This plan includes
- Limitedfree coursesaccess
- Play & PauseCourse Videos
- VideoRecorded Lectures
- Learn onMobile/PC/Tablet
- Quizzes andReal Projects
- Lifetime CourseCertificate
- Email & ChatSupport
What you'll learn?
- Conduct comprehensive network penetration tests to identify vulnerabilities and strengthen network security.
- Perform thorough web application assessments, uncovering and mitigating common vulnerabilities like SQL injection and XSS.
- Master penetration testing methodologies, including reconnaissance, scanning, exploitation, and post-exploitation techniques.
- Utilize threat intelligence effectively to proactively identify, analyze, and mitigate cyber threats, enhancing overall cybersecurity posture.
Course Overview
Pre-requisites
- Prerequisites for the CompTIA Pentest+ course: Basic understanding of cybersecurity concepts. Familiarity with networking principles and protocols. Proficiency in using operating systems such as Windows and Linux. Knowledge of web application basics (HTTP/HTTPS, HTML, etc.). Access to a computer with internet connectivity for hands-on labs and exercises.
Target Audience
- Cybersecurity professionals interested in specializing in penetration testing.
- IT professionals seeking to enhance their skills in identifying and mitigating security vulnerabilities.
- Network administrators and engineers involved in securing network infrastructure.
- Web developers and application security professionals aiming to improve web application security.
- Students and individuals looking to start a career in cybersecurity with a focus on penetration testing.
Curriculum 148 Lectures 21:11:25
Section 1 : Introduction
Section 2 : Demo of the LAB
- Lecture 1 :
- Demo of the LAB
Section 3 : Lesson 1 Scoping Organizational Customer Requirements
- Lecture 1 :
- Cyber Health and Risk management
- Lecture 2 :
- Penetration Testing Processes
- Lecture 3 :
- PCI DSS Payment Card Industry Data security standard
- Lecture 4 :
- GDPR and other laws
- Lecture 5 :
- Identifying Pentesting Frameworks
- Lecture 6 :
- Different penetration testing frameworks.
- Lecture 7 :
- Investigating CVE and CWE
Section 4 : Lesson 2 Defining the Rules of Engagement
- Lecture 1 :
- Assess Environmental Considerations
- Lecture 2 :
- Outline the Rules of Engagement
- Lecture 3 :
- Prepare Legal Documents
Section 5 : Lesson 3 Footprinting and Gathering Intelligence
- Lecture 1 :
- How to access the CompTIA Pentest+ lab
- Lecture 2 :
- Discover the Target
- Lecture 3 :
- Gather information from source code repository
- Lecture 4 :
- Google hacking and Google hacking database
- Lecture 5 :
- Gather information from archive and image search
- Lecture 6 :
- Retrieve Website information
- Lecture 7 :
- Testing ssl and TLS certificate
- Lecture 8 :
- LAB nslookup dig and whois -1
- Lecture 9 :
- Discover Open-Source Intelligence Tools
- Lecture 10 :
- LAB Use tool harvester for gathering emails
Section 6 : Lesson 4 Evaluating Human and Physical Vulnerabilities
- Lecture 1 :
- Social engineering motivation Techniques
- Lecture 2 :
- Social engineering attack
- Lecture 3 :
- Social engineering Countermeasures
- Lecture 4 :
- Some other type of social engineering attacks
- Lecture 5 :
- Physical attacks in the term of social engineering
- Lecture 6 :
- LAB - Social Engineering Toolkit
Section 7 : Lesson 5 Preparing the Vulnerability Scan
- Lecture 1 :
- Overview of Vulnerability
- Lecture 2 :
- Life Cycle of Vulnerability
- Lecture 3 :
- Researching Vulnerabilities - CVE
- Lecture 4 :
- CWE - Common Weakness Enumeration
- Lecture 5 :
- CAPEC- Common Attack Pattern Enumeration and Classification
- Lecture 6 :
- MITRE Attack Adversarial Tactics, Techniques and Common Knowledge
Section 8 : Lesson 6 Scanning Logical Vulnerabilities
- Lecture 1 :
- Web vulnerability scanning with Nikto
- Lecture 2 :
- Web Vulnerability Scanning with Wapiti
- Lecture 3 :
- Vulnerability scanning with OpenVAS
- Lecture 4 :
- OpenVAS Report Analyze
- Lecture 5 :
- Automating Vulnerability Scanning with Nessus
- Lecture 6 :
- Nessus Scan Analyze the scan Report
Section 9 : Lesson 7 Analyzing Scanning Results
- Lecture 1 :
- nmap basic syntax for host discovery in the netowrk
- Lecture 2 :
- Different scanning Techniques to Bypass Firewall, IDS and IPS
- Lecture 3 :
- LAB host discovery by using nmap
- Lecture 4 :
- Different techniques used for scanning ports
- Lecture 5 :
- Fingerprinting and Enumeration with nmap
- Lecture 6 :
- nmap script engine for Vulnerability scanning
Section 10 : Lesson 8 Avoiding Detection and Covering Tracks
- Lecture 1 :
- Flying under the Radar
- Lecture 2 :
- Bypassing network Access Control NAC
- Lecture 3 :
- LOITL and covering the Track.
- Lecture 4 :
- Tiding Logs and Entries
- Lecture 5 :
- Using Steganography to Hide and Conceal Data
- Lecture 6 :
- Data Exfiltration and SSH Channel
- Lecture 7 :
- Netcat and winrm to manage covert channel.
- Lecture 8 :
- Using Proxy and Proxy Chaining
Section 11 : Lesson 9 Network Attacks
- Lecture 1 :
- What is network attacks
- Lecture 2 :
- Load balance or stress testing
- Lecture 3 :
- Protect transmission stream
- Lecture 4 :
- Bluetooth Attacks in Network
- Lecture 5 :
- RFID and NFC Attacks
- Lecture 6 :
- ARP poisoning Attack
- Lecture 7 :
- ARP poisoning attack using ettercap to capture password.
- Lecture 8 :
- Arp Spoofing Attack with arpspoof tool
- Lecture 9 :
- MAC table overflow Attack
- Lecture 10 :
- What mac spoofing attack LAB in Linux
- Lecture 11 :
- VLAN hopping and double Tagging attack
- Lecture 12 :
- DNS poisoning Attack using ettercap
- Lecture 13 :
- Password Attacks
- Lecture 14 :
- Password attack Demonstration LAB
- Lecture 15 :
- Pass the hash Attack and Kerboroasting Attack
- Lecture 16 :
- Kerboroasting a Complete LAB demo
- Lecture 17 :
- On path attack in Network
- Lecture 18 :
- LLMNR and NBT-NS Poisoning Attack with Example and LAB
- Lecture 19 :
- Advance password attacks and prevention techniques
- Lecture 20 :
- NAC Bypass Attack in Network
- Lecture 21 :
- Using Reverse and bind Shell LAB
- Lecture 22 :
- Exploit Resources Exploit-DB or Chaining
Section 12 : Lesson 10 Testing Wireless Networks
- Lecture 1 :
- Securing Wireless Communication
- Lecture 2 :
- Signal transmission and Exploitation
- Lecture 3 :
- Quick demo on capture wireless data
- Lecture 4 :
- deauthentication attack inside wireless network
- Lecture 5 :
- LAB deauthentication attack agains wireless network
- Lecture 6 :
- Wi-Fi Jamming Attack
- Lecture 7 :
- Crack WPA and WPA2 key with Demo
- Lecture 8 :
- Cracking WEP - LAB
- Lecture 9 :
- Cracking WPS wireless security
- Lecture 10 :
- Evil Twins attack
Section 13 : Lesson 11 Targeting Mobile Device
- Lecture 1 :
- Mobile device vulnerability and deployment methods
- Lecture 2 :
- Controlling access
- Lecture 3 :
- EMM Security policies and protecting data
- Lecture 4 :
- Vulnerability and protection of Android and iOS device
- Lecture 5 :
- Attacking on mobile platforms
- Lecture 6 :
- Moving through attacks and spyware
- Lecture 7 :
- Bluetooth attack and malware analysis
Section 14 : Lesson 12 Attacking Specialized Systems
- Lecture 1 :
- Identify Vulnerabilities and attacks on IoT Devices
- Lecture 2 :
- Leveraging the Protocols
- Lecture 3 :
- LAB Discovering IoT devices with Shodan
- Lecture 4 :
- Recognize Other Vulnerable Systems
Section 15 : Lesson 13 Web Application-Based Attacks
- Lecture 1 :
- Exposing Sensitive Data with improper error handling
- Lecture 2 :
- Missing Input Validation and Signing the Code
- Lecture 3 :
- Causing a Race condition
- Lecture 4 :
- Hijacking Session Credentials
- Lecture 5 :
- Crafting Request Forgery Attacks
- Lecture 6 :
- Privilege Escalation
- Lecture 7 :
- Upgrading a Non-Interactive Shell
- Lecture 8 :
- Identifying SQLi Vulnerabilities
- Lecture 9 :
- Traversing Files Using Invalid Input
- Lecture 10 :
- Executing Cross Site Scripting XSS attack and Web proxy
- Lecture 11 :
- LAB SQL Injection Attack
- Lecture 12 :
- Overview of Web Testing Tools
- Lecture 13 :
- Exploring the Browser Exploit Framework BeEF
Section 16 : Lesson 14 Performing System Hacking
- Lecture 1 :
- Objectives Perform System Hacking
- Lecture 2 :
- Net framework and Powershell in Windows 10
- Lecture 3 :
- Command and Control C2 Frameworks
- Lecture 4 :
- LAB Using Reverse Shell and Bind Shell
- Lecture 5 :
- Remote Access Tool - Netcat
- Lecture 6 :
- Communicating withing a Secure Shell (SSH)
- Lecture 7 :
- Analyze Exploit code
Section 17 : Lesson 15 Scripting and Software Development
- Lecture 1 :
- Analyzing and automating tasks using scripting
- Lecture 2 :
- Basic understanding about scripting languages
- Lecture 3 :
- LAB Exploring Programming Shells
- Lecture 4 :
- Basics of logic construct
- Lecture 5 :
- Data structure in python
- Lecture 6 :
- LAB Automate the penetration testing process
- Lecture 7 :
- Automate Penetration Testing
Section 18 : Lesson 16 Leveraging the Attack Pivot and Penetrate
- Lecture 1 :
- Password cracking method online and offline
- Lecture 2 :
- Dictionary attack and bypass lockout policy
- Lecture 3 :
- Bruteforce and password spraying attack
- Lecture 4 :
- Test Credential as Linux and Windows
- Lecture 5 :
- LAB password attack
- Lecture 6 :
- LAB post exploitation Techniques
Section 19 : Lesson 17 Communicating During the PenTesting Process
- Lecture 1 :
- Define and outlining the communication Path
- Lecture 2 :
- Communicating with Client Counterparts
- Lecture 3 :
- Defining Contacts
- Lecture 4 :
- Triggering Communication Events and Prioritize findings
- Lecture 5 :
- Providing Situational Awareness and Criminal Activity
- Lecture 6 :
- Triggering and Investigating False Positives
- Lecture 7 :
- Presenting the Findings
- Lecture 8 :
- Sharing and Building Reports with Dardis and Nessus
Section 20 : Lesson 18 Summarizing Report Components
- Lecture 1 :
- Identify Report Audience
- Lecture 2 :
- List Report Contents
- Lecture 3 :
- Define Best Practices for Reports
Section 21 : Lesson 19 Recommending Remediation
- Lecture 1 :
- Hardening the System
- Lecture 2 :
- Sanitizing User Input
- Lecture 3 :
- Implementing Multifactor Authentication MFA
- Lecture 4 :
- Encrypting the password
- Lecture 5 :
- Process-Level Remediation and Patch Management
- Lecture 6 :
- Key rotation and Certificate Management
- Lecture 7 :
- Providing Secret Management Solution and Network Segmentation
Our learners work at
Frequently Asked Questions
How do i access the course after purchase?
It's simple. When you sign up, you'll immediately have unlimited viewing of thousands of expert courses, paths to guide your learning, tools to measure your skills and hands-on resources like exercise files. There’s no limit on what you can learn and you can cancel at any time.Are these video based online self-learning courses?
Yes. All of the courses comes with online video based lectures created by certified instructors. Instructors have crafted these courses with a blend of high quality interactive videos, lectures, quizzes & real world projects to give you an indepth knowledge about the topic.Can i play & pause the course as per my convenience?
Yes absolutely & thats one of the advantage of self-paced courses. You can anytime pause or resume the course & come back & forth from one lecture to another lecture, play the videos mulitple times & so on.How do i contact the instructor for any doubts or questions?
Most of these courses have general questions & answers already covered within the course lectures. However, if you need any further help from the instructor, you can use the inbuilt Chat with Instructor option to send a message to an instructor & they will reply you within 24 hours. You can ask as many questions as you want.Do i need a pc to access the course or can i do it on mobile & tablet as well?
Brilliant question? Isn't it? You can access the courses on any device like PC, Mobile, Tablet & even on a smart tv. For mobile & a tablet you can download the Learnfly android or an iOS app. If mobile app is not available in your country, you can access the course directly by visting our website, its fully mobile friendly.Do i get any certificate for the courses?
Yes. Once you complete any course on our platform along with provided assessments by the instructor, you will be eligble to get certificate of course completion.For how long can i access my course on the platform?
You require an active subscription to access courses on our platform. If your subscription is active, you can access any course on our platform with no restrictions.Is there any free trial?
Currently, we do not offer any free trial.Can i cancel anytime?
Yes, you can cancel your subscription at any time. Your subscription will auto-renew until you cancel, but why would you want to?
Instructor
6664 Course Views
8 Courses