Ethical Hacker

Lesson one: Vulnerability management 

• Configure, launch and manage vulnerability scans 
• Prioritize vulnerabilities and manage response efforts
• Calculate risk scores and assign risk ratings 

Lesson two: System auditing 

• Write a repost to communicate audit results
• Research vulnerabilities and validate the exploits
• Perform information gathering
• Interpret test scopes to conduct assessments

Lesson three: Application auditing

• Use fully automated tools to test specific vulnerabilities and products
• Use semi-automated tools to increase efficiency and accuracy
• Audit web application using OWASP WSTG

Lesson four: Social engineering

• Design a simulated landing page to use in social engineering tests
• Create malware to use in test attacks
• Conduct a phishing simulation
• Understand Techniques attackers use to exploit employees

Lesson five: Open-source intelligence 

• Analyse data relationships to develop conclusions
• Use exploratory link analysis to find information and establish links
• Uncover information leakage

Lesson one: Reconnaissance 

• Document discovery, mapping and reconnaissance phase of red teaming
• Conduct assign, active and physical reconnaissance
• Identify various web frameworks and content management systems
• Identify IP addresses belonging to a company using public DNS
• Identify the appropriate tool for the phase of reconnaissance

Lesson two: Scanning and research

• Identify the appropriate database to conduct vulnerability research
• Use software version discoveries to find common vulnerabilities and exposure [CVEs], MAP CVE available exploit code
• Capture command usage, explain the usage and provide results with screenshots and findings
• Extend the basic be application scanning to grab banners and find vulnerabilities in available services
• Use common tools for network service scanning to map open ports networks services and associated versions

Lesson three: Gaining access 

• Exploit software vulnerabilities
• Conduct phishing and social engineering attacks
• Conduct password attacks
• Conduct web application and on-premise software attacks
• Use python, SQL query and other languages to run exploit Code

Lesson four: Maintains access

• Uncover root account passwords and condo the privilege escalation 
• Avoid IPS by obfuscating backdoor connection
• Traverse subsets by pivoting
• Maintain access through a persistent connection
• Learn Advanced persistent threat Techniques

Lesson five: Cover tracks and reporting

• Draft non-technical executive summaries
• Draft and update a pen test report
• Asses digital footprints on the network and remove or hide them
• Deploy toolkits to automate log clearing
• Clear logs on windows and Linux targets 
• Learn Techniques on covering track after exploitation