CompTIANCSC (Part of GCHQ)

Penetration Testing Training: Tools and Techniques - Classroom

What is the Penetration Testing Training: Tools and Techniques course?

Penetration testing (or ethical hacking, as it’s often called) is the process of testing computer systems, website applications and networks to find security vulnerabilities, which an attacker may be able to exploit.

Throughout this Penetration Testing training course, you’ll learn exactly how hackers compromise operating systems, and how they’re able to evade antivirus software. You’ll gain the skills required to discover weaknesses within your own network, by using methods which hackers would be using. Finally, you’ll acquire the skills needed to test and exploit your organisations defences and implement countermeasures to minimise the risk to your company.

Key features
  • Delivery Method: Virtual Classroom
  • Exam: Included
  • Duration: 4 Days
Free course advice
Learn more about how we use your data
Key features
  • Delivery Method: Virtual Classroom
  • Exam: Included
  • Duration: 4 Days
Course Details

Who is the course suitable for?

Is the Penetration Testing Training: Tools and Techniques course right for me?

Prerequisites for this course include:

  • Experience with security issues at the level of:
    • System and Network Security Introduction, or
    • CompTIA Security+ Certification Exam Preparation
  • Knowledge in TCP/IP concepts

Why Choose e-Careers?

e-Careers has partnered with The Learning Tree, to offer a range of courses, delivered via high-tech classrooms or virtual learning, depending on your requirement.

We are an award-winning, established eLearning course provider, with over 16 years’ experience in the industry.  We offer high-quality training courses at competitive prices.

What will I learn on this course?

Throughout this course you’ll learn how to deploy ethical hacking, with the purpose of exposing weaknesses within your organisation. Learn how to gather intelligence by employing reconnaissance, scanning tools and published data. Gain hands-on experience testing and improving your security, by using hacking tools to compromise your network. Finally, learn to protect against privilege escalation in order to prevent intrusions.

Classroom-based Training 

 e-Careers were originally an online learning organisation but over time we’ve established additional learning methods, to provide our delegates with a variety of study options, including:

  • Bespoke training
  • Classroom-based training
  • On-site training
  • LiveOnline (virtual learning)

The Classrooms

Our classroom training centre is in London, Euston, conveniently located directly opposite Euston station, making transport and accessibility easier.

Our clean, high-tech classrooms provide a comfortable learning environment for our delegates, and we pride ourselves on providing a first-class training experience. You’ll notice this from your first steps in our London training centre, right through to your last day on the course, helping you to feel welcomed and comfortable. 

Each classroom has been designed to perfectly suit the courses being offered. For example, our Cyber Security classrooms come kitted out with a range of high specification PC’s (typically i7’s), with monitors for you to work through the practical assignments and an additional vertical screen to view your digital course materials.

Your instructor will use cutting-edge technology to ensure a high-quality learning experience for all delegates, including the latest annotation hardware and software.  

Alternatives to Classroom-based study

We understand that not every delegate has the same date availability or can’t make it to London, so we have created a range of suitable alternatives, including:  

  • LiveOnline – This is our virtual classroom option. Be a fully participating and integrated member of the classroom but from the comfort of your own home or office. We supply you with all the course materials required to fully participate with the class. 
  • eLearning – This is our Online/ Distance learning option. If a classroom or LiveOnline option are unsuitable for your requirements, we do offer a full online course option, where you can study at your own pace and in your own time.

Module 1 – Introduction to Ethical Hacking

  • Defining a penetration testing methodology
  • Creating a security testing plan

Module 2 - Footprinting and Intelligence Gathering

  • Acquiring target information
    • Locating useful and relevant information
    • Scavenging published data
    • Mining archive sites
  • Scanning and enumerating resources
    • Identifying authentication methods
    • Harvesting e–mail information
    • Interrogating network services
    • Scanning from the inside out with HTML and egress busting

Module 3 - Identifying Vulnerabilities

  • Correlating weaknesses and exploits
    • Researching databases
    • Determining target configuration
    • Evaluating vulnerability assessment tools
  • Leveraging opportunities for attack
    • Discovering exploit resources
    • Attacking with Metasploit

Module 4 – Attacking Servers and Devices to Build Better Defences

  • Bypassing router Access Control Lists (ACLs)
    • Discovering filtered ports
    • Manipulating ports to gain access
    • Connecting to blocked services
  • Compromising operating systems
    • Examining Windows protection modes
    • Analysing Linux/UNIX processes
  • Subverting web applications
    • Injecting SQL and HTML code
    • Hijacking web sessions by prediction and Cross–Site Scripting (XSS)
    • Bypassing authentication mechanisms

Module 5 – Manipulating Clients to Uncover Internal Threats

  • Baiting and snaring inside users
    • Executing client–side attacks
    • Gaining control of browsers
  • Manipulating internal clients
    • Harvesting client information
    • Enumerating internal data
  • Deploying the social engineering toolkit
    • Cloning a legitimate site
    • Diverting clients by poisoning DNS

Module 6 – Exploiting Targets to Increase Security

  • Initiating remote shells
    • Selecting reverse or bind shells
    • Leveraging the Metasploit Meterpreter
  • Pivoting and island–hopping
    • Deploying portable media attacks
    • Routing through compromised clients
  • Pilfering target information
    • Stealing password hashes
    • Extracting infrastructure routing, DNS and NetBIOS data
  • Uploading and executing payloads
    • Controlling memory processes
    • Utilising the remote file system

Module 7 – Testing Antivirus and IDS Security

  • Masquerading network traffic
    • Obfuscating vectors and payloads
    • Side–stepping perimeter defences
  • Evading antivirus systems
    • Discovering stealth techniques to inject malware
    • Uncovering the gaps in antivirus protection

Module 8 - Mitigating Risks and Next Steps

  • Reporting results and creating an action plan
    • Managing patches and configurations
    • Recommending cyber security countermeasures
Career Advice
​Our experts offer valuable advice sharing their experience and insights which will enable you to make informed decisions throughout your career.
Our panel of industry experts proudly bring you the latest news and views, covering all our categories, to keep you well informed.
Cyber Security
A look at Cloud Computing, which has made communication during troubled times possible.
Read Blog
Cyber Security
Thinking about a career change? The cyber security market is expected to grow to £3.5 million in the next year.
Read Blog
Cyber Security
Cyber security has been a hot topic in both the media and the business world in the past year - here's why.
Read Blog
We're Trusted by
Hundreds of thousands of individuals, small businesses and large corporations continuously put their trust in e-Careers.​
We are proud to have trained individuals who work for some of the world’s largest companies, including:​
Trusted by Trusted by