SANS - SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking

SANS – SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Free Download.

Table of Contents

SANS – SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking Free Description

SEC660 is designed as a logical progression point for students who have completed SEC560: Network Penetration Testing and Ethical Hacking , or for those with existing penetration testing experience. This course provides you with in-depth knowledge of the most prominent and powerful attack vectors and furnishes an environment to perform these attacks in numerous hands-on scenarios. The course goes far beyond simple scanning for low-hanging fruit and teaches you how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws

Supreme Training – Secrets To Successful Ebay Dropshipping

You Will Learn:

How to perform penetration testing safely against network devices such as routers, switches, and NAC implementations.
How to test cryptographic implementations.
How to leverage an unprivileged foothold for post exploitation and escalation.
How to fuzz network and stand-alone applications.
How to write exploits against applications running on Linux and Windows systems.
How to bypass exploit mitigations such as ASLR, DEP, and stack canaries.

You Will Be Able To

Perform fuzz testing to enhance your company’s SDL process.
Exploit network devices and assess network application protocols.
Escape from restricted environments on Linux and Windows.
Test cryptographic implementations.
Model the techniques used by attackers to perform 0-day vulnerability discovery and exploit development.
Develop more accurate quantitative and qualitative risk assessments through validation.
Demonstrate the needs and effects of leveraging modern exploit mitigation controls.
Reverse-engineer vulnerable code to write custom exploits.

Hands-On Training

Exploit routing protocol implementations such as OSPF.
Bypass different types of NAC implementations.
Exploit patch updates.
Perform man-in-the-middle attacks to remove SSL.
Perform IPv6 attacks.
Exploit poor cryptographic implementations using CBC bit flipping attacks and hash length extension attacks.
Hijack network booting environments.
Exploit virtualization implementations.
Write Python scripts to automate testing.
Write fuzzers to trigger bugs in software.
Reverse-engineer applications to locate code paths and identify potential exploitable bugs.
Debug Linux applications.
Debug Windows applications.
Write exploits against buffer overflow vulnerabilities.
Bypass exploit mitigations such as ASLR, DEP, stack canaries, SafeSEH, etc.
Use ROP to bypass or disable security controls.