Ethical Ninja I
Ethical Ninja I is about ‘doing stuff’ and practically learning how to assess the security posture of an organization before the ‘bad guys’ do. The course has been designed from the ground up to allow you to understand how attacks are commonly carried out by malicious users, and in particular to learn how to apply hacking tools and techniques to gain unauthorized access to information assets. Ethical Ninja I focuses on a few selected tools, which are widely used, giving you the opportunity to learn how to use them effectively; the final aim is to understand the mind set of malicious users in order to protect your organization from common attacks.
“This is the hacking course for those who want to learn by doing”
Who Should Attend
This course is ideally suited for:
- Security officers
- Auditors
- System administrators
- Security professionals wanting to gain practical knowledge and competences in the domain of ethical hacking and the use of hacking tools and techniques.
“The class will benefit anyone who wants to gain practical knowledge in the domain of ethical hacking”
Prerequisites
The course is "hands-on", technically focused and aimed at those individuals who have a good knowledge of common networking protocols, and practical familiarity with the Linux and Microsoft operating systems.
“This course will benefit anyone who wants to learn to use hacking tools before hackers do”
Duration:5 days
About the course
Ethical Ninja I is a fully hands-on course developed around a set of real-life hacking scenarios. Specially, the course will address the following phases:
- Information Gathering and Reconnaissance
- Scanning and Enumeration
- Gaining Access
- Privilege Escalation
- Maintaining Access
- Covering Tracks
The hacking scenarios will be the thread around which each of the above phases will be addressed, as opposed to the commonly followed approach of teaching each phase and related tools in isolation.
Laptop Requirements
A laptop is required to be able to work through all the practical hands-n workshops. Failure to meet the requirements below may result in the delegate not being able to carry out one or more of the practical workshops and thus not taking full benefit for the Ethical Ninja course. The minimum laptop requirements are:
- x86-compatible 1.5 Ghz CPU Minimum or higher
- DVD Drive
- 1GB RAM minimum or higher
- Ethernet adapter
- 10 Gigabyte available hard drive space
- The system must be capable of booting from a CD
- PCMCIA or ExpressCard or USB interface (this is required for the external wireless card included in the Ethical Ninja hacking kit).
- VMware Player or VMware Workstation.
Ethical Ninja Security Assessment Toolkit
The content of the SA Toolkit is:
- CDROM with all the required hacking tools
- PCMCIA Wireless card a/b/g
Course Outline
Day |
Details |
Scenario |
| 1 | Gathering information about an organization, enumerating systems and externally available services, and trying to find as much information as possible that will help us breaking into the organization. | Gaining access to an organization's internal network through the organization's Internet facing systems |
| 2 | Based on the information gathered we can now attack the organization's website and other identified external services, applying a range of hacking tools and techniques. | |
| 3 | We have gained access to the organization through the external website and we are now able to enumerate a number of internal hosts and services. We find some vulnerable servers and proceed to exploit them and gain unauthorized access. | |
| 4 | We carry out some wireless reconnaissance and identify a number of wireless networks. The wireless networks have not been properly secured and we proceed to break into them. Finally, we deploy a rogue access point to carry out some wireless client attacks. | Gaining access to an organization's internal network through the organization's wireless network |
| 5 | We discover some more internal servers and proceed to exploit their vulnerabilities and grab further information from the organization. We then use some covert channels to send the stolen information to our remotely controlled server without being noticed. We plant some backdoors and make sure that we don't leave any trace of our intrusion. |
Course Breakdown
Day 11 Reconnaissance 3 Enumeration and Fingerprinting Services |
Day 24 Online Password Attacks 5.3 SQL Injection Attacks |
Day 36 Advanced Internal Information Gathering 8.4 Hiding files |
Day 49 Wireless Network reconnaissance 11.4 Fuzzing |
Day 512 Accessing internal servers 16 Final Challenge |
Why us?
"Our trainers are security consultants with many years of experience, highly dedicated to teach and share their knowledge."
"Ethical Ninja is about acquiring practical skills and competence - not just theory."
"We focus on the tools and techniques which are used in real life by hackers."
Dr. Almerindo Graziano
CEO Silensec
About the Author
Dr. Graziano holds an MSc in Electronic Engineering and a PhDin mobile computer security, both from the University of Naples, Italy.
He is a senior academic at Shefield Hallam University, UK, where he leads the MSc in Information
Systems Security. He has consulted internationally for a number of clients ranging from banks to government organizations. He has personally authored the implementation course for ISO27001 offered by the British Standardization Institute (BSI), the UK national standardization body. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor.
