How Not to Suck at Pen Testing
Offered By: YouTube
Course Description
Overview
Learn essential strategies and techniques to improve your penetration testing skills in this comprehensive 52-minute conference talk by John Strand. Explore common pitfalls in pen testing, including scanning issues and the importance of looking beyond automated tools. Discover advanced techniques such as ISR Evilgrade attacks, DNS host analysis, and firewall log analysis for C2 detection. Gain insights on avoiding detection, expanding your testing scope, and adhering to the Penetration Testers Code of Ethics. Enhance your ability to identify vulnerabilities, conduct thorough assessments, and provide valuable security insights to organizations.
Syllabus
Intro
We Have a Problem
Scanning Issues
Looking for Red
Solution
Informational: Directory Listing
Informational: SMTP Server Found
Going Beyond Scanning
Getting Caught
One step forward...
ISR Evilgrade Attacks
Finding New Areas
Techniques: DNS
Host Analysis
C2: Firewall logs
Moving Forward
Penetration Testers Code of Ethics
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube