SC400: Hacking & Pentesting Basics

Training: Security

Participants learn how hackers think and conduct attacks. In the hacking lab, they practically apply common techniques, receive tools, and practice their use. The course teaches how to plan, execute, and evaluate penetration tests in a professional manner to systematically uncover vulnerabilities and effectively improve the security of their own systems.

Presence training Presence training

Start: 2025-11-24 | 10:00 am

End: 2025-11-28 | 01:30 pm

Location: Nürnberg

Price: 2.950,00 € plus VAT.

Presence training Presence training

Start: 2026-02-02 | 10:00 am

End: 2026-02-06 | 01:30 pm

Location: Nürnberg

Price: 2.950,00 € plus VAT.

Presence training Presence training

Start: 2026-06-15 | 10:00 am

End: 2026-06-19 | 01:30 pm

Location: Nürnberg

Price: 2.950,00 € plus VAT.

Presence training Presence training

Start: 2026-08-31 | 10:00 am

End: 2026-09-04 | 01:30 pm

Location: Nürnberg

Price: 2.950,00 € plus VAT.

Presence training Presence training

Start: 2026-11-23 | 10:00 am

End: 2026-11-27 | 01:30 pm

Location: Nürnberg

Price: 2.950,00 € plus VAT.

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • Chapter 1
    • Live hacking demo
    • Basics (the hackers view)
      • From MIT hacker on the roof to Emotet
      • World map of hacker groups
      • How not to get caught
      • Cyber Kill Chain /Attack Matrix
      • Legal fundamentals
      • Ethical hacking rules
      • Proper documentation
      • How BugBountys work
    • Open Source Intelligence
      • Darknet, Google™-Dorking, Shodan, Robtex, RIPE
      • TheHarvester, Maltego
      • Web research with AI tools: usage of AI assistants for prioritization, source finder and automation of research streams

  • Chapter 2
    • Strategy and tactics
    • Phishing /E-Mail-Attacking
      • Basics of e-mail attacks
      • E-Mail-protection (spam/junk/DMARC/SPF/blacklist)
      • Legal and ethical aspects
      • We build a malicious macro (Conceptual)
      • Phishing -- vishing -- smishing
      • Phishing as awareness module
      • Setup of own GoPhish server
      • Creating campaigns
      • Working with templates
      • Hacking with LLMs: possible uses of language models for social engineering scripts, template generation, and automation support
    • WLAN hacking
      • Classic techniques and protection measures
      • Hacking tools on Raspberry basis (Pwnagotchi, Björn-Images): setup concepts, usage scenarios and defense considerations (hands-on Lab)
    • Man-in-the-middle attacks

  • Chapter 3
    • USB hacking
      • USB-Ninja, BashBunny, Keylogger
      • RubberDucky /Digispark
    • Data theft by insider threats
    • Network sniffing and scanning general
      • Basics: ARP-Poisoning, Routing, IP-Tables, Firewalls
      • Tools: NMAP, Wireshark, own Raspberry tools (instead of SharkJack)
    • Tunneling (ICMP, DNS)
    • Infection persistence
      • Schedule tasks, backdoors, covering tracks
    • Automated pentest solutions: overview of automation frameworks, CI/CD integrations and orchestration of scan/exploit pipelines (concept, demo)

  • Chapter 4
    • Lateral movement + pivilege escalation
    • Password complexity and attacks
    • Introduction to Metasploit
    • Password cracking and rainbow tables
    • Web hacking introduction
      • OWASP TopTen, BurpSuite, CrossSite, SQL-Injection
      • Automated web tests & AI assistance: usage of automatic scanners, scriptable Burp workflows and AI-supported analysis aids (overview & practical examples)

  • Chapter 5
    • Vulnerabilities in applications: buffer overflows
    • Pentesting vs. vulnerability scans
    • Cryptography: certificates /encryption
    • Final test

  • Give-Aways / materials:
  • You will receive the following materials additionally:
    • Security trophies
    • Raspberry-Kit incl. ink display and pre-configured images (Pwnagotchi / Björn) — tool construction kit for own LAN/WLAN prototypes
    • DigiSpark with demo payloads
    • Kali-Linux-VM, cheat sheets and scripts
    • Permanent access to link platform with over 300 services and tools
    • Certificate

Objectives:

  • Understanding the mindset and techniques of attackers
  • Practical application of classic hacking methods in legal, controlled lab environments
  • Ability to design and use your own Raspberry-based proof-of-concept tools (Lab Scope)
  • Classification and use of modern tools: LLMs to support recon/phishing templates, AI tools for web research, and automated pentest solutions
  • Knowledge of legal frameworks, documentation requirements and ethical hacking standards

Target audience:

Hacking & Penetration Testing - Basics targets IT professionals and specialists who want to learn and understand approaches, methods and techniques of hackers in order to verify the security of their own systems and to better assess the effectiveness of their own countermeasures. For IT forensics specialists it provides the perspective through the lens of the perpetrator and thus the knowledge to conduct investigations more precisely and efficiently.

Prerequisites:

Our workshop SC400 Hacking & Pentesting Basics is a basic course. Knowledge of IP networks, the WWW and common operating systems is required; in-depth Linux or Windows knowledge is not mandatory. Curiosity and passion for hacking are crucial.

Description:

Learn how hackers think and operate from experienced white hats. The course SC400 Hacking & Pentesting Basics combines theoretical inputs with intensive hands-on labs: from OSINT research through phishing campaigns to WLAN and USB attack scenarios. Participants build their own Raspberry-based prototype tools in the course and test them in secure labs, learn how to use Pwnagotchi/Björn images, and evaluate implications for protective measures.

Additionally, modern trends are covered: How do LLMs support recon and social engineering processes? How can AI-powered web research tools accelerate information gathering? What role do automated pentest solutions play in daily security operations?

Assessment / Certificate
The course concludes with a practical final test that combines theoretical and laboratory technical questions. Upon successful completion, participants receive a certificate of participation.

check-icon

Guaranteed implementation:

from 2 Attendees

Booking information:

Duration:

5 Days

Price:

2.950,00 € plus VAT.

(including lunch & drinks)

Exam (Optional):

100,00 € plus VAT.

Testimonials:

Cheerful male participant, representative of all customers who have provided feedback on qSkills' services.
#Testimonials
If qualification, then qSkills™

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.