Network Penetration Testing & Ethical Hacking (3 Days)




The importance of being educated in the latest tools and methods for probing and protecting IT systems from hackers

As a cyber security professional, you have a responsibility to find and understand your organization’s vulnerabilities, and to work diligently to mitigate them before the hackers target your systems. This unique ethical hacking/penetration testing course will arm IT professionals with the necessary tools to penetrate and/or protect systems from harm. This course begins with the fundamental of proper planning, scoping and network reconnaissance. It then goes deeper into scanning, target exploitation, password attacks and wireless and web apps, with detailed hands-on labs throughout.

The course is given by experts in network penetration. We start of with detailed reconnaissance by examining a target’s infrastructure and mining blogs, search engines, social networking sites and other Internet and intranet infrastructure. You will be equipped to scan target networks using best-of-breed tools. After scanning, you will learn dozens of methods for exploiting target systems to gain access and measure real business risk, then examine post-exploitation, password attacks, wireless and web apps, pivoting through the target environment to model the attacks of real-world bad guys. The aim is to provide an understanding of the theory of secure software and network systems through a series of lab based practical work and experiments. This treatment will reinforce software engineering best practice.  This module also aims to introduce the key concepts of secure computer systems & provide expertise in applying the principal techniques in planning & deploying secure systems.

In a nutshell

This course provides an in-depth hands-on approach to attacking a modern computer system. This course will introduce the concepts and principles of secure systems. In addition, students will be given the opportunity to learn how to configure and test application and network security, deploy secure network based software applications and resolve security problems. Students will have an in-depth knowledge of basic skills in hacking and protecting IT systems along with an appreciation for emerging themes that could impact secure systems in the future.


1. Linux & Pen Testing Environment Basics

This module covers finding your way around Kali, Linux Services, SSHD, Apache, Linux basic commands, Text viewers and editors for Linux Newbies, Parsing with Grep, Netcat, Connecting to a TCP/UDP port with Netcat, Listening on a TCP/UDP port with Netcat, Transferring files with Netcat, Remote Administration with Netcat – Bind Shell, Wireshark for Sniffing Packets, Wireshark & Packet Sniffing Background, Wireshark Step by Step, Cross-site scripting, Persistent XSS payload, Reflected XSS, Preventing XSS Attacks and Creating a Keylogger to Snoop.

2. Information Gathering Techniques

We cover Open Web Information Gathering, Google Hacking, Google Hacking Database (GHDB), Netcraft, Web history sources, Whois Reconnaissance, HTTrack – Clone a Website, Extracting Host/Subdomains/Emails with Goohost, Searching for Files with Goofile, OWASP (Open Web Application Security Project) Joomla! Vulnerability Scanner, Joomla! Command Line Scan, Joomla Security Scanner CMS Vulnerabilities, WPScan-Wordpress Security Scanner, Plecost, WhatWeb, BlindElephant-Web Application Fingerprinter, Intrusion Detection Systems Detection, DNS Reconnaissance, Interacting with a DNS server, Automating lookups, Forward lookup brute force, Reverse lookup brute force, Gathering Host Information with Dmitry, Documentation of Penetration Tests.

3. Port Scanning

 We cover Port Scanning Basics, Nmap, Network Sweeping, Fingerprinting, Banner Grabbing / Service Enumeration, Nmap Scripting Engine, PBNJ, Unicornscan, Root Kit Hunter , Root Kit Hunter, Check Rootkit and Load Balancing Detection.

4. Debugging and Exploit Development

We cover Debugging Fundamentals, Opening and Attaching to the debugging target application, The OllyDbg CPU view, The 20 second guide to X86 assembly language for exploit writers, Exploit Development with OllyDbg, Methods for directing code execution in the debugger, The SEH Chain, Searching for commands, Searching through memory, Working in the memory dump and Editing code, memory and registers.

5. Automated Information Gathering

We cover Shodan, The Basics, Banners, Default Passwords, Filters, Remaining Anonymous on the Internet with the Tor Browser, Maltego, Infrastructure Reconnaissance, Infrastructure Personal Reconnaissance and FOCA. 

6. Sniffing Traffic and Man in the Middle Attacks

We cover Ettercap Snooping on other traffic in Lab through ARP Poison Attack and Denial of Service Attacks in depth. 

7. Web Application Attack vectors

We cover Abusing File Upload on a Vulnerable Web Server, Cross-site Request Forgery, SQL & Cross-Site Scripting Vulnerabilities, SQL Injection Vulnerabilities,  Testing Web Applications to Find SQL Injection Vulnerabilities and Cross Site Scripting (XSS) Reflected Attack.

8. Web Application Testing

We cover Web Application Testing with Burpsuite namely Proxy, Spider, Intruder, Repeater and Comparer Burp tools. We also looking to doing Dictionary Attacks with Burp Suite and Generating a PHP Shell with Weevely.

9. Password Attacks

We cover Online Password Attacks, Hydra, FTP Brute force, Password profiling, CeWL, CPU & GPU Password Cracking, CPU Password Cracking with Cain & Abel, CPU password cracking with Hashcat, NTLM Hash Password Cracking, Hashing, MD5 Hash Calculation, SHA1 Hash Calculation, GPG Public Key Generation and Encrypting and Decrypting a message.

10 Metasploit

We cover Metasploit Fundamentals, Msfcli, Msfconsole, Exploits & Payloads, Databases, Information Gathering, Port Scanners, Service Identification, Password Sniffing, SNMP Sweeping, Vulnerability Scanning, VNC Authentication, WMAP Web Scanner, Hacking Apache Tomcat, Dictionary Attack on Metasplotable FTP & DVWA.

11. Steganography

We cover Hiding an image inside an image, Hiding information inside files, Encoding information inside a PDF file, Decoding the stego file, Breaking Steganography – Detecting hidden information and Network Steganography.

12. Wireless

We focus here on Cracking WEP with Backtrack, Man-in-the-Middle (MITM) Attack using Wireless Bridging on Backtrack Linux and Cracking WPA with Reaver among other wireless specific attacks.




Additional information

Equipment to bring

Students should bring their own laptop but we can also provide a laptop in many cases. Some of the course exercises are based on Windows, while others focus on Linux. VMware Player or VMware Workstation is used for the class. We can provide it on the day. If you plan to use a Macintosh, please make sure you bring VMware Fusion, along with a Windows guest virtual machine.

You will also be required to disable your anti-virus tools temporarily for some exercises, so make sure you have the anti-virus administrator permissions to do so. Do not plan on just killing your anti-virus service or processes, because most anti-virus tools still function, even when their associated services and processes have been terminated. For many enterprise-managed clients, disabling your anti-virus tool may require a different password than the Administrator account password. Please bring that administrator password for your anti-virus tool. We will provide you with a copy of the attack tools to experiment with during the class and to take home for later analysis.

Who should attend?

We welcome anyone with some background in an aspect of IT/computing. Ideally the person is an IT professional but we can tailor aspects of the material to suit the strength of the attendee. We particularly welcome ethical hackers, professionals/auditors who need to build deeper technical skills and those looking to move into a network security related area.

Why choose this course?

This course offers in-depth technical excellence along with industry-leading methodologies to conduct high-value penetration tests.

We provide theoretical in-depth notes on hacking and pen testing alongside cutting edge lab classes to demonstrate the tools.

We go deep into the tools arsenal with numerous hands-on exercises that show subtle, less well-known and undocumented features that are useful for professional penetration testers and ethical hackers.

We show how the tools interrelate with each other in an overall testing process by focusing on the workflow of professional penetration testers and ethical hackers, proceeding step by step and discussing the most effective means for conducting projects.

We show how penetration testing and ethical hacking should fit into a comprehensive enterprise information security program.

Location & Dates:

We generally run our courses in local hotels or training centres but we can also visit your company and conduct the training there. We are flexible. We also can do weekends.

Email us at with your preferred date(s) for training.