SANS SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking v2020 (PDF-VID-LAB-MP3)

1,100.00

SEC660 is designed as a logical progression point for students who have completed SEC560: Network Penetration Testing and Ethical Hacking , or for those with existing penetration testing experience. This course provides you with in-depth knowledge of the most prominent and powerful attack vectors and furnishes an environment to perform these attacks in numerous hands-on scenarios. The course goes far beyond simple scanning for low-hanging fruit and teaches you how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.

You Will Learn:

  • How to perform penetration testing safely against network devices such as routers, switches, and NAC implementations.
  • How to test cryptographic implementations.
  • How to leverage an unprivileged foothold for post exploitation and escalation.
  • How to fuzz network and stand-alone applications.
  • How to write exploits against applications running on Linux and Windows systems.
  • How to bypass exploit mitigations such as ASLR, DEP, and stack canaries.

 

HOMEPAGE – https://www.sans.org/cyber-security-courses/advanced-penetration-testing-exploits-ethical-hacking

 

Original Price: $7,020
Our Price: $14.99

 

Description

Size: 21.6 GB

Who Should Attend SEC660?

  • Network and Systems Penetration Testers: SEC660 provides penetration testers with the training they need to perform advanced testing against known or unknown applications, services, and network systems. And the course gives students the expertise to perform complex attacks and develop their own exploits for existing and new frameworks.
  • Incident Handlers: SEC660 gives incident handlers the knowledge they need to understand advanced threats, as handlers are often tasked with determining the threat level associated with an attack. The ability to understand advanced attack techniques and analyze exploit code can help a handler identify, detect, and respond to an incident.
  • Application Developers: SEC660 teaches developers the ramifications of poor coding. Often, a developer or code reviewer is required to clearly demonstrate the threat and impact of a coding error. This course provides developers with the knowledge to create proof-of-concept exploit code and document their findings.
  • IDS Engineers: SEC660 teaches IDS professionals how to analyze exploit code and identify weaknesses. This knowledge can be used to write better IDS signatures and understand the impact of an alert.

You Will Be Able To

  • Perform fuzz testing to enhance your company’s SDL process.
  • Exploit network devices and assess network application protocols.
  • Escape from restricted environments on Linux and Windows.
  • Test cryptographic implementations.
  • Model the techniques used by attackers to perform 0-day vulnerability discovery and exploit development.
  • Develop more accurate quantitative and qualitative risk assessments through validation.
  • Demonstrate the needs and effects of leveraging modern exploit mitigation controls.
  • Reverse-engineer vulnerable code to write custom exploits.

Hands-On Training

  • Exploit routing protocol implementations such as OSPF.
  • Bypass different types of NAC implementations.
  • Exploit patch updates.
  • Perform man-in-the-middle attacks to remove SSL.
  • Perform IPv6 attacks.
  • Exploit poor cryptographic implementations using CBC bit flipping attacks and hash length extension attacks.
  • Hijack network booting environments.
  • Exploit virtualization implementations.
  • Write Python scripts to automate testing.
  • Write fuzzers to trigger bugs in software.
  • Reverse-engineer applications to locate code paths and identify potential exploitable bugs.
  • Debug Linux applications.
  • Debug Windows applications.
  • Write exploits against buffer overflow vulnerabilities.
  • Bypass exploit mitigations such as ASLR, DEP, stack canaries, SafeSEH, etc.
  • Use ROP to bypass or disable security controls.

Reviews

There are no reviews yet.

Be the first to review “SANS SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking v2020 (PDF-VID-LAB-MP3)”

Your email address will not be published. Required fields are marked *