Exploration of the fundamental concepts, tools and techniques of pentesting and ethical hacking. Perform a pentest on a simulated infrastructure and write a findings report.
Web vulnerability analysis (OWASP Top 10) and web application security techniques. Analysis and exploitation of vulnerabilities in a vulnerable web application (OWASP Juice Shop).
Introduction to exploit development and binary analysis via reverse engineering. Developing an exploit for a known vulnerability in a simulated environment.
Firewall configuration and management, threat detection and prevention. Configure a firewall with advanced rules to block simulated attacks.
Fundamental techniques for collecting and analyzing digital evidence. Analysis of hard disks and logs to identify an intrusion in a simulated environment.
Analyze event logs and master SIEM tools. Implement and analyze alerts in a SIEM (e.g. Splunk) to detect an attack.
Project management in cybersecurity, agile methodologies and project risk management. Creation of a project plan for a multi-team pentesting campaign.
Fundamental concepts of risk management and introduction to governance frameworks (ISO 27001, NIST). Risk analysis of a fictitious infrastructure and proposal of corrective measures.
Develop skills in professional English, with a focus on written and oral communication adapted to technical and international contexts.
Planning, organization and execution of Red Team operations. Full simulation of a Red Team operation with delivery of technical and managerial reports.
Advanced pentesting and privilege escalation techniques on various systems. Privilege escalation on a simulated Windows and Linux environment.
Automate offensive tasks with C2 frameworks and custom scripts. Set up a simulated environment and automate a complete offensive campaign with reporting.
Advanced exploitation of complex web vulnerabilities (advanced injections, XXE, RCE). Exploit a web application with advanced SQL injection and server takeover.
Creation and deployment of custom payloads and shellcode for various systems. Development of custom payloads and deployment via Metasploit or custom tools.
Malware development and advanced evasion techniques. Creation and testing of malware capable of bypassing antivirus software in an isolated laboratory.
Structure and present professional reports for Red Teaming missions. Write and present a professional report based on a simulated offensive operation.
Use AI to optimize offensive tasks and simulate advanced opponents. Develop an AI-based automation tool for reconnaissance or exploitation.
Develop skills in professional English, with a focus on written and oral communication adapted to technical and international contexts.
