Course Outline


  • Overview of Kali Linux
  • Installing and configuring Kali Linux
  • Using and updating Kali Linux

Penetration Testing Standards and Classification

  • Open Web Application Security Project (OWASP)
  • Licensee Penetration Testing (LPT)
  • White box and black box
  • Penetration testing vs vulnerability assessment

Advanced Penetration Methodology

  • Target framework and scope
  • Gathering client requirements
  • Checklist for test plan
  • Profiling test boundaries
  • Advance penetration testing using Kali Linux

Information Discovery

  • Hacking Google
  • Gathering DNS and who information
  • Gathering route and network information
  • Gathering all-in-one information

Scanning and Enumerating Target

  • Advance network scanning
  • Port and Udp port scanning
  • Stealth port scanning techniques
  • Packet crafting with Hping
  • Nmap scanning and plug-ins
  • Active and passive banners and system OS enumeration
  • Enumerating users, groups, and shares
  • Enumerating DNS resource records and network devices

Vulnerability Assessment Tools

  • Nessus
  • Open Vas

Target Exploitation

  • Setting up Metaslpoit
  • Exploitation with Metaslpoit
  • Meterpreter session
  • VNC exploitation
  • Stealing password hash
  • Adding custom modules to Metaslpoit
  • Using immunity debugger
  • Writing exploit

Privileges Escalation and Access Maintenance

  • Breaking password hash
  • Cracking telnet, ssh, and FTP password
  • Using Metasploit post-exploitation modules
  • Protocol tunneling
  • Proxy
  • Installing persistent backdoor

Advance Sniffing

  • ARP poisoning
  • DHCP starvation
  • Mac flooding
  • DNS poisoning
  • Sniffing credentials from a secured website

DOS Attack

  • Syn attack
  • Application request flood attack
  • Service request flood
  • Service attack permanent denial

Penetration Testing

  • Web penetration testing
  • Wireless penetration testing

Exploitation and Client Side Attack

  • Exploiting browser vulnerability
  • Buffer overflow
  • Fuzzing
  • Fast-track hacking
  • Phishing passwords
  • Generating backdoors
  • Java applet attack

Firewall Testing

  • Firewall overview
  • Testing firewall and ports
  • Rules of testing firewall

Management and Reporting

  • Documentation and results verification
  • Dradis framework
  • Magic tree and Maltego
  • Data collection and evidence management
  • Report types and presentation
  • Post testing procedure

Summary and Next Steps


  • Basic knowledge of using Kali Linux for penetration testing
  • Basic understanding of Linux/Unix and networking concepts
  • An understanding of network vulnerabilities


  • Ethical hackers
  • Penetration testers
  • Security engineers
  • IT professionals
 21 Hours

Related Categories