When

Saturday December 10, 2016 from 10:00 AM to 3:00 PM CST
Add to Calendar 

Where

TEKSystem 
7421 W 129th St #300
Overland Park, KS 66213  

 
Driving Directions 

Contact

Melissa Salazar 
ISSA-Kansas City Chapter 
 
certification@kc.issa.org 
 

ISSA-Kansas City - Introduction to Ethical Hacking 

Introduction to Ethical Hacking:

Ethical hacking is the concept of simulating a malicious actor with the intention of strengthening the security posture of an application or system rather than true malevolent intent. This introductory course in ethical hacking will explore the general steps taken by hackers to better understand a attack sequence. Participants will be familiarized to with several concepts outlined in both the Certified Ethical Hacker study guide as well as the Lockheed Martin (LM) Intrusion Kill Chain. Merging these two methodologies together will provide a more complete understanding of how hackers compromise systems and the potential cybersecurity controls which need to be evaded during an attack sequence. As part of the learning experience, attendees will participate in hands-on lab activities utilizing various tools used by hackers to coincide with some of the topics presented.  While this course is not intended to prepare attendees for the CEH certification exam, it will provide a basic understanding for several of the associated topics.  The course is targeted toward individuals who are new to the concepts of ethical hacking and wanting to expand their understanding of a cyber-attack sequence in order to better protect their organizations from such threats.    

Presenter Bio: Donny Hubener is currently a manager over an internal vulnerability management team for a major US based Telecommunications corporation. Donny has 10 years of hands-on dedicated experience as a cybersecurity expert ranging from Vulnerability Assessments, Penetration Testing, Incident Response, Forensics, Malware Analysis, Intrusion Prevention Systems, and Security Information and Event Management systems. Donny’s cybersecurity experience is built on top of 12 years of extensive experience covering both Network Engineering and Information Technology over several industries. Along with certifications such as ISC2 Certified Information Systems Security Professional (CISSP) and IACRB Certified Expert Penetration Tester (CEPT), Donny also holds a Master of Science in Computer Engineering from the University of Kansas.

CPEs = 5

Agenda:

Time

Activity

10:00 – 10:30 AM

Introduction

Evasion

LM Kill Chain: Reconnaissance

CEH: Footprinting, Scanning Networks, Checking for live systems, OS Fingerprinting

10:30 – 11:00 AM

Hands-on lab

11:00 – 11:30 AM

LM Kill Chain: Weaponization

CEH: Malware, Social Engineering

11:30 - Noon

Hands-on lab

Noon – 12:30

Lunch

LM Kill Chain: Delivery, Exploitation, Installation

12:30 – 1:00 PM

Hands-on lab

1:00 – 1:30 PM

CEH: Hacking Web Applications and Servers, SQL Injection

1:30 – 2:00 PM

Hands-on lab

2:00 – 2:15 PM

LM Kill Chain: Command and Control (C2), Actions on Objectives

2:15 – 2:45 PM

Hands-on lab

2:45 – 3:00 PM

Conclusion, Final Comments

 

Book:  CEH v9: Certified Ethical Hacker Version 9 Kit - Amazon link (Recommended for this session)

Target Date: Saturday Dec 10th

Location:

TEKsystems

7421 W 129th St #300

Overland Park, KS 66213

Cost:

Members = $50

Non-members = $70

Requirements:

  • We will be using Kali Linux
  • Bring a laptop preinstalled with  Kali Linux or VMware Player (both free) with Kali Linux VM running
  • Need administrative ability on laptop (may be required to temporarily disable some local security controls such as AV)
  • Both WiFi and Ethernet network capability for laptop