» Passive recon methods » Determining IP ranges » Scanning tools and techniques » Port scanning » OS fingerprinting » Service version scans » Advanced scanning techniques » Vulnerability scanning and mapping Day 2: Exploitation » Exploitation phase » Types of exploits » Finding and using exploits » Metasploit framework components

» Physical Recon » Getting Started with Social Engineering » Social Engineering Tactics » Pretexting » Phishing, Vishing, SMiShing » Physical and Digital Surveillance » Wireless Recon » DNS and SNMP Recon » Identifying Possible Attack Vectors Day 1 Day 2 Day 3 Day 4 Day 5 Morning session Introduction to Red Team Operations

» DNS and SNMP recon » Lab: SNMP recon » Host and port scanning » Security considerations » Scanning tools and techniques » Lab: Scanning ICS/SCADA networks » Network communications capture and analysis » RF signal capture » Sniffing network traffic » Device functionality analysis » Lab: Datasheet analysis