OSCP (Offensive Security Certified Professional)

The Offensive Security Certified Professional (OSCP) is a globally renowned certification that validates your skills in ethical hacking and penetration testing. Ehack Academy offers a structured OSCP training program to help you gain hands-on expertise in uncovering and addressing cybersecurity vulnerabilities in real-world scenarios.

PEN-200: Penetration Testing with Kali Linux

Course Link : https://www.offsec.com/courses/pen-200/

Official Course Content : https://www.offsec.com/app/uploads/2023/03/V1.Regular-Syllabus-PDF.pdf

OSCP FOR LINUX MACHINES
OSCP FOR LINUX MACHINES
Module 01: Penetration Testing: What You Should Know	Overview of penetration testing methodologies and ethical hacking. Legal and ethical considerations in penetration testing. Understanding different types of penetration tests (black box, white box, grey box). The role of a penetration tester and the penetration testing process.
Module 02: Getting Comfortable with Kali Linux	Introduction to Kali Linux as a penetration testing platform. Navigating the Kali Linux environment and understanding its tools. Basic Linux commands and file system structure. Package management and software installation. Virtualization and network configuration.
Module 03: Command Line Fun	Advanced Linux command-line usage. Text processing tools like sed, awk, and grep. Scripting basics for automation. Regular expressions for pattern matching.
Module 04: Practical Tools	Introduction to essential penetration testing tools. Network scanning tools (Nmap, Masscan). Vulnerability scanning tools (Nessus, OpenVAS). Exploitation tools (Metasploit, exploit-db). Post-exploitation tools (Powercat, Mimikatz).
Module 05: Bash Scripting	Writing and executing Bash scripts for automation. Scripting for information gathering, exploitation, and post-exploitation. Integrating tools and commands into scripts.
Module 06: Passive Information Gathering	Techniques for collecting information about a target without interacting with it. Using search engines, social media, and open sources for intelligence. Analyzing network traffic and DNS records. WHOIS lookups and domain registration information.
Module 07: Active Information Gathering	Interacting with a target to gather information. Port scanning and service identification. Banner grabbing and version detection. Directory and file enumeration.
Module 08: Vulnerability Scanning	Identifying vulnerabilities in systems and applications. Using vulnerability scanners to automate the process. Analyzing scan results and prioritizing vulnerabilities.
Module 09: Web Application Attacks	Understanding web application architecture and vulnerabilities. Common web application attacks (SQL injection, XSS, CSRF, etc.). Manual and automated web application testing
Module 10: Client-Side Attacks	Exploiting vulnerabilities in web browsers and client-side applications. Cross-site scripting (XSS) attacks. Malware delivery through malicious websites
Module 11: Locating Public Exploits	Finding exploits for identified vulnerabilities. Using exploit databases and frameworks. Understanding exploit code and development.
Module 12: Fixing Exploits	Modifying and adapting exploits for specific targets. Bypassing security measures and defenses. Creating custom exploit code.
Module 13: File Transfers	Techniques for transferring files between systems. Secure file transfer protocols (SCP, SFTP). Data exfiltration methods.
Module 14: Privilege Escalation	Gaining higher privileges on a compromised system. Exploiting system vulnerabilities and misconfigurations. Lateral movement within a network.
Module 15: Password Attack	Cracking passwords using different techniques (brute force, dictionary, rainbow tables). Password recovery tools and techniques.
Module 16: Port Redirection and Tunneling	Establishing secure connections through firewalls. Port forwarding and tunneling protocols (SSH, SOCKS).
Module 17: The Metasploit Framework	Using Metasploit for exploitation and post-exploitation. Developing custom payloads and exploits. Meterpreter and its capabilities.
OSCP FOR WINDOWS MACHINES
OSCP FOR WINDOWS MACHINES
Module 01: Penetration Testing: What You Should Know	Overview of penetration testing methodologies and ethical hacking. Legal and ethical considerations in penetration testing. Understanding different types of penetration tests (black box, white box, grey box). The role of a penetration tester and the penetration testing process.
Module 02: Command Line Fun	Basic Windows command-line (cmd) usage. PowerShell basics for automation and scripting.
Module 03: Practical Tools	Windows-specific penetration testing tools. Active Directory reconnaissance tools. Privilege escalation tools.
Module 04: Passive Information Gathering	Techniques for collecting information about a target without interacting with it. Using search engines, social media, and open sources for intelligence. Analyzing network traffic and DNS records. WHOIS lookups and domain registration information.
Module 05: Active Information Gathering	Interacting with a target to gather information. Port scanning and service identification. Banner grabbing and version detection. Directory and file enumeration.
Module 06: Vulnerability Scanning	Identifying vulnerabilities in systems and applications. Using vulnerability scanners to automate the process. Analyzing scan results and prioritizing vulnerabilities.
Module 07: Web Application Attacks	Understanding web application architecture and vulnerabilities. Common web application attacks (SQL injection, XSS, CSRF, etc.). Manual and automated web application testing.
Module 08: Client-Side Attacks	Exploiting vulnerabilities in web browsers and client-side applications. Cross-site scripting (XSS) attacks. Malware delivery through malicious websites.
Module 09: Locating Public Exploits	Finding exploits for identified vulnerabilities. Using exploit databases and frameworks. Understanding exploit code and development.
Module 10: Fixing Exploits	Modifying and adapting exploits for specific targets. Bypassing security measures and defenses. Creating custom exploit code.
Module 11: File Transfers	Techniques for transferring files between systems. Secure file transfer protocols (SCP, SFTP). Data exfiltration methods.
Module 12: Privilege Escalation	Gaining higher privileges on a compromised system. Exploiting system vulnerabilities and misconfigurations. Lateral movement within a network.
Module 13: Password Attacks	Cracking passwords using different techniques (brute force, dictionary, rainbow tables). Password recovery tools and techniques
Module 14: Port Redirection and Tunneling	Establishing secure connections through firewalls. Port forwarding and tunneling protocols (SSH, SOCKS).
Module 15: Active Directory Attacks	Understanding Active Directory structure and vulnerabilities. Attacking Active Directory for domain dominance. Privilege escalation within Active Directory.
Module 16: The Metasploit Framework	Using Metasploit for exploitation and post-exploitation with a focus on Windows exploits and payloads. Developing custom payloads and exploits. Meterpreter and its capabilities.
Module 17: PowerShell Empire	Using PowerShell Empire for post-exploitation and command and control. Developing custom PowerShell agents and stagers.
Module 18: Assembling the Pieces: Penetration Test Breakdown	Integrating learned skills into a full penetration test. Reporting and documentation. Ethical and legal considerations in reporting findings.
Module 19: Trying Harder: The Labs	Advanced labs and challenges to enhance skills. Real-world scenario simulations. Preparation for the OSCP certification exam.

60 Days
~~95000~~ 70000

Enroll Now

Quick Enquiry

Kindly share your details and our team will contact you in a while.

OSCP (Offensive Security Certified Professional)

OSCP (Offensive Security Certified Professional)

Quick Inquiry