Pentru a te proteja de hackeri, este nevoie sa gandesti ca unul.

In acest curs vei invata unelte de hacking, metodologii si tehnici. Un curs practic, explicat pas cu pas. Acest curs are o abordare practica cu situatii care se intalnesc zi de zi in viata unui penetration tester. Vor fi furnizate masini virtuale pentru laborator.

Obiectivul cursului este sa te ajute sa gandesti ca un hacker si sa actionezi ca unul. Vom porni la drum intelegand ce inseamna un proiect de penetration testing, care sunt pasii acestuia, care sunt avantajele, si vom trece prin urmatoarele videouri:

• Introducere in pentetration testing
• Pregatirea laboratorului (Kali + Nessus, Windoes, Metasploitable)
• Strangerea de informatii, OSINT (Open Source Inteligence)
• Enumerarea serviciilor
• Enumerarea directoarelor din serverul web. Spidering vs brute forcing directoare
• Scanarea pentru vulnerabilitati de sistem si servicii
• Scanarea pentru vulnerabilitati ale serverului web
• Cautare manuala pentru vulnerabilitati - baze de date de exploituri
• Prezentarea framework-ului de exploatare Metasploit
• Exploatearea ftp serverului folosind metasploit
• Exploatarea smb folosind Metasploit
• Post Exploatare manuala vs automat
• Demo armitage
• Spargerea parolelor online - crearea unui dictionar propriu personalizat
• Spargerea hashurilor de parole offline
• Interceptarea pachetelor - Man in the Middle. Introducere in Cain si Abel, Ethereal. HTTP si HTTPS (sslstrip)
• Cross site scripting - Interceptarea sesiunilor web
• Stored XSS - Demo beef si social engieering
• Vulnerabilitati Web - file upload, local file inclusion, web backdoors
• CSRF demo - vulnerabilitati web
• Command Execution - vulnerabilitati web
• Introducere in Burp Suite: Proxy, Spidering, Import CA certificat, Extensii, Repeater module
• SQL Injection - vulnerabilitati web
• Brute force pe aplicatii web
• Backdoors de windows, android
• Alte atacuri de tip Social Engineering
• Demo wifi - Mana Toolkit
• Demo Backdoors and Social Engineering - Empire and Rubber Ducky
• Demo phising - SocialPhish

• Ethical Hacker and Lead Penetration Tester with over 13 years of experience, offering security consulting for over 80 companies from various business sectors: finance (over 30% of Romanian banks), energy, pharma, retail, ride-sharing and telecom.
• Qualified Trainer for various international IT & IT Security certifications (one of 4 active trainers in Romania for EC-Council) and custom trainings delivering for national, international companies and worldwide organizations such as OWASP with over 1000 students in over 15 years.
• Founder of www.ituniversity.ro platform delivering on-demand recorded trainings  with over 120k online students. Content writer for ituniversity.ro platform and Offensive Security.
• Ranked #5 and #9 among the top 15 best cybersecurity courses by 3rd party platform.

• Certifications

  • OSCE (Offensive Security Certified Expert)

  • OSWE (Offensive Security Web Expert)

  • CREST Registered Penetration Tester (CRT)

  • ECIH (EC-Council Incident Handling)

  • Ec-Council ICS-SCADA Cybersecurity

  • OSWP (Offensive Security Wireless Professional)

  • OSCP (Offensive Security Certified Professional)

  • CHFI (Computer Hacking Forensic Investigator)

  • ISO 270001 Lead Auditor

  • ECSA (EC-Council Security Analyst)

  • CEH (Certified Ethical Hacker)

  • CCNA and CCNA Security

  • CCNP Routing and CCNP Switching