YoVDO

Zero to Hero - MS17-010-EternalBlue, GPP-cPasswords, and Kerberoasting

Offered By: Cyber Mentor via YouTube

Tags

Penetration Testing Courses Cybersecurity Courses Metasploit Courses Security Assessment Courses Kerberoasting Courses

Course Description

Overview

Dive into an extensive cybersecurity tutorial covering advanced exploitation techniques and penetration testing methodologies. Learn how to scan targets, exploit MS17-010/EternalBlue vulnerabilities, extract data using smbclient, and perform GPP/cPassword attacks and Kerberoasting. Explore post-exploitation enumeration strategies and gain insights into various aspects of cybersecurity careers, certifications, and industry trends through an in-depth Q&A session. Discover valuable resources, tools, and advice for aspiring penetration testers and cybersecurity professionals.

Syllabus

- Welcome.
- Quick housekeeping.
- Scanning our targets.
- Reviewing nmap results for Blue.
- Checking for MS17-010 w/ nmap.
- Exploiting MS17-010 w/ Metasploit and post enumeration.
- Reviewing nmap results for Active.
- Extracting data w/ smbclient.
- GPP/cPassword overview/exploitation.
- Kerberoasting and post enumeration.
- How old is the GPP exploit?.
- Are you running Windows on VM?.
- Is the OSCP still worth it for HR purposes?.
- What sort of credentials to get into pentesting from military?.
- Does Metasploit leave remnants?.
- Errors on GetUsersSPN?.
- Bug bounty hunting certs?.
- Pass the Kerberos hash?.
- Is it better to start on externals before internals?.
- Internal pentest resources?.
- Any experience w/ Rapid7?.
- How fast is your cracking rig?.
- Have you used Commando?.
- Bug bounties for internal?.
- Powershell on assessments?.
- Have you done any Bluetooth attacks?.
- How would I go about starting my own consulting company / business advice?.
- What is your computer setup like?.
- RFID hacking?.
- Finding talent to start a company / do you have to work X amount of years before starting a business.
- Thoughts on cloud certifications?.
- Network vs Web Pentesting in terms of pay, jobs, etc?.
- CS or IT major in college to become a pentester?.
- Is the US the best country to work in for cybersecurity?.
- Is PentesterLab more web app or network focused?.
- Is the Web Application Hacker's Handbook still relevant?.
- Do you run a gaming router?.
- How are you planning to charge companies?.
- Phishing tools?.
- Any assessments that have stumped you?.
- Any wifi stories?.
- Does the blue team actively try to stop you in assessments?.
- Have you ever crashed a server?.


Taught by

The Cyber Mentor

Related Courses

Certified Ethical Hacker (CEH) - Linux Academy's Prep Course
A Cloud Guru
CompTIA PenTest+ Certification
A Cloud Guru
CompTIA Security+ Certification Prep
A Cloud Guru
Advanced Cyber Security Training
EC-Council via FutureLearn
Advanced Python Scripting for Cybersecurity
Infosec via Coursera