Final Exam: OS Exploits

IT Security
  • 1 Video | 30m 32s
  • Includes Assessment
  • Earns a Badge
Final Exam: OS Exploits will test your knowledge and application of the topics presented throughout the OS Exploits track of the Skillsoft Aspire OS Exploits Journey.

WHAT YOU WILL LEARN

  • apply flags to the gcc compiler to catch string weaknesses by converting warnings into errors
    check input strings for validity and safety
    conduct a Nmap scan of a Windows-based network
    crack an NTLM hash value using several tools
    define what PsExec is and describe how it works
    describe a program's structure in memory in terms of address space layout
    describe common weaknesses and errors made when working with integers and how to prevent them
    describe how coding errors and vulnerabilities lead to corrupting memory
    describe how data and functionality are protected by separating computing resources
    describe how strings are exploited in computer programs
    describe how strings executed dynamically can lead to vulnerabilities
    describe methods for allocating memory
    describe out-of-order execution and related processor concepts and vulnerabilities
    describe safeguards and considerations when running insecure programs in virtual environments
    describe the background of the EternalBlue exploit and outline how it works on Windows systems
    describe the concept of pivoting within a Windows environment and typical end goals
    describe the features of WMI and how it works
    describe the GNU C Library (Glibc) and how it integrates with the Linux kernel
    describe the nature of out-of-bounds write vulnerabilities and their impact
    detect Linux security weaknesses using the Linux Exploit Suggester utility
    disable compiler protections to construct and execute shellcode in C
    enumerate data from an FTP
    establish an approach to using virtual environments to stage exploits
    explore the use of SQL injection attacks and protections against them using SQLMap
    identify common attacks against legacy Windows host-based machines
    identify common attacks against legacy Windows Server-based machines
    identify different Windows Server operating systems and their various uses within the environment
    identify open-source intelligence gathering techniques and sources
    identify what to look for using social media and other tools when finding targets for social engineering exercises
    illustrate the weaknesses caused by string formatting methods
  • list various tools and techniques used to enumerate SMB
    modify options used to vary the operation of a Metasploit command
    monitor system information from a staging environment using QEMU Monitor
    name the various user and service accounts within a Windows Active Directory environment
    navigate the basic commands used to prepare exploit tests using Metasploit
    outline how SMB works and how permissions are set
    outline how to find vulnerabilities for third-party applications
    outline how to scan a network for open ports
    outline how to scan a system and name tools used to conduct a basic enumeration
    outline the various methods of attacking FTP services
    outline various methods of attacking SMB
    outline what RDP is and how it works within a Windows environment
    recognize a honeypot and how to avoid falling into their trap
    recognize and avoid looping off-by-one in a C program
    recognize and avoid stack buffer overflows
    recognize various user levels and methods of privilege escalation within Windows
    recognize what an advanced persistent threat (APT) is and methods used to configure them
    run gdb to step through and trace debug a C program
    run objdump and readelf to disassemble and inspect a Linux program
    search for exploits and shellcodes using Exploit Database
    set up QEMU and its dependencies for machine emulation and virtualization
    state various methods of attacking the Windows RDP service
    take and restore snapshots of virtual machines using QEMU Monitor
    targets for exploiting processes and tasks of a running Linux system
    targets for privilege escalation exploits and common privilege control mechanisms
    use a ransomware attack as a quick method to clean up post-attack
    use basic Windows and PowerShell commands
    use CrackMapExec to steal user credentials from a Windows machine
    use the Windows Registry and recognize the different artifacts contained within
    view Windows event logging in action

IN THIS COURSE

  • Playable
    1. 
    OS Exploits
    33s
    UP NEXT

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Likes 3 Likes 3  
Likes 1 Likes 1  
Likes 8 Likes 8