Penetration Testing: Intermediate

https://www.skillsoft.com/channel/penetration-testing-80b7bb10-eb95-4f7f-81d5-c3b8a663ab62?expertiselevel=65319 https://www.skillsoft.com/channel/penetration-testing-80b7bb10-eb95-4f7f-81d5-c3b8a663ab62?expertiselevel=65320 https://www.skillsoft.com/channel/penetration-testing-80b7bb10-eb95-4f7f-81d5-c3b8a663ab62?expertiselevel=65321
  • 16 Courses | 15h 32m 32s
  • 7 Books | 36h
  • 3 Courses | 4h 34m 53s
  • 1 Course | 1h 22m 48s
  • 3 Books | 16h 14m
Likes 105
 
Penetration tests are authorized simulated attacks on a computer system, performed to evaluate the security of the system. Explore penetration testing.

GETTING STARTED

CompTIA PenTest+: Planning for an Engagement

  • Playable
    1. 
    Why We Need Penetration Testers
    5m 58s
    NOW PLAYING
  • Playable
    2. 
    The CompTIA PenTest+ Exam
    3m 46s
    UP NEXT

GETTING STARTED

Penetration Testing Fundamentals

  • Playable
    1. 
    Course Overview
    1m 29s
    NOW PLAYING
  • Playable
    2. 
    Importance of Penetration Testing
    7m 16s
    UP NEXT

GETTING STARTED

Advanced Pen Testing Techniques

  • Playable
    1. 
    Course Overview
    1m 47s
    NOW PLAYING
  • Playable
    2. 
    Finding a Vulnerability
    6m 32s
    UP NEXT

COURSES INCLUDED

CompTIA PenTest+: Planning for an Engagement
Discover how penetration testing exposes weaknesses in security and how the initial and critical planning phase is key to a successful engagement process.
11 videos | 56m has Assessment available Badge
CompTIA PenTest+: Scoping an Engagement
Explore the critical penetration testing framework for exposing weaknesses in security and the important scoping phase, which is vital to a successful engagement process.
10 videos | 55m has Assessment available Badge
CompTIA PenTest+: Information Gathering
Discover how to gather information and perform white hat reconnaissance using techniques such as scanning, enumeration, fingerprinting, and eavesdropping. Leveraging data to prepare for exploitation is also covered. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
12 videos | 53m has Assessment available Badge
CompTIA PenTest+: Vulnerability Identification
Discover how to properly perform and analyze vulnerability scans, in preparation for the PT0-001: CompTIA PenTest+ certification exam. 
9 videos | 41m has Assessment available Badge
CompTIA PenTest+: Social Engineering & Specialized System Attacks
Familiarize yourself with the various aspects of social engineering exploits and attacks, as well as specialized system attacks such as SCADA. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
11 videos | 56m has Assessment available Badge
CompTIA PenTest+: Network-Based Exploits
Discover how to exploit vulnerabilities in wired and wireless networks by taking advantage of weaknesses at several layers of the OSI model. Explore Name Resolution, SMB, FTP, DNS, and Pass the Hash Exploits as well as Denial-of-Service, NAC Bypass and VLAN Hopping, Evil Twin, Bluejacking, Bluesnarfing, Cloning, Jamming and Repeating. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
12 videos | 1h 18m has Assessment available Badge
CompTIA PenTest+: Application-Based Vulnerabilities
Discover the most common exploits and vulnerabilities of applications and programs. Explore Injection Attacks, Authentication and Authorization Exploits, Cross-Site Scripting Attacks, Cross-Site Request Forgery, Clickjacking, and File Inclusion Exploits. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
10 videos | 52m has Assessment available Badge
CompTIA PenTest+: Local Host Vulnerabilities
Discover how to conduct penetration testing against specific local host operating systems, with an emphasis on Windows and Linux systems. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
8 videos | 38m has Assessment available Badge
CompTIA PenTest+: Post-Exploitation & Facilities Attacks
Explore topics of the Attacks and Exploits domain involving physical security attacks related to facilities and learn about post-exploitation techniques. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
10 videos | 40m has Assessment available Badge
CompTIA PenTest+: Penetration Testing Tools
Explore and evaluate various penetration testing tools, scripts, modules, and utilities such as Nmap, Scanner Tools, Credential Testing Tools, Debuggers and Software Assurance Tools, OSINT Tools, Networking and Social Engineering Tools, and Remote Access Tools. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
11 videos | 1h 24m has Assessment available Badge
CompTIA PenTest+: Analyzing Tool & Script Output
Explore and evaluate various penetration testing analysis techniques using tool and script output such as Password Cracking and Pass the Hash Outputs, Bind Shell and Reverse Shell, Analyzing Injections, and Analyzing Error Handling and Arrays. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
12 videos | 57m has Assessment available Badge
CompTIA PenTest+: Reporting & Communication
Explore Domain 5 of the CompTIA PenTest+ exam, including reporting and communication topics as well as mitigation solutions and remediation strategies. This course can be used as part of the preparation for the PT0-001: CompTIA PenTest+ certification exam. 
8 videos | 36m has Assessment available Badge
Wi-Fi Penetration Testing
Explore the business convenience of Wi-Fi access, how to recognize the vulnerabilities of wireless networks, and the importance of Wi-Fi penetration testing in this 12-video course, which examines the categories of threats that can compromise a Wi-Fi network. First, you will examine built-in sniffing capabilities used for penetration testing, and the process for performing a rough access point analysis. This course examines Wi-Fi hotspots, web security, and the vulnerabilities of WEP (wired equivalent privacy). This course demonstrates the process used to exploit a Wi-Fi client's vulnerabilities. You will learn how to use Powerfuzzer, an automated customizable web fuzzer, that is part of Kali Linux vulnerability analysis tools. You will learn how to perform a wireless DoS (denial of service) attack against a wireless network. You will examine bugs using the technique of Wi-Fi fuzzing, and how to exploit WPA with PSK secured Wi-Fi. Finally, you will examine the best practices for turning Wi-Fi penetration testing results into policy, security protocols, and user education programs.  
12 videos | 52m has Assessment available Badge
PenTesting for Physical Security
This 14-video course explores physical penetration testing, and how to test a business's infrastructure, including IT assets, its data, people, and physical security to locate any exploitable vulnerabilities. In this course, you will learn why lockpicking is essential in cybersecurity, and you will examine different types of locks and lockpick tools. This course demonstrates several types of penetrations, including EM (electromagnetic security vulnerabilities), dumpster diving, and tailgating, and how to protect against these attacks. You will learn about penetration testing types, including network services, web and client applications, Cloud penetration, penetration testing of wireless networks, and social engineering. Learners will explore several penetration tools, including Kali Linux, which comes with tool such as Nmap, Wireshark, and John the Ripper; the Aircrack suite; OpenVas, and several others. You will learn about web app security testing methodologies. Learners will observe the elements of a successful report, and how to document penetration testing results. Finally, this course demonstrates practicing testing skills by using Grier Demo website.
14 videos | 1h 8m has Assessment available Badge
Pen Testing for Software Development: The Penetration Testing Process
Penetration testing can identify both known and unknown vulnerabilities and help avoid security breaches. In this course, you’ll learn the importance of penetration testing, what system hardening is, and the requirements of penetration testing. You’ll then examine the differences between penetration testing and vulnerability assessments, as well as the various types, stages, and methods of penetration testing. Next, you’ll learn about white box, black box, and gray box penetration testing, and the differences in penetration testing methodologies. You’ll see the available tools for performing penetration testing, as well as the types of outputs resulting from penetration testing. Lastly, you’ll learn about penetration testing best practices and how to perform a penetration test.
16 videos | 1h 27m has Assessment available Badge
Pen Testing for Software Development: Penetration Testing SDLC, Team Structure, & Web Services
Penetration testing in the Software Development Life Cycle helps create a safe and secure end product and minimizes financial and legal risk. In this course, you’ll learn where penetration testing fits in the SDLC, the differences between pen testing and developer, and the importance of developer contributions to pen testing. You’ll then examine the pen testing team structure and the tasks of the pen testing blue, red, and purple teams. Next, you’ll explore the importance of pen testing web services and APIs, what is involved in API pen testing, and the available tools for pen testing APIs. Lastly, you’ll learn how to perform a pen test on a REST API, as well as how to perform a pen test using Burp Suite.
14 videos | 1h 13m has Assessment available Badge
SHOW MORE
FREE ACCESS

COURSES INCLUDED

Penetration Testing Fundamentals
This 14-video course explores penetration testing, and the role it plays in protecting a company's assets and networks from exploitation and attacks. In this course, users learn how penetration testing can expose security weaknesses. You will also learn about different types of penetration testing, and how to test for common penetration types, and you will examine the importance of penetration testing for an organization. This course demonstrates passive information gathering, or open- source gathering to search for available information about the organization. You will learn to use active information gathering to target the organization's systems, the employees, their networks to gain information. Next, explore several different types of exploits that can cause problems, including buffer overflow attacks, client side and website attacks, password attacks, and port forwarding exploits; and learn how to conduct a privilege escalation attack. Finally, you will examine how penetration testers and bad actors can gain access to a system by using network tunneling.
14 videos | 1h 19m has Assessment available Badge
Pen Testing Awareness: Results Management
This 14-video course explores benefits to an organization and the role of penetration testing to protect digital assets and networks. In this course, learners observe how to manage and analyze testing results. You will examine several testing methods, including black box, white box, and grey box testing. Next, you will learn about rules of engagement documents, which is executed prior to starting the penetrations testing. This document outlines rules around the test, and the importance of setting stopping points within a penetration test, and when to stop a penetration test. Explore test findings management, risk, risk tolerance, and how to align recommendations to an organization's needs and goals. You will learn about risk tolerance from a privacy and intellectual property perspective, and how to create good test reports for clients. You will learn to categorize your findings by using CVE (Common Vulnerabilities and Exposure) database, or the CVE details. Finally, you will learn how to communicate needed changes, and to emphasize the importance of further testing after recommendations are implemented.
14 videos | 1h 27m has Assessment available Badge
Pen Testing: End-user Behavior
Explore penetration testing, its limitations, and how end-user behavior affects this process in this 14-video course, which examines several types of penetration testing, the reliance on end-user behavior, and the challenges facing organizations. You will explore the role of human error in causing data breaches, user awareness, preventing attacks, and how to use end-user analytics. You will learn to use tools to perform user behavior analytics, and how to use test results to create and communicate reports. Next, learners will examine how to create a plan for organizations to check user behavior when a threat is received, and explore the need for cybersecurity training for employees. You will learn to use advanced analytics that focus on user activity instead of specific static threat indicators to detect anomalies or malicious behavior. You will explore social engineering attacks, how to perform a social engineering penetration test, and how to counter social engineering attacks. Finally, examine the role played by human behavior in penetration testing.  
14 videos | 1h 47m has Assessment available Badge

COURSES INCLUDED

Advanced Pen Testing Techniques
Explore advanced penetration testing tools and techniques used to find vulnerabilities, sniff network traffic, deal with cryptography, and crack passwords in this 14-video course. Learners will discover common techniques used to find weaknesses in both Linux and Windows-based systems. Key concepts covered here include finding vulnerability by using scanners and other techniques; how to capture and analyze network traffic with Wireshark; and learning about wireless security technologies, such as WEP, WPA/2/3, and their vulnerabilities. Continue by learning about cryptography and its four goals; learning to differentiate between symmetric and asymmetric cryptography; and learning how to choose a password cracking technique. Next, learn to differentiate between malware types and recognize the consequences of using targeted malware; learn to differentiate between scanning and enumeration; and learn the benefits of using Python to build scripts and deliver exploits. Then perform Linux privilege escalation with a penetration tester; perform Windows privilege escalation to exploit a Windows system by using the AlwaysInstallElevated technique; and use PowerShell to perform pen testing tasks such as reporting on all USB devices installed.