Advanced Penetration Testing + EXERCICES

Advanced Penetration Testing + EXERCICES

ways and be able to confidently develop their own tools.

Chapter 1,
                     “Medical Records (In)Security,” discusses attacks to hospital infrastructure with concepts such as macro attacks and man-in-the-browser techniques. Introduction to Command & Control (C2) is explored.

Chapter 2,
                 “Stealing Research,” will explore attacks using Java Applets and more advanced C2 within the context of an attack against a research university.

Chapter 3,
                    “Twenty-First Century Heist,” considers ways of penetrating high-security targets such as banks and highly advanced C2 techniques using the DNS protocol.

Chapter 4,
                    “Pharma Karma,” examines an attack against a pharmaceutical company and against this backdrop introduces client-side exploits and integrating third-party frameworks such as Metasploit into your C2.

Chapter 5,
                    “Guns and Ammo,” examines ransomware simulation and using Tor hidden services to mask the physical location of the C2 infrastructure.

Chapter 6,
                   “Criminal Intelligence,” uses the backdrop of an intrusion against a police HQ to illustrate the use of “creeper” boxes for long-term engagements where temporary physical access is possible. Other concepts such as privilege escalation and deploying attacks using HTML applications are introduced.

Chapter 7, 
                     “War Games,” discusses an attack against a classified data network and explains concepts such as open-source intelligence gathering and advanced concepts in Command & Control.

Chapter 8,
                      “Hack Journalists,” shows how to attack a publisher and use their own technologies and workflows against them. Emerging rich media content and experimental C2 methodologies are considered. Advanced concepts in social engineering are introduced.

Chapter 9,
                     “Northern Exposure,” is a hypothetical attack against a hostile rogue state by a government Tailored Access Operations (TAO) team. North Korea is used as a convenient example. We discuss advanced discreet network mapping and means of attacking smartphones, including the creation of hostile code for iOS and Android phones. So, without further ado—on with the show.

Also, Subscribe to my youtube channel