Pentesting and Exploiting Corporate Infrastructure

This training is Hands-on training on pentesting and exploiting corporate infrastructure. Training starts with the basics of networking and then moves into scanning, enumeration, exploitation and post exploitation.

Training includes recent vulnerabilities such as Shellshock, Heartbleed, POODLE etc. There will be lot of popping of shells during attack. The lab contains multiple vulnerable applications on various platforms such as Windows and Linux.

The covers includes multiple vulnerabilities ranging from services such as FTP, SSH etc. and web application vulnerabilities such as LFI, RFI, Remote Code Execution which will allow attacker to compromise the machine and ultimately move onto next network. Private networks are hiding behind firewalls, so you will learn how to exploit and attack machines in the private network using public facing servers.

There is a section of Python Scripting so attendees will learn basic to code basic python scripts to perform attacks and we will use metasploit for some complex attacking scenario. There is session on shellcoding which includes writing your own shellcode and customize available shellcodes for fun and profit. The training follows a CTF approach to compromise the machines. This training contains over 50 labs and 30+ challenges which are inspired by real world vulnerabilities and case studies.

Training Outline:

Lab:

Upon the completion of this training, attendees will:

Attendees will be provided with:

Attendee requirements for this training:

Pre-requisites:

This course requires following pre-requisites:

Who should attend this training?

Why is your material different?

Training Days – 4 Days

Bio:

Vikram is the Information Security Researcher, Consultant and Founder at Vmaskers. Vmaskers provide network, wireless, web, Android and iOS applications penetration testing services and training for corporates. His main responsibilities are to look after application security, lead security automation and provide training. He has also developed several internal security tools for the organization to handle the security issues. Vmaskers provide training for organisation’s internal team that includes developers and penetration testers to improve quality of the applications. He has also discovered serious web application security flaws in many unique product giants all over the world. He enjoys finding and exploiting software vulnerabilities via reverse engineering, source code auditing, fuzzing. He researches primarily focused Web App, Android, iOS App Pentesting. He is responsible for Pentesting, Code Review and Security Certification of Hybrid Mobile Applications. Responsible for breaking and fixing business critical Web Applications, Web Services, and client facing applications built with HTML5 and JS. He has previously trained in CHCon and will be training in OWASP Morocco.

Register Today!