Accelerate your career, learn new skills, and expand your knowledge.
First in Australia for research excellence and impact.
Top 50 in the world. 2020 QS World University Rankings.
This course provides an introduction to Penetration Testing and works through the differences between Vulnerability Assessments and actual Penetration Tests. The course takes participants into the attacker's world and the lengths that are taken to gain a foothold in the networks of their victims.
This session gives a brief history and overview of the purpose and different types of penetration testing. We'll also discuss the goals and outcomes of penetration testing, rules of engagement that govern the field, data collection and reporting methods.
Red teaming, Vulnerability scanning, Attack cycles, Change control, Testing frameworks, Exploit techniques, Stakeholder engagement.
This session looks at the techniques and tools used in network scanning such as ARP sweeping, DNS scanning, DNS enumeration and port scanning. We'll also run through several practical lab-based exercises utilising Ettercap and Kali Linux.
Networking scanning, Google hacking database vulnerability scanning, Netcat, Nikto, Golismero tool, Dnswalk, Dnsrecon, Fierce Script, Thehavester.
We continue exploring network exploitation techniques utilising the Metasploit framework, modules and shellcode payloads. Afterwards, we’ll see how the framework integrates with Postgresql database within Kali Linux, and have a lab walkthrough on MSF3 Windows System.
Metasploit framework, Ruby programming, Exploit code, Auxiliary modules, Exploit modules, Post modules, Shellcode, Listeners, Encoders, Social Engineer Toolkit.
This session will broaden your knowledge of web-based attacks and provide a greater understanding of how dangerous and difficult they are to identify and track. You'll gain hands-on experience using the same tools and processes attackers follow in simulated online scenarios.
Injection attacks, Scripting attacks, Sensitive information exposure, Cross site scripting, SQLi, SQLMAP, Web scanners, directory brute force tools.
This session focuses on how social engineering (SE) campaigns are formed and will introduce some of the software and methods used for these attacks. We'll touch on the use of SMB Protocol, MimiKatz, Responder Python Script and Social-Engineer Toolkit.
SMB Protocol with Kali Linux, MimiKatz Post exploit tool, Responder Python Script, Browser exploitation framework.
Please download the Introduction to Pen Testing course PDF.
This course is useful for IT graduates entering the Cyber Security profession or those in junior and intermediate Cyber Security roles.
Courses will be held subject to sufficient registrations. UNSW Canberra reserves the right to cancel a course up to five working days prior to commencement of the course. If a course is cancelled, you will have the opportunity to transfer your registration or be issued a full refund. If registrant cancels within 10 days of course commencement, a 50% registration fee will apply. UNSW Canberra is a registered ACT provider under ESOS Act 2000-CRICOS provider Code 00098G.