The course
In this 2-day practical ethical hacking course, you will build on the knowledge gained in CSTA Ethical Hacking: Hands On, using the frameworks & tools used by professional penetration testers to: audit & compromise system security, assess weaknesses in web applications, hijack sessions to steal users∍ online identities and more. Delegates who successfully complete the exam included at the end of the training course will be awarded the Certified Security Testing Professional (CSTP) qualification. Ideal preparation along with CSTA for the CREST Registered Tester qualification.
- Revisiting Nikto & Nessus
- The Metasploit Framework
- Stealthy VNC installation
- Metasploit∍s Meterpreter
- Using Paros Proxy
- Spidering a website
- The limitations of automated web application scanners
- Manual validation of scanner results
- Scanning with Acunetix WVS
- HTTP Request & Response Modification
- Modifying HTML Form data
- Getting started with SQL
- SQL injection
- Using Paros to edit server−supplied JavaScript
- Stealing data using SQL injection
- Bypassing authentication using SQL injection
- SQL injection & stored procedures
- Rooting the box with injected stored procedures
- Dictionary attacks against web forms using the Burp Suite
- E-mail spoofing
- Exploring a Cross-site scripting (XSS) vulnerability
- Stealing login credentials using XSS
- Stealing a session cookie using XSS
- Using a stolen cookie for session hijacking
- The value of logs to an attacker
- Browser vulnerabilities
- Metasploit∍s autopwn: automatic exploitation of a user∍s browser
Download
PDF
|
Course outline
Read the CSTP Ethical Hacking Training Course: Hands-On 2 training course outline to find out more about the many topics covered in CSTP Ethical Hacking: Hands-On 2 |
 |
|
CPE Credits: 16 |
|
|
Frequently Asked Questions (FAQ)
