Certified Network Penetration Tester (CNPT)

Course details

Certified network penetration testing training focuses on finding out flaws in a network and actually exploiting them with the help of Kali linux and Metasploit. A penetration testing is a process of evaluating an organizational IT infrastructure by exploiting vulnerabilities that may exist in an operating system, service or application loop holes. These assessments are done by organizations to evaluate the defense mechanism of the IT infrastructure. In the Certified network penetration testing training one will learn how to carry out a successful penetration test which actually mimics the real world attack and generate a vulnerability assessment and penetration testing report for the organization.

Our certified network penetration testing training will help you to learn the tricks to conduct successful reconnaissance and use your social engineering skills to gain knowledge about the target network infrastructure. Learning the skills from the best professional white hat hackers and using the most updated tools will make you industry ready.

Course Content:

Lesson 1: Introduction to Network Security

Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

Lesson 2: Penetration Testing Lab Setup

According to the configuration of Laptop, 32/64 bit, provide VMware, and any Penetration testing OS like Kali/Backbox, Windows XP SP2, Windows 7 Install VMware, OSs on it using Bridge Connection

Lesson 3: Deep Information Gathering

Active Information Gathering in depth.

• Passive Information Gathering in depth. 
  
• Scanning target using nmap advanced features. 
  
• Vulnerability Scanning. 
  

Lesson 4: Getting into System

• Exploiting Windows and Linux System 
  
• Application of Metasploit 
  
• Creating malicious files (standalone binaries) using msfvenom 
  
• Attack through browser 
  
• Evading Antivirus 
  
• Bruteforcing on Ports 
  
• Exploiting using different File Format 
  
• Social-Engineer Toolkit (SET) 
  

Lesson 5: Sniffing & MITM

Studying ARP, how it works and how it can be manipulated to mount sophisticated attacks is made extremely easy to understand. Sniffing is a technique that you will be able to fully grasp in its most practical aspects. We will make sure you have enough basics of network theory before we cover actual attack scenarios using the best tools available. Man in the middle attacks are one of the most used penetration testing techniques today; you will be able to mount man in the middle attacks within local networks and over the Internet.

Lesson 6: Post Exploitation

ICSS experienced instructors have come up with a proven methodology to conduct thorough Exploitation of remote internal networks through advanced Post exploitation techniques. Once the student is comfortable with most recent exploitation techniques, he will be exposed to the cyclic steps of a successful Post exploitation phase. This is the phase where criminals ensure stable high privileged access to the remote network in order to steal and ex-filtrate documents and credentials from the organization. Penetration testers must possess the same skill-set and tools in order to test not only the perimeter security but also any kind of internal weakness that affects the organization security.

Lesson 7: Anonymity

Penetration testers rarely need to cover their tracks. However there are times when testing the efficiency of the target organization incident response team is within the scope of a Penetration tester's engagement.

Lesson 8: Social Engineering

Social engineering module will guide you through the most modern social engineering attack techniques. Real world attacks will be illustrated by exploiting the potential of social networks such as Facebook, Spokeo or Twitter. Almost one hour of video lessons will teach you everything you need to know to master the most important tool in the field: Social Engineering Toolkit.

Lesson 9: Pentesting With Metasploit

In this module, the student will study the Metasploit architecture and the framework, and will learn how to create, add or edit custom Metasploit modules. Thanks to our virtual labs, the student will also have the chance to practice against real vulnerable machines.

Lesson 10: Traffic Analysis

After the target network has been identified, the next step is to configure our tools in order to sniff and intercept the traffic. This is a very important step for all the attacks that come here after.

Lesson 11: Attacking Wi-Fi Network

The following module focuses on the attacks that can be executed on Wi-Fi networks. The student will learn how to attack and access remote Wi-Fi networks, obtain keys, password and much more, according to their configuration and security mechanism. We will first start exploring the attacks against WEP and then focus our tests on more secure networks: WPA, WPA2 and WPS.

Lesson 12: Wi-Fi as an attack Vector

In the last module, of the Wi-Fi section, the student will learn how to use Wi-Fi as an attack vector. This means that we will not attack Wi-Fi networks, instead we will use Wi-Fi in order to create fake networks, obtain credentials, run MitM attacks and much more.