Penetration Testing & Binary Analysis

Target: Network and Application Security Professionals
Length: 1, 2 and 3 Day courses
Focus: Application and Network Penetration Testing

Format: Lab & Lecture

Content:

Authentication Attacks

NTLM Attacks
Kerberos downgrade attacks
SSL Man-in-the-Middle Attack
Force SSL browsing with expire/un-trusted certificates
Deletion/corruption of the audit log

Application Attacks

Execution of the following attacks on web interfaces
Cross-site scripting
Code Injection
Session Hijacking
Enumeration of network and device settings
Enumeration of web server type, either Apache or propriety, and CLI management methods
Denial of Service attacks

Network Attacks

Layer 2 ARP Attacks
Session Hijacking
Subverting Firewalls and Routing ACLs
Identification Spoofing

Host Attacks

Windows 2003/2000 Attacks
IIS 5.0 Security
Linux (various flavors) Attack
Apache Security

WORK WITH iSEC PARTNERS

iSEC Partners is always looking to expand its team of experienced technical professionals and continue to provide best-of-breed security solutions to its Fortune-100 customers.

If you are an experienced security researcher, developer, or consultant, please send an ASCII, PDF, or HTML resume to:

careers@isecpartners.com

BOOKS & WHITEPAPERS

Secure Session Management With Cookies for Web Applications

Chris Palmer, Senior Security Consultant

Command Injection in XML Signatures and Encryption

Brad Hill, Principal Security Consultant

Hacking VoIP

Himanshu Dwivedi, Principal Partner

more...