Categories

There are currently no items in your shopping cart.

User Panel

Forgot your password?.

CompTIA PenTest+ Certification


Course Introduction:
About the Author
About the Course
Setting Up Your Pentest Lab
About the Exam

1.1 Planning for an Engagement:
Pentests and Pentesting Frameworks
The Pentest Process
Communication, Rules of Engagement, and Resources
Confidentiality, Budgeting, Impact Analysis, Remediation Timelines, Disclaimers, and Constraints

1.2 Legal Considerations:
Key Legal Concepts

1.3 Scoping an Engagement:
Defining the Scope, Goals and Deliverables, and Assessments and Strategies
Threat Actors, Risk Response, and Tolerance
Types of Targets and Pentest Considerations

1.4 Key Aspects of Compliance-Based Assessments:
Understanding Compliance

2.1 Information Gathering Techniques:
Active and Passive Reconnaissance
Weaponizing Data and Introduction to Metasploit
Enumeration
Introduction to Meterpreter
Scenario Walkthrough 01: How to Use Nmap to Scan a Host
Scenario Walkthrough 02: How to Enumerate a Service with Banner Grabbing
Scenario Walkthrough 03: Performing Website Enumeration with Kali Linux
Scenario Walkthrough 04: Using OWASP Dirbuster to Find Hidden Directories
Scenario Walkthrough 05: Finding OSINT Data Using theHarvester and the OSRFramework

2.2 Performing a Vulnerability Scan:
Vulnerability Scanning
Scenario Walkthrough 06: Scanning Websites for Vulnerabilities Using Nikto
Scenario Walkthrough 07: Performing a Vulnerability Scan using OpenVAS
Scenario Walkthrough 08: Using Nmap to Scan for Vulnerabilities

2.3 Analyzing Vulnerability Scan Results:
Vulnerability Analysis
Scenario Walkthrough 09: Analyzing an OpenVAS Vulnerability Report

2.4 Leveraging Information to Prepare for Exploitation:
Leveraging Information
Scenario Walkthrough 10: An Introduction to CherryTree

2.5 System Weaknesses:
Weaknesses of Specialized Systems

3.1 Social Engineering:
Components of a Social Engineering Attack
Social Engineering Attacks and Techniques
Scenario Walkthrough 11: Creating a Credential Harvesting Website with SET
Scenario Walkthrough 12: Using SET to Execute a Spear Phishing Attack
Scenario Walkthrough 13: Executing a USB Dropper Attack Using SET

3.2 Network-Based Vulnerabilities:
Sniffing, Hijacking, and Man-in-the-Middle Attacks
Network Protocol Attacks
Name Resolution, Brute Force, and DoS Attacks
Scenario Walkthrough 14: DNS Poisoning Using the Hosts File
Scenario Walkthrough 15: Using Wireshark to Sniff Plaintext Passwords

3.3 Wireless and RF-Based Vulnerabilities:
Wireless Attacks and Exploits
Performing an Evil Twin Attack with SSLsplit

3.4 Application-Based Vulnerabilities:
Directory Traversal and Poison Null Bytes
Authentication, Authorization, and Injection Attacks
File Inclusion Vulnerabilities and Web Shells
Scenario Walkthrough 16: Using Hydra to Brute-Force FTP
Scenario Walkthrough 17: Finding Web Application Vulnerabilities with OWASP ZAP

3.5 Local Host Vulnerabilities:
OS Vulnerabilities and Password Cracking
Password Cracking Tools, Default Accounts, and Privilege Escalation
System Files, Sandbox Escapes, and Hardware Attacks
Scenario Walkthrough 18: Obtaining Password Hashes with Armitage
Scenario Walkthrough 19: Cracking Password Hashes with John the Ripper
Scenario Walkthrough 20: Performing Local Privilege Escalation with Meterpreter
Scenario Walkthrough 21: Exploiting the EternalBlue Vulnerability

3.6 Physical Security Vulnerabilities:
Physical Security Goals and Guidelines

3.7 Post-Exploitation Techniques:
Lateral Movement, Pivoting, and Persistence
Shells, Netcat, and Scheduled Tasks
Services/Daemons, Anti-Forensics, and Covering Your Tracks
Scenario Walkthrough 22: Clearing System Logs with Meterpreter
Scenario Walkthrough 23: Setting Up Persistence with Netcat
Scenario Walkthrough 24: Exfiltrating Data with Netcat
Scenario Walkthrough 25: Setting Up Persistence with Meterpreter
Scenario Walkthrough 26: Exfiltrating Data with Meterpreter

4.1 Using Nmap for Information Gathering:
Nmap Deep Dive

4.2 Choosing Pentesting Tools:
Pentesting Tools and Use Cases

4.3 Analyzing Tool Output and Data:
Understanding Tool Outputs
Scenario Walkthrough 27: Executing a Pass-the-Hash Attack
Scenario Walkthrough 28: Performing a SQL Injection Attack

4.4 Analyzing Basic Scripts:
Analyzing Scripts in Bash, PowerShell, Python, and Ruby

5.1 Report Writing and Handling:
Report Writing and Handling Best Practices

5.2 Post-Report Delivery Activities:
Delivery and Post-Delivery

5.3 Mitigating Discovered Vulnerabilities:
Vulnerability Mitigation Strategies

5.4 Communicating During the Penetration Testing Process:
The Importance of Communications
Conclusion
Next Steps
Taking the PenTest+ Certification Exam

You Have Got Gift 25% OFF

Use this Coupon Code “J3JKN396