Network Penetration Testing

The target of the network penetration testing course is to allow candidates acquire necessary security knowledge for performing internal and external penetration tests for IT infrastructure.  Most popular security attacks and latest techniques will be illustrated. Students will learn techniques and tools utilized in each step of the penetration testing starting from information gathering and ending with exploitation. Defense techniques will be elaborated for each attack so that the penetration tester could provide proper recommendations to stake holders. Demos and exercises will be utilized in order to put hands on experience on the topics presented. Real life cases will be discussed in order to relate the topics with real incidents

course syllabus


  • What is a penetration test
  • Why is it needed
  • Hackers mindset
  • Types of penetration tests
  • Famous hackers attacks


  • How to set the scope of a penetration test
  • What should be included
  • Rules of engagement

Setting up your machine

  • Which OS to use
  • What tools should be installed
  • Creating a Virtual lab for practicing


  • Importance of the penetration test report
  • What to include in the report
  • Examples of penetration testing reports

The attack surface

  • What are the different attack vectors and entry points used by attackers

Information Gathering

  • Search Engine Reconnaissance
  • Banner grapping
  • Using dig and nslookup to gather information
  • Using WHOIS service to gather domain data
  • Using recon-ng
  • DNS Zone transfer

Overview of the network stack

  • What are the different layers in the network model
  • How computer communicate inside a network
  • Overview of different protcols (TCP, UDP, ICMP…etc.)
  • How DHCP works
  • How ARP works


  • What should be scanned
  • Introduction to Nmap
  • Nmap indepth

Vulnerability Discovery

  • Introduction to Nessus
  • Nessus in-depth

Traffic capture

  • Capturing traffic using Wireshark
  • Performing Man-in-the-Middle attack using ARP poisoning using Cain and Ettercap
  • Performing Man-in-the-Middle attack through WPAD using Responder tool
  • Capturing RDP traffic and extracting login credentials

Password attacks

  • Introduction to Windows password hashes
  • Introduction to Linux password hashes
  • Offline password cracking using John the Ripper
  • Online password brute force attack using Hydra


  • Introduction to exploits and exploit development
  • Understanding buffer overflows


  • Introduction to metasploit
  • What are the different modules available in metasploit
  • What are the available payloads
  • What is meterpreter shell
  • Meterpreter shell modules (mimikatz, incognito…etc.)

Post Exploitation

  • Lateral movement
  • Escalation of privilege
  • Gaining Domain Admin access on Windows based environments
  • Understanding Pass-the-hash

Maintaining access

  • Rootkits
  • Using different techniques to maintain access to exploited target

Exploiting Misconfigured network protocols

  • OSPF attack
  • HSRP Attack
  • DTP Attack

Wireless attacks

  • How wireless works
  • Types of wireless networks
  • Type Wireless network encryption
  • Introduction to aircrack-ng too set
  • Cracking WEP passwords
  • WPA password attacks
  • By passing mac filtering
  • Attacking the client connected to the wireless network

Client side attacks

  • What are client side attacks
  • Using metasploit to perform automated client side attacks
  • Using the Social Engineering Toolkit framework to perform client side attacks
  • Using the Browser Exploitation Framework during client side attacks

Application attacks

  • Scanning application for vulnerabilities
  • Local file inclusion and Remote file inclusion attacks
  • SQL injection attacks
  • Obtaining local system access from application SQL injection attacks
  • XSS and CSRF attacks
  • Wrap up
  • Capture the flag

Who Should Attend?

  • Information Security Engineers
  • Penetration Testers

Apply Now