Offensive Penetration Testing
9h 37mIntermediate2023-10-30
Authors

Cybrary
Course details
As a pentester, you need to understand the inner workings of many different types of cyberattacks. The more you know about an attacker’s chosen tools and techniques, the better odds you’ll have to successfully stop them. Join ethical hacker Clint Kehr as he guides you through the basic concepts of ethical hacking, shows you how to leverage advanced-level exploitation techniques, and demonstrates the skills you need to know to tackle the Offensive Security Certified Professional (OSCP) certification exam. Learn how to adopt the mindset of a hacker, and how to use a variety of tools and techniques, including network protocols, web app pentesting, buffer overflows, public exploits, shells, privilege escalation, password cracking, brute-forcing, and more.
Skills covered
Security TestingCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Offensive penetration testing course overview
1. Setting the Foundation for Success
- 02 - Understanding the penetration test report
- 03 - Penetration test report demo
- 04 - Note-taking and mind mapping
- 05 - Finding resources to prepare for the offensive penetration testing
2. Kali Linux Basics
- 06 - Setting up the Kali Linux VM
- 07 - Overview of the tools in Kali Linux
- 08 - Understanding the command line
- 09 - Who, what, when, where, and how of the Linux command line
- 10 - Windows command lab
- 11 - Command line lab
- 12 - Command line lab walkthrough
3. Understanding Network Protocols
- 13 - Scanning network protocols
- 14 - Scanning with Nmap
- 15 - Scanning with MASSCAN
- 16 - Scanning with Netcat
- 17 - Using Wireshark
- 18 - Wireshark and Encrypted Traffic
- 19 - Weaponizing Wireshark
- 20 - SMB enumeration
- 21 - SMB enumeration demo
- 22 - NFS enumeration
- 23 - SMTP enumeration
- 24 - SNMP enumeration
- 25 - FTP enumeration
- 26 - FTP enumeration demo
- 27 - SSH enumeration
- 28 - Protocol tips
- 29 - Network Protocols Lab
4. Web Application Penetration Testing
- 30 - Web application enumeration
- 31 - Using intercepting proxies - Part 1
- 32 - Using intercepting proxies - Part 2
- 33 - SQL injections
- 34 - SQL injection authentication bypass
- 35 - Cross-Site Scripting (XSS)
- 36 - BeEF demo
- 37 - File inclusion vulnerabilities
- 38 - File inclusion demo
- 39 - File upload vulnerabilities
- 40 - XXE attacks
- 41 - Content management systems
- 42 - Content management systems demo
- 43 - Web application lab
- 44 - Web application lab walkthrough
5. Introduction to Buffer Overflow
- 45 - How to practice buffer overflows
- 46 - Setting up the environment
- 47 - Fuzzing the application
- 48 - Finding bad characters
- 49 - Finding the return address
- 50 - Getting a shell
- 51 - Buffer overflow lab
6. Public Exploits
- 52 - Where to look for public exploits
- 53 - Understanding the code
- 54 - Modifying the code to fit the environment
- 55 - Introduction to Metasploit
- 56 - Using Metasploit or not
- 57 - Public exploit lab
- 58 - Public exploit lab walkthrough
7. Getting a Shell, Now What
- 59 - The different types of shells
- 60 - How to upgrade a shell
- 61 - Transferring files to and from Kali Linux
- 62 - Transferring files demo
8. Privilege Escalation
- 63 - Linux privilege escalation
- 64 - Windows privilege escalation
- 65 - A word on privilege escalation enumeration scripts
- 66 - Privilege escalation lab
- 67 - Privilege escalation walkthrough - Windows
- 68 - Privilege escalation walkthrough - Linux
9. Password Cracking and Brute-Forcing Logins
- 69 - Introduction to password cracking tools
- 70 - Introduction to login brute-forcing tools
- 71 - Password brute-forcing web logins
- 72 - Password brute-forcing tips
- 73 - Brute-force and password-cracking lab
- 74 - Brute-force and password-cracking lab walkthrough
10. Putting It All Together
- 75 - Hands-on penetration test lab
- 76 - Hands-on penetration test lab walkthrough
- 77 - Writing the report
11. Developing the Hacker Mindset
- 78 - Understanding the hacker mindset
- 79 - Tips on harnessing the hacker mindset
Related courses
- Penetration Testing Essential Training
- Penetration Testing Essential Training (2021)
- Kali Linux for Advanced Pen Testing and Ethical Hacking
- Introduction to Offensive Security
- AI in Cybersecurity: The Future of Red Teaming and Blue Teaming
- Building the Ultimate Cybersecurity Lab and Cyber Range
- How to Speak Up Against Racism at Work
- RAG, AI Apps, and AI Agents for Cybersecurity and Networking