Kali Linux Penetration Testing (Advanced) Training Course


Kali Linux is a Linux distribution created for digital forensics and penetration testing. Advanced penetration testing with Kali Linux is a more advanced technology to use in penetration testing and security auditing with Linux distribution.

This instructor-led, live training (online or onsite) is aimed at IT professionals who wish to gain advanced knowledge in performing penetration testing with Kali Linux such as advance sniffing, exploit writing, web and wireless penetration testing, document management and reporting, and other penetration testing methods.

By the end of this training, participants will be able to:

  • Understand and utilize the advanced methodology of Kali Linux for penetration testing.
  • Learn to use vulnerability assessment tools.
  • Manage evidence, data collection, and reporting using Kali Linux.
  • Learn about exploitations, attacks, and privileges escalations.

Format of the Course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.


  • Basic knowledge of using Kali Linux for penetration testing
  • Basic understanding of Linux/Unix and networking concepts
  • An understanding of network vulnerabilities


  • Ethical hackers
  • Penetration testers
  • Security engineers
  • IT professionals

Course Outline


  • Overview of Kali Linux
  • Installing and configuring Kali Linux
  • Using and updating Kali Linux

Penetration Testing Standards and Classification

  • Open Web Application Security Project (OWASP)
  • Licensee Penetration Testing (LPT)
  • White box and black box
  • Penetration testing vs vulnerability assessment

Advanced Penetration Methodology

  • Target framework and scope
  • Gathering client requirements
  • Checklist for test plan
  • Profiling test boundaries
  • Advance penetration testing using Kali Linux

Information Discovery

  • Hacking Google
  • Gathering DNS and who information
  • Gathering route and network information
  • Gathering all-in-one information

Scanning and Enumerating Target

  • Advance network scanning
  • Port and Udp port scanning
  • Stealth port scanning techniques
  • Packet crafting with Hping
  • Nmap scanning and plug-ins
  • Active and passive banners and system OS enumeration
  • Enumerating users, groups, and shares
  • Enumerating DNS resource records and network devices

Vulnerability Assessment Tools

  • Nessus
  • Open Vas

Target Exploitation

  • Setting up Metaslpoit
  • Exploitation with Metaslpoit
  • Meterpreter session
  • VNC exploitation
  • Stealing password hash
  • Adding custom modules to Metaslpoit
  • Using immunity debugger
  • Writing exploit

Privileges Escalation and Access Maintenance

  • Breaking password hash
  • Cracking telnet, ssh, and FTP password
  • Using Metasploit post-exploitation modules
  • Protocol tunneling
  • Proxy
  • Installing persistent backdoor

Advance Sniffing

  • ARP poisoning
  • DHCP starvation
  • Mac flooding
  • DNS poisoning
  • Sniffing credentials from a secured website

DOS Attack

  • Syn attack
  • Application request flood attack
  • Service request flood
  • Service attack permanent denial

Penetration Testing

  • Web penetration testing
  • Wireless penetration testing

Exploitation and Client Side Attack

  • Exploiting browser vulnerability
  • Buffer overflow
  • Fuzzing
  • Fast-track hacking
  • Phishing passwords
  • Generating backdoors
  • Java applet attack

Firewall Testing

  • Firewall overview
  • Testing firewall and ports
  • Rules of testing firewall

Management and Reporting

  • Documentation and results verification
  • Dradis framework
  • Magic tree and Maltego
  • Data collection and evidence management
  • Report types and presentation
  • Post testing procedure

Summary and Next Steps

Leave a Reply

Your email address will not be published. Required fields are marked *