//
Docs

Overview

The industry-leading Penetration Testing with Kali Linux (PWK/PEN-200) course introduces penetration testing methodology, tools, and techniques in a hands-on, self-paced environment.

Objectives:

Network Scanning and Reconnaissance

  • Identify network devices and services using nmap and other tools
    • Understand how to use nmap to scan for open ports, operating systems, and services
    • Learn about other reconnaissance tools like Nmap Scripting Engine (NSE), Nessus, and OpenVAS

Operating System Discovery and Exploitation

  • Discover operating systems and identify potential vulnerabilities
    • Understand how to use tools like nmap, Nessus, and OpenVAS to detect operating systems and potential vulnerabilities
    • Learn about exploitation techniques for common vulnerabilities like buffer overflows and SQL injection

Authentication and Authorization Attacks

  • Bypass authentication mechanisms and elevate privileges
    • Understand how to use tools like John the Ripper, Aircrack-ng, and Medusa to crack passwords and bypass authentication
    • Learn about elevation of privilege techniques using command-line interfaces, scripting, and API manipulation

Post-Exploitation Techniques

  • Gather information about the compromised system, including:
    • Users: usernames, password hashes, and group membership
    • Shares: file systems, permissions, and access control lists
    • Running processes: process IDs, command lines, and resource usage
  • Understand how to use tools like Volatility, Rekall, and Plaso to analyze memory dumps and crash dumps

Lateral Movement and Persistence

  • Move laterally across the network to gain access to other systems and maintain persistence
    • Learn about post-exploitation techniques using tools like Meterpreter, Pupy, and Powercat
    • Understand how to use lateral movement techniques to spread malware, establish command-and-control channels, and maintain persistence

Evasion and Anti-Forensic Techniques

  • Use evasion techniques to avoid detection by security tools and anti-forensic techniques to cover tracks
    • Learn about evasive techniques using tools like Tor, VPNs, and Obfsproxy
    • Understand how to use anti-forensic techniques like data wiping, file system manipulation, and memory modification
Edit this page on Codeberg
Next
Links