Complete Guide to Penetration Testing

سرفصل های دوره

In this comprehensive course, cybersecurity expert Malcolm Shore provides training in the three key areas of scripting—bash, Python, Powershell—and highlights the use of Kali Linux. Explore the use of basic tools for enumeration, vulnerability detection, and file transfer. Go over testing the different environments that a pen tester will encounter, such as web, cloud, active directory, and wireless. Learn about password brute force and cracking techniques, code injection through SQL, and the use of web and command shells. Discover how the key tools that come with Kali can be used to run exploits and how exploits work. Plus, go over the basics of malware reverse engineering and analysis.

01 - Introduction

01 - Introduction to complete pen testing

02 - What you should know

03 - Disclaimer

02 - 1. What is Pen Testing

01 - What is pen testing

02 - Pen testing frameworks

03 - The cyber kill chain

04 - The MITRE ATT&CK repository

05 - Scope of pen testing

06 - Note taking

07 - Living off the land

03 - 2. Setting Up a Pen Test Lab

01 - Using a cyber lab

02 - Crafting attacks with Kali Autopilot

03 - Using VulnHub servers in a cyber range

04 - Generating implants with sliver

04 - 3. The Basic Toolset

01 - A Kali refresher

02 - Scanning networks with Nmap

03 - Using Nmap scripts

04 - Open source information from Shodan

05 - A netcat refresher

06 - Relaying between network zones

07 - Capturing packets with tcpdump

08 - Working with netstat, nbtstat, and arp

09 - Generating shells with msfvenom

10 - Using Metasploit

11 - Using PowerHub

05 - 4. Scripting in Windows with PowerShell

01 - Basics of PowerShell

02 - PowerShell variables and control flow

03 - PowerShell for pen testers

04 - Extending PowerShell with Nishang

05 - Bypassing the antimalware service

06 - Post-exploitation with PowerShell Empire

06 - 5. Scripting in Linux with Bash

01 - Refreshing your Bash skills

02 - Controlling the flow in a script

03 - Using functions in Bash

07 - 6. Python Scripting

01 - Refreshing your Python skills

02 - Using the system functions

03 - Using networking functions

04 - Working with websites

05 - Accessing SQLite databases

06 - Using Scapy to work with packets

07 - Leveraging OpenAI for testing

08 - 7. Commonly Used Kali Tools

01 - Introducing password recovery

02 - Using command line tools for dictionaries

03 - Having a ripping good time

04 - Running an exploit from Kali

05 - Fuzzing with Spike

06 - Information gathering with Legion

07 - Using Metasploit

08 - Scan targets with GVM

09 - 8. Web Testing

01 - A refresher on web technology

02 - Approaches to web testing

03 - Refreshing your basic web testing skills

04 - Fingerprinting web servers

05 - A refresher on web shell implants

06 - Web server penetration using SQLMap

07 - Busting open websites

08 - Testing websites with Burp Suite

09 - Exploiting message headers with Burp Suite

10 - Exploiting your way into the gym

11 - Understanding CMS targets

12 - Getting into WordPress

13 - Shelling through WordPress

14 - Exploiting Joomla via SQL

10 - 9. Testing Active Directory

01 - Understand Active Directorys role in security

02 - What are Active Directory Domain Services

03 - Interact with Active Directory at the command line

04 - Active Directory security audit

05 - Password spraying Active Directory

06 - Use CrackMapExec to access and enumerate AD

07 - Set the BloodHound loose

08 - What is Kerberos

09 - Kerberos brute forcing attacks

10 - Carry out a Kerberos roasting

11 - 10. Understanding Exploits

01 - Exploiting a target

02 - Spraying passwords with Hydra

03 - Understand code injection

04 - Understand buffer overflows

05 - Finding exploit code

12 - 11. Wireless Testing

01 - Understanding wireless networks

02 - Selecting an antenna

03 - Heat mapping with Ekahau

04 - Scanning with Vistumbler

05 - Using wifite and Aircrack-ng to test WPA passwords

06 - Scanning and attacking with Fluxion

13 - 12. Introduction to Malware Analysis

01 - The evolution of malware

02 - How malware works

03 - Analyzing BlackEnergy and GreyEnergy

04 - Using reverse engineering to understand code

14 - 13. Testing in the Clouds

01 - Cloud security guidance

02 - Essential characteristics

03 - Cloud services

04 - Infrastructure as a service

05 - Platform as a service

06 - Software as a service

07 - Microsoft Azure

08 - Amazon Web Services

09 - Unauthorized public access to buckets

10 - Unauthorized user access to buckets

11 - Searching for account keys

15 - Conclusion

01 - Next steps

439,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: LinkedIn Learning (Lynda)