Offensive Security (Beginners to Advance)
This course is for IT professionals who have basic knowledge of Offensive Security. All lab material will provided by Cyber Shield School Authority.
Trainer
Course Fee
25000 TAKA
Duration
42 Hours
Class Duration
2:00 Hour
Number Of Class
21 Classes
Number Of Seats
10-15
Prerequisite: Knowledge: Operating System, Basic Networking and Programming.
In the case of physical courses, Attendees have to bring their laptops.
NB: In the case of online courses, we will arrange one discussion session every week in which attendees have to come physically.
Passive Information Gathering
Passive Information Gathering
Discussion Topics: Taking Notes, Website Reconnaissance, Whois Enumeration, Google Hacking, Netcraft, Web Reconnaissance tool (Recon-ng), Open-Source Code, Shodan, Security Headers Scanner, SSL Server Test, Pastebin, User Information Gathering, Social Media ToolsStack Overflow, Information Gathering Frameworks.
Active Information Gathering
Active Information Gathering
Discussion Topics: DNS Enumeration, Port Scanning, SMB Enumeration, NFS Enumeration, SNMP Enumeration.
Vulnerability Scanning
Vulnerability Scanning
Discussion Topics: Vulnerability Scanning Overview and Considerations, Vulnerability Scanning Scanning with Nessus, Vulnerability Scanning with Nmap.
Web Application Attacks
Web Application Attacks
Discussion Topics: Web Application Assessment Methodology, Web Application Enumeration, Web Application Assessment Tools, Exploiting Web-based Vulnerabilities, Extra Miles.
Introduction to Buffer Overflows
Introduction to Buffer Overflows
Discussion Topics: Introduction to the x Architecture, Buffer Overflow Walkthrough.
Windows Buffer Overflows
Windows Buffer Overflows
Discussion Topics: Discovering the Vulnerability, Windows Buffer Overflow Exploitation.
Linux Buffer Overflows
Linux Buffer Overflows
Discussion Topics: About DEP, ASLR, and Canaries, Replicating the Crash, Controlling EIP, Locating Space for Our Shellcode, Checking for Bad Characters, Finding a Return Address, Getting a Shell.
Client-Side Attacks
Client-Side Attacks
Discussion Topics: Know Your Target, Leveraging HTML Applications. Exploiting Microsoft Office.
Locating Public Exploits
Locating Public Exploits
Discussion Topics: A Word of Caution, Searching for Exploits, Putting It All Together.
Fixing Exploits
Fixing Exploits
Discussion Topics: Fixing Memory Corruption Exploits, Fixing Web Exploits.
File Transfers
File Transfers
Discussion Topics: Considerations and Preparations, Transferring Files with Windows Hosts.
Antivirus Evasion
Antivirus Evasion
Discussion Topics: What is Antivirus Software, Methods of Detecting Malicious Code, Bypassing Antivirus Detection.