icon icon

Pentesting and ethical hacking – data protection and systems security assessment

icon

Training process

Training needs analysis

If you have specific requirements regarding the training programme, we will carry out a training needs analysis for you. This will guide us on which aspects of the programme should receive greater emphasis, so that the training programme meets your specific needs.

What will you gain?

icon

Your own test lab - You will learn how to build and configure a safe testing environment, so you can recreate a hands-on lab on your own and verify vulnerabilities without putting production systems at risk.

icon

Spotting web attacks - You will practice brute-force attacks, account lockout abuse, path and information disclosure, and forced browsing, so you can identify weak application logic and exposed entry points faster.

icon

Hands-on XSS and CSRF - You will understand standard XSS techniques, cross-site tracing, and CSRF, making it easier for you to assess risk, reproduce attack paths, and suggest effective defensive controls.

icon

Browser threat analysis - You will explore how browser-based attacks work and how client-side behavior can be abused, helping you assess user-side attack vectors with much better precision and context.

icon

Session security control - You will practice session hijacking and review session settings, so you can detect weaknesses in login handling, token management, and the way applications maintain user state.

icon

Phishing awareness - You will gain a practical understanding of phishing methods and how they support social engineering, so you can recognize suspicious scenarios earlier and reduce the chance of a successful scam.

icon

Stronger password defense - You will learn how passwords are cracked, how hashes differ from plain text passwords, and when password managers help, so you can evaluate access policies and protect accounts more effectively.

icon

Traffic monitoring and scanning - You will learn to inspect network traffic in Wireshark and perform reconnaissance with NMAP, so you can find exposed services, suspicious anomalies, and traces of unauthorized activity faster.

Training programme

1. Pentesting – introduction

2. Test environment

  • configuration.

3. Web application hacking techniques

  • brute force attack,
  • account lockout attack,
  • paths and information – disclosure,
  • forced browsing.

4. XSS

  • standard techniques,
  • cross site tracing,
  • cross site request forgery.

5. Browser attacks

6. Session attacks

  • session hijacking,
  • session settings.

7. Phishing

8. Ethical hacking – introduction

9. Password security

  • password cracking – methods,
  • password manager,
  • hash.

10. Traffic monitoring

  • network traffic,
  • wireshark,
  • NMAP.

11. DoS Attack

What are the prerequisites for participating in the training?

icon

Networking basics - You should understand IP addressing, ports, protocols, and the basics of network services, so you can analyze traffic and interpret scan results during the practical exercises.

icon

System and browser use - You should be comfortable using an operating system, installing tools, and working in a web browser, so you can complete tasks independently in the test environment.

icon

Web application basics - You should know how websites, forms, sessions, logins, and HTTP requests work, so you can follow attack scenarios and correctly interpret application behavior.

icon

IT security basics - You should understand core security terms such as vulnerability, threat, and authentication, so you can navigate penetration testing topics more confidently from the start.