HBO
Introduction au pentest: methodology, web security, and Linux/Windows pentest practice.
Instructor: Daniel De Almeida Braga; Gwendal Patat
Term: M1 CyberSchool / SLM
Location: Universite de Rennes
Time: 22.5 hours (10.5h lectures + 12h TD/labs)
Course Description
This course introduces the fundamental principles, methodology, and good practices of penetration testing. It focuses on how to structure an assessment, choose appropriate tools, document findings, and communicate risk clearly.
The technical content emphasizes web pentesting with OWASP-style vulnerabilities, then extends the methodology to Linux and Windows targets.
At the end of this module, students should be able to:
- Explain the main phases of a pentest engagement.
- Identify and test common web vulnerabilities.
- Use standard pentest tooling in a controlled environment.
- Produce actionable technical findings.
Prerequisites
- Basic Unix and Windows usage.
- Basic networking knowledge.
- Introductory computer-security concepts.
Teaching Language
French, with some material in English.
Schedule
| Topic | Materials |
|---|---|
| Course setup and pentest scope Course expectations, legal/ethical framing, environment setup, and first tooling checks. | |
| Pentest methodology Engagement phases, scoping, information gathering, exploitation reasoning, reporting, and communication. | |
| Web security foundations HTTP, browser/server trust boundaries, common web vulnerabilities, and first hands-on exercises. | |
| OWASP practice SQL injection, XSS, clickjacking, CSRF, and the practice of turning vulnerability classes into test plans. | |
| Passwords and authentication Password attacks, credential handling, authentication weaknesses, and practical defensive implications. | |
| Web pentest Guided web pentest exercise from reconnaissance to exploitation notes and reportable findings. | |
| Linux pentest Practical Linux target assessment, local enumeration, privilege analysis, and exploitation workflow. | |
| Windows pentest Practical Windows target assessment, local enumeration, credential exposure, and privilege escalation reasoning. |