Cyber Security Tester – Hands-on Advanced («HAK3»)

• Incorporating your own creative ethical hacking approaches into the considerations
• Testing the effectiveness of advanced threat defences in your own organisation with ethical hacking skills (hacking labs)
• Incorporating offensive findings into cyber security strategies for well-protected environments

This course builds on the Ethical Hacking course series – Ethical Hacking Fundamentals (HAK) and Ethical Hacking Hands-on Deepening (HAK2) – to deepen your hacking skills and after completing all three courses, obtain the Digicomp course certificate: «CSHP – Cyber Security Hacking Professional» and direct admission to the bootcamp: OSSTMM Professional Security Tester (BPST).

In the course we work with KALI LINUX™ and various extensions. You will supplement and deepen the techniques already learned in the previous courses. All participants are provided with an appropriate lab environment for the hands-on exercises. On the basis of practical hacking experiments, you will be introduced to various in-depth topics of penetration testing and can also evaluate actions in well-secured IT environments according to their effectiveness. All participants expressly commit themselves not to misuse the acquired knowledge. A written agreement to this effect must therefore be signed before the course begins.

• Extension of the own Hacking-Labs from the course «Ethical-Hacking-Hands-on-Vieferung (HAK2)»
• Consolidation of the techniques learned in the HAK2 course with further hands-on labs
• Encourage your own creativity in ethical hacking with a targeted combination of hacking techniques
• Deepening of MitM techniques (e.g. HSTS bypass, code injection, keyloggers, DNA spoofing)
• Targeted advanced backdoor methods with evasion techniques using fake updates, manipulated files, embedding in programs, macros
• Achieving targeted system rights (bypass UAC techniques)
• Targeted methods for access security using persistence scripts
• PowerShell hacking methods and tools
• Browser Explotation (Hooking)
• Advanced knowledge with the Metasploit™ Framework (e.g. post-explotation, pass-the-hash, pivoting, targeted exploiting, combining with other attack vectors)
• Advanced WLAN hacking techniques (e.g. Rogue AP, Evil Twin)
• Skills extension with web hacking methods (e.g. website spoofing, XSS, SQLInjection)
• Advanced Threats Live-Demo (IoT-Hacking)

* KALI LINUX™ is a trademark of Offensive Security
* Metasploit™ is a tademark of Rapid7 LLC

Component of the following courses

• CAS Cyber Security Expert («CSECAS»)

Security specialists, computer scientists and managers who have attended the course «Ethical-Hacking-Handson-Processing (HAK2)» and would like to deepen their knowledge in a hands-on training with Advanced-Ethical-Hacking techniques.

Attendance of the following course or equivalent broad practical hacking experience with KALI Linux.

This Hands-on course can be attended together with the Cyber Security Tester - Hands-on Foundation («HAK») and Cyber Security Tester - Hands-on Professional («HAK2») courses to prepare for various «Security Offense» certificates, such as the CompTIA PenTest+ certificate.

The OPST certification has been recognized for the «Master in Information Technology Security» diploma from La Salle University in Barcelona. This institution is part of the international La Salle educational network, which also includes Manhattan College in New York and La Salle University in Philadelphia. All OPST certificates carry both the ISECOM and La Salle seals, as a sign of the prestige that comes with them. Digicomp offers in addition exclusively for graduates of the HAK course series the three-day Bootcamp: OSSTMM Professional Security Tester (BPST) inclusive examination.

Participants must have a remote desktop client installed on their PC/notebook.

• Under Windows, the official Microsoft client is usually already installed
• macOS users can download the official Microsoft client from the Apple App Store: https://apps.apple.com/ch/app/microsoft-remote-desktop/id1295203466

Important: For security reasons, companies often block a remote desktop connection on business devices and in the company network. It is recommended to participate in the training on a private device and not on the company network. Alternatively, you can clarify in advance with the responsible IT department whether remote desktop connections are possible.