Pentesting Fundamentals for Beginners

  • Post category:StudyBullet-7
  • Reading time:9 mins read


Build a practical foundation of cybersecurity fundamentals using hands-on, applied learning .

What you will learn

Explain the core information assurance (IA) principles

Identify the key components of cybersecurity network architecture

Apply cybersecurity architecture principles

Describe risk management processes and practices

Identify security tools and hardening techniques

Distinguish system and application security threats and vulnerabilities

Describe different classes of attacks

Define types of incidents including categories, responses and timelines for response

Describe new and emerging IT and IS technologies

Analyze threats and risks within context of the cybersecurity architecture

Appraise cybersecurity incidents to apply appropriate response

Evaluate decision making outcomes of cybersecurity scenarios

Access additional external resources to supplement knowledge of cybersecurity

Description

Disclaimer

There is no one-stop application or course that can prepare anyone for passing a cybersecurity exam. Exam preparation involves months of research and the extrapolation of information from multiple sources. Prepping for any cybersecurity exam takes months of studying and as such, this course should be treated as just one of many sources an exam taker would need in preparing for their exam.

Secondly, this is not a brain dump course. This course is strictly hands-on. When discussing pentesting documentation and frameworks, I have provided videos with PowerPoint slides. The rest of the course is lab work.

The knowledge pool for cybersecurity is only so deep.  All industry Exam vendors build their exams from this same pool of knowledge.  The OSI model does not change from one exam vendor to the next and there are only so many ways Nmap can perform a specific scan.

This course does not provide you with any specific answers to any exam.

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas of most exam providers.

Cybersecurity fundamentals don’t change from one exam to the next.  You can expect to see questions about Nmap, what commands were used to generate a specific output, and which tool would you use regardless of the exam vendor.


Get Instant Notification of New Courses on our Telegram channel.


You’ll be expected to know which Pentesting Framework would be used to meet a specific condition.

You’ll be expected to know what information should be delivered in an executive summary. You’ll be expected to know how to scope an assessment and identify what document is used for what purpose.

You’ll be expected to know the OWASP Top 10 and identify the hacking methodology used to exploit each one.

These are just a few fundamentals that remain constant from one cybersecurity exam vendor to the next.

This course provides you with the fundamentals for taking an intermediate cybersecurity exam. Throughout this course, you will learn about cybersecurity tools, reverse shells, scripting basic, identifying output, and what commands were used to generate the output.

Don’t expect a lot of multiple-choice exam questions. This course is strictly hands-on and applied learning. This course is designed to teach you many of the skills expected of a cybersecurity exam taker when they sit their exam.

English
language

Content

Course Overview

Course Overview

Virtual Lab Build

Video and Lab – Create a Virtual Install of Kali Linux
Video and Lab – Creating a Virtual Install of Metasploitable2 Using VirtualBox
Video and Lab – Create a Virtual Install of Windows 10
Video and Lab – Creating a Virtual Install of OWASP
Video – Taking a Snapshot of your Current Configuration

Documentation

Video and PPT – Scoping the Engagement
Video and PPT – Statement of Work (SOW) Document
Video and PPT – Rules of Engagement (ROE) Document
Video and PPT – Master Service Agreement (MSA), NDA
Video and PPT – Pentesting Final Report

Penetration Testing Frameworks

Video and PPT – Overview of MITRE ATT&CK framework
Video and PPT – Overview of the NIST Pentesting Framework
Video and PPT – Overview of the Penetration Testing Execution Standard (PTES)

Nmap

Video and Lab – Introduction to NMap
Video – Nmap Service and Open Port scan
Video – Nmap OS Detection
Video – Nmap Service and Version Detection
Video – Nmap Host Discovery
Video and lab – NMap Scripting Engine (NSE)
Video – Analyzing NMap Results

2.0 Information Gathering and Vulnerability Identification Labs

Video and lab – Using Banner Grabbing to Aid in Reconnaissance
Video and Lab – Enumerating Windows 10 Using WinPEAS

Reverse Shells and Persistant Connections

Video and Lab – Establish a Meterpreter Session with Windows 10 Pro.
Video and Lab – Service Persistence
Video and Lab – Create a Windows Reverse Shell Using PowerShell
Video and Lab -Launch a Graphic Console Window Using SSH and XTERM.mp4

Privilege Escalation

Video and Lab – Window 7/10 Privilege Escalation Using UAC Bypass
Video and Lab – Verify Windows Privilege Escalation: Unquoted Service Path
Video and Lab – Windows Privilege Escalation Unquoted Service Path

OWASP top 10 Mitigations

Video and PPT – Overview of OWASP Top 10
Video and Lab – Spoof Fake TCPIP Packets Using Hping3
Video and Lab – Identify Active Network Hosts and Services Using Nmap
Video and Lab – Perform a Vulnerability Scan Using OWASP Zed Attack Proxy

Web Applications Penetration Testing

Video and Lab – Configuring BurpSuite as a Proxy.pdf
Video – Web Application Firewall Detection Using WAFW00F

Program Scripting

Video and Lab – Create a Windows Reverse Shell Using the PowerShell
Video and Lab – Quickly Transfer Files Using Python
Enroll for Free

💠 Follow this Video to Get Free Courses on Every Udemy Topics! 💠

Tags: , , ,