Application exploits, part 2

Contents

• Introduction to CompTIA PenTest+ (PT0-003) Introduction to CompTIA PenTest+ (PT0-003)

  • Course overview

    52s
  • (Locked)
    Introduction to the CompTIA PenTest+ (PT0-003) course

    1m 46s
  • (Locked)
    About the CompTIA PenTest+ (PT0-003) exam

    6m 7s
• 1. Planning and Engagement 1. Planning and Engagement

  • (Locked)
    Planning a pen test

    8m 15s
  • (Locked)
    Rules of engagement

    10m 22s
  • (Locked)
    Collaboration and communication

    2m 49s
  • (Locked)
    Regulatory compliance

    4m 14s
  • (Locked)
    Impact and constraints

    5m
  • (Locked)
    Legal groundwork

    11m 38s
  • (Locked)
    Standards and methodologies, part 1

    6m 41s
  • (Locked)
    Standards and methodologies, part 2

    9m 10s
  • (Locked)
    Standards and methodologies, part 3, and threat modeling frameworks

    3m 55s
  • (Locked)
    Environmental and scoping considerations

    13m 31s
  • (Locked)
    Lab environment setup

    18m 52s
  • (Locked)
    Project strategy and risk

    9m 7s
• 2. Information Gathering and Vulnerability Scanning 2. Information Gathering and Vulnerability Scanning

  • (Locked)
    Scanning and enumeration

    3m 55s
  • (Locked)
    Scanning demo

    10m 42s
  • (Locked)
    Packet investigation

    7m 44s
  • (Locked)
    Packet inspection demo

    5m 45s
  • (Locked)
    Labtainers setup

    12m 5s
  • (Locked)
    Labtainers lab (Wireshark)

    8m 52s
  • (Locked)
    Application and open-source resources

    10m 59s
  • (Locked)
    Prioritize and prepare attacks

    3m 48s
  • (Locked)
    Passive reconnaissance

    9m 55s
  • (Locked)
    Active reconnaissance

    7m 40s
  • (Locked)
    Additional enumeration techniques

    2m 49s
  • (Locked)
    Vulnerability scanning

    8m 31s
  • (Locked)
    Vulnerability scanning demo

    16m 15s
  • (Locked)
    Labtainers lab (network basics)

    2m 55s
  • (Locked)
    Labtainers lab (Nmap discovery)

    3m 14s
  • Target considerations

    15m 22s
  • (Locked)
    Analyzing scan output

    6m 13s
  • (Locked)
    Nmap scoping and output options

    20m 55s
  • (Locked)
    Nmap timing and performance options

    6m 25s
  • (Locked)
    Prioritization of vulnerabilities

    8m 54s
  • (Locked)
    Common attack techniques

    11m 58s
  • (Locked)
    Automating vulnerability scans

    3m 31s
  • (Locked)
    Credential attacks

    14m 19s
  • (Locked)
    Labtainers lab (password cracking)

    2m 28s
  • (Locked)
    Labtainers lab (secure socket layers)

    2m 34s
  • (Locked)
    Labtainers lab (routing basics)

    2m 5s
• 3. Network-Based Attacks 3. Network-Based Attacks

  • (Locked)
    Network-based exploits

    7m
  • (Locked)
    FTP exploit demo

    8m 12s
  • (Locked)
    Authentication attacks

    2m 53s
  • (Locked)
    Man-in-the-middle exploits

    7m
  • (Locked)
    Labtainers lab (TCP/IP attacks)

    2m 15s
  • (Locked)
    Labtainers lab (ARP spoof attack)

    1m 59s
  • (Locked)
    Labtainers lab (local DNS attacks)

    1m 53s
  • (Locked)
    Labtainers lab (MACs and hash functions)

    1m 26s
• 4. Wireless and RF Attacks 4. Wireless and RF Attacks

  • (Locked)
    Wireless exploits, part 1

    13m 10s
  • (Locked)
    Wireless exploits, part 2

    2m 40s
• 5. Web and Database Attacks 5. Web and Database Attacks

  • (Locked)
    Application exploits, part 1

    5m 23s
  • SQL injection demo

    8m 32s
  • (Locked)
    Labtainers lab (SQL injection)

    2m 39s
  • (Locked)
    Application exploits, part 2

    7m 57s
  • (Locked)
    Application exploits, part 3

    8m 56s
  • (Locked)
    Cross-site scripting demo

    6m 54s
  • (Locked)
    Labtainers lab (cross-site scripting)

    1m 42s
  • (Locked)
    Labtainers lab (cross-site request forgery)

    1m 20s
  • (Locked)
    API attacks and attack resources

    6m 18s
  • (Locked)
    Privilege escalation (Linux)

    9m 31s
  • (Locked)
    Privilege escalation (Windows)

    6m 1s
  • (Locked)
    Privilege escalation: Miscellaneous

    7m 49s
  • (Locked)
    Local host vulnerabilities: Miscellaneous

    8m
  • (Locked)
    Additional local host vulnerabilities

    2m 54s
• 6. Attacking the Cloud 6. Attacking the Cloud

  • (Locked)
    Cloud attacks, part 1

    4m 46s
  • (Locked)
    Cloud attacks, part 2

    4m 34s
• 7. Specialized and Fragile Systems 7. Specialized and Fragile Systems

  • (Locked)
    Mobile attacks

    10m 16s
  • (Locked)
    Virtual and containerized environment attacks

    7m 21s
  • (Locked)
    Labtainers lab (industrial control system)

    1m 58s
• 8. Social Engineering and Physical Attacks 8. Social Engineering and Physical Attacks

  • (Locked)
    Pretext for a social engineering attack

    2m 26s
  • (Locked)
    Remote social engineering

    5m 59s
  • (Locked)
    Spear phishing demo

    10m 2s
  • In-person social engineering

    11m 36s
  • (Locked)
    Physical security

    11m 9s
• 9. Post-Exploitation 9. Post-Exploitation

  • (Locked)
    Post-exploitation techniques

    11m 4s
  • (Locked)
    More post-exploitation techniques

    4m 18s
  • (Locked)
    Post-exploitation tools

    3m 18s
  • (Locked)
    Network segmentation testing

    2m 47s
  • (Locked)
    Persistence and stealth

    10m 36s
  • (Locked)
    Detection avoidance techniques

    6m 8s
  • (Locked)
    More detection avoidance techniques

    2m 51s
• 10. Post-Engagement Activities 10. Post-Engagement Activities

  • Report writing

    14m 41s
  • (Locked)
    Important components of written reports

    2m 33s
  • (Locked)
    Mitigation strategies

    4m 55s
  • (Locked)
    Technical and physical controls

    3m 43s
  • (Locked)
    Administrative and operational controls

    5m 2s
  • (Locked)
    Communication

    8m 34s
  • (Locked)
    Presentation of findings

    2m 53s
  • (Locked)
    Post-report activities

    5m 18s
  • (Locked)
    Data destruction process

    1m 31s
• 11.Tools and Code Analysis 11.Tools and Code Analysis

  • (Locked)
    Using scripting in pen testing

    12m 28s
  • (Locked)
    Bash scripting basics

    14m 50s
  • (Locked)
    Bash scripting techniques

    10m 3s
  • (Locked)
    PowerShell scripting basics

    3m 59s
  • (Locked)
    Ruby scripts

    6m 25s
  • (Locked)
    Python scripts

    5m 42s
  • (Locked)
    Scripting languages comparison

    10m 46s
  • (Locked)
    Data structures, part 1

    7m 33s
  • (Locked)
    Data structures, part 2

    8m 6s
  • (Locked)
    Libraries

    2m 53s
  • (Locked)
    Classes

    7m 57s
  • (Locked)
    Procedures and functions

    5m 41s
  • (Locked)
    Perl and JavaScript

    5m 35s
  • (Locked)
    Breach and attack simulation

    1m 46s
• 12. Tools Inventory 12. Tools Inventory

  • (Locked)
    Pen testing toolbox

    6m 41s
  • (Locked)
    More pen testing toolbox tools

    3m 25s
  • (Locked)
    Using Kali Linux

    6m 8s
  • (Locked)
    Scanners and credential tools

    9m 43s
  • (Locked)
    Open-source research tools

    6m 17s
  • (Locked)
    Wireless and web pen testing tools

    10m 45s
  • (Locked)
    More wireless and web pen testing tools

    2m 10s
  • (Locked)
    Remote access tools

    6m 10s
  • (Locked)
    Analyzers and mobile pen testing tools

    2m 26s
  • (Locked)
    Other pen testing tools

    4m 12s
  • (Locked)
    Even more pen testing tools

    2m 36s
  • (Locked)
    Labtainers lab (Metasploit framework)

    2m 6s
  • (Locked)
    Labtainers lab (Wireshark packet inspection)

    1m 50s
  • (Locked)
    Labtainers lab (SSH)

    1m 4s
  • (Locked)
    Scanners, debuggers, and wireless tools

    9m 41s
  • (Locked)
    More scanners, debuggers, and wireless tools

    2m 5s
  • (Locked)
    Web, steganography, and cloud tools

    8m 58s