Course : Hacking and Security, Level 1

Practical course - 5d - 35h00 - Ref. HAC
Price : 3740 CHF E.T.

Hacking and Security, Level 1



Required course



INTER
IN-HOUSE
CUSTOM

Practical course in person or remote class
Available in English on request

Ref. HAC
  5d - 35h00
3740 CHF E.T.






Teaching objectives
At the end of the training, the participant will be able to:
Understand the techniques used by computer hackers and be able to counter their attacks
Measure your information system's security level
Carry out a penetration test
Define the impact and scope of a vulnerability

Course schedule

1
Hacking and security

  • Forms of attacks, procedures, actors, challenges.
  • Audits and intrusion tests, place in an ISMS.

2
Sniffing, interception, analysis, network injection

  • Anatomy of a packet, tcpdump, Wireshark, tshark.
  • Hijacking and intercepting communications (Man-in-the-Middle, VLAN attacks, honeypots).
  • Packets: Sniffing, reading/analyzing from a pcap, extracting useful data, graphical representations.
  • Scapy: Architecture, capacities, use.
Hands-on work
Listening to the network with sniffers. Creating a mini packet interceptor in C. Using scapy (command line, Python script): injections, interception, pcap reading, scanning, DoS, MitM.

3
Recognition, scanning, and enumeration

  • Intelligence gathering, hot reading, operating the darknet, social engineering.
  • Recognizing services, systems, topology, and architectures.
  • Types of scans, filtering detection, firewalking, fuzzing.
  • Camouflage using spoofing and bouncing, identifying paths with traceroute, source routing.
  • Evading IDS and IPS: Fragmentations, covert channels.
  • Nmap: Scanning and exporting results, options.
  • Other scanners: Nessus, OpenVAS.
Hands-on work
Using the tool nmap, writing an NSE script in LUA. Filtering detection.

4
Web attacks

  • OWASP: Organization, chapters, Top 10, manuals, tools.
  • Discovering infrastructure and the corresponding technologies, strengths and weaknesses.
  • Client-side: Clickjacking, CSRF, stealing cookies, XSS, components (flash, java). New vectors.
  • Server-side: Authentication, session theft, injections (SQL, LDAP, files, commands).
  • Including local and remote files, cryptographic attacks and vectors.
  • Evading and bypassing protections: Example techniques for bypassing WAF.
  • Burp Suite tools, ZAP, Sqlmap, BeEF
Hands-on work
Implementing different Web attacks under actual conditions, both server-side and client-side.

5
Application and post-operation attacks

  • Microsoft authentication attack, PassTheHash.
  • From C to the machine code assembler. Shellcodes.
  • Encoding shellcodes, deleting null bytes
  • Rootkits. Using processes: Buffer Overflow, ROP, Dangling Pointers.
  • Protections and bypassing: Flag GS, ASLR, PIE, RELRO, Safe SEH, DEP. Shellcodes with hardcoded addresses/LSD.
  • Metasploit: Architecture, features, interfaces, workspaces, writing exploits, generating Shellcodes.
Hands-on work
Metasploit: Operating and using the database. Msfvenom: Generating Shellcodes, file trapping. Buffer overflow in Windows or Linux, exploit with shellcode Meterpreter.


Customer reviews
4,3 / 5
Customer reviews are based on end-of-course evaluations. The score is calculated from all evaluations within the past year. Only reviews with a textual comment are displayed.
COSTA NICOLAS D.
22/06/26
5 / 5

Très bonne formation rien à dire c’est complet à précis.Merci pour cette semaine.
NICOLAS D.
22/06/26
5 / 5

Formation dispensée par une formateur hors pair qui a un savoir extraordinaire
STÉPHANE D.
22/06/26
4 / 5

les labs étaient un peu toujours les mêmes, trop de temps consacré aux labs, et les corrigés devraient être fait soit par l’animateur soit par un étudiant.



Publication date : 03/21/2024


Dates and locations

Last places available
Guaranteed date, in person or remotely
Guaranteed session
From 24 to 28 August 2026
FR
Remote class
Registration
From 21 to 25 September 2026 *
FR
Remote class
Registration
From 21 to 25 September 2026
EN
Remote class
Registration
From 30 November to 4 December 2026 *
FR
Remote class
Registration
From 30 November to 4 December 2026
EN
Remote class
Registration

REMOTE CLASS
2026 : 24 Aug., 21 Sep., 21 Sep., 30 Nov., 30 Nov.