Class Details

Price: $1,990

4-Day Course Includes:

  • Class exercises in addition to training instruction
  • Courseware books, notepads, pens, highlighters and other materials
  • Full breakfast with variety of bagels, fruits, yogurt, doughnuts and juice
  • Tea, coffee, and soda available all day
  • Freshly baked cookies every afternoon - * only at participating locations

For group training options, please call us at (240) 667-7757 or email 

Course Outline

Module 1: 802.11 Hacking

  • Lesson 1A: Basics of 802.11
  • Lesson 1B: Hardware and Drivers

Module 2: Operating Systems and Tools for 802.11 Networks

  • Lesson 2A: Choosing an OS based on Hardware and Applications
  • Lesson 2B: inSIDer and Vistumbler Windows Network Scanners
  • Lesson 2C: Sniffing and Injection Tools for Windows
  • Lesson 2D: KisMAC Mac OS X Discovery Tool
  • Lesson 2E: Kismet Linux Discovery Tool 
  • Lesson 2F: Mobile Discovery Tools and Online Mapping

Module 3: Tools and Techniques for Bypassing 802.11 Wireless Networks

  • Lesson 3A: Basic Attack Types
  • Lesson 3B: Accessing Hidden or Nonbroadcasting Wireless Networks
  • Lesson 3C: Cracking WEP Keys
  • Lesson 3D: Cracking Hidden and WEP-Encrypted Networks
  • Lesson 3E: Recovering a Keystream
  • Lesson 3F: Deauth Attacks and Michael Countermeasures

Module 4: Practical Attacks against WPA Networks

  • Lesson 4A: Breaking WPA with Pre-Shared Key (PSK) Authentication  
  • Lesson 4B: Breaking WPA Enterprise Authentication
  • Lesson 4C: Encryption Attacks against TKIP
  • Lesson 4D: Attacking Components

Module 5: Compromising Wireless Clients

  • Lesson 5A: Application Level Attacks
  • Lesson 5B: Client Attacks with an Evil DNA Server
  • Lesson 5C: ARP Spoofing with Ettercap
  • Lesson 5D: Rogue Apps and Evil Servers with Karmetasploit
  • Lesson 5E: Direct Client Injection
  • Lesson 5F: Device Driver Vulnerabilities
  • Lesson 5G: WI-FI and Web Hacking

Module 6: Exploiting a Mac OS X 802.11 Wireless Client

  • Lesson 6A: Preparing and Testing the Exploit
  • Lesson 6B: Preparing Tools for Installation
  • Lesson 6C: Initial Reconnaissance Preparation
  • Lesson 6D: Kismet, Aircrack-ng Preparation
  • Lesson 6E: Preparing and Executing the Package  
  • Lesson 6F: Delivering the Java Exploit   
  • Lesson 6G: Using the User-Level Code Execution to the Highest Extent

Module 7: Exploiting a Windows Wireless Client

  • Lesson 7A: Overview of a Windows Client Attack
  • Lesson 7B: Establish the Attack Infrastructure
  • Lesson 7C: Exploiting a Hotspot Environment
  • Lesson 7D: Controlling the Client
  • Lesson 7E: Wireless Reconnaissance – Local and Remote
  • Lesson 7F: Target Wireless Network Attack

Module 8: Bluetooth Scanning and Reconnaissance

  • Lesson 8A: Overview of Bluetooth Device Interaction
  • Lesson 8B: Attack Preparation
  • Lesson 8C: Reconnaissance Phase of a Bluetooth Attack
  • Lesson 8D: SDPtool for Enumerating Services

Module 9: Bluetooth Eavesdropping Attacks

  • Lesson 9A: Using Commercial Bluetooth Sniffers
  • Lesson 9B: Open-Source Bluetooth Tools

Module 10: Attacking and Exploiting Bluetooth

  • Lesson 10A: PIN Attacks
  • Lesson 10B: Practical PIN Cracking
  • Lesson 10C: Manipulating Bluetooth Identification Mechanisms
  • Lesson 10D: Vulnerabilities in Bluetooth Profiles
  • Lesson 10E: Future of Bluetooth

Module 11: ZigBee Protocol  

  • Lesson 11A: Overview of ZigBee Technology
  • Lesson 11B: ZigBee Security Measures
  • Lesson 11C: ZigBee Attack and Exploitation
  • Lesson 11D: Start to Finish Attack against ZigBee Device Implementation 

Module 12: Hack DECT

  • Lesson 12A: Overview of DECT Devices and Technology
  • Lesson 12B: DECT Security Standards
  • Lesson 12C: DECT Attacks and

Module 13: Scoping and Information Gathering

  • Lesson 13A: Pre-Assessment Planning Process
  • Lesson 13B: Assessing Information and Estimating Effort