back

Penetration Testing

Tools and techniques for verifying security integrity9 H 19 M

How do you successfully pen test a network? In this course, Daniel and Don will show you common pen testing tools and what to do during an audit.

Just you? Training a whole team? There's an ITProTV plan that fits.

Start Training Today
Episodes
Episodes
  • Penetration Testing
    • Overview
    • Platforms and Basic Skills
    • Remote Shells
    • Scanning and Enumeration
    • Buffer Overflows
    • Buffer Overflows Part 2
    • Buffer Overflows Part 3
    • Buffer Overflows Part 4
    • Web Apps Cross Site Scripting
    • Web Apps Remote File Inclusion (RFI)
    • Web Apps Local File Inclusion (LFI)
    • File Transfer Fun
    • Windows Privilege Escalation
    • Linux Privilege Escalation
    • SQL Injection
    • SQL Injection Part 2
    • Password Cracking and Attacks
    • Password Cracking and Attacks Part 2
    • Port Redirection

Overview

3 M

itprotv course thumbnailitprotv course thumbnailitprotv course thumbnail
  • Episode Description
  • Transcript

In this series, Daniel and Mike discuss, explain, and demonstrate some of the common tools and techniques used by Penetrations Testers during a security audit. Watch as they explore topics like hacking platforms and test environments, creating BIND/REVERSE shells, discovering and exploiting Buffer Overflows, Cross Site Scripting attacks, Local and Remote File Inclusion attacks, SQL-Injection, Password attacks, Privilege Escalation, and Port Redirection.

[SOUND] Hello, we got a new series coming your way here at ITProTV, penetration testing. And here to tell us all about it and what we can expect is Mr Daniel Lowrie. >> Mike, I am so excited about this new series we got coming up. Worked long and hard to bring you guys a great penetration testing series. Got a lot of really cool techniques and tools and things that we're gonna walk through and show you guys, that you can properly penetration and test your own systems. That's our great caveat we always like to say. Don't do these things on other people's computers. Let me give you a quick rundown on some of the techniques and tools, and items that you might find in our series coming up. We're gonna learn basics of Linux. We're gonna take a look at Kali Linux as a pen-testing platform. We're gonna use it extensively throughout the series. So, if you're unfamiliar with Linux you get a little bit of a primer there. We do have a bit of assumed knowledge when it comes to this level, because it is a very high level course. You do have to have some Linux knowledge. You do need to have a pretty good extensive Windows knowledge. You will probably need some programming knowledge as well. So keep that in mind. This series is definitely going to test you. It's gonna twist you. It's gonna push you to the edge because there's a lot of advanced techniques and methodologies that you're gonna find throughout. A couple other things that we're gonna take a look at is how to create shells. Bind shells, reverse shells, very cool stuff. Scanning and enumeration tools and techniques. Tools are all out there. We definitely all need to know how to do things like end map scans. Work with, I don't know for web scanning, SQL scanning, tons of different types of scanning options available for us. We need to find the flaws right. Then we need to look on writing custom buffer overflows. Yes, when I said this gets a little bit above board this is where the definitely the metal meets the meat. We're gonna walk you through a finding, creating, and exploiting a program that is vulnerable to a buffer overflow. So taking you from soup that's on that. We'll also take a look at cross side scripting. A very common technique nowadays. So you how to implement that so that you might be able to test your systems. Continuing on the line of maybe, web, we have client side attacks, session hijacking, very dangerous, remote and local file inclusions. RFIs, LFIs, if that's how you've heard them before, very dangerous. We'll also look at privilege escalation once we've gained access to the box. Maybe we're not administrators, per se? We want to bump that privilege up, so we're gonna use privilege escalation techniques for that. We're gonna take a look at SQL injection, because if you don't know your SQL injection, well, then you're coming late to the party ladies and gentleman. So we're gonna give you a good base foundation knowledge on how to do SQL injection attacks in your penetration testing. Also take a look at password cracking. It's like a day without sunshine if we haven't cracked a password when it comes to hacking, right? Or penetration testing should I say. Also looking at network service proof force attacks. And finally, port redirection to get around those pesky firewalls. So a lot of really in depth and broad information that should build you a great foundation for doing your own penetration testing. >> All right, Daniel, those sound like some exciting topics. I'm excited, hopefully everybody out there is as excited as I am. Can't wait to get started, can't wait to see you with us here for penetration testing. [SOUND]

Start training today

Just you? Check out our personal plans

Premium

$529 per seat/per year

2

Total seats

Standard

$349 per seat/per year

2

Total seats

Get a demo or a start a team trial

This website uses cookies to enhance the user experience. By using this site and service, you agree to the use of cookies as described in the ITProTV Privacy Policy.