A non-exhaustive list of topics to be covered include:
Information Gathering - OSINT, DNS, SNMP etc. Pentesting Network Components - Router, Switch, Firewall, IDS/IPS Pentesting Windows Environments - domain controllers, pass-the-hash, active directory etc. Pentesting Linux Environments Pentesting Mobile Application Backends Attacking via the DMZ - Web, Email etc. Post Exploitation on Windows, Linux and Mobile OSs Data Exfiltration - tools and techniques Privilege Escalation on Windows and Linux Keeping Access - Backdoors and Rootkits Web Application vulnerability to Shell Scenario based Pentesting Social Engineering Attacks - JAVA Applets, HID devices etc. AV Evasion Techniques Firewall and IDS Evasion … additions will happen based on student feedback |