Learn about security testing. Learn how to set up a test environment, plan assessments, identify targets, and execute security tests with popular tools like Nmap and Wireshark.
Overview
Syllabus
Introduction
- The importance of security testing
- What you should know
- Language is important
- Risk assessments
- Calculating risk score
- Security controls assessments
- NIST and ISO
- Compliance assessments
- Vulnerability assessments
- Penetration tests
- Goals of a pen test
- The security assessment lifecycle
- The security tester's toolkit
- Kali Linux
- Nmap
- Nessus
- Wireshark
- Lynis
- CIS-CAT Lite
- Aircrack-ng
- Hashcat
- OWASP ZAP
- OWASP ZAP demo
- Understanding your scope
- Improving over time
- Selecting your methodology
- Selecting your tools
- Basic assessment tools
- Advanced assessment tools
- Documentation review
- Log review
- Log management tools
- Ruleset review
- System configuration review
- CIS-CAT demo
- Network sniffing
- Wireshark demo
- File integrity checking
- Network discovery
- Open-source intelligence
- Network port and service identification
- Nmap demo
- Vulnerability scanning
- Determining severity
- Nessus demo
- Wireless scanning
- Wireless testing process
- Aircrack-ng demo
- Password cracking
- Hashcat demo
- Penetration test planning
- Penetration test tools
- Penetration test techniques
- Social engineering
- SET demo
- Coordinating your assessments
- Data analysis
- Providing context
- Data handling
- Drafting your report
- Delivering your report
- Next steps
- Additional resources
Taught by
Jerod Brennen