DIS10.2 Penetration Testing & Security Analyst Certification

DIS10.2 : Penetration Testing and Security Analyst

DIS10.2 : Penetration Testing and Security Analyst Certification include In-depth Penetration Testing Process used in current industry to counter various network and web based attack. Penetration Testing process includes type of penetration testing and vulnerability Assessments which are done by Security Auditors. (25 Credits towards DIS10 Diploma)

DIS is the Globally trusted Brand in Information security and Ethical Hacking Training in world. DIS Consultants include group of Advanced Security Researchers from round the world who are real world Masters in Information Security. DIS is Providing Training via Live Classroom, Virtual Training Labs ,Workshops, Webinars, Corporate Training’s, and Training’s via Dis Certified Training Centers (Authorized Training Partners).

DIS Courses are Developed and taught by real world Cyber Security Masters(CSM) from All round the World who are call DIS Consultants (Become a DIS Master Consultant Now). These Courses Provide Real world Hands on Practice sessions which are basically used in information security Field All over the World. DIS includes Course on Cyber Security and Ethical Hacking, Penetration Testing and security Audit, Network and Data Forensics, In-depth Networking, Application Security on various Platforms. These Course are Highly preferred by Government Employees from various Intelligence Agencies.In addition to top-notch training we also provide you best Industry Course Material Specially designed by DIS Master Consultants. DIS features top Industry Certifications in Field of Cyber Security and Cyber Intelligence.

About DIS10.2 Penetration Testing & Security Analyst Certification


DIS10.2 : Penetration Testing and Security Analyst Certification include In-depth Penetration Testing Process used in current industry to counter various network and web based attack. Penetration testing process includes type of penetration testing and vulnerability Assessments which are done by Security Auditors. (25 Credits towards DIS10 Diploma)


Course Content


How to Plan your Penetration Testing+

First Modules of the course is meant to give you the mandatory skill-set required to conduct quality based Penetration Testing using various kinds of methods. It also helps a penetration tester to build its own Penetration Testing Environment equipped with all kinds of hardware and software or network based Tool-set which is going to help him give a well in-depth Penetration testing.

  • What is Penetration Testing?
  • Various Types of Penetration Testing.
  • Best Industry Practices for Penetration Testing./li>
  • Tool-set required for Penetration Testing
  • Penetration Testing Check Lists (Very Important)
Scoping Your Penetration Testing

We will Start our Pre-Pentesting exercises using some information Gathering Techniques like network reconnaissance or web application reconnaissance. We will use various online Repositories to attain sensitive information about our Target System.

  • Scope of Penetration Testing
  • Information Gathering Using the Latest Reconnaissance Tools.
  • Rules of Engagements.
  • Detailed Reporting documents(Samples)
  • Search Engine Digging and Information Extraction
Network and Web-Application Scanning Techniques?

Now we will Focus on target Network and web Application Scanning using various free tools and scripts available Online. Scanning Focuses on finding various live Systems, Finding Operating Systems running, various online services available on target network or web application. We will also focus on packet crafting tools and various ping Sweeping tools to go deep into network for finding vulnerabilities available. Scanning is Very important part of penetration testing so we need to do it very safely without disrupting the given application.

  • What is Scanning?
  • What are the Best Tool sets for Scanning- Network Scanning Tool.
  • What are the Best Tool sets for Scanning- Web Application Scanning Tool.
  • How to Use extract information from TCP Headers : TCP Dump.
  • Networking Mapping Tool NMAP
  • Nmap Scripting Engine (Using them in your Pentest)
  • Nmap : Version Scanning/ OS Scanning/ Services Scanning/
  • Finding Vulnerability in Network : GFI / Nessus
  • Packet Crafting Tool : Scappy/ Colasoft Packet Builder
  • User Name Enumeration
  • Swizz Knife : Netcat(All in one tool)
Network Exploitation Attack Vectors

In this Phase of Exploitation we will learn many kinds of network xploits which a penetration tester can use to compromise its target machines. we will work on worlds best exploiting frame work that is Metasploit and payload Meterpreter.we will under stand how various antivirus bypassing techniques which can be used by Pentester. We will understand how metasploit works its payloads, exploits,encoders and auxiliaries.

  • Network Exploitation Tools
  • Understanding exploits/Payload
  • In-dept Metasploiting Windows / Linus Systems
  • Metasploitable : Exercise
  • Using various Metasploit Modules like Exploits/Payloads/auxiliary
  • AV evasion Techniques in metasploit
  • In-Depth Meterpreter payload Using, Hands-On
  • Gaining Access to Target System using meterpreter Sessions.
Post Exploitation Phase

Post exploitation skill refers to a phase where penetration tester has gained access to the system now he will try to gain access to other systems in the network using the access which he have gained he will even try to get more deeper into the system by using various post exploitation techniques. we will try to gain better hold of the system by attacking deep in the systems like by installing malicious services or shells or backdoor which will give insider entry to the attacker.we will also look at password guessing tools like Hydra and John the ripper tools using dictionary/brute force/rainbow table attacks methodology.

  • Windows Hidden Commands.
  • Using Nc as a backdoor.
  • Attacking Passwords using word-list and Brute force
  • Automated Password Guessing with THC-Hydra/John the ripper
  • Retrieving and Manipulating Hashes from Windows, Linux, and Other Systems
In-depth Password Attacks

In-depth Password Attacks include password cracking using various methods like Password Guessing, password Permutation and combination, or mixture of both. It will help you in creating your payload for password attacking tools.

  • Password Cracking with John the Ripper
  • Password Cracking with Hydra
  • Sniffing and Cracking Windows Authentication Exchanges Using Cain
  • Dictionary Table Generation
  • Using Rainbow Tables to Maximum Effectiveness
  • Pass-the-Hash Attacks with Metasploit and More
Web Application Penetration Testing

We will move on our Heads to Web Applications Penetration Testing methods. We will focus on top 10 Vulnerabilities which can be found in a web applications. we will do proper hands on practicals on various vulnerabilities like XSS commonly known as Cross site Scripting, SQL injection flaws, source code disclosure attacks,insecure transport level communication,Command injections and various Owasp top 10 vulnerabilities available online.

  • Finding and Exploiting Cross-Site Scripting
  • Cross-Site Request Forgery
  • SQL Injection
  • Leveraging SQL Injection to Perform Command Injection
  • Maximizing Effectiveness of Command Injection Testing
  • Web Application Exploitation Using w3af/Acunetix/Burpsuite/Proxy application
  • How to use Burp Suite?
  • Capturing and replaying request and responses.
  • Various Modules in Burp like /sequencer/repeater/Dir scanning/splitting response
  • Finding and Exploiting Cross-Site Scripting
  • Cross-Site Request Forgery
  • Performing Command Injection
  • Source Code Disclosure attack
  • Hidden form Field Exploitation Attacks
Penetration Test Reporting

In last stage of Penetration Testing we will understand how the Penetration Testing Reporting is being done. It is very important that we provide Detailed Penetration Testing Report to our Clients.

  • Penetration Testing Deliverables and Conclusion
  • Penetration Testing Report and Documentation Writing
  • Penetration Testing Report Analysis
  • Post Testing Actions
  • Ethics of a Penetration Tester
  • Standards and Compliance

Who can Attend This Training ?


  • Students/Individuals
  • College going Students
  • Industry Expert
  • Network Specialist
  • Army/Navy Officials
  • Intelligence Agencies
  • College Faculties
  • Government and Corporate IT Managers
  • CEO/CTO and Higher Management Personals
  • Security Tester who need to find network based vulnerabilities and re-mediate them
  • Penetration Testers
  • Ethical Hackers
  • RED OR BLUE team Members
  • Computer geeks who wants deep knowledge about ethical hacking

Contact


Headquarters:

72-B, III Floor,
Main Vikas Marg, Laxmi Nagar,
New Delhi - 110092
Near Nirman Vihar Metro Station ( Opp. Metro Pillar No.50 )

Phone: (91) 8130968445
Contact: (011) 6460 1115
Email: info@disconsultants.org

What Will You Get in DIS10.2 ?


  • ALL Virtual Machines and Virtual Environment for Students who attend training’s.
  • DVD with tools, Videos, Practice Tests, Virtual Labs.
  • Audio and Video Tutorials which will help in doing practical sessions at your study desk also.
  • Written Test Voucher Code
  • Online Test Voucher Code

Enquire now







DIS10.2 Exam Details


Training Mode : Offensive/Defensive
Course Duration : 60-80 Hours (Instructor-Led Training) 2/4/8 Hours Per Day
Exam Code : DIS10.2
Exam Duration : 4 Hours (Written)
Exam Duration : 8 Hours (Lab Challenge)
Exam Fee : 600 USD (Written + Lab Challenge)

Credits : Credits: 25 Credits (Towards DIS10:Diploma in Information Security))

*Exam can be done only at DIS authorized Training Centers.

Buy Exam Voucher | Attend Training

Hands-on Training


  • Hacking in Networks.
  • Metasploiting Target Network and its various Payloads.
  • NMAP OS Detection / Service Detection / Version Detection.
  • NMAP Scripting Engine (NSE SCRIPTS).
  • Network Sweeping - Live IP Detection.
  • Windows OS Exploiting.
  • Password cracking with Cain, John the Ripper and Rainbow Tables.
  • Automated password guessing.
  • Cracking wireless security protocols, including WPA.
  • Exploiting DVWA Testing web Application.
  • In-depth XSS attacks and command injection Vulnerabilities.
  • Shell exploitation.

Mr Mohit Yadav, DIS Consultant Lead Auditor


A Good Penetration Tester is a One who Understands about Latest Vulnerabilities and Understand How his tools are working(internal working of Penetration Testing Framework). This Course provides brief knowledge of hands-on tools and Latest vulnerabilities which helps you in your Penetration Testing Methodology Process. We Help gaining professional Techniques of Vulnerability Assessments and Penetration Testing..

DIS Consultants (Master Faculty)
Penetration Tester Specialist

What next after this Course?


DIS10.3 Cyber Forensics & Investigation Certification
Course Broucher | Course Details

DIS10.3 : Cyber Forensics and Investigation Certification focuses on in-depth skill required for Computer forensics Experts, Ethical hackers, Cyber Security Analysts, Penetrations Testers and Various Information Security Experts to deeply analyze and extract the data from various Operating Systems in forensic Phase.This course can be done by both working professionals and Colleges Students who wants to make there career in the field of Computer hacking and Cyber Crime Investigations.

After attaining the Given Certification (DIS10.3 : Cyber Forensics and Investigation Certification) students will be able to conduct Cyber forensics and investigations and can handle forensics Evidences as per industry Standards. Candidates hand handle various cyber crime incidences from various backgrounds, He could detect intrusions and attacks from any outside or internal sources. Forensics is a science where we have to backtrack the malicious hacker by using various forensics and anti- forensics Techniques.

readmore...

AIO - ALL IN ONE DIS Courses



DIS10.1+DIS10.2+DIS10.3+DIS10.4+DIS10.5 = DIS10 (Diploma in information Security)

Authorised Training Partners


Company Locatoion Contact
Comnet Morocco 185, boulevard Zerktouni 6th floor, Casablanca, Morocco Contact
Training Kart 202, New BEL Road, Opposite HP Petrol Pump, Bangalore 560094 (India) Landmark : Near MS Ramaiah College. Contact
Bytecode Cyber Security 72-B 3rd floor Vikas Marg, Laxmi Nagar, New Delhi-110092 Contact
Avenzar India b- 53, kalkaji, New Delhi-110062 Contact
Microscopic Corporation c-62, Madangiri, New Delhi 110016 Contact
AT & CC First floor 82 Complex Rohini -110082 Contact
CompTrain Africa 675, 1 floor Avenue Road, Sudan Contact
Robobyte B-118, Raj Nagar Extention, Ghaziabad Contact
Computer Education Society 112, Raj Complex,Dehradun, Uttrakhand. Contact
SYSComp, Singapore 83,New Avenuew raft, Singapore. Contact

Related DIS10 Courses

Contact