Ethical Hacking Foundation (S-EHF)

This beginner’s course offers an intensive hands-on introduction to ethical hacking. During the course, you will understand how hackers think and work, and you will try your hand at various hacking techniques including Wi-Fi hacking, web vulnerability scanning, SQL injection, password cracking and file inclusion. At the end of the course, you will use your newly acquired hacking skills to perform a basic black-box penetration test in a Capture the Flag format. This is an entry level ethical hacking course. If you’re looking for an advanced course in professional penetration testing, we’d recommend you to have a look at the Ethical Hacking Practitioner training.

At a Glance

• • Anyone looking for a comprehensive introduction in ethical hacking
  • Solid understanding of how a hacker thinks, what an ethical hacker does, and what skills an ethical hacker needs, hacking ethics and the legal implications of hacking
  • How different types of penetration tests are performed and how to report issues found during a pen test
  • Perform the basic steps of reconnaissance
  • Perform fundamental steps of attacking techniques including a basic black-box penetration test in Capture the Flag format on the last day of training

What’s included

• • Official SECO-Institute course materials
  • Training from passionate instructors with exceptional skills
  • Access to the SECO lab environment
  • Access to the SECO member portal
  • Practice exam
  • Exam voucher
  • Membership to SECO’s Alumni Network after passing the exam

Syllabus

Introduction, Network Hacking & Penetration I

Module 1 – Introduction to Ethical Hacking

Topics:

• • Introduction to the course
  • Definition of ethical hacking
  • The hacking cycle
  • Kali Linux

Module 2 – Key toolset of the SOC Analyst: SIEM, ITSM, SOC Ticketing System, Mindset

Topics:

• • Wireless networking including BSSID and ESSID, open and closed networks and WPA/WEP security
  • Find information about a wireless network adapter, configure and use it in WiFi hacking
  • Packet capturing using airodump and injection in order to capture and crack a WEP key
  • Use nmap and the zenmap GUI for network discovery scanning

Module 3 – Penetration part I

Topics:

• • Introduction to dirb and nikto and how to interpret the initial results of a dirb and nikto scan
  • Launch a vulnerability scan with Vega and analyse / interpret results
  • Practice Basic SQL commands, introduction to some more advanced SQL commands
  • Find a SQL Injection vulnerability
  • Execute an automated SQL Injection with SQLmap
  • Crack a password hash with John The Ripper
  • Use hydra to brute-force a web-based login form

Penetration part II and Capture the Flag

Module 4 – Penetration part II

Topics:

• • Manipulate parameters in web-pages including GET and POST parameters
  • Client and server-side validation
  • OWASP ZAP and Burpsuite ar
  • Use ZAP/BURP to bypass client-side validation
  • Use ZAP/BURP with cookies
  • Local file inclusion
  • Remote file inclusion
  • Using these techniques to gain shell access

Module 5 – Capture the Flag

Using the techniques learned, you’ll break into the wireless network of our company (in a safe environment). You’ll discover interesting hosts and identify what services run on them. Lastly you will access and eventually exploit these services to gain access to the systems.

Collect your badge of honor

Exam

• Language: English
• Delivered: Online via a certified proctor
• Questions: 40 multiple choice questions
• Time: 60 minutes

Dates & locations

Online Live

1pm – 5.30pm CEST

October 2022, 14, 21, 28

Register Here