How Not to Suck at Pen Testing
Offered By: YouTube
Course Description
Overview
Learn essential strategies and techniques to improve your penetration testing skills in this comprehensive 52-minute conference talk by John Strand. Explore common pitfalls in pen testing, including scanning issues and the importance of looking beyond automated tools. Discover advanced techniques such as ISR Evilgrade attacks, DNS host analysis, and firewall log analysis for C2 detection. Gain insights on avoiding detection, expanding your testing scope, and adhering to the Penetration Testers Code of Ethics. Enhance your ability to identify vulnerabilities, conduct thorough assessments, and provide valuable security insights to organizations.
Syllabus
Intro
We Have a Problem
Scanning Issues
Looking for Red
Solution
Informational: Directory Listing
Informational: SMTP Server Found
Going Beyond Scanning
Getting Caught
One step forward...
ISR Evilgrade Attacks
Finding New Areas
Techniques: DNS
Host Analysis
C2: Firewall logs
Moving Forward
Penetration Testers Code of Ethics
Related Courses
Ethical HackingIndian Institute of Technology, Kharagpur via Swayam Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax MSc Cyber Security
Coventry University via FutureLearn Network Security - Introduction to Network Security
New York University (NYU) via edX Network Security - Advanced Topics
New York University (NYU) via edX