Exploitation: Evading Detection and Bypassing Countermeasures

This course addresses one of the most commonly overlooked areas of the pen testing process, evasion and countermeasure bypass. This course shows you how to remain undetected and penetrate deeper into systems and networks for maximum effectiveness.
Course info
Rating
(14)
Level
Intermediate
Updated
Mar 8, 2017
Duration
3h 52m
Table of contents
Course Overview
Evading Detection and Bypassing Countermeasures
Remaining Anonymous
Bypassing Network Firewalls
Sneaking Past Intrusion Detection Systems and Honeypots
Circumventing Application Security Controls
Fooling Platform Controls
Outwitting Platform Memory Controls
Mapping Evasion Techniques to Kill Chains
Description
Course info
Rating
(14)
Level
Intermediate
Updated
Mar 8, 2017
Duration
3h 52m
Description

You have been provided with a fairly open scope and not many limitations other than the fact that the customer is expecting results. Generally, this means to show your value, you need to have some hacked data along with a set of security remediation recommendations without tipping off the Globomantics customer's security operations team. In this course, Exploitation: Evading Detection and Bypassing Countermeasures, you'll learn how to go undetected and penetrate deeper into systems and networks for maximum effectiveness. First, you'll learn how to remain anonymous during all phases of the kill chain. Next, you'll discover how to bypass network and application firewalls. Then, you'll learn how to sneak past intrusion detection systems and honeypots. Finally, you'll learn circumventing application security controls and how to fool anti-virus software. By the end of this course, you'll have learned how to use numerous hands-on tools and techniques to craft surgical exploits that will allow you to penetrate deeper into sanctioned networks and remain completely undetected throughout the process.

About the author
About the author

Chad has been in the Cyber Security industry for over 15 years. He's taught Microsoft Engineering courses as a Certified trainer. He's managed teams of security engineers and analysts for an Internet banking provider. He's been an information security consultant working for companies including SAP, Microsoft and Oracle.

More from the author
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name's Chad Russell, welcome to my course, Exploitation: Evading Detection and Bypassing Countermeasures, at Pluralsight. I'm a cloud platform security consultant at Oracle Corporation and I'm the founder of webofsecurity. com. This course addresses one of the most commonly overlooked areas of the pen testing process, which is evasion and countermeasure bypass. While other courses may cover exploits and cracking exclusively, this course will show you how to do it undetected and penetrate deeper into systems and networks for maximum effectiveness. Some of the major topics that I'll cover with you include remaining anonymous during all phases of the kill chain, bypassing network and application firewalls, sneaking past intrusion detection systems and honeypots, circumventing application security controls, and fooling anti-virus software. By the end of this course, you will have learned how to use numerous hands on tools and techniques to craft surgical exploits that will allow you to penetrate deeper into sanction networks and remain completely undetected throughout the process. Join me on this journey to learn how to more effectively exploit systems and networks with the Exploitation: Evading Detection and Bypassing Countermeasures course at Pluralsight.

Circumventing Application Security Controls
Application security controls can either be enforced by the application itself or by using perimeter type protection devices such as Web Application Firewalls, otherwise known as WAFs. I'm going to show you how to use some tools and techniques that will allow you to bypass Globomantics application layer specific security controls utilizing techniques such as Cross-site Scripting and SQL injection. I'll also show you how to incorporate anonymity and evasion into these attacks. So first we'll start by covering Cross-Site Scripting, and there are fundamentally two types of Cross-Site Scripting that we'll cover, the first is Reflective, the next is Persistent, and then I'll demonstrate how to implement Cross-Site Scripting utilizing ZAP and BeEF. Next we'll talk about SQL Injection, and there are three types of SQL Injection that we'll cover in this lesson, the first is Blind Injection, next we'll cover First and Second Order Injection, and I'll demonstrate the use of sqlmap in order to conduct a SQL Injection attack. I'm also going to show you how to incorporate some of the evasion techniques that we've covered in earlier lessons. You can incorporate these evasion techniques to Cross-Site Scripting and SQL Injection, and I'll walk through some of those scenarios with you. And from a defensive standpoint, there are measures that the defender can put into place to help combat attacks that try to bypass web application firewalls and counter measures for IDS Evasion, so let's get started.