Module-1 : Penetration Testing Methodology
Reconnaissance:
• Identify Network Endpoints
• Footprinting and Scanning
• Detect open ports and services on a target
• Determine the operating system used
• Gather company-related information from public sources
• Collect email addresses from public sources
• Gather technical details from public sources
Enumeration:
• Extract network-related data from target system files
• Gather system-specific information from the target
• Retrieve user account details from the target system
Vulnerability Assessment:
• Identify vulnerabilities within services
• Evaluate the criticality or impact of identified vulnerabilities based on available information
Module-2 : Network & Host Auditing
• Foundational Auditing Principles
• Auditing Networks
• Auditing Host-Based Systems
Module-3 : Penetration Testing on Network & Host
• Attacks Targeting Networks
• Attacks Targeting Hosts/Systems
• Execution of brute-force password guessing and hash cracking
• Accessing the Exploit Database
• Utilizing the Metasploit Framework (MSF)
• Exploiting Vulnerabilities
• Modifying exploits as required
• Transferring files to and from the target system
• Extracting hash or password data from the target
• Post-Exploitation Strategies
• Social Engineering Techniques
Module-4 : Penetration Testing on Web Application
• Basics of Web Technologies
• Understanding the HTTP Protocol
• Conduct reconnaissance on web applications
• Uncover concealed files and directories
• Carry out brute-force attacks on login pages
• Web Application Vulnerabilities
• Familiarity with OWASP Top 10 Vulnerabilities
• Broken Access Control
• Understanding SQL Injection
• Authentication Vulnerabilities
• XSS (Cross-Site Scripting) attacks
• Directory Traversal vulnerabilities
• Understanding File Upload Vulnerabilities
Noida: 6th Floor, Iconic Corenthum, Sector 62, Near Gate No 3 Electronic City Metro Noida, UP-201301
info@gicseh.com
4.9 out of 5 based on 4000 Students Rating