What you’ll learn

Writing buffer overflow exploits

dlmalloc Heap Overflow exploits

Win32 Heap Overflow exploits

Linux stack overflow exploits

Defeating non-exec stacks

Return-to-libc shellcode

Function pointer overwrites

Crafting injectable shellcode

Defeating non-executable stacks

Linux LKM rootkits

Windows kernel rootkits

Reverse engineering training

Vulnerability development and discovery

Attacking and blinding IDSs

Hiding your attacks from IDSs

Encrypted covert channels

Global offset table overwrites

Windows shellcode

Integer overflows

Linux shellcode

“No listening port” Trojans

A whole day on breaking through enterprise DMZs

Reconstructing binaries from sniffed traffic

Circumventing antivirus

Bi-directional spoofed communication

Session fixation

Advanced SQL injection

Justifying a penetration test to management and customers

Defensive techniques

Exam Domain - Percentage of Exam

Planning and Scoping - 15%

Explain the importance of planning for an engagement

Explain key legal concepts

Explain the importance of scoping an engagement properly

Explain the key aspects of compliance-based assessments

Information Gathering and Vulnerability Identification - 22%

Given a scenario, conduct information gathering using appropriate techniques

Given a scenario, perform a vulnerability scan

Given a scenario, analyze vulnerability scan results

Explain the process of leveraging information to prepare for exploitation

Explain weaknesses related to specialized systems

Attacks and Exploits - 30%

Compare and contrast social engineering attacks

Given a scenario, exploit network-based vulnerabilities

Given a scenario, exploit wireless and RF-based vulnerabilities

Given a scenario, exploit application-based vulnerabilities

Given a scenario, exploit local host vulnerabilities

Summarize physical security attacks related to facilities

Given a scenario, perform post-exploitation techniques

Penetration Testing Tools - 17%

Given a scenario, use Nmap to conduct information gathering exercises

Compare and contrast various use cases of tools

Given a scenario, analyze tool output or data related to a penetration test

Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell)

Reporting and Communication - 16%

Given a scenario, use report writing and handling best practices

Explain post-report delivery activities

Given a scenario, recommend mitigation strategies for discovered vulnerabilities

Explain the importance of communication during the penetration testing process

Training clients in the fufilling and lucrative industry of cyber security.