Pentest "Kungfu" - Advanced Cybersecurity Exploit Workshop - 生產力學院
Pentest "Kungfu" - Advanced Cybersecurity Exploit Workshop
     打印  

    只提供英文版本

    Pentest “Kungfu” – Advanced Cybersecurity Exploit Workshop

    Professional and detailed Explore penetration testing in depth. This advanced workshop explains the purpose and value of pentesting, then shows you how to conduct ethical assessments across on-premise and cloud systems. With hands-on labs, you’ll practice reconnaissance, scanning, safe exploitation, and reporting—so you can identify vulnerabilities early, prioritize fixes, and strengthen your security posture.

    Course Introduction and Objectives

    Penetration test (pentest) is used to uncover the vulnerabilities of the system and the tester can carry out further exploitation to see whether he/she could gain any confidential information and restricted access.

    During the workshop, students will work in groups to dig out vulnerabilities and report their findings. Participants are required to complete assigned mission through hands-on exploration and creative thinking.

    We will use Kali Linux which is a free live CD with various penetration test tools to carry out all the hands-on exercises.

    Hands-on missions experience real-world penetration test techniques.

    Course Content

    Penetration Test Process

    • Penetration test framework, process, methodology and ethics
    • OWASP top 10 vulnerabilities reload
    • Common vulnerabilities and misconfiguration of web application and network
    • Web application and network penetration test as well as Scripting Kungfu
    • Get to know a vulnerability
    • Further Attack: Metasploit – An exploit framework and post-exploitation with Meterpreter scripting
    • More on scripting stuff in Python, NMap Script Engine and Meterpreter Scripting

     Prerequisite

    • Basic Linux and Win32 commands
    • Basic knowledge in TCP/IP and networking concepts
    • Programming and scripting experience but not mandatory
    • Interested in offensive techniques to dig some flaws out

     

    Target Trainees

    • Anyone with an interest in penetration testing
    • IT auditors, system administrator, software developers

    Duration

    2 Days; 09:30 – 17:00

    Venue

    1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong

    Medium of Instruction

    Cantonese with training materials in English

    Course Fee:

    Early bird Price (deadline on 25 February 2026):

    • HK$6,500 per person

    Regular Price

    • HK$6,600 per person

    Trainer

    Mr Bernard KAN

    Bernard KAN is an ISC2 Certified Trainer with over 20 years of information security experience as a security team leader in Banking, Telecommunications industry and CERT community.

    Bernard has been delivering information security training to enterprises, talks to the public in security conference and sharing sessions to NGOs and he was a frequent speaker for security awareness training. He was a part-time lecturer for City University of Hong Kong for a post-graduate Information Security certificate course for six years.

    Bernard acquired several professional certifications including CISSP, GCIA, GCIH, CWSP, CCNP, MCSE and CEC. He also has a Master of Science degree in E-Commerce.

    HK Chapter.

    Certificate of Training

    Participants who have attained 75% or more attendance will be awarded Attendance Certificate.

    Download Full Course