experts for additional information, free audit studies, and cost estimates.

Information security is essential for any organization that needs to protect and enhance its information assets.

Contact Us