• Professional Development
  • Medicine & Nursing
  • Arts & Crafts
  • Health & Wellbeing
  • Personal Development

4 Penetration Testing courses in Nottingham

🔥 Limited Time Offer 🔥

Get a 10% discount on your first order when you use this promo code at checkout: MAY24BAN3X

Penetration testing and Ethical Hacking

5.0(3)

By Systems & Network Training

PENETRATION TESTING TRAINING COURSE DESCRIPTION An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. WHAT WILL YOU LEARN * Perform penetration tests. * Explain the technical workings of various penetration tests. * Produce reports on results of penetration tests. * Defend against hackers. PENETRATION TESTING TRAINING COURSE DETAILS * Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. * Prerequisites: IP Security IP VPNs * Duration 5 days PENETRATION TESTING TRAINING COURSE CONTENTS * Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. * Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering * Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. * Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. * Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. * Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. * Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. * Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. * DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. * SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. * Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. * Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. * Information security Document grinding, privacy.

Penetration testing and Ethical Hacking
Delivered in-person, on-request, onlineDelivered Online & In-Person in Internationally
£4997

Securing Kubernetes and Containers

5.0(3)

By Systems & Network Training

SECURING KUBERNETES TRAINING COURSE DESCRIPTION This course introduces concepts, procedures, and best practices to harden Kubernetes based systems and container-based applications against security threats. It deals with the main areas of cloud-native security: Kubernetes cluster setup, Kubernetes cluster hardening, hardening the underlying operating system and networks, minimizing microservices vulnerabilities, obtaining supply chain security as well as monitoring, logging, and runtime security. WHAT WILL YOU LEARN * Harden Kubernetes systems and clusters. * Harden containers. * Configure and use Kubernetes audit logs. SECURING KUBERNETES TRAINING COURSE DETAILS * Who will benefit: Technical staff working with Kubernetes * Prerequisites: Kubernetes_for_engineers_course.htm Definitive Docker for engineers * Duration 2 days SECURING KUBERNETES TRAINING COURSE CONTENTS This course does not only deal with the daily security administration of Kubernetes-based systems but also prepares delegates for the official Certified Kubernetes Security Specialist (CKS) exams of the Cloud Native Computing Foundation (CNCF). Structure: 50% theory 50% hands on lab exercise MODULE 1: USER AND AUTHORIZATION MANAGEMENT * Users and service accounts in Kubernetes * Authenticating users * Managing authorizations with RBAC MODULE 2: SUPPLY CHAIN SECURITY * Vulnerabilit checking for images * Image validation in Kubernetes * Reducing image footprint * Secure image registries MODULE 3: VALIDATING CLUSTER SETUP AND PENETRATION TESTING * Use CIS benchmark to review the security configuration of Kubernetes components. * Modify the cluster components' configuration to match the CIS Benchmark. * Penetration testing Kubernetes for known vulnerabilities. MODULE 4: SYSTEM HARDENING * Use kernel hardening tools * Setup appropriate OS level security domains * Container runtime sandboxes * Limit network access MODULE 5: MONITORING AND LOGGING * Configure Kubernetes audit logs * Configure Audit Policies * Monitor applications behaviour with Falco

Securing Kubernetes and Containers
Delivered in-person, on-request, onlineDelivered Online & In-Person in Internationally
£1727

Principles and Practices of Cyber Security

5.0(10)

By GBA Corporate

OVERVIEW -------------------------------------------------------------------------------- Cyber Security plays an important role in every business as it encompasses everything that relates to protecting sensitive data, personal information, intellectual property, data, and governmental and industry information systems from theft and damage attempted by criminals and adversaries. This course is designed to understand and gain practical skills to plan, deliver and monitor IT/cyber security to internal and external clients understanding a complete, knowledge in the areas of IT policies, Security-Operational-Run-Book, security/penetration testing, ethical hacking and black hat hacking including understanding the basics of Kali Operating System and its tools and techniques. It will also cover WiFi security, Website security, human factors, cyber forensics, and cyber security team management, including all other areas in relation to Cyber Security.

Principles and Practices of Cyber Security
Delivered in-person, on-request, onlineDelivered Online & In-Person in Internationally
£1718 to £3626

Cyber security for engineers

5.0(3)

By Systems & Network Training

CYBER SECURITY TRAINING COURSE DESCRIPTION This cyber security course focusses on the network side of security. Technologies rather than specific products are studied focussing around the protection of networks using firewalls and VPNs. WHAT WILL YOU LEARN * Describe: - Basic security attacks - RADIUS - SSL - VPNs * Deploy firewalls and secure networks * Explain how the various technologies involved in an IP VPN work. * Describe and implement: - L2TP - IPsec - SSL - MPLS, L3, VPNs. CYBER SECURITY TRAINING COURSE DETAILS * Who will benefit: Anyone working in the security field. * Prerequisites: TCP/IP foundation for engineers * Duration 5 days CYBER SECURITY TRAINING COURSE CONTENTS * Security review Denial of service, DDOS, data manipulation, data theft, data destruction, security checklists, incident response. * Security exploits IP spoofing, SYN attacks, hijacking, reflectors and amplification, keeping up to date with new threats. Hands on port scanning, use a 'hacking' tool. * Client and Server security Windows, Linux, Log files, syslogd, accounts, data security. Hands on Server hardening. * Firewall introduction What is a firewall? Firewall benefits, concepts. HAnds on launching various attacks on a target. * Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls. Firewall products. Hands on Simple personal firewall configuration. * Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. * Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on SPI firewalls. * Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall plusses and minuses. Hands on Proxy firewalls. * Firewall architectures Small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. * Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls. * Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Password cracking. * Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, RADIUS. Hands on Using certificates. * VPN overview What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages. * VPN Tunnelling VPN components, VPN tunnels, tunnel sources, tunnel end points, tunnelling topologies, tunnelling protocols, which tunnelling protocol? Requirements of tunnels. * L2TP Overview, components, how it works, security, packet authentication, L2TP/IPsec, L2TP/PPP, L2 vs L3 tunnelling. Hands on Implementing a L2TP tunnel. * IPsec AH, HMAC, ESP, transport and tunnel modes, Security Association, encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues. Hands on Implementing an IPsec VPN. * SSL VPNs Layer 4 VPNs, advantages, disadvantages. SSL. TLS. TLS negotiation, TLS authentication. TLS and certificates. Hands on Implementing a SSL VPN. * MPLS VPNs Introduction to MPLS, why use MPLS, Headers, architecture, label switching, LDP, MPLS VPNs, L2 versus L3 VPNs. Point to point versus multipoint MPLS VPNs. MBGP and VRFs and their use in MPLS VPNs. Hands on Implementing a MPLS L3 VPN. * Penetration testing Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology. Hands on Hacking tools and countermeasures.

Cyber security for engineers
Delivered in-person, on-request, onlineDelivered Online & In-Person in Internationally
£3697

Online Options

Show all 239

AZ-400T00 Designing and Implementing Microsoft DevOps Solutions

By Nexus Human

Duration 4 Days 24 CPD hours This course is intended for Students in this course are interested in designing and implementing DevOps processes or in passing the Microsoft Azure DevOps Solutions certification exam. This course provides the knowledge and skills to design and implement DevOps processes and practices. Students will learn how to plan for DevOps, use source control, scale Git for an enterprise, consolidate artifacts, design a dependency management strategy, manage secrets, implement continuous integration, implement a container build strategy, design a release strategy, set up a release management workflow, implement a deployment pattern, and optimize feedback mechanisms Prerequisites Successful learners will have prior knowledge and understanding of: * Cloud computing concepts, including an understanding of PaaS, SaaS, and IaaS implementations. * Both Azure administration and Azure development with proven expertise in at least one of these areas. * Version control, Agile software development, and core software development principles. It would be helpful to have experience in an organization that delivers software. * AZ-104T00 - Microsoft Azure Administrator * AZ-204T00: Developing Solutions for Microsoft Azure 1 - INTRODUCTION TO DEVOPS * What is DevOps? * Explore the DevOps journey * Identify transformation teams * Explore shared goals and define timelines 2 - CHOOSE THE RIGHT PROJECT * Explore greenfield and brownfield projects * Decide when to use greenfield and brownfield projects * Decide when to use systems of record versus systems of engagement * Identify groups to minimize initial resistance * Identify project metrics and key performance indicators (KPIs) 3 - DESCRIBE TEAM STRUCTURES * Explore agile development practices * Explore principles of agile development * Define organization structure for agile practices * Explore ideal DevOps team members * Enable in-team and cross-team collaboration * Select tools and processes for agile practices 4 - CHOOSE THE DEVOPS TOOLS * What is Azure DevOps? * What is GitHub? * Explore an authorization and access strategy * Migrate or integrate existing work management tools * Migrate or integrate existing test management tools * Design a license management strategy 5 - PLAN AGILE WITH GITHUB PROJECTS AND AZURE BOARDS * Link GitHub to Azure Boards * Configure GitHub Projects * Manage work with GitHub Project boards * Customize Project views * Collaborate using team discussions * Agile Plan and Portfolio Management with Azure Boards 6 - INTRODUCTION TO SOURCE CONTROL * Explore DevOps foundational practices * What is source control? * Explore benefits of source control * Explore best practices for source control 7 - DESCRIBE TYPES OF SOURCE CONTROL SYSTEMS * Understand centralized source control * Understand distributed source control * Explore Git and Team Foundation Version Control * Examine and choose Git * Understand objections to using Git * Describe working with Git locally 8 - WORK WITH AZURE REPOS AND GITHUB * Migrate from TFVC to Git * Use GIT-TFS * Develop online with GitHub Codespaces 9 - STRUCTURE YOUR GIT REPO * Explore monorepo versus multiple repos * Implement a change log 10 - MANAGE GIT BRANCHES AND WORKFLOWS * Explore branch workflow types * Explore feature branch workflow * Explore Git branch model for continuous delivery * Explore GitHub flow * Explore fork workflow * Version Control with Git in Azure Repos 11 - COLLABORATE WITH PULL REQUESTS IN AZURE REPOS * Collaborate with pull requests * Examine GitHub mobile for pull request approvals 12 - IDENTIFY TECHNICAL DEBT * Examine code quality * Examine complexity and quality metrics * Measure and manage technical debt * Integrate other code quality tools * Plan effective code reviews 13 - EXPLORE GIT HOOKS * Implement Git hooks 14 - PLAN FOSTER INNER SOURCE * Explore foster inner source * Implement the fork workflow * Describe inner source with forks 15 - MANAGE GIT REPOSITORIES * Work with large repositories * Purge repository data * Manage releases with GitHub Repos * Automate release notes with GitHub 16 - EXPLORE AZURE PIPELINES * Explore the concept of pipelines in DevOps * Describe Azure Pipelines * Understand Azure Pipelines key terms 17 - MANAGE AZURE PIPELINE AGENTS AND POOLS * Choose between Microsoft-hosted versus self-hosted agents * Explore job types * Explore predefined agent pool * Understand typical situations for agent pools * Communicate with Azure Pipelines * Communicate to deploy to target servers * Examine other considerations * Describe security of agent pools * Configure agent pools and understanding pipeline styles 18 - DESCRIBE PIPELINES AND CONCURRENCY * Understand parallel jobs * Estimate parallel jobs * Describe Azure Pipelines and open-source projects * Explore Azure Pipelines and Visual Designer * Describe Azure Pipelines and YAML 19 - EXPLORE CONTINUOUS INTEGRATION * Learn the four pillars of continuous integration * Explore benefits of continuous integration * Describe build properties * Enable Continuous Integration with Azure Pipelines 20 - IMPLEMENT A PIPELINE STRATEGY * Configure agent demands * Implement multi-agent builds * Explore source control types supported by Azure Pipelines 21 - INTEGRATE WITH AZURE PIPELINES * Describe the anatomy of a pipeline * Understand the pipeline structure * Detail templates * Explore YAML resources * Use multiple repositories in your pipeline 22 - INTRODUCTION TO GITHUB ACTIONS * What are Actions? * Explore Actions flow * Understand workflows * Describe standard workflow syntax elements * Explore events * Explore jobs * Explore runners * Examine release and test an action 23 - LEARN CONTINUOUS INTEGRATION WITH GITHUB ACTIONS * Describe continuous integration with actions * Examine environment variables * Share artifacts between jobs * Examine Workflow badges * Describe best practices for creating actions * Mark releases with Git tags * Create encrypted secrets * Use secrets in a workflow * Implement GitHub Actions for CI/CD 24 - DESIGN A CONTAINER BUILD STRATEGY * Examine structure of containers * Work with Docker containers * Understand Dockerfile core concepts * Examine multi-stage dockerfiles * Examine considerations for multiple stage builds * Explore Azure container-related services * Deploy Docker containers to Azure App Service web apps 25 - INTRODUCTION TO CONTINUOUS DELIVERY * Explore traditional IT development cycle * What is continuous delivery? * Move to continuous delivery * Understand releases and deployments * Understand release process versus release 26 - CREATE A RELEASE PIPELINE * Describe Azure DevOps release pipeline capabilities * Explore release pipelines * Explore artifact sources * Choose the appropriate artifact source * Examine considerations for deployment to stages * Explore build and release tasks * Explore custom build and release tasks * Explore release jobs * Configure Pipelines as Code with YAML 27 - EXPLORE RELEASE RECOMMENDATIONS * Understand the delivery cadence and three types of triggers * Explore release approvals * Explore release gates * Use release gates to protect quality * Control Deployments using Release Gates 28 - PROVISION AND TEST ENVIRONMENTS * Provision and configure target environments * Configure automated integration and functional test automation * Understand Shift-left * Set up and run availability tests * Explore Azure Load Testing * Set up and run functional tests 29 - MANAGE AND MODULARIZE TASKS AND TEMPLATES * Examine task groups * Explore variables in release pipelines * Understand variable groups 30 - AUTOMATE INSPECTION OF HEALTH * Automate inspection of health * Explore events and notifications * Explore service hooks * Configure Azure DevOps notifications * Configure GitHub notifications * Explore how to measure quality of your release process * Examine release notes and documentation * Examine considerations for choosing release management tools * Explore common release management tools 31 - INTRODUCTION TO DEPLOYMENT PATTERNS * Explore microservices architecture * Examine classical deployment patterns * Understand modern deployment patterns 32 - IMPLEMENT BLUE-GREEN DEPLOYMENT AND FEATURE TOGGLES * What is blue-green deployment? * Explore deployment slots * Describe feature toggle maintenance 33 - IMPLEMENT CANARY RELEASES AND DARK LAUNCHING * Explore canary releases * Examine Traffic Manager * Understand dark launching 34 - IMPLEMENT A/B TESTING AND PROGRESSIVE EXPOSURE DEPLOYMENT * What is A/B testing? * Explore CI-CD with deployment rings 35 - INTEGRATE WITH IDENTITY MANAGEMENT SYSTEMS * Integrate GitHub with single sign-on (SSO) * Explore service principals * Explore Managed Identity 36 - MANAGE APPLICATION CONFIGURATION DATA * Rethink application configuration data * Explore separation of concerns * Understand external configuration store patterns * Examine Key-value pairs * Examine App configuration feature management * Integrate Azure Key Vault with Azure Pipelines * Manage secrets, tokens and certificates * Examine DevOps inner and outer loop * Integrate Azure Key Vault with Azure DevOps * Enable Dynamic Configuration and Feature Flags 37 - EXPLORE INFRASTRUCTURE AS CODE AND CONFIGURATION MANAGEMENT * Explore environment deployment * Examine environment configuration * Understand imperative versus declarative configuration * Understand idempotent configuration 38 - CREATE AZURE RESOURCES USING AZURE RESOURCE MANAGER TEMPLATES * Why use Azure Resource Manager templates? * Explore template components * Manage dependencies * Modularize templates * Manage secrets in templates * Deployments using Azure Bicep templates 39 - CREATE AZURE RESOURCES BY USING AZURE CLI * What is Azure CLI? * Work with Azure CLI 40 - EXPLORE AZURE AUTOMATION WITH DEVOPS * Create automation accounts * What is a runbook? * Understand automation shared resources * Explore runbook gallery * Examine webhooks * Explore source control integration * Explore PowerShell workflows * Create a workflow * Examine checkpoint and parallel processing 41 - IMPLEMENT DESIRED STATE CONFIGURATION (DSC) * Understand configuration drift * Explore Desired State Configuration (DSC) * Explore Azure Automation State configuration (DSC) * Examine DSC configuration file * Explore hybrid management * Implement DSC and Linux Automation on Azure 42 - IMPLEMENT BICEP * What is Bicep? * Install Bicep * Understand Bicep file structure and syntax 43 - INTRODUCTION TO SECURE DEVOPS * Describe SQL injection attack * Understand DevSecOps * Explore Secure DevOps Pipeline * Explore key validation points * Explore continuous security validation * Understand threat modeling 44 - IMPLEMENT OPEN-SOURCE SOFTWARE * Explore how software is built * What is open-source software * Explore corporate concerns with open-source software components * Explore common open-source licenses * Examine license implications and ratings 45 - SOFTWARE COMPOSITION ANALYSIS * Inspect and validate code bases for compliance * Explore software composition analysis (SCA) * Integrate Mend with Azure Pipelines * Implement GitHub Dependabot alerts and security updates * Integrate software composition analysis checks into pipelines * Examine tools for assess package security and license rate * Interpret alerts from scanner tools * Implement security and compliance in an Azure Pipeline 46 - STATIC ANALYZERS * Explore SonarCloud * Explore CodeQL in GitHub * Manage technical debt with SonarCloud and Azure DevOps 47 - OWASP AND DYNAMIC ANALYZERS * Plan Implement OWASP Secure Coding Practices * Explore OWASP ZAP penetration test * Explore OWASP ZAP results and bugs 48 - SECURITY MONITORING AND GOVERNANCE * Implement pipeline security * Explore Microsoft Defender for Cloud * Examine Microsoft Defender for Cloud usage scenarios * Explore Azure Policy * Understand policies * Explore initiatives * Explore resource locks * Explore Azure Blueprints * Understand Microsoft Defender for Identity 49 - EXPLORE PACKAGE DEPENDENCIES * What is dependency management? * Describe elements of a dependency management strategy * Identify dependencies * Understand source and package componentization * Decompose your system * Scan your codebase for dependencies 50 - UNDERSTAND PACKAGE MANAGEMENT * Explore packages * Understand package feeds * Explore package feed managers * Explore common public package sources * Explore self-hosted and SaaS based package sources * Consume packages * Publish packages * Package management with Azure Artifacts 51 - MIGRATE CONSOLIDATING AND SECURE ARTIFACTS * Identify existing artifact repositories * Migrate and integrating artifact repositories * Secure access to package feeds * Examine roles * Examine permissions * Examine authentication 52 - IMPLEMENT A VERSIONING STRATEGY * Understand versioning of artifacts * Explore semantic versioning * Examine release views * Promote packages * Explore best practices for versioning 53 - INTRODUCTION TO GITHUB PACKAGES * Publish packages * Install a package * Delete and restore a package * Explore package access control and visibility 54 - IMPLEMENT TOOLS TO TRACK USAGE AND FLOW * Understand the inner loop * Explore Azure Monitor and Log Analytics * Examine Kusto Query Language (KQL) * Explore Application Insights * Implement Application Insights * Monitor application performance with Application Insights 55 - DEVELOP MONITOR AND STATUS DASHBOARDS * Explore Azure Dashboards * Examine view designer in Azure Monitor * Explore Azure Monitor workbooks * Explore Power BI * Build your own custom application 56 - SHARE KNOWLEDGE WITHIN TEAMS * Share acquired knowledge within development teams * Integrate with Azure Boards * Share team knowledge using Azure Project Wiki 57 - DESIGN PROCESSES TO AUTOMATE APPLICATION ANALYTICS * Explore rapid responses and augmented search * Integrate telemetry * Examine monitoring tools and technologies 58 - MANAGE ALERTS, BLAMELESS RETROSPECTIVES AND A JUST CULTURE * Examine when get a notification * Explore how to fix it * Explore smart detection notifications * Improve performance * Understand server response time degradation * Reduce meaningless and non-actionable alerts * Examine blameless retrospective * Develop a just culture

AZ-400T00 Designing and Implementing Microsoft DevOps Solutions
Delivered Online5 days, Jun 3rd, 13:00 + 2 more
£2975

Penetration Testing with OWASP ZAP

By Course Cloud

The OWASP Zed Attack Proxy is an open source means of testing web applications manually. It is one of the leading tools for identifying web application vulnerabilities. The Penetration Testing with OWASP ZAP course will take you through the basic functions of ZAP, equipping you with a range of ethical hacking skills needed to become a successful Web Developer or Penetration Tester. It will take you through the very basics, from how to install ZAP, to the steps for configuring your browser to use AP as a proxy.  By the end of this course, you will be able to use ZAP to assess web applications and conduct penetration testing to identify vulebrailities and uncover hidden bugs. You will also be able to identify opportunities to strengthen your company's and create reports of your results. This best selling Penetration Testing with OWASP ZAP has been developed by industry professionals and has already been completed by hundreds of satisfied students. This in-depth Penetration Testing with OWASP ZAP is suitable for anyone who wants to build their professional skill set and improve their expert knowledge. The Penetration Testing with OWASP ZAP is CPD-accredited, so you can be confident you're completing a quality training course will boost your CV and enhance your career potential. The Penetration Testing with OWASP ZAP is made up of several information-packed modules which break down each topic into bite-sized chunks to ensure you understand and retain everything you learn. After successfully completing the Penetration Testing with OWASP ZAP, you will be awarded a certificate of completion  as proof of your new skills. If you are looking to pursue a new career and want to build your professional skills to excel in your chosen field, the certificate of completion from the Penetration Testing with OWASP ZAP will help you stand out from the crowd. You can also validate your certification on our website. We know that you are busy and that time is precious, so we have designed the Penetration Testing with OWASP ZAP to be completed at your own pace, whether that's part-time or full-time. Get full course access upon registration and access the course materials from anywhere in the world, at any time, from any internet-enabled device. Our experienced tutors are here to support you through the entire learning process and answer any queries you may have via email.

Penetration Testing with OWASP ZAP
Delivered Online On Demand
£25

Mile2 Certified Penetration Testing Consultant (CPTC)

5.0(4)

By Institute of Beauty & Makeup

CPD Accredited | Career Oriented Learning Modules | 24x7 Tutor Support | Lifetime Access

Mile2 Certified Penetration Testing Consultant (CPTC)
Delivered Online On Demand
£21.99

Complete Web Application Penetration Testing & Security

By Course Cloud

Hackers are getting more and more advanced, which is why it's crucial to be able to detect vulnerabilities in your systems and networks. The Complete Web Application Penetration Testing & Security course has been designed by industry experts to provide learners with the in-depth knowledge they need to fast track their career. You will learn client-side security techniques, basic HTTP protocol, how HTTP cookies are stored, and much more. Through this course, you will learn a hands-on practical approach to hacking websites like a pro. It will teach you how to identify vulnerabilities in files, exploring key topics such as cross-site forgery and cross-site scripting. Whether you are a computer science student, web app developer or aspiring Penetration Tester, this course will equip you with the skill you need to protect your company from cyber attacks. This best selling Complete Web Application Penetration Testing & Security has been developed by industry professionals and has already been completed by hundreds of satisfied students. This in-depth Complete Web Application Penetration Testing & Security is suitable for anyone who wants to build their professional skill set and improve their expert knowledge. The Complete Web Application Penetration Testing & Security is CPD-accredited, so you can be confident you're completing a quality training course will boost your CV and enhance your career potential. The Complete Web Application Penetration Testing & Security is made up of several information-packed modules which break down each topic into bite-sized chunks to ensure you understand and retain everything you learn. After successfully completing the Complete Web Application Penetration Testing & Security, you will be awarded a certificate of completion as proof of your new skills. If you are looking to pursue a new career and want to build your professional skills to excel in your chosen field, the certificate of completion from the Complete Web Application Penetration Testing & Security will help you stand out from the crowd. You can also validate your certification on our website. We know that you are busy and that time is precious, so we have designed the Complete Web Application Penetration Testing & Security to be completed at your own pace, whether that's part-time or full-time. Get full course access upon registration and access the course materials from anywhere in the world, at any time, from any internet-enabled device.  Our experienced tutors are here to support you through the entire learning process and answer any queries you may have via email.

Complete Web Application Penetration Testing & Security
Delivered Online On Demand
£25

Certified Penetration Testing Professional (CPENT)

By Nexus Human

Duration 5 Days 30 CPD hours This course is intended for This course is intended for Ethical Hackers, Penetration Testers, Network Server Administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment Professionals, Cybersecurity Forensic Analyst, Cyberthreat Analyst, Cloud Security, Analyst Information Security Consultant, Application Security Analyst, Cybersecurity Assurance Engineer, Security Operations Center (SOC) Analyst, Technical Operations Network Engineer, Information Security Engineer, Network Security Penetration Tester, Network Security Engineer, Information Security Architect. Overview Upon successful completion of this course, students will master their Penetration Testing skills, perform the repeatable methodology, become committed to the code of ethics, and present analyzed results through structured reports. The main course outcomes include: 100% mapped with the NICE framework. Maps to the job role of a Penetration Tester and security analyst, based on major job portals. 100% methodology-based Penetration Testing program. Provides strong reporting writing guidance. Blended with both manual and automated Penetration Testing approaches. Gives a real-world experience through an Advanced Penetration Testing Range. Designed based on the most common Penetration Testing services offered by the best service providers in the market. Offers standard templates that can help during a Penetration test. This is a multidisciplinary course with extensive hands-on training in a wide range of crucial skills, including advanced Windows attacks, Internet of Things (IoT) and Operational Technology (OT) systems, filtered network bypass techniques, exploit writing, single and double pivoting, advanced privilege escalation, and binary exploitation. COURSE OUTLINE * Introduction to Penetration Testing * Penetration Testing Scoping and Engagement * Open Source Intelligence (OSINT) * Social Engineering Penetration Testing * Network Penetration Testing ? External * Network Penetration Testing ? Internal * Network Penetration Testing - Perimeter Devices * Web Application Penetration Testing * Wireless Penetration Testing * IoT Penetration Testing * OT/SCADA Penetration Testing * Cloud Penetration Testing * Binary Analysis and Exploitation * Report Writing and Post-Testing Actions ADDITIONAL COURSE DETAILS: Nexus Humans Certified Penetration Testing Professional (CPENT) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Penetration Testing Professional (CPENT) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Certified Penetration Testing Professional (CPENT)
Delivered on-request, onlineDelivered Online
Price on Enquiry

Web Application Penetration Testing Course

5.0(2)

By Studyhub UK

The 'Web Application Penetration Testing' course is a comprehensive guide to identifying and mitigating vulnerabilities within web applications. Participants will learn the techniques and methodologies used by ethical hackers to assess and secure web applications against cyber threats. Covering topics such as cross-site scripting, SQL injection, authentication attacks, and more, this course equips learners with the knowledge and skills to perform effective penetration testing and enhance web application security. Learning Outcomes 1. Understand the fundamentals of web application penetration testing and its importance in cybersecurity. 2. Prepare for penetration testing activities, including setting up testing environments and tools. 3. Explore web application technologies and their potential vulnerabilities. 4. Learn the art of information gathering and mapping applications for vulnerability assessment. 5. Master techniques to identify and exploit cross-site scripting (XSS) vulnerabilities. WHY CHOOSE THIS WEB APPLICATION PENETRATION TESTING COURSE? * Unlimited access to the course for a lifetime. * Opportunity to earn a certificate accredited by the CPD Quality Standards after completing this course. * Structured lesson planning in line with industry standards. * Immerse yourself in innovative and captivating course materials and activities. * Assessments are designed to evaluate advanced cognitive abilities and skill proficiency. * Flexibility to complete the Web Application Penetration Testing Course Course at your own pace, on your own schedule. * Receive full tutor support throughout the week, from Monday to Friday, to enhance your learning experience. WHO IS THIS WEB APPLICATION PENETRATION TESTING COURSE FOR? 1. Ethical hackers and cybersecurity professionals aiming to specialize in web application security. 2. IT professionals seeking to expand their knowledge in identifying and mitigating web application vulnerabilities. 3. Web developers interested in understanding and addressing potential security risks in their applications. 4. Penetration testers aiming to enhance their skillset in assessing and securing web applications. CAREER PATH * Penetration Tester: £25,000 - £70,000 * Ethical Hacker: £30,000 - £80,000 * Application Security Analyst: £35,000 - £65,000 * Cybersecurity Consultant: £40,000 - £90,000 * Web Security Administrator: £32,000 - £68,000 * Vulnerability Assessment Analyst: £28,000 - £60,000 PREREQUISITES This Web Application Penetration Testing Course does not require you to have any prior qualifications or experience. You can just enrol and start learning.This Web Application Penetration Testing Course was made by professionals and it is compatible with all PC's, Mac's, tablets and smartphones. You will be able to access the course from anywhere at any time as long as you have a good enough internet connection. CERTIFICATION After studying the course materials, there will be a written assignment test which you can take at the end of the course. After successfully passing the test you will be able to claim the pdf certificate for £4.99 Original Hard Copy certificates need to be ordered at an additional cost of £8. COURSE CURRICULUM Unit 01: INTRODUCTION About The Course 00:03:00 Unit 02: BE PREPARED Web Attack Simulation Lab 00:12:00 Unit 03: WEB APPLICATION TECHNOLOGIES Web application technologies 101 - PDF 01:34:00 HTTP Protocol Basics 00:11:00 Encoding Schemes 00:13:00 Same Origin Policy - SOP 00:06:00 HTTP Cookies 00:11:00 Cross-origin resource sharing 00:05:00 Web application proxy - Burp suite 00:09:00 Unit 04: INFORMATION GATHERING - MAPPING THE APPLICATIONS Fingerprinting web server 00:05:00 DNS Analysis - Enumerating subdomains 00:04:00 Metasploit for web application attacks 00:12:00 Web technologies analysis in real time 00:03:00 Outdated web application to server takeover 00:08:00 BruteForcing Web applications 00:06:00 Shodan HQ 00:07:00 Harvesting the data 00:05:00 Finding link of target with Maltego CE 00:09:00 Unit 05: CROSS-SITE SCRIPTING ATTACKS - XSS Cross Site Scripting- XSS - PDF 01:08:00 Cross site scripting 00:07:00 Reflected XSS 00:14:00 Persistent XSS 00:11:00 DOM-based XSS 00:10:00 Website defacement through XSS 00:09:00 XML Documents & database 00:14:00 Generating XSS attack payloads 00:13:00 XSS in PHP, ASP & JS Code review 00:13:00 Cookie stealing through XSS 00:12:00 Advanced XSS phishing attacks 00:08:00 Advanced XSS with BeEF attacks 00:10:00 Advanced XSS attacks with Burp suite 00:08:00 Code Review Guide 06:20:00 Unit 06: SQL INJECTION ATTACKS - EXPLOITATIONS SQL Injection attacks - PDF 01:30:00 Introduction to SQL Injection 00:16:00 Dangers of SQL Injection 00:05:00 Hunting for SQL Injection vulnerabilities 00:20:00 In-band SQL Injection attacks 00:27:00 Blind SQL Injection attack in-action 00:10:00 Exploiting SQL injection - SQLMap 00:09:00 Fuzzing for SQL Injection - Burp Intruder 00:14:00 Unit 07: CROSS SITE REQUEST FORGERY - XSRF CSRF or XSRF attack methods 00:12:00 Anti-CSRF Token methods 00:15:00 Anti-CSRF token stealing-NOT easy 00:11:00 Unit 08: AUTHENTICATION & AUTHORIZATION ATTACKS Authentication bypass-hydra 00:11:00 HTTP Verb Tampering 00:09:00 HTTP parameter pollution - HPP 00:06:00 Authentication 00:10:00 Unit 09: CLIENT SIDE SECURITY TESTING Client side control bypass 00:10:00 Unit 10: FILE RELATED VULNERABILITIES LFI & RFI attacks 00:13:00 Unrestricted file upload - content type 00:06:00 Unrestricted File Upload - Extension Type 00:06:00 Remote code execution using Shell Uploads 00:09:00 Unit 11: XML EXTERNAL ENTITY ATTACKS - XXE XML Documents & database 00:14:00 XXE attacks in action 00:14:00 Resources Advance intruder attack types 00:23:00 Finding details with open source 00:17:00 Assignment Assignment - Web Application Penetration Testing Course 00:00:00

Web Application Penetration Testing Course
Delivered Online On Demand
£10.99

Nmap for Penetration Testing: From Beginner to Advanced [Updated for 2021]

By Packt

This course will get you started with Nmap and teach you all the techniques and tricks needed for scanning and probing computer networks, including host discovery and operating system detection by sending packets and analyzing the responses.

Nmap for Penetration Testing: From Beginner to Advanced [Updated for 2021]
Delivered Online On Demand
£37.99

Penetration Testing with OWASP ZAP: Mastery course

5.0(2)

By Studyhub UK

Embark on a transformative journey into the world of cybersecurity with our comprehensive 'Penetration Testing with OWASP ZAP: Mastery Course.' This immersive programme delves into the intricacies of OWASP ZAP, a powerful tool that stands as the guardian against cyber threats. From mastering the fundamentals in the introductory phase to executing advanced scripting attacks, this course promises an engaging exploration of each facet, ensuring that you emerge not only skilled but also equipped to defend against evolving security challenges. In an era where digital landscapes are fraught with vulnerabilities, this course is your gateway to becoming a proficient cybersecurity professional, armed with the expertise to safeguard digital realms. Unlock the secrets of OWASP ZAP through a meticulously crafted curriculum. Delve into the configuration nuances, discover the art of automated attacks, and unravel the intricacies of security testing. With a mix of theoretical insights and hands-on applications, this course ensures a dynamic learning experience that goes beyond traditional boundaries. Join us on this odyssey, where every module propels you closer to mastering the art of penetration testing and fortifying applications against cyber threats. Learning Outcomes * Installation and Configuration Mastery: Gain proficiency in installing OWASP ZAP across multiple platforms and delve into the intricacies of its configuration, marketplace, and add-ons. * Attack Strategies: Develop automated attack skills within minutes, comprehend spidering, fuzzing, and active scanning techniques to fortify applications effectively. * Scripting Prowess: Acquire the ability to script attacks using Zest Script, Python, and JavaScript, enhancing your toolkit for comprehensive security testing. * Tool Integration Expertise: Explore the integration of Burp Suite into ZAP strategically, and learn to invoke various applications, amplifying your capabilities in diverse security scenarios. * Report Generation and Analysis: Master the art of generating reports in multiple formats, a crucial skill for communicating findings and insights effectively. WHY CHOOSE THIS PENETRATION TESTING WITH OWASP ZAP: MASTERY COURSE COURSE? 1. Unlimited access to the course for a lifetime. 2. Opportunity to earn a certificate accredited by the CPD Quality Standards and CIQ after completing this course. 3. Structured lesson planning in line with industry standards. 4. Immerse yourself in innovative and captivating course materials and activities. 5. Assessments designed to evaluate advanced cognitive abilities and skill proficiency. 6. Flexibility to complete the Course at your own pace, on your own schedule. 7. Receive full tutor support throughout the week, from Monday to Friday, to enhance your learning experience. 8. Unlock career resources for CV improvement, interview readiness, and job success. WHO IS THIS PENETRATION TESTING WITH OWASP ZAP: MASTERY COURSE COURSE FOR? * Cybersecurity Enthusiasts * IT Professionals Seeking Advanced Security Skills * Developers Interested in Application Security * System Administrators * Ethical Hackers CAREER PATH * Cybersecurity Analyst: £30,000 - £50,000 * Penetration Tester: £35,000 - £60,000 * Security Consultant: £40,000 - £70,000 * Security Engineer: £35,000 - £55,000 * Application Security Analyst: £30,000 - £50,000 * Information Security Manager: £50,000 - £80,000 PREREQUISITES This Penetration Testing with OWASP ZAP: Mastery course does not require you to have any prior qualifications or experience. You can just enrol and start learning.This Penetration Testing with OWASP ZAP: Mastery course was made by professionals and it is compatible with all PC's, Mac's, tablets and smartphones. You will be able to access the course from anywhere at any time as long as you have a good enough internet connection. CERTIFICATION After studying the course materials, there will be a written assignment test which you can take at the end of the course. After successfully passing the test you will be able to claim the pdf certificate for £4.99 Original Hard Copy certificates need to be ordered at an additional cost of £8. COURSE CURRICULUM Unit 01: Introduction Things to know about OWASP ZAP 00:24:00 Unit02: Configuration Of ZAP Installing ZAP on multi platform 00:19:00 Six elements of the ZAP - Desktop UI 00:12:00 ZAP marketplace and add-ons 00:09:00 Scan policy manager - config 00:25:00 Configuration of ZAP 00:32:00 ZAP attack modes 00:16:00 Unit 03: Attacking The Application With ZAP Automated attacks within 5 minutes 00:18:00 Spidering the target 00:24:00 Fuzzing the target in action 00:24:00 Active scanning the target 00:22:00 Break points and Requestor - Repeater 00:15:00 Authentication and session management 00:25:00 Forced browsing DIRs and Files using ZAP 00:12:00 Security testing in HUD mode - Heads-up display 00:17:00 ZAP Scripting attacks & Recording Zest Script, Python, JavaScript 00:24:00 Attack Surface Detector - SAST on ASP.NET MVC application 00:18:00 Security testing with ZAP API 00:15:00 Invoking applications into ZAP 00:17:00 Invoking Burp suite into ZAP - Best strategy 00:09:00 Other useful tools add-ons inside zap 00:29:00 Generating Reports in multiple formats 00:07:00 Additional Study Materials OWASP ZAP Course Guide 00:30:00 Assignment Assignment - Penetration Testing with OWASP ZAP 00:00:00

Penetration Testing with OWASP ZAP: Mastery course
Delivered Online On Demand
£10.99

WiFi Hacking: Wireless Penetration Testing for Beginners

By Packt

A Complete Guide to Hacking WiFi (WEP, WPA, and WPA2) Wireless Security and How to Exploit (Pentest) Their Vulnerabilities!

WiFi Hacking: Wireless Penetration Testing for Beginners
Delivered Online On Demand
£141.99

EC-Council Certified Cybersecurity Technician (C|CT)

By Nexus Human

Duration 5 Days 30 CPD hours This course is intended for The C|CT is ideal for anyone looking to start their career in cybersecurity or add a strong foundational understanding of the cybersecurity concepts and techniques required to be effective on the job. The course is especially well suited to: Early-career IT professionals, IT managers, career changers, and career advancers Students and recent graduates Overview After completing this course, you will understand: Key concepts in cybersecurity, including information security and network security Information security threats, vulnerabilities, and attacks The different types of malware Identification, authentication, and authorization Network security controls Network security assessment techniques and tools (threat hunting, threat intelligence, vulnerability assessment, ethical hacking, penetration testing, configuration and asset management) Application security design and testing techniques Fundamentals of virtualization, cloud computing, and cloud security Wireless network fundamentals, wireless encryption, and related security measures Fundamentals of mobile, IoT, and OT devices and related security measures Cryptography and public-key infrastructure Data security controls, data backup and retention methods, and data loss prevention techniques Network troubleshooting, traffic and log monitoring, and analysis of suspicious traffic The incident handling and response process Computer forensics and digital evidence fundamentals, including the phases of a forensic investigation Concepts in business continuity and disaster recovery Risk management concepts, phases, and frameworks EC-Council?s C|CT certification immerses students in well-constructed knowledge transfer. Training is accompanied by critical thinking challenges and immersive lab experiences that allow candidates to apply their knowledge and move into the skill development phase in the class itself. Upon completing the program, C|CT-certified professionals will have a strong foundation in cybersecurity principles and techniques as well as hands-on exposure to the tasks required in real-world jobs. COURSE OUTLINE * Information Security Threats and Vulnerabilities * Information Security Attacks * Network Security Fundamentals * Identification, Authentication, and Authorization * Network Security Controls: Administrative Controls * Network Security Controls: Physical Controls * Network Security Controls: Technical Controls * Network Security Assessment Techniques and Tools * Application Security * Virtualization and Cloud Computing * Wireless Network Security * Mobile Device Security * Internet of Things (IoT) and Operational Technology (OT) Security * Cryptography * Data Security * Network Troubleshooting * Network Traffic Monitoring * Network Log Monitoring and Analysis * Incident Response * Computer Forensics * Business Continuity and Disaster Recovery * Risk Management

EC-Council Certified Cybersecurity Technician (C|CT)
Delivered Online6 days, Jun 10th, 13:00 + 1 more
£3495