Penetration Testing Essential Training

Penetration testing is an in-demand skill for cybersecurity professionals, and this course provides a solid hands-on overview of popular pen testing tools and techniques.

Introduction

• Establishing a solid foundation to progress into a career of penetration testing
• What you should know
• Disclaimer

1. What Is Pen Testing?

• Pen testing overview
• The cyber kill chain
• The MITRE ATT&CK repository

2. Pen Testing Tools

• Scanning networks with Nmap
• A netcat refresher
• Capturing packets with tcpdump
• Work with netstat, nbtstat, and arp
• Scripting with PowerShell
• Extending PowerShell with Nishang
• What is Active Directory?
• Analyze Active Directory with BloodHound

3. Bash Scripting

• Refreshing your Bash skills
• Controlling the flow in a script
• Using functions in bash

4. Python Scripting

• Refresh your Python skills
• Use the system functions
• Use networking functions
• Work with websites
• Access SQLite databases
• Using Scapy to work with packets
• Leveraging OpenAI for testing

5. Kali and Metasploit

• A Kali refresher
• Fuzzing with Spike
• Information gathering with Legion
• Using Metasploit
• Scan targets with GVM

6. Web Testing

• Approach web testing
• Test websites with Burp Suite
• Check web servers with Nikto
• Fingerprint web servers
• Web server penetration using sqlmap

7. Understand Exploit Code

• Exploit a target
• Finding caves for code injection
• Understand code injection
• Understand command injection
• Understand buffer overflows
• Password spraying Active Directory
• Find exploit code

Conclusion

• What's next