|
Social Engineering
Manipulation Tools Poneti lap top i preinstalirati KALI 2 hotel Jump INN - Koče Popovića 2a, Belgrade pocetak u 09.00 |
Supported by:
|
|
21st September, 2016
Septia Academy - Belgrade Price 160 Euro |
| ||||
Introduction
Social engineering has been the cause of many of the most high profile cyber-attacks in recent years. The human element is too often the problem. In this training class, you will learn how some of the most elegant social engineering attacks take place. Learn to perform these scenarios and what is done during each step of the attack, from imitation through exploitation. This course is intended to help you better prepare your organization for defense of social engineering attacks, as well as how to ethically use these techniques for intelligence gathering.
Topics include: Intro to social engineering, exploitation lifecycle, digital information gathering, targeting, digital profile reduction, psychology of social engineering, elicitation, pretexting, cold-calling, bypassing physical security, post exploitation, binary evasion and more.
Tools include: Kali Linux, Social Engineering Toolkit (SET), Google, Maltego, Scythe Framework, Recon-NG Framework, Creepy, Portable Virtual Box, Metasploit, Hyperion & Veil
Who Should Attend This Course? / Audience
Pre-requisites: This class is intended for cyber security professionals who have at least a baseline understanding of penetration testing and security policy principles. Approximately two years of experience in cyber security or some well-established information security certification is highly recommended.
Pre-requisites: This class is intended for cyber security professionals who have at least a baseline understanding of penetration testing and security policy principles. Approximately two years of experience in cyber security or some well-established information security certification is highly recommended.
Training Methods and Course Materials
For each course attended, you will be provided with:
For each course attended, you will be provided with:
- comprehensive course specifications, writing guidelines and notes;
- workshop model solutions;
- a CD-ROM with extensive documents and resources;
- Information regarding access to web-resources and etc.;
- Post access to the presenter via phone and email for up to 3 months after the completion of the course.
- .
Module 1 - Introduction
Introduction
The Social Engineer
Exploatation Life-Cycle
Module 2 - Known Techniques
Social Engineering Tehniques
Demos
Kali Lab
Dradis Lab
Module 3 - Hacking
Google Hacking
Google Hacking Lab
Maltego Lab
Recon – NG Lab
Module 4 - Targeting
Targeting
Toolkit Lab
Cupp Lab
Cewl Lab
Shodan Lab
Scythe Lab
Creepy Lab
Module 5 – Detection and Prevention
Detection and Prevention
Towards Advanced Social Engineering
About the Presenter
With his 4 years’ experience as an IT Systems Engineer, and 6 years hands-on experience in the field of Information Security, besides CISO’s operations and governance in the Bank, currently working as responsible for PCI DSS implementation and maintenance in the Bank’s Card-Holder-Data-Environment, as well.
Darko’s educational status is Master of Science with Master thesis in the field of Industrial Information Security (SCADA Environment). His professional background is accompanied with several certifications in the field of information security, such as: Certified Ethical Hacker, Certified ISO27001:2013 Lead Auditor, BIA Implementer etc.
His resume includes several publications:
With his 4 years’ experience as an IT Systems Engineer, and 6 years hands-on experience in the field of Information Security, besides CISO’s operations and governance in the Bank, currently working as responsible for PCI DSS implementation and maintenance in the Bank’s Card-Holder-Data-Environment, as well.
Darko’s educational status is Master of Science with Master thesis in the field of Industrial Information Security (SCADA Environment). His professional background is accompanied with several certifications in the field of information security, such as: Certified Ethical Hacker, Certified ISO27001:2013 Lead Auditor, BIA Implementer etc.
His resume includes several publications:
- Assessing Industrial Networks,
- Hacking Techniques performed in Industrial Environment,
- Compensation controls as an alternative method for PAN numbers encryption in MS SQL Database (PCI DSS 3.0 Chapter 3.4),
- Attacking IT-Defense Devices,
- Implementation of „SSL for ADO.Net“ for Encryption of the Data In Transit in the Corporate Network (PCI DSS 3.1 Chapters 2.3, 4.1