• LOGIN
    • No products in the cart.

Login

Retrieve Password
Back to login/register

ON-DEMAND, SELF-PACED, 18 CPE CREDITS, This course will walk you through setting up your own penetration testing lab.

18 CPE credits

SELF-PACED



Your instructor

IMG_0112 (1)paul

Paul Janes, CISSP, GIAC – GISP, is an Information Security Analyst at Corning Incorporated with over 19 years of experience in IT Security, (DLP) Data Loss Prevention, Project Management and Server Management. He has been involved in creating his own ethical hacking lab and enhancing his skills as an ethical hacker.
I
I
I

I

I
I


Course format

Build your own PenTest lab – we mean it! With this course, you decide on your configuration! Want to scan BeeBox with Kali using VMPlayer? Great, here’s a step-by-step. Feel more like scanning Metasploitable with Ubuntu running on VirtualBox? That’s here too. Mix and match, or get all of them, your choice.

Described in this eBook:
– Installation and usage of BOTH VMPlayer and VirualBox – in ALL case scenarios
– Installation and usage of BOTH Kali Linux and Ubuntu – in ALL case scenarios
– Installation and usage of BOTH Metasploitable and BeeBox vulnerable machines – in ALL case scenarios

  • The course is self-paced – you can visit the training whenever you want and your content will be there.


  • 18 CPE points


  • FREE eBook with all course materials as a bonus


  • Once you’re in, you keep access forever, even when you finish the course.


  • There are no deadlines, except for the ones you set for yourself.


  • We designed the course so that a diligent student will need about 18 hours of work to complete the training.


  • You time will be filled with reading, videos, and exercises.



Syllabus


 Pre-Course Materials – FREE!

  • Why Do I Need a Pen Test Lab


  • Definitions


  • Creating Directory Structure For the Course


  • Download Virtual Images


  • Acquire Nessus Licenses



Module 1 The Build

  • Definitions


  • Some Basic Linux Commands You Need to Know


Software:

  • Installation of VMPlayer and Virtual Box. You Decide, We Will Cover Both.


  • Setup of Our Penetration Testing System – Kali Linux Distribution


  • Setup a Linux Client as a Virtual Machine


  • Setup Our First Vulnerable Machine Metasploitable2


  • Setup Our Second Vulnerable Machine Bee-box (BWAMP)


Exercises

  • Overview of Virtual Machine Settings


  • Run the Basic Linux commands


  • Upgrade Kali Linux Distribution



Module 2 Port Scanning

  • Nmap and Zenmap Installation


  • Nmap Basic Scanning


  • ZenMap Basic Scanning


  • db_map Scanning


Exercises

  • Run Nmap Scans against Ubuntu


  • Run Zenmap Scans Against Metasploitable2


  • Run db_map Scans Against Host



Module 3 Vulnerability Scans

  • Installation Nessus Vulnerability Scanner Windows


  • Installation Nessus Vulnerability Scanner Kali Linux


  • Installation Nessus Vulnerability Scanner Ubuntu


  • Basic Nessus Scanning Metasploitable2


  • Basic Nessus Scanning Bee-box


Exercises

  • Run a Nessus Scan Against Metasploitable2


  • Run a Nessus Scan Against Bee-Box (BWAMP)


  • Run a Nessus Scan Against Ubuntu



Module 4 Advanced Scanning and Reporting

  • Nessus Advanced Scans


  • Nmap Advanced Scans


  • Metasploit Reporting


  • Review Other Resources Available to You…


  • Where Do I Get Virtual Machines


Exercises

  • Create a Metasploit Report Combining Nessus and Dnmap Scans


  • Run an Advanced Nessus Scan Against Metasploitable 2


  • Run an Advanced Netsparker Scan Against Bee-Box (BWAMP)



INSTRUCTOR

IMG_0112 (1)paul

Paul Janes, CISSP, GIAC – GISP, is an Information Security Analyst at Corning Incorporated with over 19 years of experience in IT Security, (DLP) Data Loss Prevention, Project Management and Server Management. Most recently, he has been involved in creating his own ethical hacking lab and enhancing his skills as an ethical hacker.
I
I
I
I
I


Education:

  • Capella University, Minneapolis, MN

    Master of Science degree in Information Assurance, Jne 2012

    Graduated with Distinction


  • Syracuse University, NY

    Bachelor of Science in Computer and Information Studies, June 1991

    Officers Basic Course, FT Gordon, GA


  • Signal Corps Officer training, June 1990



Additional Training:

  • Penetration Testing and Ethical Hacking, SANS


  • CISSPBootcamp, SANS


  • Implementing and Auditing the Twenty Critical Security Controls –In Depth, SANS


  • Hacker Techniques, Exploits & Incident Handling, SANS


  • Mobile Device Security, SANS


  • Metasploit Training, Eforensics


  • Data Loss Prevention, Symantec


  • Insider Threat, CERT


  • Building Effective Intercultural Relationships, Corning Incorporated



Skills:

  • Risk Assessments


  • Vulnerability Assessments


  • Top 20 critical controls (Automation)


  • Data Loss Prevention


  • Incident Response


  • Managing Project Risks


  • Reviewing cloud implementations and managing risk


  • Security Awareness


  • Corporate Phishing exercises


  • Corporate Training


  • Benefits of a strong password


  • Secure communications


  • Penetration testing



Tools:

Metasploit, Nessus, Nexpose, Kali Linux, Nmap, Zenmap,  John the Ripper, Cain and Abel, Hydra, GoogleHacking;


IT Security Organization Memberships:

ISC2, ISSA, ISACA, Infragard, OWASP, SANS, CSIAC;


Profesional Certifications:

CISSP, GIAC GISP


  • Creating Security Online Courses for eForensics Magazine


  • Developing new Information Assurance Certification


  • Blogs for eForensics Magazine



If you have any questions, drop us a line:

Course Reviews

3

1 ratings
  • 5 stars1
  • 4 stars0
  • 3 stars1
  • 2 stars0
  • 1 stars0
  1. Profile photo of Gary Shamlian

    Good toe dip into Pen Testing

    Good course if you are looking get your feet wet with virtual clients and some pen testing tools. I would guess that all th information is available for free on the internet, but it was nice to have all the install and basic information for the applications in one place. Was it worth the price? Probably not, definitely not at full price. If you can catch the course on sale and you’re curious about pen testing, then go for it. At the very least you can get some ideas on how to create a safe environment to test some hacking techniques. Just make sure that you have a machine that is capable of running the virtual environment:

    Hard Disk – 200GB of disk space or more depending on the number of guest operating systems you plan on installing. A good use of an external hard drive.
    CPU – I recommend the latest technology but any of the I3/I5/I7 families are ok. The more processing power you have the better
    Memory – 2 GB minimum, I recommend 8GB or 16GB. Memory is critical. The more memory you have the more virtual systems you will be able to have running at one time

  2. Profile photo of kent.wilke@gmail.com

    A must have if getting started or refreshing

    Course is definitely well worth it! It emphasizes two UNIX based vulnerability scanning OS’s as well as two exploitable UNIX OS’s that are mainstays in the security field. This makes it nice in that all materials are free so there are no additional out of pocket expenses to get a good introductory experience in the world of vulnerability scanning.

    Where it really shines though is in the hands on coverage of the material. The course reinforces the commands needed to get the tools installed and running across two to three platforms which means one walks away being able to replicate the instruction in one’s own experience without a lot of Googling to look up commands.

    As an IT instructor and longtime IT veteran I can attest to the fact that the best learning is by doing and this course hits the mark. I have seen too many students speed through labs in the past and walk away not knowing the material. Repetition is the solution and this course provides it.

    Another standout element is that the course will work with your schedule. It is not overly burdensome and the material is presented in an easy to learn manner that won’t leave you dazed and lost in convoluted technical jargon.

    Finally, the course touches on a rich variety of security resources that only a person with years of experience in the specialty would know about and be able to direct you to in short order. It leaves it to you to explore these additional resources, which means the course does not get off track, and gives you the starting points to pick-up where the course leaves off. This alone makes the course worth the cost. The alternative is to know a veteran in the industry and find a way to glean the time and the interest from them to gain this knowledge or spend tons of hours lost on the internet among the overwhelming amount of security information that is available today. Most of which has a price tag attached to it.

    Bottom line, this course is a must have start point for anyone interested in vulnerability scanning and pen testing or for someone getting back into it after having been away for a time.

TAKE THIS COURSE
  • $249.00
  • UNLIMITED ACCESS
  • Course Certificate
183 STUDENTS ENROLLED
  • Profile photo of Alessio Di Felice
  • Profile photo of rstephenp
  • Profile photo of sunilj777
  • Profile photo of Steve Carney
  • Profile photo of kevin@holvoet.eu
  • Profile photo of deadthread

Who’s Online

Profile picture of walid

Certificate Code

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013