O'Reilly logo
live online training icon Live Online training

Ethical Hacking Bootcamp with Hands-on Labs

Topic: Security
Omar Santos

This is a comprehensive Ethical Hacking (security penetration testing) hands-on boot camp! In this 3-day course you will get the training and experience you need to successfully launch your ethical hacking career. You will participate in live discussions, demos, whiteboard instruction and lab exercises. No prior experience is needed. Omar Santos, best-selling security author, speaker and Principal Engineer in the Cisco Product Security Incident Response Team (PSIRT) within Cisco's Security Research and Operations will walk you through numerous exercises and ethical hacking concepts. If you are starting your cyber career, seeking your Certified Ethical Hacking, CompTIA PenTest+, or Offensive Security Certified Professional (OSCP) Certification, or are just interested in learning more about cyber security, this three-day training session is for you!

This course provides step-by-step real-life scenarios. It starts by going over passive and active recon, then dives deep into scanning, target exploitation, password attacks, web application testing, buffer overflows, wired and wireless network hacking, and post-exploitation techniques. You will use dozens of different tools that can be used to penetrate a wired and wireless network and the systems within that network. In this training we will go over several tools like the social engineering tool kit (SET), Metasploit, Maltego, and many more. After that you’ll different best practices on how to write a penetration testing report.

What you'll learn-and how you can apply it

  • Penetration testing Linux distributions such as Kali Linux, Parrot, Black Arch and others
  • Performing Passive and Active Reconnaissance
  • Performing Vulnerability Scanning
  • Hacking Web Applications
  • Hacking User Credentials
  • Hacking Databases
  • Hacking Networking Devices
  • Wireless Hacking
  • Buffer Overflows
  • Social Engineering
  • Evasion and Post Exploitation Techniques
  • How to Maintain Persistence, Pivoting, and Data Exfiltration

This training course is for you because...

  • You have an understanding of cybersecurity fundamentals.
  • You are preparing for the Certified Ethical Hacker (CEH), CEH Practical, CompTIA PenTest+, or Offensive Security Certified Professional (OSCP) certifications.
  • You are interested in cybersecurity and penetration testing (ethical hacking).
  • You want to learn different methodologies and best practices to perform security penetration testing assessments.


Course Set-up

Recommended Follow-up

About your instructor

  • Omar Santos is an active member of the cybersecurity community, where he leads several industry-wide initiatives. He is the lead of the DEF CON Red Team Village; the chair of the Common Security Advisory Framework (CSAF) technical committee; the co-chair of the Forum of Incident Response and Security Teams (FIRST) Open Source Security working group; and has been the chair of several initiatives in the Industry Consortium for Advancement of Security on the Internet (ICASI). His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures.

    Omar is the author of over twenty books and video courses, as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of cyber security vulnerabilities. Additional information about Omar’s current projects can be found at omarsantos.io and you can follow Omar on Twitter @santosomar.


The timeframes are only estimates and may vary according to how the class is progressing

DAY 1:

Section 1: Introduction to Ethical Hacking, Building Your Own Lab, and Setup 50 minutes

  • An introduction to ethical hacking and penetration testing methodologies.
  • Instructions to build your own lab and training logistics.
  • Lab (VM) setup

Break 10 minutes

Section 2: Penetration Testing Linux Distributions 50 minutes

  • Kali Linux
  • Parrot Linux
  • Black Arch Linux
  • Creating Your Own Pen Test Distribution

Break 10 minutes

Section 3: Passive Reconnaissance 60 minutes

  • Introducing passive reconnaissance
  • Using Recon-NG
  • Using The Harvester
  • Using SpiderFoot
  • Using Maltego

Section 4: Active Reconnaissance 60 minutes

  • Introducing passive reconnaissance
  • Using Nmap for port scanning
  • Using the Nmap Scripting Engine (NSE)
  • Using Enum4linux
  • Using smbmap
  • Using nbtscan
  • SSL/TLS analysis

DAY 2:

Section 5: Social Engineering 50 minutes

  • Introducing social engineering
  • Reviewing social engineering tools and methodologies
  • Using the Social Engineering Toolkit (SET) to perform social engineering attacks

Break 10 minutes

Section 6: Buffer Overflows 50 minutes

  • Introducing buffer overflows
  • Using debuggers and disassemblers
  • Understanding what is shellcode and how to create your own payloads

Break 10 minutes

Section 7: Introduction to Web Application Hacking 50 minutes

  • Introducing Web Application Protocols
  • How web applications have evolved
  • Penetration testing of modern applications
  • Introduction to APIs for penetration testers and ethical hackers
  • Introduction to Docker for penetration testers and ethical hackers
  • Introduction to Kubernetes for penetration testers and ethical hackers

Break 10 minutes

Section 8: Hacking Databases 50 minutes

  • Introducing SQL injection
  • Surveying tools to perform SQL injection assessments
  • Exploiting SQL injection

DAY 3:

Section 9: Exploiting Cross-Site Scripting (XSS) Vulnerabilities 40 minutes

  • Introduction to XSS
  • Reflected, Stored, and DOM-based XSS
  • Exploiting Reflected XSS
  • Exploiting Stored XSS
  • Exploiting DOM-based XSS

Section 10: Cross-site Request Forgery (CSRF) 20 minutes

  • Introduction to CSRF o Exploiting CSRF

Section 11: Bypassing Authentication and Authorization 50 minutes

  • Introduction to Authentication and Authorization in modern applications.
  • Introduction to Session Management
  • Performing Session Hijacking
  • Bypassing Authentication and Authorization

Break 10 minutes

Section 12: Hacking Wired Wireless Networks 60 minutes

  • Introducing wired network vulnerabilities
  • DHCP Attacks
  • VTP attacks
  • Man-in-the-Middle with ARP Poisoning
  • Introducing wireless network vulnerabilities
  • Rogue APs and Evil Twins
  • Attacking the Preferred Network List (PNL)
  • Cracking WEP
  • Recovering WPA and WPA2 pre-shared keys

Break 10 minutes

Section 13: Password Attacks 30 minutes

  • Introducing credential-based attacks
  • Introducing password cracking tools
  • Cracking passwords lab

Section 14: Post-Exploitation 30 minutes

  • Introducing post-exploitation methodologies
  • Lateral movement and pivoting
  • Exfiltration
  • Evading firewalls, IPS, and other security controls