Difference between revisions of "Training"
From BruCON 2017
Security4all (talk | contribs) |
|||
Line 3: | Line 3: | ||
== COMING SOON == | == COMING SOON == | ||
+ | |||
+ | ===Crash course in Penetration Testing=== | ||
+ | |||
+ | Title | ||
+ | ===== | ||
+ | Crash Course in Penetration Testing | ||
+ | |||
+ | Instructors | ||
+ | =========== | ||
+ | Joe McCray, and Chris Gates | ||
+ | |||
+ | Description | ||
+ | =========== | ||
+ | This course will cover some of the newer aspects of penetration testing | ||
+ | such as Open Source Intelligence Gathering with Maltego and other Open | ||
+ | Source tools. | ||
+ | |||
+ | Advanced Scanning, Enumeration, Exploitation (remote and client-side), | ||
+ | and Post-Exploitation relying heavily on the features included in the | ||
+ | Metasploit Framework will also be covered. | ||
+ | |||
+ | Emphasis throughout the entire workshop will be placed on being as | ||
+ | stealthy as possible, and dealing with popular defensive technologies | ||
+ | such as: | ||
+ | |||
+ | - Network Intrusion Detection/Prevention Systems | ||
+ | - Host-Based Intrusion Detection/Prevention Systems | ||
+ | - Web Application Firewalls | ||
+ | - Anti-Virus | ||
+ | - Content-Filtering Proxies | ||
+ | |||
+ | Web Application penetration testing will be covered as well with focus | ||
+ | on practical exploitation of cross-site scripting (XSS), cross-site | ||
+ | request forgery (CSRF), local/remote file includes, and SQL Injection. | ||
+ | |||
+ | For more details see [[Training 1| Details on Crash Course in Penetration Testing]] | ||
+ | |||
+ | |||
+ | ===Web 2.0 === | ||
+ | ===Social engineering === |
Revision as of 21:49, 24 May 2009
There will be trainings in the days prior to BruCON , by internationally renowned trainers and at good prices.
== COMING SOON ==
Crash course in Penetration Testing
Title
=
Crash Course in Penetration Testing
Instructors
=
Joe McCray, and Chris Gates
Description
=
This course will cover some of the newer aspects of penetration testing such as Open Source Intelligence Gathering with Maltego and other Open Source tools.
Advanced Scanning, Enumeration, Exploitation (remote and client-side), and Post-Exploitation relying heavily on the features included in the Metasploit Framework will also be covered.
Emphasis throughout the entire workshop will be placed on being as stealthy as possible, and dealing with popular defensive technologies such as:
- Network Intrusion Detection/Prevention Systems - Host-Based Intrusion Detection/Prevention Systems - Web Application Firewalls - Anti-Virus - Content-Filtering Proxies
Web Application penetration testing will be covered as well with focus on practical exploitation of cross-site scripting (XSS), cross-site request forgery (CSRF), local/remote file includes, and SQL Injection.
For more details see Details on Crash Course in Penetration Testing