SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Training"

Difference between revisions of "Training"

From BruCON 2017

Jump to: navigation, search
Line 3: Line 3:
  
 
                                                       == COMING SOON ==
 
                                                       == COMING SOON ==
 +
 +
===Crash course in Penetration Testing===
 +
 +
Title
 +
=====
 +
Crash Course in Penetration Testing
 +
 +
Instructors
 +
===========
 +
Joe McCray, and Chris Gates
 +
 +
Description
 +
===========
 +
This course will cover some of the newer aspects of penetration testing
 +
such as Open Source Intelligence Gathering with Maltego and other Open
 +
Source tools.
 +
 +
Advanced Scanning, Enumeration, Exploitation (remote and client-side),
 +
and Post-Exploitation relying heavily on the features included in the
 +
Metasploit Framework will also be covered.
 +
 +
Emphasis throughout the entire workshop will be placed on being as
 +
stealthy as possible, and dealing with popular defensive technologies
 +
such as:
 +
 +
- Network Intrusion Detection/Prevention Systems
 +
- Host-Based Intrusion Detection/Prevention Systems
 +
- Web Application Firewalls
 +
- Anti-Virus
 +
- Content-Filtering Proxies
 +
 +
Web Application penetration testing will be covered as well with focus
 +
on practical exploitation of cross-site scripting (XSS), cross-site
 +
request forgery (CSRF), local/remote file includes, and SQL Injection.
 +
 +
For more details see [[Training 1| Details on Crash Course in Penetration Testing]]
 +
 +
 +
===Web 2.0 ===
 +
===Social engineering ===

Revision as of 21:49, 24 May 2009

There will be trainings in the days prior to BruCON , by internationally renowned trainers and at good prices.


                                                      == COMING SOON ==

Crash course in Penetration Testing

Title

=

Crash Course in Penetration Testing

Instructors

=

Joe McCray, and Chris Gates

Description

=

This course will cover some of the newer aspects of penetration testing such as Open Source Intelligence Gathering with Maltego and other Open Source tools.

Advanced Scanning, Enumeration, Exploitation (remote and client-side), and Post-Exploitation relying heavily on the features included in the Metasploit Framework will also be covered.

Emphasis throughout the entire workshop will be placed on being as stealthy as possible, and dealing with popular defensive technologies such as:

- Network Intrusion Detection/Prevention Systems - Host-Based Intrusion Detection/Prevention Systems - Web Application Firewalls - Anti-Virus - Content-Filtering Proxies

Web Application penetration testing will be covered as well with focus on practical exploitation of cross-site scripting (XSS), cross-site request forgery (CSRF), local/remote file includes, and SQL Injection.

For more details see Details on Crash Course in Penetration Testing


Web 2.0

Social engineering