Advanced Ethical Hacking (Custom for USMC)

PT16720
Summary
This 5 day course will be focused on advanced exploitation techniques. Course content will include a brief introduction to system exploitation theory and process. Additional content will include advanced topics as delineated below. This course consists of lecture and hands-on exercises practicing these additional techniques.
Prerequisites
Students must be experienced cybersecurity professionals.
Duration
5 Days/Lecture & Lab
Audience
This course is for experienced cybersecurity professionals.
Topics
System Exploitation Process
  • Replicating the process and architecture of APT attacks
  • Attacking fully patched systems
  • Buffer Overflows against Windows 2008 Server, Windows 7 clients
  • 0 day attacks
  • Attacking DMZs and other secured infrastructure
  • Port Redirection
  • Compromising secured infrastructure
  • Using egghunter and meterpreter shellcode
  • Metasploit scripting and automation
  • NMAP automation
  • Running exploits in RAM vs. on disk
  • Hiding from IDSs
  • Covert Channels
  • Privilege Escalation attacks on Windows 7
  • Advanced Man In The Middle Attacks
  • Traffic Interception
  • Hijacking SSL encrypted sessions
  • MiTM VoIP attacks
  • 0 day vuln discovery process
  • Format String attacks
  • Windows SEH Stack Overflows
  • Writing Windows Shellcode
  • Heap Spraying / JIT Spraying
  • Fuzzer selection and comparison
  • Fuzzing with peachfuzz and SPIKE
  • Binary Auditing with IDA Pro
  • Portable Executable (PE) Compression and Encoding
  • Using a Disassembler
  • Anti-disassembling Detection circumvention
  • Web app fuzzing
  • Advanced SQL Injection
  • Cross Site Request Forgery Attacks
  • XSS Attacks and XSS Redirection
  • RFI and Source Code Injection Attacks
  • Proxy cache poisoning

Related Scheduled Courses