PEN-200 - Penetration Testing with Kali Linux (PWK/OSCP)

Penetration Testing with Kali Linux: General Course Introduction

• Welcome to PWK
• How to Approach the Course
• Summary of PWK Learning Modules

Introduction to Cybersecurity

• The Practice of Cybersecurity
• Threats and ThreatActors
• The CIA Triad
• Security Principles, Controls, and Strategies
• Cybersecurity Laws, Regulations, Standards, and Frameworks
• Career Opportunities in Cybersecurity

Effective Learning Strategies

• Learning Theory
• Unique Challenges to Learning Technical Skills
• OffSec Methodology
• Case Study: chmod -x chmod
• Tactics and Common Methods
• Advice and Suggestions on Exams
• Practical Steps

Report Writing for Penetration Testers

• Understanding Notetaking
• Writing Effective Technical Penetration Testing Reports

Information Gathering

• The Penetration Testing Lifecycle
• Passive Information Gathering
• Active Information Gathering

Vulnerability Scanning

• Vulnerability Scanning Theory
• Vulnerability Scanning with Nessus
• Vulnerability Scanning with Nmap

Introduction to Web Applications

• Web Application Assessment Methodology
• Web Application Assessment Tools
• Web Application Enumeration
• Cross-Site Scripting (XSS)

Common Web Application Attacks

• Directory Traversal
• File Inclusion Vulnerabilities
• File Upload Vulnerabilities
• Command Injection

SQL Injection Attacks

• SQL Theory and Database Types
• Manual SQL Exploitation
• Manual and Automated Code Execution

Client-Side Attacks

• Target Reconnaissance
• Exploiting Microsoft Office
• Abusing Windows Library Files

Locating Public Exploits

• Getting Started
• Online Exploit Resources
• Offline Exploit Resources
• Exploiting a Target

Fixing Exploits

• Fixing Memory Corruption Exploits
• Fixing Web Exploits

Antivirus Evasion

• Antivirus Evasion Software Key Components and Operations
• AV Evasion in Practice

Password Attacks

• Attacking Network Service Logins
• Password Cracking Fundamentals
• Working with Password Hashes

Windows Privilege Escalation

• Enumerating Windows
• Leveraging Windows Services
• Abusing other Windows Components

Linux Privilege Escalation

• Enumerating Linux
• Exposed Confidential Information
• Insecure File Permissions
• Insecure System Components

Port Redirections and SSH Tunneling

• Port Forwarding with *NIX Tools
• SSH Tunneling
• Port Forwarding with Windows Tools

Advanced Tunneling

• Tunneling Through Deep Packet Inspection

The Metasploit Framework

• Getting Familiar with Metasploit
• Using Metasploit Payloads
• Performing Post-Exploitation with Metasploit
• Automating Metasploit

Active Directory Introduction and Enumeration

• Active Directory Manual Enumeration
• Manual Enumeration Expanding our Repertoire
• Active Directory Automated Enumeration

Attacking Active Directory Authentication

• Performing Attacks on Active Directory Authentication
• Lateral Movement in Active Directory
• Active Directory Lateral Movement Techniques
• Active Directory Persistence

Assembling the Pieces

• Enumerating the Public Network
• Attacking WEBSRV1
• Gaining Access to the Internal Network
• Enumerating the Internal Network
• Attacking the Web Application on INTERNALSRV1
• Gaining Access to the Domain Controller

The Labs

• PWK Challenge Lab Overview
• Challenge Lab Details
• The OSCP -OSCP+ Exam Information