Penetration testing is one of the best ways to find out if your security will hold. Learn how to identify vulnerabilities in your network, computers, and applications.
Overview
Syllabus
Introduction
- Build a foundation in penetration testing
- What you need to know
- Disclaimer
- Pen testing overview
- The cyber kill chain
- The MITRE ATT&CK repository
- Scan networks with Nmap
- A Netcat refresher
- Capture packets with tcpdump
- Work with netstat, nbtstat, and arp
- Script with PowerShell
- Extend PowerShell with Nishang
- Refresh your Bash skills
- Control the flow in a script
- Use functions in Bash
- Refresh your Python skills
- Use the system functions
- Use networking functions
- Work with websites
- Drive Metasploit through Python
- Access SQLite databases
- Use Scapy to work with packets
- A Kali refresher
- Fuzzing with Spike
- Information gathering with Legion
- Using Metasploit
- Exploit with Armitage
- Scan targets with GVM
- Managing GVM problems
- Approach web testing
- Test websites with Burp Suite
- Check web servers with Nikto
- Fingerprint web servers
- Web server penetration using sqlmap
- Exploit a target
- Understand code injection
- Understand buffer overflows
- Find exploit code
- Next steps
Taught by
Malcolm Shore
