CyberFox Network Penetration Testing Course (CT-NPT)

Course Overview:

This customized training program on Network Penetration Testing equips participants with essential skills and knowledge to secure their organization’s networks. Covering key topics such as network reconnaissance, scanning, exploitation, and password attacks, this program delves deep into the art of ethical hacking, enabling professionals to identify vulnerabilities and strengthen network security.

Course Objectives:

• Develop proficiency in network penetration testing methodologies.
• Learn effective network reconnaissance and scoping techniques.
• Master network scanning tools and OS fingerprinting.
• Gain hands-on experience in network exploitation using Metasploit.
• Acquire skills in password attacks and credential harvesting.
• Understand the latest tools and techniques for comprehensive network security assessments.

Course Outcomes:

By the end of this program, participants will be able to:

• Conduct thorough network reconnaissance and scoping.
• Perform in-depth network scanning and vulnerability assessments.
• Exploit network vulnerabilities responsibly and effectively.
• Execute password attacks and credential harvesting.
• Apply ethical hacking skills to enhance network security.

Target Audience:

• Cybersecurity Professionals
• IT Administrators
• Network Engineers
• System Administrators
• Security Analysts
• Penetration Testers

Syllabus:

1. Network Pen-testing Planning, scoping, and Recon

• Effective Scope and Rules of Engagement
• Organizational Recon & Infrastructure Recon
• Automated Recon with Spiderfoot
• The Mindset of the Professional Pen Tester
• Detailed Recon Using the Latest Tools
• Reconnaissance of the Target Organization, Infrastructure, and Users
• Automating Reconnaissance with Spiderfoot
• Network Pen-testing Lab Setup

2. Network Depth Scanning

• Getting the Most Out of Nmap
• Faster Scanning with Masscan, Amass, Nbtscan
• OS Fingerprinting and Version Scanning In-Depth and Eyewitness
• The Nmap Scripting Engine
• Netcat for the Pen Tester
• Packing Sniffing from Wireshark
• Version Scanning with Nmap
• Initial Access with Password Guessing with Hydra
• Network Vulnerability Scanning
• Network scanning from Nessus.
• Nessus false positive analysis.

3. Network Exploitation

• Playing with Metasploit
• Client-Side Attacks with Metasploit
• Exploiting RDP, Telnet, FTP Servers
• Exploiting Network Services and Leveraging the Meterpreter
• Comprehensive Metasploit Coverage with Exploits, Stagers, and Stages
• In-Depth Meterpreter Analysis, Hands-On

4. Network and System Password Attacks

• Metasploit Hash Dumping and Mimikatz Credential Harvesting
• Pivoting with Metasploit and SSH
• Password Cracking with John the Ripper and Hashcat
• Sniffing and Cracking Windows Authentication Exchanges
• Metasploit Pivoting and Mimikatz Kiwi for Credential Harvesting
• Retrieving and Manipulating Hashes from Windows, Linux, and Other Systems
• Pivoting through Target Environments
• Extracting Hashes and Passwords from Memory with Mimikatz Kiwi.