Heorot.net Intermediate Penetration Testing Syllabus
Return to Index
Welcome to the Heorot Intermediate Penetration Testing course, presented by Heorot.net. This course is designed to teach you intermediate skills used in penetration testing, and how to conduct your own penetration test using the OSSTMM Methodology. This course is a mixture of online lecture, and hands-on use of the tools and methods detailed in the lecture. The first few days involve setting up your lab, obtaining the required course material, watching the online material, and performing hands-on exercises to familiarize you with the various steps involved in the lectures and the tools used throughout this course. While this course provides an opportunity to learn tools associated with pentesting, remember - the purpose of this course is to teach you the methodology behind penetration testing so you may conduct your own PenTest efforts.
Enjoy!!
Suggested Schedule
Day One
- Create your Penetration Test Lab
- Choose either a physical lab setup or virtual lab
- Obtain necessary De-ICE LiveCD
- Obtain version 2.2 of the OSSTMM Methodology (Also found in BackTrack LiveCD)
- Module 1 - Introduction
- Module 2A - Penetration Testing Methodologies
- Module 2B - Penetration Testing Methodologies Continued
Day Two
- Module 3 - Network Packet Crafting
- Module 4 - Password Cracking
- Module 5 - Reviewing Code for Exploits
- Required Reading:
- Methodology
- Packet Crafting:
- Password Cracking
- Documentation for "John the Ripper". Sections that are "must reads":
- CONFIG - especially useful to change wordlists
- MODES - learn why to stay away from "INCREMENTAL" (evil)
- OPTIONS
- Cryptographic Hashes
- Reviewing Code for Exploits
Day Three
- Module 6 - Documenting your Penetration Test
- OSSTMM Internet Technology Modules