CompTIA Pentest+ (PT0-002) Cert Prep: 3 Attacks and Exploits
4h 47mIntermediate2022-09-15
Authors

Michael Solomon
Security Speaker, Consultant, Trainer, Project Manager
Course details
A successful pen test requires planning, information gathering, and well-orchestrated execution. But how do you ensure that your attacks are effective when there are so many available options to choose from? In this course, instructor Michael Solomon helps you prepare for the third domain of the CompTIA PenTest+ (PT0-002) certification exam, walking you through the best practices for launching common attacks and exploits. Learn why having a large repository of exploit input information makes it easier to chain exploits together and carry out more sophisticated attacks. Along the way, get exam tips from Michael on pen testing tools, reporting and communication, network-based attacks, wireless and RF attacks, web and database attacks, attacking the cloud, specialized and fragile systems, social engineering, physical attacks, post-exploitation, and more.
Skills covered
Penetration TestingCybersecurityCert Prep
Concepts
1. Network-Based Attacks
- 01 - Exploit resources and network attacks
- 02 - Network-based exploits
- 03 - FTP exploit demo
- 04 - Man-in-the-middle exploits
- 05 - Labtainers lab - TCP IP attacks
- 06 - Labtainers lab - ARP spoof attack
- 07 - Labtainers lab - Local DNS attacks
- 08 - Labtainers lab - MACs and hash functions
2. Wireless and RF Attacks
- 09 - Wireless exploits, part 1
- 10 - Wireless exploits, part 2
- 11 - Antennas
3. Web and Database Attacks
- 12 - OWASP Top 10
- 13 - Application exploits, part 1
- 14 - SQL injection demo
- 15 - Labtainers lab - SQL injection
- 16 - Application exploits, part 2
- 17 - Application exploits, part 3
- 18 - Cross-site scripting demo
- 19 - Labtainers lab - Cross-site scripting
- 20 - Labtainers lab - Cross-site request forgery
- 21 - Code vulnerabilities
- 22 - API attacks and attack resources
- 23 - Privilege escalation - Linux
- 24 - Privilege escalation - Windows
- 25 - Miscellaneous privilege escalation
- 26 - Miscellaneous local host vulnerabilities
4. Attacking the Cloud
- 27 - Cloud attacks, part 1
- 28 - Cloud attacks, part 2
5. Specialized and Fragile Systems
- 29 - Mobile attacks
- 30 - IoT attacks
- 31 - Data storage and management interface attacks
- 32 - Virtual and containerized environment attacks
- 33 - Labtainers lab - Industrial control system
6. Social Engineering and Physical Attacks
- 34 - Pretext for a social engineering attack
- 35 - Remote social engineering
- 36 - Spear phishing demo
- 37 - In-person social engineering
- 38 - Physical security
7. Post-Exploitation
- 39 - Post-exploitation techniques
- 40 - Post-exploitation tools
- 41 - Network segmentation testing
- 42 - Persistence and stealth
- 43 - Detection avoidance techniques
Related courses
- CompTIA PenTest+ (PT0-002) Cert Prep: 4 Reporting and Communication (Q2 2022)
- CompTIA Pentest+ (PT0-002) Cert Prep: 2 Information Gathering and Vulnerability Scanning
- CompTIA Pentest+ (PT0-002) Cert Prep: 1 Planning and Scoping
- CompTIA PenTest+ (PT0-002) Cert Prep: 4 Reporting and Communication
- CompTIA PenTest+ (PT0-002) Cert Prep: 5 Tools and Code Analysis
- CompTIA PenTest+ (PT0-002) Cert Prep
- CompTIA PenTest+ (PT0-001): 6 Using Scripting in Pen Testing
- CompTIA A+ Core 2 (220-1102) Cert Prep: 1 Getting Started
Related learn paths
- Prepare for the CompTIA PenTest+ (PT0-002) Certification Exam
- Prepare for the CompTIA PenTest+ (PT0-001) Exam
- Prepare for the CompTIA Data+ (DA0-001) Exam
- Prepare for the CompTIA IT Fundamentals+ (ITF+) (FC0-U61) Exam
- Prepare for the CompTIA Cloud+ (CV0-002) Exam
- Prepare for the CompTIA A+ (220-1001 and 220-1002) Exams
- Prepare for the CompTIA Network+ (N10-007) Exam
- Prepare for the CompTIA Security+ (SY0-601) Certification Exam