View
2
Download
0
Category
Preview:
Citation preview
CHPTE Certified Hands-on Penetration Tester Expert
SYLLABUS 2019 Ver 2
150 Hours Hands-On Course
Certified Hands-on Penetration Tester Expert | 2
| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27
Intermediate cyber security course intended for students seeking to enhance their PT and Python
abilities.
This course is offer as the next level course for our unique CHCSS program graduates.
Topics include working with Python, learning to use basic object-oriented programing, working with
Python projects, using threads and learning coding conventions.
The second part of the course include topics of gathering cyber intelligence, learn to do penetration
testing for both application and infrastructure level, using various exploitation tools and making
payloads for attacks. Learn to use tools for various cyber-attacks like Wi-Fi hacking, MITM XSS, SQL
Injections ,Phishing, session hijacking, etc.
The course also gives tools for evaluate vulnerability in web sites. All of those topics are being practice
by the students in our Hands-On labs that were develop specifically for the purpose of this course. The
students also using our unique cyber simulator for practical knowledge on how to mitigate the various
attacks. The course also contains homework for the students as additional hands-on material.
Target Audience
This course is intended for intermediate security personnel wishing to learn how to use the various tools for successful PT.
Prerequisites
• Good understanding of basic cyber-attacks and tools. • Good understanding of networking protocols and TCP/IP • Using Kali and basic Linux commands - Recommended
Course Description
Certified Hands-on Penetration Tester Expert | 3
| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27
01
PYTHON (60 Hours)
Subject Description Hours
Working with Python 1. Work environment. Installing Python and starting it. 2. Working with GIT(BASIC) 3. Variables, basic types, flow control with conditionals and loops. 4. PEP8\coding conventions
5
Basic programing 1. Functions and arguments. 2. Data structures such as dictionaries, sets and lists. Creating these with list/dict/set comprehension 3.Mutable vs immutable types, passing parameters to functions
5
Using Python in Network environment
1. Editing Files 2. Network requests 3. Scapy
10
Exam Mid-Course Programming exam 5
Working with Databases
Databases and Exception handling 5
Object Oriented Programing
Basic OOP, Classes and objects. 10
Using Python projects 1. Installing new packages and use them 2. Pyinstaller 3. Packaging our project
5
Advance programming
Asynchronous & Threads 10
Exam Final programming exam 5
Certified Hands-on Penetration Tester Expert | 4
| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27
02 PT (90 Hours)
Subject Description Hours
Gathering cyber intelligence
1. Active/Passive reconnaissance 2. Using Social media – Building Avatar 3. Using google to search vulnerabilities in websites 4. Using tools: P0F, FOCA, GOOGLE DORKING, WIRESHARK, maltego 5. Web anonymity, VPNs, Darknet, Bitcoin 6. Advance scans: Nmap, nikto, nessus, scapy, Shodan, Exploitdb
15
Exam Reconnaissance Exam 5
Application Penetration Testing - Basic
1. XSS – review 2. Advance XSS and XSS types 3. Session hijacking and phishing 4. Using encoding to bypass special character filters 5. beef 6. Burp Suite & Zed Attack Proxy 7. How to report venerable web site 8. Bug bounty program subscription 9. Path traversal, CSRF, Race Conditions, Directory Listing
15
Application Penetration Testing - Advance
1. SQL review 2. SQL Injection to websites 3. SQLMAP 4. Working with Beebox 5. Different types of Databases 6. BlindSQL 7. Using encoding to bypass special character filters 8. Buffer Overflow
15
Exam Application Penetration Testing Exam 5
Infrastructure Penetration
1. Exploit Review 2. exploit-db, rapid7, virustotal, metasploit, Veil-Evasion,
10
Certified Hands-on Penetration Tester Expert | 5
| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27
Testing – Basic msfvenom, Armitage 3. Creating payloads against Windows and Linux OS and bypassing AVs 4. Creating payloads against web browsers 5. Creating RAT and Reverse/Bind Shell
Infrastructure Penetration Testing - Advance
MITM Advance Attacks 5
Exam Testing MITM Advance Attacks 5
Infrastructure Penetration Testing - Wi-Fi Networks
1. WEP Protocol – Attack types, Using Aircrack-NG, Using PYRIT 2. WPA Protocol - Attack types, Dictionary attacks, Using Aircrack-NG
10
Exam WI-FI Exam – Testing Infrastructure Penetration 5
Total Hours: 150
Certified Hands-on Penetration Tester Expert | 6
| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27
+972-3-566-3155 info@kernelios.com
27 Yosef Lishansky st. Rishon-Lezion, Israel
We're Waiting to Hear From You!
Recommended