SANS SEC560 Network Penetration Testing and Ethical Hacking

شرکت SANS یکی از شرکت های قدرتمند در حوزه امنیت اطلاعات می باشد که سایت این شرکت به آدرس sans.org دارای مطالب بسیار مفید و کاربردی در مورد امنیت شبکه و اطلاعات است. هزینه دوره های شرکت SANS بسیار بالا بوده و امکان شرکت در این دوره ها برای اغلب افراد امکان پذیر نمی باشد ولی این شرکت مقالات بسیار مفید وکاربردی در سایت خود به صورت رایگان قرار داده است که می توانید از آن ها استفاده نمایید. یکی از بخش های سایت شرکت SANS، بخش مربوط به هشدارهای امنیتی یا SANS Awareness می باشد که در آن به صورت کوتاه در یک تا سه صفحه به اعلام هشدارهای امنیتی نموده است.

Date: 2022
Price: $8,525 USD
Publisher: SANS
Format: eBook PDF + WorkBook + Video
By: Tim Medin
Website: Link

As a cybersecurity professional, you have a unique responsibility to identify and understand your organization’s vulnerabilities and work diligently to mitigate them before the bad actors pounce. Are you ready? SEC560, the flagship SANS course for penetration testing, fully equips you to take this task head-on.

In SEC560, you will learn how to plan, prepare, and execute a penetration test in a modern enterprise. Using the latest penetration testing tools, you will undertake extensive hands-on lab exercises to learn the methodology of experienced attackers and practice your skills. You will then be able to take what you have learned in this course back to your office and apply it immediately.

This course is designed to strengthen penetration testers and further add to their skillset. The course is also designed to train system administrators, defenders, and others in security to understand the mindset and methodology of a modern attacker. Every organization needs skilled information security personnel who can find vulnerabilities and mitigate their effects, and this entire course is specially designed to get you ready for that role. Both the offensive teams and defenders have the same goal: keep the real bad guys out.

Syllabus

SEC560.1: Comprehensive Penetration Test Planning, Scoping, Recon, and Scanning
SEC560.2: Initial Access, Payloads, and Situational Awareness
SEC560.3: Privilege Escalation, Persistence, and Password Attacks
SEC560.4: Lateral Movement and Reporting
SEC560.5: Domain Domination and Azure Annihilation
SEC560.6: Penetration Test and Capture-the-Flag Exercise

In SEC560, you will learn to:

• Properly plan and prepare for an enterprise penetration test
• Perform detailed reconnaissance to aid in social engineering, phishing, and making well-informed attack decisions
• Scan target networks using best-of-breed tools to identify systems and targets that other tools and techniques may have missed
• Perform safe and effective password guessing to gain initial access to the target environment, or to move deeper into the network
• Exploit target systems in multiple ways to gain access and measure real business risk
• Execute extensive post-exploitation to move further into the network
• Use privilege escalation techniques to elevate access on Windows or Linux systems, or the Microsoft Windows domain
• Perform internal reconnaissance and situational awareness tasks to identify additional targets and attack paths
• Execute lateral movement and pivoting to further extend access to the organization and identify risks missed by surface scans
• Crack passwords using modern tools and techniques to extend or escalate access
• Use multiple Command and Control (C2, C&C) frameworks to manage and pillage compromised hosts
• Attack the Microsoft Windows domain used by most organizations
• Execute multiple Kerberos attacks, including Kerberoasting, Golden Ticket, and Silver Ticket attacks
• Conduct Azure reconnaissance
• Execute Azure Active Directory (AD) password spray attacks
• Execute commands in Azure using compromised credentials
• Develop and deliver high-quality reports

SEC560 is designed to get you ready to conduct a full-scale, high-value penetration test, and at the end of the course you will do just that. After building your skills in comprehensive and challenging labs, the course culminates with a final real-world penetration test scenario. You will conduct an end-to-end penetration test, applying knowledge, tools, and principles from throughout the course as you discover and exploit vulnerabilities in a realistic sample target organization.

You Will Be Able To

• Develop tailored scoping and rules of engagement for penetration testing projects to ensure the work is focused, well defined, and conducted in a safe manner
• Conduct detailed reconnaissance using document metadata, search engines, and other publicly available information sources to build a technical and organizational understanding of the target environment
• Utilize the Nmap scanning tool to conduct comprehensive network sweeps, port scans, Operating System fingerprinting, and version scanning to develop a map of target environments
• Choose and properly execute Nmap Scripting Engine scripts to extract detailed information from target systems
• Analyze the output of scanning tools to manually verify findings and perform false positive reduction using Netcat and the Scapy packet crafting tools
• Utilize the Windows and Linux command lines to plunder target systems for vital information that can further overall penetration test progress, establish pivots for deeper compromise, and help determine business risks
• Configure the Metasploit exploitation tool to scan, exploit, and then pivot through a target environment in-depth
• Perform Kerberos attacks including Kerberoasting, Golden Ticket, and Silver Ticket attacks
• Use Mimikatz to perform domain domination attacks, such as Golden Ticket abuse, DCSync, and others
• Go from an unauthenticated network position to authenticated domain access and map an attack path throughout the domain
• Attack Azure AD and use your domain domination to target the on-premise integration

Prerequisites

SEC560 is the flagship penetration test course offered by the SANS Institute. Attendees are expected to have a working knowledge of TCP/IP and a basic knowledge of the Windows and Linux command lines before they come to class. While SEC560 is technically in-depth, it is important to note that programming knowledge is NOT required for the course.

Courses that lead in to SEC560:

• SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling
• SEC542: Web App Penetration Testing and Ethical Hacking

Courses that are good follow-ups to SEC560:

• SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
• SEC565: Red Team Operations and Adversary Emulation
• SEC542: Web App Penetration Testing and Ethical Hacking
• SEC588: Cloud Penetration Testing
• SEC575: Mobile Device Security and Ethical Hacking