Download Training Directory (2021) Download Now

May 2019

Professional Certificate in Offensive Security Techniques Using Kali Linux

Course Information

Start Date25 May 2019, Saturday
End Date26 May 2019, Sunday
Time09:00 am - 05:00 pm
Venue100 Orchard Road, Concorde Hotel Singapore
Fee$500 (Excluding GST) Inclusive of course materials
Contact6720 3333 (Ms Chye Fen) chyefen@asm.edu.sg
Register Now
Get Group Quote
LIVE Stream


With the proliferation of communication networks and the corresponding increase in connectivity, the objective of cybersecurity to “secure and protect information and communications from unauthorized and malicious users” frequently requires the cybersecurity specialist to think like an attacker in order to discover vulnerabilities and weak points in network and computer infrastructure so that these can be fixed. This procedure, which is called penetration testing (or pen testing), is facilitated by many software platforms and tools for this purpose, the best-known platform being the Kali Linux OS and suite of tools.

A 2 Days Hands-On Workshop to Understanding Kali Linux Under the Hood

In this 2-day workshop, a comprehensive introduction to Kali Linux and its most widely-used pen testing tools will be provided. The workshop is designed for Digital forensics and cyber security professionals. In this workshop, we will introduce the Kali Linux security auditing distribution, its history, development, architecture, and features. We will delve into how we got to where we are today, how penetration-testing tools are evaluated for inclusion in the distribution, and a look at the road ahead. If we have enough time, we’ll also dabble with altering and patching Kali packages. One of the most powerful features of Kali Linux is the ability to create your own flavours of the distribution containing customized tools, desktop managers, and services. This workshop will show you how to create your own personalized Kali Linux ISO, customizing virtually every aspect using the live-build utility and making efficient use of the various meta-packages available in Kali.

Course Breakdown

In the first day, an introduction to Virtual Machines, Virtualbox and basic Linux usage is offered, along with an introduction to basic network protocols and packet capturing.

In the second day, simple network attacks are described and actually implemented in Virtual Machines and specific tools, such as scapy and Metasploit, are presented.

Using a mix of tutorial-style presentations and hands-on practice, including implementing and programming simple network attacks in a controlled environment.

Course Outlines

Day 1

  • Introduction to Virtual Machine VMware or Virtualbox
  • Installing Kali Linux, Update and Upgrade kali Tools
  • Basic Linux configuration & Linux Commands
  • Introduction on Vulnerability Assessment and Penetration Testing
  • Penetration Testing Methodology
  • Frameworks and Compliance
  • Brief overview of Passive & Active information Gathering techniques and Tools
  • Brief overview of network protocols & Network Mapping
  • What is the port scanning & how to identify application resources?
  • Introduction to network Packets analysis & Sniffing with Wireshark & Tcpdump
  • Man-in-the middle (MITM) attacks with ARP poisoning – Ettercap
  • Xerosploit Framework

Day 2

  • Vulnerability Scanning & Exploits
  • Web Application Attacks – HTTP fingerprinting, MySQL SQL Injection & Cross Site Scripting (XSS)
  • Introduction to Burp Suite Pro
  • Password Attacks & Privilege Escalation
  • Wireless Penetration Testing & WEP and WPA/WPA2-PSK Cracker – Aircrack-ng
  • An introduction to Metasploit Framework

“This was my second workshop with Ali. He is definitely still a great teacher and an irreplaceable resource for best practice tips and questions on current events in the industry. The number one quality that I like about Ali and his courses is that he is extremely patient, well-prepared and succinct.” – Juliana Low, Assistant Manager for Spotify Singapore

“Ali did an incredible job. I have been to hundreds of hours of training seminars and this is one of the best. I actually learned useful, practical materials and greatly improved my logic for my work and personal life. This is how corporate training should benefit participants.” – Mohammad Ismail, Business Development Manager for the Ministry of Manpower, Singapore

“The class size was kept to a moderate size which was a big relief – I was able to maximise my engagement and learning in this specialised course. Ali was also able to answer all my questions. He is definitely a subject expert in his field. I will be enrolling in the Graduate Diploma Programme that he is also facilitating.”  – Shruti Krishnan, IT Development Manager, Singapore Customs

Trainer Profile


Ali Fazeli has been involved in the information technology field since his younger days. He later pursued higher education in the field of Internet security and management from Curtin University, Australia. He is a highly interactive and innovative trainer, whose work is based on research and applied knowledge from extensive experiences in computer security, data recovery, digital forensic investigation, anti-forensic and cyber war.

For more than a decade in his career, Ali has assisted and trained numerous information technology security professional in Asia. He is accredited as a specialist in the successful investigation and prosecution of fraudsters from the dark and underworld of Internet.

Ali is one of the most versatile IT security professional and expert in the world, having taken on roles and responsibilities ranging from becoming an advisory expert to guidance consultant. Today, he spends a substantial amount of his time consulting, advising and training IT security professionals. Ali has also contributed extensively to helping numerous governments and private organizations face IT risks and provide security recommendations. Some of his clients include Nanyang Polytechnic, Grant Thornton, the Singapore Armed Forces (SAF) and the Singapore Police Force (SPF).