OCPT

Offensive Cloud Penetration Testing

101 Modules + 5 Real World Case Studies
The Offensive Cloud Pentesting shows you have acquired the advanced technical skills and possess the comprehensive knowledge required to design, manage and secure the infrastructure, applications, and the data hosted in the cloud using the best practices which align with the modern-day technological advancements.

OCPT TRAINING FLOW

Hybrid Data Storage
Openstack
Hypervisor
Cloud Pentesting

COURSE OVERVIEW

OCPT(Offensive Cloud Penetration Tester) is high in demand and specialized certification programs, which offensively focuses on cloud penetration testing. Because almost every business now seeks a cloud penetration evaluation to ensure the security of the cloud infrastructure. Cloud computing is complicated and not easy to manage as far as the data center is concerned.
The Offensive Cloud Pentesting reveals that you have gained advanced technical experience and have the thorough knowledge to develop, manage and safeguard cloud infrastructure, applications and data using the best practice that comply with current technological development.
For years, the system workload has shifted to the cloud. And cloud technology consists of a wide number of components such as virtualization. You will be equipped with the latest techniques for cloud-focused penetration testing and will learn how to analyze cloud environments.
As this is an advanced course the candidates are required to know about Hypervisor technology, cloud services, Data Center principles, TCP / IP Suites, networking stacks, standards and SDN, SAN, NAS, DAS, risk management, enforcement, legislation, and regulations, etc. to conduct cloud penetration testing.
OCPT is a practical cloud penetration testing application and applicants conduct offensive penetration tests to identify a cloud infrastructure weakness.
OCPT focuses on:
Cloud Penetration Testing technique
Cloud Formation
Assessing Cloud Infrastructure
AWS and Azure Penetration Testing
Red and Blue Team in Cloud
Software-Defined Networking
Microservice
Cloud API Penetration Testing
DevSecOps
Other Cloud technology and Components Assessment

COURSE DETAILS

WHO IS THIS COURSE FOR?

Information Security – Consultant, Manager, Security Architect
Senior – Engineer, Security
Director, Solution Architect, Security Analyst, Security Specialist, Compliance, Red team, Blue team
Anyone who wants to make career in cloud security, data storage, or cloud pentester

OCPT PREREQUISITE

No Linux or programming language knowledge required.
Basic IT knowledge and passionate about information security will be more than enough.
Just go through the free resources about how cloud works provided by Hacker Associate.

COURSE SYLLABUS

Domain 1: Hybrid Data Storage in Cloud Computing

Brief Introduction to Cloud Computing and Virtualization Technology
Brief Introduction to Cloud Data Storage Server and Hardware Requirement
Installing Cloud Storage Server in Premise and in Public Cloud
Basic Configuration in Cloud Data Server and building a Trusted Pool
Brief Introduction to various Volumes related to Cloud Data storage Server
Creating LVM (Logical Volume Manager) for Cloud Data Storage
Shrinking and Expanding Volume in Cloud Data Storage
Creating Replicating Volumes and Creating Distributed- Replicating Volume
Storage Client,Native Client,CIFS (Comman Internet File System) Client in Data Storage Computing
Manage Permission,setting ACL (Access Control List) and Quotas for Cloud Users
Troubleshooting IP Related Problem in Storage Server
Creating NFS (Network File System) Server for Cloud Storage
Creating Multiple Brick From Single Node
Configuring Geo-Replication for Disaster Recovery for Cloud Server
Securing Data and Information in Cloud Storage
Troubleshooting all storage server, Client Server and other servers
Implementing Security on Data Storage Server
Reconnaissance and Information Gathering Process in Data Storage Technology

Domain 2: Cloud Computing and Openstack

Brief Introduction to Cloud Architecture and Cloud Computing
Para-Virtualization and Fully-Virtualization (Hypervisor) Technology
Exploring Openstack Platform and Openstack Architecture
Installation Process of Openstack Platform and Exploring Horizon Web Interface
Installing and Securing Message Broker
Managing Identity Services and Managing Users in Cloud Platform
Managing Image Services
Deploy the Glance Image Service and use glance to upload a system Image
Block Storage Services and installation of Cinder Services and Manage Volumes
Attach or Adding Multiple Storage Volume to Cinder
Installing Openstack Networking
Managing Networking Services in Openstack Platform
Metering Service in Openstack Platform
Orchestration Services Methodology
Install and Configure the Heat Orchestration Services
Volume Snapshot in Openstack Platform
Allocating Floating IP to Instances (Images) in Openstack Platform
Creating Virtual Router between the two Network (Layer-3 Switch)
Securing protocols in Openstack Platform

Domain 3: Virtualization and Hypervisor Security

Brief Introduction to Virtualization Technology World
Brief Introduction to Para-Vitalization Product
Brief Introduction to Fully-Virtualization Product
General Overview Of Kernel Virtual Machine (KVM)
Installation and Configuring Process of Virtualization Hypervisor
Brief Introduction to the Data Center
Brief Introduction to the Cluster
Examine Efficiency of Virtualization Hypervisor
Installation Process of VM (Virtual Machine) Desktop and Para Virtualization Driver
Installation Process of Multiple Operating in Hypervisor
Migration Process of Virtual Images From Hypervisor
Brief Introduction to Penetration Testing Lab for Virtualization Product
Examine Vulnerability in Virtualization Product
Security Issues regarding to Virtualization and Hypervisor Security

Domain 4: Cloud Penetration Testing

Brief Introduction to Cloud Architecture and Cloud Computing
Para-Virtualization and Fully-Virtualization (Hypervisor) Technology
Exploring Openstack Platform and Openstack Architecture
Installation Process of Openstack Platform and Exploring Horizon Web Interface
Installing Cloud Storage Server in Premise and in Public Cloud
Basic Configuration in Cloud Data Server and building a Trusted Pool
Brief Introduction to various Volumes related to Cloud Data storage Server
Creating LVM (Logical Volume Manager) for Cloud Data Storage
Shrinking and Expanding Volume in Cloud Data Storage
Creating Replicating Volumes and Creating Distributed- Replicating Volume
Storage Client, Native Client, CIFS (Comman Internet File System) Client in Data Storage Computing
Installation and Configuring Process of Virtualization Hypervisor
Managing Data Center,role of Data center in Cloud Technology world and Security Topology
Creating Thousand of Clusters in Cloud and Managing Cluster in Cloud
Examine Efficiency of Virtualization Hypervisor
Installation Process of Multiple Operating in HyperVisor
Migration Process of Virtual Images From HyperVisor
TCP IP packet Analysis
Advanced Sniffing Technique in Cloud
Network Traffic Image Capturing in Cloud
Pentesting SSH Server in cloud
Vulnerability Analysis With Nessus - Nessus Vulnerability Scanner
Advanced Wireless Testing in Cloud
Wireless Penetration Testing in Cloud
MAC-Spoofing Technique
Designing a DMZ in Cloud
Snort Analysis in Cloud
Brief Introduction to Advanced Exploits and Tools in Cloud
AIDE (Advanced Intrusion Detection Environment) in Cloud
Securing System from IP-SPOOFING in Cloud
Penetration Testing Methodologies in Cloud
Customers and Legal Agreement
Rules of Engagement
Penetration Testing Planning and Scheduling in Cloud
Pre-penetration Testing Scheduling in Cloud
External Penetration Testing in Cloud
Internal Penetration Testing in Cloud
DNS Reconnaissance(Advanced DNS Reconnaissance)
Pentesting Cloud IPV6 systems
DNS Penetration Testing in Cloud
Intercepting and Manipulation (Packet Crafting) of packets in cloud
Exploring Web Proxies and working Process
SSLSNIFF in Cloud Environment
Pentesting NFS Server in Cloud and Securing NFS Server
Password Escalation and Cracking Technique
Implement SYN FLOOD and ICMP FLOOD
Advanced DDOS Attack on SSL(Secure Socket Layer-https)
Virus and Trojan Detection Technique
Penetration testing to Digital Certificate(Cryptography)
Securing data and Information and various Technology (Cryptography)
Exploring HeartBleed Vulnerability
Geo-Replication for Disaster Recovery in Cloud Environment
Exploring BashShell (ShellShock) Vulnerability

Domain 5: AWS/Azure Penetration Testing

How to setup AWS Account
How to setup Linux Server & Windows Server in AWS
Assess OWASP TOP 10 Vulnerability in Cloud Infrastructure
Writing our own scripts to scan Cloud infrastructure
Performing Penetration Testing on Firewall
Automate Cloud Infrastructure Deployment using Cloud Template
S3 Bucket creation, permission, versioning and exploring other hidden features
Object vs Block Storage
Cloud Account Takeover attack
Assess Firewall Security Group
VM Escaping Attack
Offensive Cloud API Exploitation and Security
SSH Attacks and Security
IAM (Identity and Access Management)- User, Group and Permission
Exploring SDN (Software Defined Network)
Cloud RBAC (Role Based Access Control)
Cloud ABAC (Attributes Based Access Control)
Assessing Crypto Algorithm
Cryptography Penetration Testing
Management Place Attack (AWS-Dashboard)
Automate Penetration Testing on Cloud Infrastructure
Go beyond OWASP Top-10
AWS Enumeration and Post Exploitation Attacks
Privilege Escalation Attack to gain access
Performing Penetration Testing on AWS Elastic Compute Cloud (EC2)
Performing Penetration Testing on AWS Simple Storage Service(S3)
IAM Misconfiguration & IAM policy structure
Offensive API Request Attacks
Advanced DOS and DDOS Attack using Automate Bots
Pivoting into Virtual Private Cloud Attacks
Attacking AWS Logging and Security
SSRF Attacks and Security
DNS Penetration Testing
Cloud WAF and Security Implementation
Cloud Infrastructure Defence Technique
Cloud Threat Modelling
Performing Penetration Testing on various other cloud services
Offensive Sniffing in Cloud Infrastructure
Cloud SIEM (Security Incident Event Management)
SECAAS (security as a service)
OAUTH & SAML Bypass
Federated Identity and Cloud Broker Services
Cloud based IDS and IPS Configuration and Management
Report Writing with POC (Proof of Concept)

COURSE FEES

All prices in Indian Rupee (INR).
OCPT Training + Exam + Certification = Rs.82,600/- (Inclusive of taxes)

TALK TO US RIGHT NOW

ENQUIRE NOW
check-circle-ocloudsitemapplus-squarecirclelong-arrow-rightdatabasebinoculars linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram