Final Exam: OS Exploits
1 Video | 30m 32s
- Includes Assessment
- Earns a Badge
Final Exam: OS Exploits will test your knowledge and application of the topics presented throughout the OS Exploits track of the Skillsoft Aspire OS Exploits Journey.
WHAT YOU WILL LEARN
apply flags to the gcc compiler to catch string weaknesses by converting warnings into errorscheck input strings for validity and safetyconduct a Nmap scan of a Windows-based networkcrack an NTLM hash value using several toolsdefine what PsExec is and describe how it worksdescribe a program's structure in memory in terms of address space layoutdescribe common weaknesses and errors made when working with integers and how to prevent themdescribe how coding errors and vulnerabilities lead to corrupting memorydescribe how data and functionality are protected by separating computing resourcesdescribe how strings are exploited in computer programsdescribe how strings executed dynamically can lead to vulnerabilitiesdescribe methods for allocating memorydescribe out-of-order execution and related processor concepts and vulnerabilitiesdescribe safeguards and considerations when running insecure programs in virtual environmentsdescribe the background of the EternalBlue exploit and outline how it works on Windows systemsdescribe the concept of pivoting within a Windows environment and typical end goalsdescribe the features of WMI and how it worksdescribe the GNU C Library (Glibc) and how it integrates with the Linux kerneldescribe the nature of out-of-bounds write vulnerabilities and their impactdetect Linux security weaknesses using the Linux Exploit Suggester utilitydisable compiler protections to construct and execute shellcode in Cenumerate data from an FTPestablish an approach to using virtual environments to stage exploitsexplore the use of SQL injection attacks and protections against them using SQLMapidentify common attacks against legacy Windows host-based machinesidentify common attacks against legacy Windows Server-based machinesidentify different Windows Server operating systems and their various uses within the environmentidentify open-source intelligence gathering techniques and sourcesidentify what to look for using social media and other tools when finding targets for social engineering exercisesillustrate the weaknesses caused by string formatting methods
list various tools and techniques used to enumerate SMBmodify options used to vary the operation of a Metasploit commandmonitor system information from a staging environment using QEMU Monitorname the various user and service accounts within a Windows Active Directory environmentnavigate the basic commands used to prepare exploit tests using Metasploitoutline how SMB works and how permissions are setoutline how to find vulnerabilities for third-party applicationsoutline how to scan a network for open portsoutline how to scan a system and name tools used to conduct a basic enumerationoutline the various methods of attacking FTP servicesoutline various methods of attacking SMBoutline what RDP is and how it works within a Windows environmentrecognize a honeypot and how to avoid falling into their traprecognize and avoid looping off-by-one in a C programrecognize and avoid stack buffer overflowsrecognize various user levels and methods of privilege escalation within Windowsrecognize what an advanced persistent threat (APT) is and methods used to configure themrun gdb to step through and trace debug a C programrun objdump and readelf to disassemble and inspect a Linux programsearch for exploits and shellcodes using Exploit Databaseset up QEMU and its dependencies for machine emulation and virtualizationstate various methods of attacking the Windows RDP servicetake and restore snapshots of virtual machines using QEMU Monitortargets for exploiting processes and tasks of a running Linux systemtargets for privilege escalation exploits and common privilege control mechanismsuse a ransomware attack as a quick method to clean up post-attackuse basic Windows and PowerShell commandsuse CrackMapExec to steal user credentials from a Windows machineuse the Windows Registry and recognize the different artifacts contained withinview Windows event logging in action
IN THIS COURSE
1.OS Exploits33sUP NEXT
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platformDigital badges are yours to keep, forever.