CompTIA PenTest+ (Ethical Hacking) PT0-001

Includes 2 Bonus Practice Exams. We have added a CompTIA PenTest+ Practice Test and a Certified Ethical Hacker CEH Practice Test.
How to plan and scope a penetration test as a contracted pen tester for a client (as an ethical hacker, you’ll be the good guy and get paid to hack networks!)
How to work within a virtual environment to practice your pen testing skills, including using Oracle VM manager, Kali Linux, Metasploitable, and DVWA
Where to find vulnerabilities and how to penetrate a network in order to run exploits, then how to report those vulnerabilities to the client for remediation
How to gather intel on a network by scanning and enumerating (finding) targets, then searching out the weak points on those targets
How to conduct social engineering attacks, exploit network-based vulnerabilities, and intercept traffic via man-in-the-middle (MITM) attacks on wired and wireless network
How to use pen testing tools like Nmap, Nessus, Nslookup, John the Ripper, Immunity Debugger, Aircrack-NG, Wireshark, and many more
How to write reports, explain post-delivery activities, and recommend remediation strategies to your client

Mike Meyers and the Total Seminars Team, your source for best-selling cybersecurity courses, brings you this ethical hacking and penetration testing course with your instructor Michael Solomon, Ph.D., CISSP, PMP, CISM.

With 30+ years of experience in security, privacy, blockchain, and data science, and an energetic presentation style, Michael takes his proficiency in network penetration testing and consolidates it into this informative and engaging course.

WHY SHOULD I TAKE THIS COURSE?

Did you know penetration testers' average salary is $71,929?* And this career is in one of the fastest-growing job markets**.

Whether you're looking to pass the CompTIA PenTest+ certification exam, take your next step in the CompTIA Cybersecurity Pathway***, or you're just looking to learn some awesome ethical hacking skills, you’re in the right place.

Keep in mind there's much more to being an ethical hacker than what's covered here, including how to secure a network, however this course focuses on how to be a pen tester. A pen tester plans and scopes a pen test engagement with a client, finds vulnerabilities, exploits them to get into a network, then reports on those findings to the client.

This course shows you how to:

Use the tools you’ll need to scan networks, crack passwords, analyze and intercept traffic, discover code vulnerabilities, and compromise resources
Recognize vulnerabilities within a system, run exploits, and suggest solutions to a client to remediate the weak points
Work within a virtual environment to practice your pen testing skills, including using Oracle VM manager, Kali Linux, Metasploitable, and DVWA
Scope, plan, and execute a pen test engagement from start to finish

WHAT'S COVERED?

Exam Domain - Percentage of Exam

1.0 Planning and Scoping - 15%

Explain the importance of planning for an engagement
Explain key legal concepts
Explain the importance of scoping an engagement properly
Explain the key aspects of compliance-based assessments

2.0 Information Gathering and Vulnerability Identification - 22%

Given a scenario, conduct information gathering using appropriate techniques
Given a scenario, perform a vulnerability scan
Given a scenario, analyze vulnerability scan results
Explain the process of leveraging information to prepare for exploitation
Explain weaknesses related to specialized systems

3.0 Attacks and Exploits - 30%

Compare and contrast social engineering attacks
Given a scenario, exploit network-based vulnerabilities
Given a scenario, exploit wireless and RF-based vulnerabilities
Given a scenario, exploit application-based vulnerabilities
Given a scenario, exploit local host vulnerabilities
Summarize physical security attacks related to facilities
Given a scenario, perform post-exploitation techniques

4.0 Penetration Testing Tools - 17%

Given a scenario, use Nmap to conduct information gathering exercises
Compare and contrast various use cases of tools
Given a scenario, analyze tool output or data related to a penetration test
Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell)

5.0 Reporting and Communication - 16%

Given a scenario, use report writing and handling best practices
Explain post-report delivery activities
Given a scenario, recommend mitigation strategies for discovered vulnerabilities
Explain the importance of communication during the penetration testing process

EXAM INFO

Exam code: PT0-001

Max. 85 questions (performance-based and multiple choice)

Length of exam: 165 minutes

Passing score: 750 (on a scale of 100-900)

Exam voucher cost: $349

Recommended experience: Network+, Security+ or equivalent knowledge, minimum 3-4 years hands-on information security or related experience (no required prerequisites to sit for the PenTest+ exam)

HOW DO I TAKE THE COMPTIA PENTEST+ EXAM?

Buy an exam voucher (get your discount voucher at Total Seminars' website), schedule your exam on the Pearson VUE website, then take the exam at a qualifying Pearson VUE testing center

WHAT'S THE BIG DEAL ABOUT THE COMPTIA PENTEST+, ANYWAY?

CompTIA's PenTest+ is the only penetration testing exam taken at a Pearson VUE testing center with both hands-on, performance-based questions and multiple-choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems****

Penetration testing and information security is one of the fastest-growing job category according to the U.S. Bureau of Labor Statistics. It predicts that roles requiring these skills will see 28 percent overall growth by 2026.**

COMPTIA PENTEST+ VS. EC-COUNCIL CEH CERTIFICATIONS

The CompTIA PenTest+ is your quickest and most cost-effective route to a pen testing certification

The PenTest+ includes the latest mobile and cloud penetration testing skills, including IoT, as well as traditional desktop & server systems (CEH covers only traditional desktop & server systems)

The PenTest+ better matches employer needs by covering not just technical topics, but also business processes, project flow, best practices, and professionalism in pen testing (CEH is strictly technical)

The PenTest+ exam voucher costs $349 (compared to the CEH $1150 non-member plus application fee)****

*www.cyberdegrees. org

**US Bureau of Labor Statistics, www.bls. gov

***Check out the PenTest+ Certification Guide.pdf resource in the first section

****www.comptia. org

There are no requirements to take this course, nor are there any requirements to sit for the CompTIA PenTest+ exam, however, basic familiarity with networks and network security is suggested
It’s recommended to be familiar with the information in the CompTIA Network+ and Security+ exams
Although this course is a CompTIA PenTest+ exam prep, it’s also designed for a broader audience, so those without much network security knowledge can still gain valuable information on pen testing and ethical hacking

Anyone interested in ethical hacking, pen testing, vulnerability testing, and network security
Anyone looking to prepare for the CompTIA PenTest+ (PT0-001) exam
Security Analysts, Network Security Ops, Application Security Vulnerability Analysts

Section 1 : Introduction 1 Lectures 00:08:54
Lecture 1 :
Introduction Preview
In this episode, Mike introduces his Network+ video course.
Section 2 : Planning and Scoping 12 Lectures 01:56:33
Lecture 1 :
Planning a Pen Test
Pen tests are large projects and must be planned for accordingly, or else itâ€™s easy for them to get out of scope and become more work than you initially thought. Understand the importance of planning and scoping an engagement using strategy, project management skills, and pen testing resources.
Lecture 2 :
Rules of Engagement
Pen tests are risky at best and can violate security rules or even legislation at worst. Learn how to establish rules of engagement with your client including understanding who they are, what the targetÂ limits are, what the test scope is, and who to communicate with should something go awry during one of your attacks.
Lecture 3 :
Resources and Budgets
There are important factors to consider before you even begin your first attack. Planning out and discussing the resources, requirements, and budget with the client is key to a successful engagement. You need to consider who will provide the resources, like the hardware and software, since each of theseÂ costsÂ money. Establish the budget from the beginning and assign a value to every part of the test, including the cost of your time.
Lecture 4 :
Impact and Constraints
A pen test is more than just a simple test; itâ€™s a large-scale engagement.â€¯Before you begin, you need to explain to your client what the impact of the testsâ€¯mightâ€¯be. If they have any constraints,â€¯such as not attacking a production server,â€¯they should make you aware ofâ€¯themâ€¯since the result could be catastrophic for the business if it went down during one of your attacks.
Lecture 5 :
Support Resources
Itâ€™s important to know what resources you can use toâ€¯be able to successfully attack your targets. This is where software development tools come in handy, since they can shed light on the inner workings of an application, giving you the opportunity to exploit aÂ possible vulnerability. Learn about WSDLs, WADLs, SOAP project files, SDK, swagger, and XSD documentation, sample application requests, and the importance of network architectural diagrams.
Lecture 6 :
Legal Groundwork
Many activities in a pen test are technically against the rulesâ€¯andâ€¯policies, orâ€¯evenâ€¯illegal.â€¯You need to make sure youâ€™re covered legally so you donâ€™t get in trouble forâ€¯doingâ€¯somethingâ€¯during an attack that your clientâ€¯isnâ€™t aware of. This video covers the basics of SOWs, MSAs,â€¯andâ€¯NDAs,â€¯theâ€¯differencesâ€¯betweenâ€¯environments,â€¯nations, cultures, and corporations, and getting written permission to perform theâ€¯tests so you donâ€™t get in to trouble later.
Lecture 7 :
Scope Considerations
Once youâ€™ve discussed high-level planning with your client and finished the legal documentation, youâ€™ll need to drill down to the specifics of what youâ€™re going to do. Your client can help you decide the type of assessment youâ€™ll be doing (goals-based, objectives-based, compliance-based, etc.) and any special scoping considerations, such as 3rd-party vendors who might be involved. The next step after that will be to select the targets to attack based on what the client wants tested.
Lecture 8 :
Lab Environment Setup
This video walks you through how to create a lab environment where you can practice your pen testing skills. Learn how to set up the virtual machine manager Oracle VirtualBox and install virtual machines within it including the toolkit of all toolkits, Kali Linux, and two intentionally vulnerable VMs where you can practice attacking a system, called Damn Vulnerable Web App (DVWA) andâ€¯Metasploitable.
Lecture 9 :
Project Strategy and Risk
A black-box pen tester is someone who knows nothing going into the engagement, and a white-box pen tester is more like a company insider who has a certain amount of knowledge before they begin.â€¯Whichever way you plan to play the role, these are some of the considerations youâ€™ll need to figure out before you begin your pen testing.â€¯Are you whitelisted or blacklisted?â€¯Do you know the layers of security controls your client has?â€¯How invasive will the test be? Learn theâ€¯nuances of how to strategize your engagementâ€¯and prepare the client for the possible risks involved.
Lecture 10 :
Scope Vulnerabilities
As you continue to plan out your pen test, youâ€™ll need toâ€¯lock in the scheduleâ€¯and make sure you wonâ€™t run into scope creep. Youâ€™ll also wantâ€¯toÂ hone in onÂ what type of attacker you are and what your motivations are for attacking. Are you an advanced persistent threat with lots of resources? OrÂ perhaps aÂ script kiddie, hacktivist, or an insider threat?â€¯With all this information, you can build your threat model, aâ€¯valuableâ€¯map forâ€¯what assets youâ€™re going to use and what specific targets you will be attackingâ€¯that will help guide you through the next steps in your pen test.
Lecture 11 :
Compliance-Based Assessments
Compliance-based assessments areâ€¯a bit different than any other type in thatâ€¯standards and regulations outside the clientâ€™s controlâ€¯can change how a pen test must be conducted. Learn how toâ€¯recognizeâ€¯some of these constraints and how to incorporate them into your pen test plan.
Lecture 12 :
Planning and Scoping Quiz
Planning and Scoping Quiz
Section 3 : Surveying the Target 14 Lectures 02:23:38
Lecture 1 :
Scanning and Enumeration
Itâ€™s important to survey the environment and gather all the correct information to determine where any vulnerabilities might lie. By using techniques such as scanning and enumeration, youâ€™ll know exactly where the weak points are on a network and how to classify themâ€¯in order to launch the appropriateâ€¯attacks.
Lecture 2 :
Scanning and Demo
Now that you know what surveying and enumeration are, itâ€™s time to put that knowledge into action. Runningâ€¯Metasploitableâ€¯on a virtual box, you will learn how to use,Â Nmap, ping sweep scan, ARP Scan, andâ€¯whoisâ€¯lookup to determine which targets are the easiest to get to.
Lecture 3 :
Packet Inspection Demo
Many functions of a pen test are only as good as the tools you have available to you. In conjunction withÂ Metasploitable, learn how to use Wireshark, a free and useful application for information gathering and packet inspection, to break down exactly whatâ€™s happening inside each packet sent through the network.
Lecture 4 :
Application and Open-Source Resources
Sometimes, to go forward, you must go backward. Understand how you can use code decompiling and debugging to work backwards and learn a programâ€™s secrets and weaknesses to determine the best way to exploit them. Learn the resources you can use to dig into web application code and how that information can benefit you when planning your attacks.
Lecture 5 :
Vulnerability Scanning
There is no shortage of known vulnerabilities on any computing devices, but how do you match known vulnerabilities with your target's weaknesses? By applying a structured approach, you can find out if specific vulnerabilities exist on a target. Learn about discovery scans, full scans, port scans, stealth scans, and compliance scans.
Lecture 6 :
Vulnerability Scanning Demo
Now that you know the various methods for testing vulnerabilities, see exactly how to use stealth scanning, port scanning, OS fingerprinting, andÂ OpenVasÂ to assess vulnerabilities.
Lecture 7 :
Target Considerations
There are some very important considerations toÂ take into accountÂ when planning an attack. Learn the importance of finding out whether youâ€™re attacking a physical machine, virtual machine, or container and what the best analysis tool is to use. Learn how to map targets to business value so you can focus on what vulnerability will hurt the business the worst.
Lecture 8 :
Nmap Timing and Performance Options
Being fast is normally great, but as a pen tester fast can mean creating a lot of network traffic, unintentionally alerting your target that something is happening. When you need to fly under the radar, use Nmap (along with helpful cheat sheet), to help you stealthily apply your vulnerability scans so thereâ€™s less chance of being detected.
Lecture 9 :
Prioritization of Vulnerabilities
Youâ€™ve ranked your assets, vulnerabilities, and exploits, now itâ€™s time to make a priorities list and leverage that information to plan your penetration tests. Use powerful Nmap scripts to map those vulnerabilities to potential exploits.
Lecture 10 :
Common Attack Techniques
There are many pen testing techniques and often they are used together to successfully attack a target. Learn some of the more common attack techniques such as exploit modification, exploit chaining, social engineering, credential brute forcing, and enlightened attacks.
Lecture 11 :
Credential Attacks
This video walks you through the process of a brute force attack. With a list of usernames and passwords, and anÂ ipÂ address and a port number, you will see how the Hydra tool can help you become an authorized user.
Lecture 12 :
Weaknesses in Specialized Systems
A lot of the targets youâ€™ve learned about so far are geared towards servers, but there are specialized systems that have unique weaknesses. Learn about those systems and how to exploit their vulnerabilities.
Lecture 13 :
Packet Investigation
Lecture 14 :
Surveying the Target
Surveying the Target
Section 4 : Selection Your Attack Vector 22 Lectures 03:16:36
Lecture 1 :
Remote Social Engineering
Social engineering takes advantages of one of the greatest vulnerabilities of a client â€“ the people who work there. As a pen tester, one of the easiest ways to gain access is by tricking authorized users into giving up sensitive information. Learn about the basics of phishing, including spear phishing, SMS phishing and whaling.
Lecture 2 :
Spear Phishing Demo
Now that you understand what social engineering attacks are, learn how to use Kali Linux to launch a mass email spear phishing attack with a few simple commands.
Lecture 3 :
In-Person Social Engineering
In-person social engineering attacks are usually successful because people often want to be helpful and will rarely say â€œnoâ€ to someone face-to-face. These include elicitation, interrogation, impersonation, shoulder surfing, and USB key drops. Itâ€™s also important to include multiple elements of what motivates people to give up sensitive information such as authority, scarcity, social proof, urgency, likeness, and fear.
Lecture 4 :
Network-Based Exploits
This video covers a high-level overview of the various network-based protocols and their vulnerabilities. These include NETBIOS Name Service (NBNS), LLMNR (Link-Local Multicast Name Resolution), DNS and ARP poisoning, SMB (Server Message Block), SNMP (Simple Network Management Protocol), SMTP (Simple Mail Transport Protocol), and FTP (File Transfer Protocol).
Lecture 5 :
FTP Exploit Demo
In this video, learn how to launch an FTP attack in Kali Linux. Youâ€™ll start by using theÂ vulscanÂ option inÂ nmapÂ to identify vulnerabilities within specific ports and IP addresses. Then explore the databases in theÂ MetasploitableÂ Framework to find the specific exploit youâ€™ll want to use. Finally, youâ€™ll launch theÂ MetasploitableÂ Framework Console, type in a few commands, and let Kali execute the exploit for you as you sit back and watch the pen testing magic happen.
Lecture 6 :
Man-in-the-middle Exploits
You donâ€™t have to be on the client or the server side to exploit a target. Man-in-the-middle attacks put the attacker in between the communication as a proxy to steal the network packets as theyâ€™re passed back and forth. These include DNS cache poisoning, ARP spoofing, pass the hash, replay, relay, SSL stripping, downgrading, DoS, NAC bypass, and VLAN hopping.
Lecture 7 :
Wireless Exploits
Because wireless communication uses broadcast technology, essentially sending your data packets in every direction for anyone to grab, it makes it a great target for attackers. Learn how to use tools likeÂ Aircrack-ng and Wireshark to sniff and grab packets. Also understand the different types of attacks available to you, such as evil twin,Â deauthentication, fragmentation, credential harvesting, exploiting WPS weaknesses, Bluejacking,Â Bluesnarfing, RFID cloning, jamming, and repeating.
Lecture 8 :
Application Exploits, Part 1
Applications are great targets to attack, especially if youâ€™re trying to disrupt communication with DoS, or if youâ€™re looking to exfiltrate or destroy data. This video covers injection attacks, which is essentially inserting additional data beyond what the application is expecting to make it give you some information or perform some action for you. These include SQL, HTML, command, and code injection attacks.
Lecture 9 :
SQL Injection Demo
Lecture 10 :
Application Exploits, Part 2
The beauty of applications is they already have access to databases, all youÂ have toÂ do is figure out how to exploit the vulnerabilities to get to that information.Â This video covers authenticationÂ attacksÂ such as credential brute forcing, session hijacking,Â redirecting,Â as well as exploiting default or weak credentials and KerberosÂ tickets. It also covers authorization attacks such as parameter pollution and insecure direct object reference.
Lecture 11 :
Application Exploits, Part 3
In this final episodeÂ describingÂ application exploits, youâ€™ll learn aboutÂ another application injectionÂ attacksÂ calledÂ cross-site scripting (XSS) which attacks the server, and its similarÂ cousin, cross-site request forgery (XSRF/CSRF) that attacks the user.Â Youâ€™ll also discover how to launch passive attacksÂ just by exploiting security misconfigurations, including directory traversal errors, cookie manipulation, and file inclusion.
Lecture 12 :
Cross-Site Scripting Demo
Pen testing isÂ oftenÂ trying one thing,Â tweaking it, and trying again. Back in our lab environment,Â youâ€™llÂ see a cross-site scriptingÂ (XSS)Â attack carried out using Kali Linux and theÂ Damn Vulnerable Web App (DVWA).
Lecture 13 :
Code Vulnerabilities
Thereâ€™s more to pen testing than exploits and vulnerabilities, a good pen tester has a broad knowledge base of computer systems as well. Part of that is a general understanding of how applications are coded. When developers write applications, they may use practices that make it easier for them to write code, but also make the application unsecure. In this episode, you will learn what some of those common unsecure code practices are.
Lecture 14 :
Local Host Vulnerabilities
All operating systems have vulnerabilities, but with potentially thousands of vulnerabilities on a local host, how can you find out what they are? Walk through one of the most commonly used vulnerability databases called the CVE (Common Vulnerabilities and Exposures). This database will show you vulnerabilities for each operating system that you can use to attack your particular target.
Lecture 15 :
Privilege Escalation (Linux)
In order to access systems and files in Linux, you need privileges. One way to do that is to leverage Linuxâ€™s SUID (Set User ID) and SGUID (Set Group ID) capabilities. In this episode, youâ€™ll find out ways to escalate your privilege using various executables.
Lecture 16 :
Privilege Escalation (Windows)
Windows OS also has issue of privilege escalation. As a pen tester, you can use this to your advantage by finding ways to access credentials stored in Cpassword, LDAP, LSASS, and SAM databases, among others. You can also take exploit Kerberos tickets by Kerberoasting, or force malicious DLL modules to load with DLL hijacking.
Lecture 17 :
Misc. Privilege Escalation
There are a few other Windows OS vulnerabilities you can exploit to gain higher levels of privileges. In this video, youâ€™ll learn about unquoted services paths and writable services in Windows Services. Youâ€™ll also learn the weaknesses of applications as well as another tricky way to access credentials: using a keylogger.
Lecture 18 :
Misc Local Host Vulnerabilities
Continuing the conversation on possible vulnerabilities you can exploit as a pen tester, youâ€™ll learn about how often default accounts are rarely changed or disabled, making them a perfect target to attack. Yet another way to gain access is to escape sandbox environments such as VMs and containers. Finally, youâ€™ll learn about physical device security such as cold boot attacks, JTAG debuggers, and serial consoles.
Lecture 19 :
Physical Security
Weâ€™ve explored many of the technical ways to infiltrate a system through the network or directly at the host level. Physical security, on the other hand, involves gaining access to the actual physical location and the data within it by tailgating, fence jumping, dumpster diving, lock picking, or bypassing locks.
Lecture 20 :
Post-Exploitation Techniques
Youâ€™ve planned your engagement, youâ€™ve chosen your targets and exploits, and youâ€™ve successfully gained access. Now what? Youâ€™ll want to make it easier to get back in, but also figure out how to move laterally throughout the network. There are a number of OS features that can make lateral movement possible, including many remote access protocols. Learn about these features, and see two of them demonstrated: Telnet and SSH.
Lecture 21 :
Persistence and Stealth
Once you gain access to a system, youâ€™re going to want to stick around without alerting anyone that youâ€™re there. This is what it means to be persistent as a pen tester. Youâ€™ll also want to be able to make it easy to move around within the system, and to get back in. There are many ways to accomplish this, and in this video, youâ€™ll learn about running scheduled jobs or daemons, creating back doors for easy access using trojans, or even creating a user with higher privileges. In order to remain undetected, itâ€™s also vitally important to cover your tracks.
Lecture 22 :
Selecting Your Attack Vector
Selecting Your Attack Vector
Section 5 : Selecting Pen Testing Tools 18 Lectures 02:32:15
Lecture 1 :
Nmap Scoping & Output Options
As a pen tester, theÂ nmapÂ command will be one of your greatest tools. It is a network mapper with numerous options. Learn how to detect the operating system of a machine, conduct stealthy scans, determine the service and version information, enumerate targets, and output the scan results into several different file formats.
Lecture 2 :
Pen Testing Toolbox
There areÂ a number ofÂ tools youâ€™ll need as a pen tester and this episode gives you a high-level overview of the various categories and popular tools within each, including reconnaissance, enumeration, vulnerability testing, credential attacks, persistence, evasion, and examining software.
Lecture 3 :
Using Kali Linux
In this episode, youâ€™ll explore the interface and tools included in Kali Linux, and resources to help you learn how to use this valuable tool in more depth.
Lecture 4 :
Scanners & Credential Tools
Now that youâ€™ve had a quick overview of the tools youâ€™ll need as a pen tester, weâ€™ll take a deeper look into each category and explore what each tool does. In this episode, we discuss vulnerability scanning and credential cracking tools, includingÂ Nikto, OpenVAS,Â SQLmap, Nessus, Medusa, Hydra,Â Patator, W3AF,Â Hashcat, John the Ripper, Cain and Abel,Â Cewl,Â Mimikatz, andÂ Dirbuster. Youâ€™ll also see a demonstration of the password cracker, John the Ripper.
Lecture 5 :
Code Cracking Tools
Next in our exploration of the pen testerâ€™s toolbox are code cracking tools, including debuggers such as OLLYDBG, Immunity Debugger, GDB,Â WinDBG, and IDA, as well as software assurance tools such asÂ Findsecbugs, Peach, AFL, SonarQube, and YASCA.
Lecture 6 :
Open Source Research Tools
OSINT (Open-Source Intelligence) is any freely available information and can be a gold mine for pen testers. These tools includeÂ Whois,Â Nslookup,Â Foca,Â Theharvester, Shodan,Â Maltego, Recon-NG, andÂ Censys. Youâ€™ll also get to see a demonstration of how to useÂ WhoisÂ andÂ Nslookup.
Lecture 7 :
Wireless and Web Pen Testing Tools
As a pen tester, youâ€™ll need to know how to handle wireless networks and devices. Tools such asÂ Aircrack-NG, Kismet, andÂ WiFiteÂ can help with monitoring, sniffing, and detecting. Itâ€™s also a good idea to know how to inject yourself between a client and server as a proxy, and tools such as OWASP ZAP and Burp Suite can help with this. Youâ€™ll also see a demonstration of how to set up a simple proxy connection using Burp Suite.
Lecture 8 :
Remote Access Tools
Your main goal as a pen tester is to compromise resources and, unless youâ€™re physically at the location where youâ€™re attacking a target, that will need to be done remotely. Youâ€™ll need to become very familiar with tools such as SSH,Â Netcat/nc,Â Ncat, andÂ Proxychains. This episode will also help explain bind shells and reverse shells and demonstrate how to set up each of them.
Lecture 9 :
Analyzers and Mobile Pen Testing Tools
Our world is becoming more mobile. As a result, youâ€™ll need to incorporate tools that work for mobile devices as well as standard networks. In this episode, youâ€™ll learn about two network analyzing tools you should have at your disposal, Wireshark andÂ Hping. Youâ€™ll also learn about the mobile toolsÂ Drozer, APKX, and APKX Studio.
Lecture 10 :
Other Pen Testing Tools
Itâ€™s convenient to have tools that can perform multiple jobs, but sometimes you need very specialized tools to do something specific. As we wrap up this chapter, youâ€™ll learn about some of those specialized tools, such asÂ Powersploit, Responder,Â Impacket, Empire, Metasploit framework, andÂ Searchsploit. Youâ€™ll also see a quick demo of theÂ SearchsploitÂ tool.Â This is by no means an exhaustive list, new tools come out often, so itâ€™s important that you stay up to date as you continue to pen test.
Lecture 11 :
Using Scripting in Pen Testing
Pen testing can be mundane and tedious work, which can cause people to lose track and make mistakes. Scripting helps document the process while automating the workflow and cutting down on errors. In this episode, youâ€™ll learn about four different scripting programs: Bash (Bourne Again Shell), PowerShell, Ruby, and Python. You will also be familiarized with: variables, substitutions, common operations, logic, basic I/O, Error handling, arrays, and encoding/decoding.
Lecture 12 :
Bash Scripting Basics
Now that you know what Bash, PowerShell, Ruby, and Python is, itâ€™s time to get a basic understanding of Bash. By learning what clues to look for youâ€™ll be able to identify a Bash shell simply by looking at syntax. Each scripting program uses different syntax for things like commenting, variables, and substitutions and by having basic knowledge of this scripting, youâ€™ll know how to create and identify a Bash script.
Lecture 13 :
Bash Scripting Techniques
Weâ€™ve taught you the basics of Bash, now itâ€™s time to take a more in-depth view, so you can feel comfortable scripting in Bash. Once you know how to do basic scripting, the production process will become faster and more reliable. In this episode, youâ€™ll learn about how to make a basic port scanning script using Bash.
Lecture 14 :
PowerShell Scripts
Youâ€™ve just learned how to do a port scan using Bash scripting, now youâ€™ll see how it works in PowerShell. Even though itâ€™s somewhat the same functionality, it looks and acts a little differently. After watching this demo, youâ€™ll have a basic understanding of port scanning using PowerShell.
Lecture 15 :
Ruby Scripts
Youâ€™ve seen Bash and PowerShell at work, now let's look at Ruby. Ruby is different because itâ€™s much more than a scripting environment, itâ€™s a full-blown high-level language. But the danger in that, is there is a lot of functionality you could get lost in, so itâ€™s important to know and concentrate on the functions that youâ€™ll need. Itâ€™s also important to remember, the goal is not to become a Ruby developer, itâ€™s to be able to understand what a Ruby script developer might be trying to do.
Lecture 16 :
Phython Scripts
Itâ€™s time to wrap up our summary of scripting languages and last on our list is Python. Like Ruby, Python is high-level, multipurpose language. As youâ€™ve seen in previous episodes, scripting is a great way to automate your workflow and with Python there are an abundant number of resources that make it easy to learn, easy to use, and there are tremendous amounts of pre-written code. In this episode we continue in our environment and youâ€™ll see how Python handles port scanning and how itâ€™sÂ similar toÂ the three other scripting languages youâ€™ve learned about. By now you should be able to recognize syntax from all the four basic languages.
Lecture 17 :
Scripting Languages, comparison
Weâ€™ve primarily been focusing on the similarities of Bash, PowerShell, Ruby, and Python by looking at how they handle a port scanning script. In this last episode of the chapter, youâ€™ll see some specific differences between each of the four environments, a side-by-side comparison of the different script languages and play a simple game to see if you can quickly recognize each of the four scripting languages based on syntax.
Lecture 18 :
Selecting Pen Testing Tools
Selecting Pen Testing Tools
Section 6 : Reporting and Communication 5 Lectures 00:36:45
Lecture 1 :
Writing Reports
Youâ€™ve run all your exploits and tests and now you have a list of potential vulnerabilities, but what good is that if you canâ€™t clearly communicate what they are to the appropriate parties?Â ForÂ your pen test to beÂ effective, you must be able to communicate your findings and more importantly your recommendations. In this episode youâ€™ll learn about some best practices when writing yourÂ report;Â sample reportÂ resourcesÂ and some tips for writing an effectiveÂ report.Â Â Remember your report is your primary deliverable, so youâ€™ll want to make sure itâ€™s right.
Lecture 2 :
Post Report Activities
Ok, your report is written, youâ€™ve submitted it to the proper parties, youâ€™re all done, right? Not at all, you still have more work to do. You may have to present the report, clean up any changes you made, remove shells, tester-created credentials, tools, and clean up any history. Once all of that isÂ done,Â youâ€™ll need to formally cease the project and get official acceptance of the deliverable by the client. In this episode you will learn about how you should proceed with all these steps as well as how you can take what you learned to become an even better pen tester.
Lecture 3 :
Mitigation Strategies
Finding the problems in a system is important, but arguably the most important step is the call-to-action.Â In this episode youâ€™ll learn about mitigation strategies, so your clients can clearly understand how to fix the problems you found. Youâ€™ll also learn how to group yourÂ mitigation findings in toÂ peopleÂ changes, process changes and technology changes, to make it easier to understand by your clients.Â And learn about common findings that seem to pop-up often in pen tests; shared local admin credentials, weak password complexity, plain text passwords, no multifactor authentication, SQL injection, unnecessary open services.
Lecture 4 :
Communication
While running pen tests you are accessing sensitive material andÂ conducting very invasive tests, so whatÂ happens ifÂ you run into a conflict during your pen test or something doesnâ€™t go as planned? Should any abnormalities take place, communicationÂ isÂ key factor in keeping your pen test in scope and on target.Â In many cases, the success of your pen test rests on how well you communicate, internally within your team and externally to your clients. Learn about the importance of identifying clear authority figures, key contacts, conflict resolution, technicalÂ assistance andÂ escalation processâ€™. If you have a clear understanding of these communicationÂ principles, you can make sure your client is always comfortable with what you are doing.
Lecture 5 :
Reporting and Communication
Reporting and Communication

How do i access the course after purchase?
It's simple. When you sign up, you'll immediately have unlimited viewing of thousands of expert courses, paths to guide your learning, tools to measure your skills and hands-on resources like exercise files. There’s no limit on what you can learn and you can cancel at any time.
Are these video based online self-learning courses?
Yes. All of the courses comes with online video based lectures created by certified instructors. Instructors have crafted these courses with a blend of high quality interactive videos, lectures, quizzes & real world projects to give you an indepth knowledge about the topic.
Can i play & pause the course as per my convenience?
Yes absolutely & thats one of the advantage of self-paced courses. You can anytime pause or resume the course & come back & forth from one lecture to another lecture, play the videos mulitple times & so on.
How do i contact the instructor for any doubts or questions?
Most of these courses have general questions & answers already covered within the course lectures. However, if you need any further help from the instructor, you can use the inbuilt Chat with Instructor option to send a message to an instructor & they will reply you within 24 hours. You can ask as many questions as you want.
Do i need a pc to access the course or can i do it on mobile & tablet as well?
Brilliant question? Isn't it? You can access the courses on any device like PC, Mobile, Tablet & even on a smart tv. For mobile & a tablet you can download the Learnfly android or an iOS app. If mobile app is not available in your country, you can access the course directly by visting our website, its fully mobile friendly.
Do i get any certificate for the courses?
Yes. Once you complete any course on our platform along with provided assessments by the instructor, you will be eligble to get certificate of course completion.
For how long can i access my course on the platform?
You require an active subscription to access courses on our platform. If your subscription is active, you can access any course on our platform with no restrictions.
Is there any free trial?
Currently, we do not offer any free trial.
Can i cancel anytime?
Yes, you can cancel your subscription at any time. Your subscription will auto-renew until you cancel, but why would you want to?

Total Seminars,

471215 Course Views

6 Courses

Total Seminars provides certification training services and training materials to thousands of schools, corporations, and government agencies including the United Nations, the FBI and all branches of the Department of Defense. Total Seminars produces the #1 selling CompTIA A+ and Network+ Certification books with over 1 million books in print. Total Seminars has created a number of best-selling video courses by Mike Meyers and the Total Seminars Team of Instructors. They also develop supplemental materials such as the TotalTester certification practice tests and TotalSims lab simulations to support your certification preparation. These are available on the Total Seminars' web site.