Penetration Testing with Kali Linux (PWK) Training in Finland

  • Learn via: Classroom / Virtual Classroom / Online
  • Duration: 5 Days
  • Price: Please contact for booking options
We can host this training at your preferred location. Contact us!

Penetration Testing with Kali (PWK) is a pen testing course designed for network administrators and security professionals who want to take a serious and meaningful step into the world of professional penetration testing. This unique penetration testing training course introduces students to the latest ethical hacking tools and techniques, including remote, virtual penetration testing labs for practicing the course materials. Penetration Testing with Kali Linux simulates a full penetration test from start to finish, by injecting the student into a target-rich, diverse, and vulnerable network environment.

Please note, there is an optional 24 hour lab based certification exam available to delegates who have sat this course. This exam leads to the Offensive Security Certified Professional (OSCP) certification and must be booked directly with Offensive Security.

Penetration Testing with Kali Linux is a foundational course, but still requires students to have certain knowledge prior to attending the online class. A solid understanding of TCP/IP, networking, and reasonable Linux skills are required. Familiarity with Bash scripting along with basic Perl or Python is considered a plus.

  • Penetration Testing with Kali Linux
  • Penetration Testing: What You Should Know
  • Getting Comfortable with Kali Linux
  • The Essential Tools
  • Passive Information Gathering
  • Active Information Gathering
  • Vulnerability Scanning
  • Buffer Overflows
  • Win32 Buffer Overflow Exploitation
  • Linux Buffer Overflow Exploitation
  • Working with Exploits
  • File Transfers
  • Privilege Escalation
  • Client Side Attacks
  • Web Application Attacks
  • Password Attacks
  • Port Redirection and Tunneling
  • The Metasploit Framework
  • Bypassing Antivirus Software
  • Assembling the Pieces: Penetration Test Breakdown

0 Penetration Testing: What You Should Know

  • 0.1 About Kali Linux
  • 0.2 About Penetration Testing
  • 0.3 Legal
  • 0.4 The megacorpone.com Domain
  • 0.5 Offensive Security Labs
  • 0.5.1 VPN Labs Overview
  • 0.5.2 Lab Control Panel
  • 0.5.3 Reporting 


1. Getting Comfortable with Kali Linux

  • 1.1 Finding Your Way around Kali
  • 1.1.1 Booting Up Kali Linux
  • 1.1.2 The Kali Menu
  • 1.1.3 Find, Locate, and Which
  • 1.1.4 Exercises
  • 1.2 Managing Kali Linux Services
  • 1.2.1 Default root Password
  • 1.2.2 SSH Service
  • 1.2.3 HTTP Service
  • 1.2.4 Exercises
  • 1.3 The Bash Environment
  • 1.4 Intro to Bash Scripting
  • 1.4.1 Practical Bash Usage – Example 1
  • 1.4.2 Practical Bash Usage – Example 2
  • 1.4.3 Exercises


2. The Essential Tools

  • 2.1 Netcat
  • 2.1.1 Connecting to a TCP/UDP Port
  • 2.1.2 Listening on a TCP/UDP Port
  • 2.1.3 Transferring Files with Netcat
  • 2.1.4 Remote Administration with Netcat
  • 2.1.5 Exercises
  • 2.2 Ncat
  • 2.2.1 Exercises
  • 2.3 Wireshark
  • 2.3.1 Wireshark Basics
  • 2.3.2 Making Sense of Network Dumps
  • 2.3.3 Capture and Display Filters
  • 2.3.4 Following TCP Streams
  • 2.3.5 Exercises
  • 2.4 Tcpdump
  • 2.4.1 Filtering Traffic
  • 2.4.2 Advanced Header Filtering
  • 2.4.3 Exercises


3. Passive Information Gathering

  • 3.1 Open Web Information Gathering
  • 3.1.1 Google
  • 3.1.2 Google Hacking
  • 3.1.3 Exercises
  • 3.2 Email Harvesting
  • 3.2.1 Exercise
  • 3.3 Additional Resources
  • 3.3.1 Netcraft
  • 3.3.2 Whois Enumeration
  • 3.3.3 Exercise
  • 3.4 Recon-­‐ng


4. Active Information Gathering

  • 4.1 DNS
  • 4.1.1 Interacting with a DNS Server
  • 4.1.2 Automating Lookups
  • 4.1.3 Forward Lookup Brute Force
  • 4.1.4 Reverse Lookup Brute Force
  • 4.1.5 DNS Zone Transfers
  • 4.1.6 Relevant Tools in Kali Linux
  • 4.1.7 Exercises
  • 4.2 Port Scanning
  • 4.2.1 TCP CONNECT / SYN Scanning
  • 4.2.2 UDP Scanning
  • 4.2.3 Common Port Scanning Pitfalls
  • 4.2.4 Port Scanning with Nmap
  • 4.2.5 OS Fingerprinting
  • 4.2.6 Banner Grabbing/Service Enumeration
  • 4.2.7 Nmap Scripting Engine (NSE)
  • 4.2.8 Exercises
  • 4.3 SMB Enumeration
  • 4.3.1 Scanning for the NetBIOS Service
  • 4.3.2 Null Session Enumeration
  • 4.3.3 Nmap SMB NSE Scripts
  • 4.3.4 Exercises
  • 4.4 SMTP Enumeration
  • 4.4.1 Exercise
  • 4.5 SNMP Enumeration
  • 4.5.1 MIB Tree
  • 4.5.2 Scanning for SNMP
  • 4.5.3 Windows SNMP Enumeration Example
  • 4.5.4 Exercises


5. Vulnerability Scanning

  • 5.1 Vulnerability Scanning with Nmap
  • 5.2 The OpenVAS Vulnerability Scanner
  • 5.2.1 OpenVAS Initial Setup
  • 5.2.2 Exercises


6. Buffer Overflows

  • 6.1 Fuzzing
  • 6.1.1 Vulnerability History
  • 6.1.2 DEP and ASLR
  • 6.1.3 Interacting with the POP3 Protocol
  • 6.1.4 Exercises


7. Win32 Buffer Overflow Exploitation

  • 7.1 Replicating the Crash
  • 7.2 Controlling EIP
  • 7.2.1 Binary Tree Analysis
  • 7.2.2 Sending a Unique String
  • 7.2.3 Exercises
  • 7.3 Locating Space for Your Shellcode
  • 7.4 Checking for Bad Characters
  • 7.4.1 Exercises
  • 7.5 Redirecting the Execution Flow
  • 7.5.1 Finding A Return Address
  • 7.5.2 Exercises
  • 7.6 Generating Shellcode with Metasploit
  • 7.7 Getting a Shell
  • 7.7.1 Exercises
  • 7.8 Improving the Exploit
  • 7.8.1 Exercises


8. Linux Buffer Overflow Exploitation

  • 8.1 Setting up the Environment
  • 8.2 Crashing Crossfire
  • 8.2.1 Exercise
  • 8.3 Controlling EIP
  • 8.4 Finding Space for Our Shellcode
  • 8.5 Improving Exploit Reliability
  • 8.6 Discovering Bad Characters
  • 8.6.1 Exercises
  • 8.7 Finding a Return Address
  • 8.8 Getting a Shell
  • 8.8.1 Exercise


9. Working with Exploits

  • 9.1 Searching for Exploits
  • 9.1.1 Finding Exploits in Kali Linux
  • 9.1.2 Finding Exploits on the Web
  • 9.2 Customizing and Fixing Exploits
  • 9.2.1 Setting Up a Development Environment
  • 9.2.2 Dealing with Various Exploit Code Languages
  • 9.2.3 Exercises


10. File Transfers

  • 10.1 Anti-Virus Software
  • 10.2 File Transfer Methods
  • 10.2.1 The Non-­‐Interactive Shell
  • 10.2.2 Uploading Files
  • 10.2.3 Exercises


11. Privilege Escalation

  • 11.1 Privilege Escalation Exploits
  • 11.1.1 Local Privilege Escalation Exploit in Linux Example
  • 11.1.2 Local Privilege Escalation Exploit in Windows Example
  • 11.2 Configuration Issues
  • 11.2.1 Incorrect File and Service Permissions
  • 11.2.2 Think like a Network Administrator
  • 11.2.3 Exercises


12. Client Side Attacks

  • 12.1 Know Your Target
  • 12.1.1 Passive Client Information Gathering
  • 12.1.2 Active Client Information Gathering
  • 12.1.3 Social Engineering and Client Side Attacks
  • 12.1.4 Exercises
  • 12.2 MS12‐037 Internet Explorer 8
  • 12.2.1 Setting up the Client Side Exploit
  • 12.2.2 Swapping Out the Shellcode
  • 12.2.3 Exercises
  • 12.3 Java Signed Applet Attack
  • 12.3.1 Exercises


13. Web Application Attacks

  • 13.1 Essential Iceweasel Add-­‐ons
  • 13.2 Cross Site Scripting (XSS)
  • 13.2.1 Browser Redirection and IFRAME Injection
  • 13.2.2 Stealing Cookies and Session Information
  • 13.2.3Exercises
  • 13.3 File Inclusion Vulnerabilities
  • 13.3.1 Local File Inclusion
  • 13.3.2 Remote File Inclusion
  • 13.4 MySQL SQL Injection
  • 13.4.1 Authentication Bypass
  • 13.4.2 Enumerating the Database
  • 13.4.3 Column Number Enumeration
  • 13.4.4 Understanding the Layout of the Output
  • 13.4.5 Extracting Data from the Database
  • 13.4.6 Leveraging SQL Injection for Code Execution
  • 13.5 Web Application Proxies
  • 13.5.1 Exercises
  • 13.6 Automated SQL Injection Tools
  • 13.6.1 Exercises


14. Password Attacks

  • 14.1 Preparing for Brute Force
  • 14.1.1 Dictionary Files
  • 14.1.2 Key-space Brute Force
  • 14.1.3 Pwdump and Fgdump
  • 14.1.4 Windows Credential Editor (WCE)
  • 14.1.5 Exercises
  • 14.1.6 Password Profiling
  • 14.1.7 Password Mutating
  • 14.2 Online Password Attacks
  • 14.2.1 Hydra, Medusa, and Ncrack
  • 14.2.2 Choosing the Right Protocol: Speed vs. Reward
  • 14.2.3 Exercises
  • 14.3 Password Hash Attacks
  • 14.3.1 Password Hashes
  • 14.3.2 Password Cracking
  • 14.3.3 John the Ripper
  • 14.3.4 Rainbow Tables
  • 14.3.5 Passing the Hash in Windows
  • 14.3.6 Exercises


15. Port Redirection and Tunneling

  • 15.1 Port Forwarding/Redirection
  • 15.2 SSH Tunneling
  • 15.2.1 Local Port Forwarding
  • 15.2.2 Remote Port Forwarding
  • 15.2.3 Dynamic Port Forwarding
  • 15.3 Proxychains
  • 15.4 HTTP Tunneling
  • 15.5 Traffic Encapsulation
  • 15.5.1 Exercises


16. The Metasploit Framework

  • 16.1 Metasploit User Interfaces
  • 16.2 Setting up Metasploit Framework on Kali
  • 16.3 Exploring the Metasploit Framework
  • 16.4 Auxiliary Modules
  • 16.4.1 Getting Familiar with MSF Syntax
  • 16.4.2 Metasploit Database Access
  • 16.4.3 Exercises
  • 16.5 Exploit Modules
  • 16.5.1 Exercises
  • 16.6 Metasploit Payloads
  • 16.6.1 Staged vs Non-­‐Staged Payloads
  • 16.6.2 Meterpreter Payloads
  • 16.6.3 Experimenting with Meterpreter
  • 16.6.4 Executable Payloads
  • 16.6.5 Reverse HTTPS Meterpreter
  • 16.6.6 Metasploit Exploit Multi Handler
  • 16.6.7 Revisiting Client Side Attacks
  • 16.6.8 Exercises
  • 16.7 Building Your Own MSF Module
  • 16.7.1 Exercise
  • 16.8 Post Exploitation with Metasploit
  • 16.8.1 Meterpreter Post Exploitation Features
  • 16.8.2 Post Exploitation Modules
  • B10B7B11B12


17.Bypassing Antivirus Software

  • 17.1 Encoding Payloads with Metasploit
  • 17.2 Crypting Known Malware with Software Protectors
  • 17.3 Using Custom/Uncommon Tools and Payloads
  • 17.4 Exercise


18. Assembling the Pieces: Penetration Test Breakdown

  • 18.1 Phase 0 – Scenario Description
  • 18.2 Phase 1 – Information Gathering
  • 18.3 Phase 2 – Vulnerability Identification and Prioritization
  • 18.3.1 Password Cracking
  • 18.4 Phase 3 – Research and Development
  • 18.5 Phase 4 – Exploitation
  • 18.5.1 Linux Local Privilege Escalation
  • 18.6 Phase 5 – Post-­‐Exploitation
  • 18.6.1 Expanding Influence
  • 18.6.2 Client Side Attack against Internal Network
  • 18.6.3 Privilege Escalation Through AD Misconfigurations
  • 18.6.4 Port Tunneling
  • 18.6.5 SSH Tunneling with HTTP Encapsulation
  • 18.6.6 Looking for High Value Targets
  • 18.6.7 Domain Privilege Escalation
  • 18.6.8 Going for the Kill


Contact us for more detail about our trainings and for all other enquiries!

Upcoming Trainings

Join our public courses in our Finland facilities. Private class trainings will be organized at the location of your preference, according to your schedule.

02 helmikuuta 2025 (5 Days)
Helsinki, Espoo
Classroom / Virtual Classroom
02 helmikuuta 2025 (5 Days)
Helsinki, Espoo
Classroom / Virtual Classroom
02 maaliskuuta 2025 (5 Days)
Helsinki, Espoo
Classroom / Virtual Classroom
15 maaliskuuta 2025 (5 Days)
Helsinki, Espoo
Classroom / Virtual Classroom
02 maaliskuuta 2025 (5 Days)
Helsinki, Espoo
Classroom / Virtual Classroom
15 maaliskuuta 2025 (5 Days)
Helsinki, Espoo
Classroom / Virtual Classroom
06 toukokuuta 2025 (5 Days)
Helsinki, Espoo
Classroom / Virtual Classroom
06 toukokuuta 2025 (5 Days)
Helsinki, Espoo
Classroom / Virtual Classroom
Penetration Testing with Kali Linux (PWK) Training Course in Finland

Finland is a country located in northern Europe. Helsinki is the capital and largest city of the country. The majority of the people are Finns but there is also a small Lapp population in Lapland, where the country is famous for the Northern Lights. Finland's national languages are Finnish and Swedish.

Known for its vast forests, lakes, and natural beauty, Finland is one of the world's largest producers of forest products, such as paper, pulp, and lumber. One of the world's largest sea fortresses Suomenlinna, Rovaniemi with the "White Nights", dogsled safaris and of course the Northern Lights are what makes Finland so popular for tourists. Finland is one of the best places in the world to see the Northern Lights and attracts millions of tourists during its seasons.

Finland is home to a thriving technology industry and is widely recognized as one of the world's leading technology hubs. Companies such as Nokia and Rovio (creator of the popular game Angry Birds) are based in Finland. Some of the key factors that have contributed to Finland's success in technology include; strong investment in research and development, a highly educated workforce and fundings.

Finland has a strong educational system, and is widely regarded as one of the world's most literate countries. In fact, Finland's literacy rate is one of the highest in the world, and its students consistently perform well in international tests of math and reading ability.

Also, as a pioneer in environmental sustainability, Finland is known for its efforts to reduce its carbon footprint and promote clean energy. This Nordic country is also famous for its unique and distinctive cultural heritage, including its traditional folk music and its elaborate traditional costumes.

Helsinki, Finland's capital city, is the country's business center. Helsinki is Finland's largest city, and it is home to many of the country's major corporations and organizations, including many of the country's leading technology firms. The city is also a commercial, trade, and financial center, as well as one of the busiest ports in the Nordic region.

Take advantage of our diverse IT course offerings, spanning programming, software development, business skills, data science, cybersecurity, cloud computing and virtualization. Our knowledgeable instructors will provide you with practical training and industry insights, delivered directly to your chosen venue in Finland.
By using this website you agree to let us use cookies. For further information about our use of cookies, check out our Cookie Policy.