Penetration Testing: What You Should Know

This module introduces you to the course and sets expectations.
About The PWK Course.
Overall Strategies for Approaching the Course.
Obtaining Support.
About Penetration Testing.
Legal considerations.
The MegaCorpone.com and Sandbox.local Domains.
About the PWK VPN Labs.
Reporting.
About the OSCP Exam.

Getting Comfortable with Kali Linux

Booting Up Kali Linux.
The Kali Menu.
Kali Documentation.
Finding Your Way Around Kali.
Managing Kali Linux Services.
Searching, Installing, and Removing Tools.

Command Line Fun

The Bash Environment.
Piping and Redirection.
Text Searching and Manipulation.
Editing Files from the Command Line.
Comparing Files.
Managing Processes.
File and Command Monitoring.
Downloading Files.
Customizing the Bash Environment.

Practical Tools

Netcat.
Socat.
PowerShell and Powercat.
Wireshark.
Tcpdump.

Bash Scripting – NEW in 2020

Intro to Bash Scripting.
Variables.
If, Else, Elif Statements.
Boolean Logical Operations.
Loops.
Functions.
Practical Examples.

Passive Information Gathering

Using OSINT to gather information, including the use of shodan and pastebin.
Taking Notes.
Website Recon.
Whois Enumeration.
Google Hacking.
Netcraft.
Recon-ng.
Open-Source Code.
Shodan.
Security Headers Scanner.
SSL Server Test.
Pastebin.
User Information Gathering.
Social Media Tools.
Stack Overflow.
Information Gathering Frameworks.

Active Information Gathering

DNS Enumeration.
Port Scanning.
SMB Enumeration.
NFS Enumeration.
SMTP Enumeration.
SNMP Enumeration.

Vulnerability Scanning

Vulnerability Scanning Overview and Considerations.
Vulnerability Scanning with Nessus.
Vulnerability Scanning with Nmap.

Web Application Attacks

Burp Suite, PHP Wrappers.
Web Application Assessment Methodology.
Web Application Enumeration.
Web Application Assessment Tools.
Exploiting Admin Consoles.
Cross-Site Scripting (XSS).
Directory Traversal Vulnerabilities.
File Inclusion Vulnerabilities.
SQL Injection.

Buffer Overflow Intro

Introduction to the x86 Architecture.
Buffer Overflow Walkthrough.

Windows Buffer Overflows

Discovering the Vulnerability.
Win32 Buffer Overflow Exploitation.

Linux Buffer Overflow

About DEP, ASLR, and Canaries.
Replicating the Crash.
Controlling EIP.
Locating Space for Your Shellcode.
Checking for Bad Characters.
Finding a Return Address.
Getting a Shell.

Client-Side Attacks

HTA Attacks, Microsoft Word Macros, Object Linking and Embedding (DDE).
Know Your Target.
Leveraging HTML Applications.
Exploiting Microsoft Office.

Using Public Exploits

A Word of Caution.
Searching for Exploits.
Putting It All Together.

Fixing Exploits

Fixing Memory Corruption Exploits.
Fixing Web Exploits.

File Transfers

Considerations and Preparations.
Transferring Files with Windows Hosts.

Bypassing Antivirus Software

What is Antivirus Software.
Methods of Detecting Malicious Code.
Bypassing Antivirus Detection.
Wrapping Up.

Privilege Escalation

Information Gathering.
Windows Privilege Escalation Examples.
Linux Privilege Escalation Examples.
Enumerating Firewall and Status Rules, Bypassing UAC.
Wrapping Up.

Password Attacks

Mimikatz.
Wordlists.
Brute Force Wordlists.
Common Network Service Attack Methods.
Leveraging Password Hashes.
Wrapping Up.

Port Redirection and Tunneling

HTTP tunneling.
Port Forwarding.
SSH Tunneling.
PLINK.exe.
NETSH.
HTTPTunnel-ing Through Deep Packet Inspection.
Wrapping Up.

Metasploit

Advanced options with multi/handler, transport modules, Meterpreter.
Section: Metasploit User Interfaces and Setup.
Exploit Modules.
Metasploit Payloads.
Building Our Own MSF Module.
Post-Exploitation with Metasploit.
Metasploit Automation.
Wrapping Up.

Active Directory Attacks (Domains)

Active Directory Theory.
Active Directory Enumeration.
Active Directory Authentication.
Active Directory Lateral Movement.
Active Directory Persistence.
Includes Kerberos attacks, password spraying AD.
Wrapping Up.

PowerShell Empire

Introduction to PowerShell Empire and the use of Power-Up.
Installation, Setup, and Usage.
PowerShell Modules.
Switching Between Empire and Metasploit.
Wrapping Up.

Assembling the Pieces: Penetration Test Breakdown

Sandbox.local hands-on walkthrough.
Public Network Enumeration.
Targeting the Web Application.
Targeting the Database.
Deeper Enumeration of the Web Application Server.
Targeting the Database Again.
Targeting Poultry.
Internal Network Enumeration.
Targeting the Jenkins Server.
Targeting the Domain Controller.

Penetration Testing with Kali Linux

Essential Skills Gained

Format

Audience

Description

Penetration Testing: What You Should Know

Getting Comfortable with Kali Linux

Command Line Fun

Practical Tools

Bash Scripting – NEW in 2020

Passive Information Gathering

Active Information Gathering

Vulnerability Scanning

Web Application Attacks

Buffer Overflow Intro

Windows Buffer Overflows

Linux Buffer Overflow

Client-Side Attacks

Using Public Exploits

Fixing Exploits

File Transfers

Bypassing Antivirus Software

Privilege Escalation

Password Attacks

Port Redirection and Tunneling

Metasploit

Active Directory Attacks (Domains)

PowerShell Empire

Assembling the Pieces: Penetration Test Breakdown

Your Team has Unique Training Needs.