Zero to Hero - MS17-010-EternalBlue, GPP-cPasswords, and Kerberoasting
Offered By: Cyber Mentor via YouTube
Course Description
Overview
Syllabus
- Welcome.
- Quick housekeeping.
- Scanning our targets.
- Reviewing nmap results for Blue.
- Checking for MS17-010 w/ nmap.
- Exploiting MS17-010 w/ Metasploit and post enumeration.
- Reviewing nmap results for Active.
- Extracting data w/ smbclient.
- GPP/cPassword overview/exploitation.
- Kerberoasting and post enumeration.
- How old is the GPP exploit?.
- Are you running Windows on VM?.
- Is the OSCP still worth it for HR purposes?.
- What sort of credentials to get into pentesting from military?.
- Does Metasploit leave remnants?.
- Errors on GetUsersSPN?.
- Bug bounty hunting certs?.
- Pass the Kerberos hash?.
- Is it better to start on externals before internals?.
- Internal pentest resources?.
- Any experience w/ Rapid7?.
- How fast is your cracking rig?.
- Have you used Commando?.
- Bug bounties for internal?.
- Powershell on assessments?.
- Have you done any Bluetooth attacks?.
- How would I go about starting my own consulting company / business advice?.
- What is your computer setup like?.
- RFID hacking?.
- Finding talent to start a company / do you have to work X amount of years before starting a business.
- Thoughts on cloud certifications?.
- Network vs Web Pentesting in terms of pay, jobs, etc?.
- CS or IT major in college to become a pentester?.
- Is the US the best country to work in for cybersecurity?.
- Is PentesterLab more web app or network focused?.
- Is the Web Application Hacker's Handbook still relevant?.
- Do you run a gaming router?.
- How are you planning to charge companies?.
- Phishing tools?.
- Any assessments that have stumped you?.
- Any wifi stories?.
- Does the blue team actively try to stop you in assessments?.
- Have you ever crashed a server?.
Taught by
The Cyber Mentor
Related Courses
Network SecurityGeorgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent