(443) 692-6600 | info@umbctrainingcenters.com

ABOUT US Locations Management Mission Partnerships Professional Meeting Facilities Student Handbook PROGRAMS Agile Biotechnology Certified Financial Planner Cybersecurity Engineering Human Resources Information Technology Instructional Design Leadership Development Online Programs Project Management Sonography Systems Engineering Test Preparation CLASS SCHEDULE GROUP TRAINING Customers Discounts Locations Programs Mobile Lab REGISTRATION How to Register Discounts Financial Assistance CONTACT INFO Locations Employment Opportunities Facebook Twitter LinkedIn NEWS & EVENTS

Persistent Attack and Exploitation: Offense

Course Description | Outline | Cybersecurity Training | IT Training

Persistent Attack and Exploitation: Offense

Course Outline

Footprinting
Public Information
Search Engines
Public Postings
Maltego

Enumeration
Traffic Analysis
Raw Communications
Host Discovery
Port Scanning
Service Enumeration
Vulnerability Scanning

Attack
Password Cracking
Misconfigurations
Exploitation
Active Attacks
Social Engineering

Escalation
Maintain Access
Escalate Privileges
Leverage Weakness
Pilfer Data

Day 1 - Footprinting

Day 1 introduces methods of gaining open source information on a designated target. The importance of a methodical and complete process for gathering information and keeping it organized is discussed. Day 1 also reinforces the thorough and organized manner required for successful information gathering.

Public Information
Search Engines
Mining Public Postings
Maltego
Footprinting Daily Challenge Lab

Day 2 - Enumeration

Day 2 focuses on more active and less passive methods and tools used to further investigate the target and begin to focus the attack on discovered weaknesses. Basic concepts of how communication occurs on the network will be explored enabling a better understanding of how to compromise it. Tools and techniques to discover weaknesses and exploitable targets is discussed and demonstrated.

Traffic Analysis and Sniffing
Raw Communications and Connections
Host Discovery
Port Scanning
Service Enumeration
Vulnerability Scanning
Enumeration Daily Challenge Lab

Day 3 - Attack

Day 3 focuses on taking advantage of the information found during Day 2 and using that to find and use exploits to penetrate target machines. A variety of exploit sources and exploit types are explored and tested and alternate methods of penetration are discussed. Social engineering will be touched on and web attack methods will be explored.

Password Cracking
Leverage Misconfigurations
Exploit Vulnerabilities
Active Network Attacks
Social Engineering
Attack Daily Challenge Lab

Day 4 - Escalation

Day 4 focuses on strengthening our hold in the network by fundamentally understanding the basic architecture of Windows and Unix/Linux hosts and networks. We will use this understanding to our advantage to escalate privilege levels and expand our hold in the network.

Maintain Access
Leveraging Local Vulnerabilities
Pilfering Data
Escalation Challenge Lab

Labs and Exercises

Whois and ARIN
Search engine use
Email harvesting
Other public information and Metadata
Using tools like Maltego
Major Footprinting Lab
Traffic Analysis and Sniffing
Raw Communications
DNS insecurities
Port scanners
Vulnerability scanners

Major Enumeration Lab
Password security and attacks
Exploiting misconfigurations
Vulnerability exploit tools like metasploit
Active network attacks
Man in the middle attacks
Major Attack Lab
Escalation of privileges
Compromising local executables
Pilfering and scraping information
Major Escalation Lab