CompTIA PenTest+ (PT0-002) Cert Prep

Introduction to Ethical Hacking and CompTIA PenTest+ (PTO-002)

• Introduction to CompTIA PenTest+ (PT0-002)
• About the CompTIA PenTest+ (PT0-002) exam

1. Planning and Engagement

• Planning a pen test
• Rules of engagement
• Regulatory compliance
• Resources and budgets
• Impact and constraints
• Support resources
• Legal groundwork
• Service provider agreements
• Standards and methodologies, part 1
• Standards and methodologies, part 2
• Environmental and scoping considerations
• Ethical mindset
• Lab environment setup
• Project strategy and risk
• Scope vulnerabilities
• Compliance-based assessments

2. Information Gathering and Vulnerability Scanning

• Scanning and enumeration
• Scanning and demo
• Packet investigation
• Packet inspection demo
• Labtainers setup
• Labtainers lab: Wireshark
• Application and open-source resources
• Passive reconnaissance
• Active reconnaissance
• Vulnerability scanning
• Vulnerability scanning demo
• Labtainers lab: Network basics
• Labtainers lab: Nmap discovery
• Target considerations
• Analyzing scan output
• Nmap scoping and output options
• Nmap timing and performance options
• Prioritization of vulnerabilities
• Common attack techniques
• Automating vulnerability scans
• Credential attacks
• Labtainers lab: Password cracking
• Labtainers lab: Secure Sockets Layer
• Labtainers lab: Routing basics

3. Network-Based Attacks

• Exploit resources and network attacks
• Network-based exploits
• FTP exploit demo
• Man-in-the-middle exploits
• Labtainers lab: TCP/IP attacks
• Labtainers lab: ARP spoof attack
• Labtainers lab: Local DNS attacks
• Labtainers lab: MACs and hash functions

4. Wireless and RF Attacks

• Wireless exploits, part 1
• Wireless exploits, part 2
• Antennas

5. Web and Database Attacks

• OWASP Top 10
• Application exploits, part 1
• SQL injection demo
• Labtainers lab: SQL injection
• Application exploits, part 2
• Application exploits, part 3
• Cross-site scripting demo
• Labtainers lab: Cross-site scripting
• Labtainers lab: Cross-site request forgery
• Code vulnerabilities
• API attacks and attack resources
• Privilege escalation: Linux
• Privilege escalation: Windows
• Miscellaneous privilege escalation
• Miscellaneous local host vulnerabilities

6. Attacking the Cloud

• Cloud attacks, part 1
• Cloud attacks, part 2

7. Specialized and Fragile Systems

• Mobile attacks
• IoT attacks
• Data storage and management interface attacks
• Virtual and containerized environment attacks
• Labtainers lab: Industrial control system

8. Social Engineering and Physical Attacks

• Pretext for a social engineering attack
• Remote social engineering
• Spear phishing demo
• In-person social engineering
• Physical security

9. Post-Exploitation

• Post-exploitation techniques
• Post-exploitation tools
• Network segmentation testing
• Persistence and stealth
• Detection avoidance techniques

10. Post-Engagement Activities

• Report writing
• Important components of written reports
• Mitigation strategies
• Technical and physical controls
• Administrative and operational controls
• Communication
• Presentation of findings
• Post-report activities
• Data destruction process

11. Tools and Code Analysis

• Using scripting in pen testing
• Bash scripting basics
• Bash scripting techniques
• PowerShell scripts
• Ruby scripts
• Python scripts
• Scripting languages comparison
• Data structures, part 1
• Data structures, part 2
• Libraries
• Classes
• Procedures and functions
• Perl and JavaScript

12. Tools Inventory

• Pen testing toolbox
• Using Kali Linux
• Scanners and credential tools
• Code-cracking tools
• Open-source research tools
• Wireless and web pen testing tools
• Remote access tools
• Analyzers and mobile pen testing tools
• Other pen testing tools
• Labtainers lab: Metasploit framework
• Labtainers lab: Wireshark packet inspection
• Labtainers lab: SSH