CAST 611- Course Layout

Advanced Penetration Testing (CAST 611)   Redefining defense systems by challenging real world attacks
 
A 3 day highly intensive and technical program that focuses on attacking and defending highly secured environments. Here you will have the opportunity to learn and apply methods of attacking new operating systems such as Windows Vista, Windows 7, Windows Server 2008, and the latest Linux servers.
 
Module 1: Advanced Scanning
  • Bypassing Network Filtering
  • Stealth Scanning
  • Bypassing IDS/IPS
  
   
Module 2: Attacking From the Web
  • XSS to command-shell
  • SQL Injection to command-shell
  • MS-SQL
  • MySQL
  • Oracle
  • File Handling to command-shell
  • File Upload to command-shell
  • RFI to command-shell
  • LFI to command-shell
  
   
Module 3: Client-Side Pentesting
  • Bypassing Antivirus
  • Packing Binaries
  • Modifying Binaries with OllyDBG
  • Writing Custom Trojans
  • Email Collection
  • Pivoting into the LAN
  
Module 4: Attacking From the LAN
  • USB Hacksaw/USB Switchblade
  • Bypassing Port Security
  • Bypassing NAC Solutions
 
Module 5: Breaking out of Restricted Environments
  • Citrix in Kiosk Mode
  • Restricted Desktops
  • Group Policy Object Restricted Applications
 
Module 6: Bypassing Network-Based IDS/IPS
  • Enumerating the network
  • Defeating IDS/IPS Signatures
 
Module 7: Privilege Escalation
  • Privilege Escalation in Windows XP
  • Privilege Escalation in Windows Vista
 
Module 8: Post-Exploitation
  • Remote Command Execution
  • Automating Tasks
  • Enabling RDP/VNC
  • Persistence