What you’ll learn
Writing buffer overflow exploits
dlmalloc Heap Overflow exploits
Win32 Heap Overflow exploits
Linux stack overflow exploits
Defeating non-exec stacks
Return-to-libc shellcode
Function pointer overwrites
Crafting injectable shellcode
Defeating non-executable stacks
Linux LKM rootkits
Windows kernel rootkits
Reverse engineering training
Vulnerability development and discovery
Attacking and blinding IDSs
Hiding your attacks from IDSs
Encrypted covert channels
Global offset table overwrites
Windows shellcode
Integer overflows
Linux shellcode
“No listening port” Trojans
A whole day on breaking through enterprise DMZs
Reconstructing binaries from sniffed traffic
Circumventing antivirus
Bi-directional spoofed communication
Session fixation
Advanced SQL injection
Justifying a penetration test to management and customers
Defensive techniques
Exam Domain - Percentage of Exam
Planning and Scoping - 15%
Explain the importance of planning for an engagement
Explain key legal concepts
Explain the importance of scoping an engagement properly
Explain the key aspects of compliance-based assessments
Information Gathering and Vulnerability Identification - 22%
Given a scenario, conduct information gathering using appropriate techniques
Given a scenario, perform a vulnerability scan
Given a scenario, analyze vulnerability scan results
Explain the process of leveraging information to prepare for exploitation
Explain weaknesses related to specialized systems
Attacks and Exploits - 30%
Compare and contrast social engineering attacks
Given a scenario, exploit network-based vulnerabilities
Given a scenario, exploit wireless and RF-based vulnerabilities
Given a scenario, exploit application-based vulnerabilities
Given a scenario, exploit local host vulnerabilities
Summarize physical security attacks related to facilities
Given a scenario, perform post-exploitation techniques
Penetration Testing Tools - 17%
Given a scenario, use Nmap to conduct information gathering exercises
Compare and contrast various use cases of tools
Given a scenario, analyze tool output or data related to a penetration test
Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell)
Reporting and Communication - 16%
Given a scenario, use report writing and handling best practices
Explain post-report delivery activities
Given a scenario, recommend mitigation strategies for discovered vulnerabilities
Explain the importance of communication during the penetration testing process
Company About the Team Review Blog
NEED HELP? Check out the FAQs, or email us at info@cyberamp.com