Download Our FREE Software Asset Management (SAM) Terminology PDF To Learn Software Asset Management (SAM) Terms & Definitions! Learn more

Certified In The Art Of Hacking Training Course

Learn A Wealth Of Techniques To Compromise The Security Of Various Systems, Devices & Applications

Overview

Securing customer data is often crucial when deploying and managing web applications and network infrastructure. As such, IT Administrators and Web Developers require security knowledge and awareness in order to secure their environment. Due to this requirement, operational staff often require hands-on training and experience to identify, control and prevent organisational threats.

The five-day Certified In The Art Of Hacking training course brings together Infrastructure Security and Web Application Security and will teach you the fundamentals of hacking. This hands-on training course was written to address the market need around the world for a real hands-on, practical and hacking experience that focuses on what is really needed when conducting a penetration test.

The Certified In The Art Of Hacking training course will teach you a wealth of techniques to compromise the security of various operating systems, networking devices and web application components.

The Certified In The Art Of Hacking training course combines a formal hacking methodology with a variety of tools to teach the core principles of ethical hacking.

  • Approaches attackers take when targeting organisations
  • Conducting penetration testing engagements step by step and leveraging open source and publicly available tools to gain access to vulnerable systems
  • Understanding how to exploit your own network before attackers do

Please Note

You can book this course and hold it in credit until you have decided on a specific course date. Alternatively, please view our other course dates.
Exam Included
5 Days
£3720Excl. VAT

Course Syllabus

What Is Covered In The Certified In The Art Of Hacking Training Course?

Day 1

  • TCP/IP Basics
  • The Art of Port Scanning
  • Target Enumeration
    • Exercise - ARP Scan (Enumeration)
    • Exercise - Port Scanning (Service Enumeration)
  • Brute-Forcing
    • Exercise - SNMP (Brute Force Attack)
    • Exercise - SSH
    • Exercise - Postgres
  • Metasploit Basics
    • Exercise - Metasploit Basics

Day 2

  • Password Cracking
    • Exercise - Password Cracking
  • Hacking Unix systems
    • Exercise - Heartbleed
  • Hacking Application Servers on Unix
    • Exercise - Hacking Application Servers (Tomcat)
    • Exercise - Hacking Application Servers (Jenkins)
  • Hacking Third Party CMS Software
    • Exercise - PHP Serialization Exploit
    • Exercise - Wordpress Exploit

Day 3

  • Windows Enumeration
    • Exercise - Windows Host Enumeration
  • Client-Side Attacks
    • Exercise - Hacking Third Party Software
  • Hacking Application Servers on Windows
    • Exercise - Hacking Application Servers on Windows
  • Post Exploitation
    • Exercise - Windows Hacking - Password Extraction
  • Hacking Windows Domains
    • Exercise - Hacking Windows Domains

Day 4

  • Understanding the HTTP protocol
    • Exercise - Burp Demo
    • Exercise - Manipulating Headers
  • Information gathering
    • Exercise - Information Gathering
  • Username Enumeration & Faulty Password Reset
    • Exercise - Username Enumeration
    • Exercise - Password Brute-force Attack
    • Exercise - Forgotten Password Functionality
  • SSL/TLS related vulnerabilities
    • Exercise - TLS
  • Authorisation Bypasses
    • Exercise - Authorization Bypass via Parameter Manipulation
    • Exercise - Authorization Bypass
    • Exercise - Arbitrary File Download

Day 5

  • Cross Site Scripting (XSS)
    • Exercise - XSS (reflective)
    • Exercise - XSS Session Hijacking
    • Exercise - Stored XSS
  • Cross Site Request Forgery (CSRF)
    • Exercise - CSRF (Demo)
  • SQL Injection
    • Exercise - SQLite (Manual and slap based exploitation)
  • XML External Entity (XXE) Attacks
    • Exercise - XXE
  • Insecure File Uploads
    • Exercise - Insecure File Upload

Learning Outcomes

Learning Outcomes

  • You will be able to discover and fingerprint systems and services available within their infrastructure
  • You will be able to discover and exploit Windows and Linux operating systems through a variety of well-known vulnerabilities
  • You will be able to conduct password brute force attacks to compromise services and gain access to a host
  • You will discover the techniques for hacking application servers and content management systems to gain access to customer data
  • You will be able to conduct client-side attacks and execute code on a victim’s machine
  • You will be able to identify common web application vulnerabilities and introduce security within their software development lifecycle in a practical manner

Who Should Attend

The Certified In The Art Of Hacking training course is suitable for:

  • System Administrators who are interested in learning how to exploit Windows and Linux systems
  • Web Developers who want to find and exploit common web application vulnerabilities
  • Network Engineers who want to secure and defend their network infrastructure from malicious attacks
  • Security Enthusiasts new to the information security field who wants to learn the art of ethical hacking
  • Security Consultants looking to relearn and refresh their foundational knowledge

What's Included

The class benefits from a hands-on lab that is hosted in the NotSoSecure cloud. You will get your own dedicated Virtual Machines upon which you can practice each and every vulnerability in detail.

Entry-Level Requirements

The above requirements are not mandatory but are recommended due to the pace of the training course:

  • Basic familiarity with Windows and Linux systems e.g. how to view a system’s IP address, installing software, file management
  • Basic understanding of Network fundamentals e.g. IP addressing, knowledge of protocols such as ICMP, HTTP and DNS
  • Basic understanding of HTTP fundamentals e.g. Structure of an HTTP request, HTTP method verbs, HTTP response codes


Recommended Reading

There is no formal prereading for the Certified In The Art Of Hacking training course.

Exam Information

The online proctored exam is taken in class on the final day of the training course.

  • Duration: 70 Minutes
  • Questions: 50 Multiple-Choice (4 Multiple Choice Answers - Only 1 Of Which Is Correct)
  • Pass Mark: 50%
  • Results: You Will Recieve Individual Emails To Access Your APMG Candidate Portal, Typically Available Two Weeks Post Exam

Exam Type

Proctored Exam

Qualifications

The Art Of Hacking Certificate

What's Next

Our Certified Information Systems certificates have emerged as key qualifications for Security Professionals. More and more organisations are demanding experienced Information Security Professionals with the qualifications to prove that you can protect their valuable information and assets. It is the ideal time to achieve and maintain up to date qualifications. Purple Griffon currently offer the following Certified Information Systems classroom-based training courses:

Additional Information

The Certified In The Art Of Hacking training course starts from the very basic and builds up to the level where you can not only use the tools and techniques to hack various components involved in infrastructure and web hacking, but also gain solid understanding of the concepts on which these tools are based.

Certified In The Art Of Hacking Course Dates

Course Filter


DD/MM/YYY - e.g. 31/12/2015
Showing 1 to 2 of 2 Total Course Dates.
Course Date
12Sep
16Sep
Course

Certified In The Art Of Hacking

Location
Virtual Classroom
Course Date
21Nov
25Nov
Course

Certified In The Art Of Hacking

Location
Virtual Classroom
Scroll Table to View Content