Topics & Learning Outcomes¶
Main Themes¶
-
Fundamental cyber-attack methodologies
Basic phases of an attack — reconnaissance, scanning, exploitation, post-exploitation. -
Adopting an attacker's perspective
How thinking like an attacker helps you design better defenses. -
Exploiting vulnerabilities in systems and networks
High-level look at common vulnerability classes and how they're abused. -
Detecting security vulnerabilities
Using tools, checklists, and structured processes to identify weaknesses. -
Assessing vulnerabilities and weaknesses
Prioritizing issues based on risk, impact, and ease of exploitation. -
Overview of ethical hacking
Legal and ethical boundaries, responsible disclosure, and professional conduct.
What I Should Be Able to Do After This Workshop¶
- Describe the basic steps an attacker takes during a typical compromise
- Explain the difference between offensive testing and malicious hacking
- Read high-level vulnerability descriptions and understand why they matter
- Connect offensive techniques with defensive controls such as hardening and monitoring
Tools Introduced¶
| Tool | Purpose |
|---|---|
| Kali Linux | Primary penetration testing OS and lab environment |
| VirtualBox | Isolated virtual lab setup |
| Nmap | Network scanning and host discovery |
| Burp Suite | Web application testing and traffic interception |
| Gobuster / FFUF | Directory and endpoint enumeration |
| Maltego | OSINT and reconnaissance mapping |
| Legion | Automated network scanning and enumeration |
| Aircrack-ng | Wireless network security testing |
| OverTheWire Bandit | Hands-on Linux and privilege escalation challenges |