Learn the fundamentals of cybersecurity using hands-on applied learning materials
About This Video
In Detail
Ethical hacking fundamentals do not change from one exam to the next. One …
Learn the fundamentals of cybersecurity using hands-on applied learning materials
About This Video
In Detail
Ethical hacking fundamentals do not change from one exam to the next. One can expect to see questions about Nmap, what commands were used to generate a specific output, and which tool would you use, regardless of the exam vendor. An individual is expected to know what pentesting framework would be used to meet a specific condition and what information should be delivered in an executive summary. You should know how to scope an assessment and identify what document is used for what purpose and the OWASP Top 10 and identify the hacking methodology used to exploit each one. These are just a few fundamentals that remain constant from one ethical hacking exam.
This course provides you with the fundamental knowledge every ethical hacker is expected to know. Throughout this course, you will learn about cybersecurity tools, reverse shells, scripting basics, identifying output, and what commands were used to generate the output.
This course will help you identify security tools and ethical hacking techniques, exploit web application vulnerabilities, appropriate documentation for starting and finalizing a pentest, correct reporting procedures, and appropriately exploit for a given vulnerability.
By the end of this course, you will have learned the fundamentals of pentesting, and renewed your confidence, and recharged your cyber security career with ease.
Audience
This course is for the individuals wanting to begin work as an ethical hacker or pentester, and who want to become a Pentest+, Cybersecurity Analyst (CySA+), OSCP, or CeH certified. Anyone who requires a refresher on ethical hacking fundamentals, preparing for entry-level to mid-level cybersecurity exams, and is interested in learning the fundamentals of cybersecurity will gain a lot from this course.
You will need a PC or laptop, a stable internet connection, hardware capable of virtualization, and a strong willingness to learn!
Chapter 1 : Introduction to the Course
Course Overview
Chapter 2 : Virtual Lab Build
Create a Virtual Install of Kali Linux
Create a Virtual Install of Windows 10
Create a Virtual Install of Metasploitable2 Using VirtualBox
Create a Virtual Install of Metasploitable3 Using VirtualBox
Create a Virtual Install of OWASP
Taking a Snapshot of Your Current Configuration
Chapter 3 : Documentation
Scoping the Engagement
Statement of Work (SOW) Document
Rules of Engagement (ROE) Document
Master Service Agreement (MSA), NDA
Pentesting Final Report
Chapter 4 : Penetration Testing Frameworks
Overview of MITRE ATT Framework
Overview of the NIST Pentesting Framework
Overview of the Penetration Testing Execution Standard (PTES)
Chapter 5 : Nmap - Network Discovery
Introduction to Nmap
Nmap Service and Open Port Scan
Nmap OS Detection
Nmap Service and Version Detection
Nmap Host Discovery
Nmap Scripting Engine (NSE)
Analyzing Nmap Results
Chapter 6 : OpenVAS - Vulnerability Scanning
Perform a Vulnerability Scan Using OpenVAS
Chapter 7 : Information Gathering
Using Banner Grabbing to Aid in Reconnaissance
Enumerating Windows 10 Using WinPEAS
Chapter 8 : Reverse Shells and Persistent Connections
Creating a Persistent Backdoor Using Service Persistence
Create a Windows Reverse Shell Using PowerShell
Launch a Graphic Console Window Using SSH and XTERM.mp4
Chapter 9 : Privilege Escalation
Window 7/10 Privilege Escalation Using UAC Bypass
Verify Windows Privilege Escalation: Unquoted Service Path
Windows Privilege Escalation Unquoted Service Path
Chapter 10 : OWASP Top 10 Mitigations
Overview of OWASP Top 10
Assemble Fake TCPIP Packets Using Hping3
Identify Active Network Hosts and Services Using Nmap
Perform a Vulnerability Scan Using OWASP Zed Attack Proxy
Chapter 11 : Web Applications Testing
Configuring BurpSuite as a Proxy.pdf
Web Application Firewall Detection Using WAFW00F
Perform a SQL Injection Attack Using SQLmap
Exploit Vulnerable Web Applications Using Command Injection
Exploiting HTTP PUT Method
Brute Forcing WordPress Password
Chapter 12 : Compiling Exploit Code
Compiling Exploit Code for Linux Using GCC
Prepare a Windows OVA file for your Virtual Lab Environment
Cross Compiling Windows Exploits Using Mingw-w64
Chapter 13 : Scripting
Local File Inclusion Using Kali Web Shells PHP Scripts
File Transfer Using HTTP and PowerShell’s WebClient Object
Python3 SimpleHTTPServer
String Slicing Using Python
Disable Windows 10 UAC Using PowerShell