ANT4003

Methods of bypassing cyber security tools

Duration of training: 5 days

sign up for a course

description
course

The material of this course will allow listeners to study the principles, mechanisms and tools for bypassing cyber security tools and systems during penetration testing – pentest – of the network infrastructure and its connected services and applications.

course audience

Engineers conducting penetration testing; Engineers designing corporate cyber security architecture.

prerequisites

General cyber security knowledge at the ANT0000 course level, TCP/IP network knowledge at the ANT-N101 course level, as well as knowledge of pentesting at the ANT0404 course level are required. Knowledge of threat modeling at the ANT0052 course level is recommended.

how it works
education

online course

The online course involves group classes with an instructor via video conferencing, in addition, homework and an exam.

for corporate clients

training for corporate clients includes online and self-study courses, as well as additional services required by corporate clients: organizing training plans for client departments, assessing the effectiveness of training, etc.

teacher
course

program
course

• Goals and objectives of a Pentest.
• Pentest as a part of corporate cyber security architecture.
• Life cycle of cyber attacks.
• Models of cyber attacks.
• Pentest tools.
• Processing of pentest results.
• Utilizing open source information. OSINT.
• Scanning targets and identifying vulnerabilities for cyber attacks.
• Analyzing DNS data for organizing cyber attacks.
• Analyzing SMB data for organizing cyber attacks.
• Analyzing SMTP data for organizing cyber attacks.
• Analyzing SNMP data for organizing cyber attacks.
• Analyzing vulnerabilities of services for organizing cyber attacks.
• Selecting the right tools and methods to conduct a cyber attack.
• Conditions of Buffer Overflow vulnerabilities existence.
• Principles of utilizing Buffer Overflow vulnerabilities.
• Buffer Overflow vulnerabilities in Windows OS.
• Buffer Overflow vulnerabilities in Linux OS.
• Conditions for implementing injections into OS processes.
• Principles of injections into OS processes.
• DLL injections.
• Reflective DLL injections.
• Using Process Hollowing technique.
• Principles of bypassing antivirus protection systems.
• Using encoding and encryption.
• Distortion of behaviour characteristics.
• Using PowerShell and VBA tools.
• Using API in Windows OS.
• Working with AMSI.
• Principles of bypassing application control systems.
• Using NTFS ADS.
• Using specialized DLLs.
• Bypassing AppLocker tools.
• Using SSH tunnels to hide cyber attacks.
• Using DNS tunnels to hide cyber attacks.
• Using errors of Web-content parsers.
• Using obfuscation techniques.
• Using HTTP tunnels to hide cyber attacks.
• Threat model and pentest results.
• Risk management based on pentest findings.
• Modernizing corporate vulnerability accounting program.
• Modernizing strategic cyber security metrics.

Сourse purchase
options

individual

Cost — $1,550.00

Group online classes

Unlimited access to all the materials

Live webinars with teachers

Homework

Exam with certificate

To confirm course dates fill out the form.

SUBMIT YOUR APPLICATION

* By clicking “send”, you agree to the Terms of Service And Privacy Policy

corporate

Cost от $1,550.00

To obtain information about the final cost and clarify the date of the course, please fill out the form.

SUBMIT YOUR APPLICATION

* By clicking “send”, you agree to the Terms of Service And Privacy Policy