Pearson CompTIA Pentest+ (Course & Labs)

Coming Soon:

This product will be available from 23-Feb-2019

Here's what you will get

Here's what you will learn

  • Understanding Ethical Hacking and Penetration Testing
  • Understanding the Current Threat Landscape
  • Exploring Penetration Testing Methodologies
  • Building Your Own Lab
  • Review All Key Topics
  • Explaining the Importance of the Planning and Preparation Phase
  • Understanding the Legal Concepts of Penetration Testing
  • Learning How to Scope a Penetration Testing Engagement Properly
  • Learning the Key Aspects of Compliance-Based Assessments
  • Review All Key Topics
  • Understanding Information Gathering and Reconnaissance
  • Understanding the Art of Performing Vulnerability Scans
  • Understanding How to Analyze Vulnerability Scan Results
  • Review All Key Topics
  • Understanding Social Engineering Attacks
  • Phishing
  • Pharming
  • Malvertising
  • Spear Phishing
  • SMS Phishing
  • Voice Phishing
  • Whaling
  • Elicitation, Interrogation, and Impersonation (Pretexting)
  • Social Engineering Motivation Techniques
  • Shoulder Surfing
  • USB Key Drop and Social Engineering
  • Review All Key Topics
  • Exploiting Network-Based Vulnerabilities
  • Exploiting Wireless and RF-Based Attacks and Vulnerabilities
  • Review All Key Topics
  • Overview of Web Applications for Security Professionals
  • How to Build Your Own Web Application Lab
  • Understanding Injection-Based Vulnerabilities
  • Exploiting Authentication-Based Vulnerabilities
  • Exploiting Authorization-Based Vulnerabilities
  • Understanding Cross-Site Scripting (XSS) Vulnerabilities
  • Understanding Cross-Site Request Forgery Attacks
  • Understanding Clickjacking
  • Exploiting Security Misconfigurations
  • Exploiting File Inclusion Vulnerabilities
  • Exploiting Insecure Code Practices
  • Review All Key Topics
  • Exploiting Local Host Vulnerabilities
  • Understanding Physical Security Attacks
  • Review All Key Topics
  • Maintaining Persistence After Compromising a System
  • Understanding How to Perform Lateral Movement
  • Understanding How to Cover Your Tracks and Clean Up Systems After a Penetration Testing Engagement
  • Review All Key Topics
  • Understanding the Different Use Cases of Penetration Testing Tools and How to Analyze Their Output
  • Leveraging Bash, Python, Ruby, and PowerShell in Penetration Testing Engagements
  • Review All Key Topics
  • Explaining Post-Engagement Activities
  • Surveying Report Writing Best Practices
  • Understanding Report Handling and Communications Best Practices
  • Review All Key Topics

Hands on Activities (Labs)

  • Examining Penetration Testing Execution Standard (PTES)
  • Examining Open Source Security Testing methodology Manual
  • Examining NIST SP 800-115 - Technical Guide to Information Security Testing and Assessment
  • Examining the OWASP Web Testing Methodologies and Testing Guide
  • Studying CVSS Exercises with the CVSS Calculator
  • Studying SOW, MSA and NDA, Rules of Engagegement, Scope, Scope Creep
  • Using DNSRecon
  • Using Nmap SYN Scan
  • Using Nmap UDP Scan
  • Using Nmap FIN Scan
  • Using Nmap for Host Enumeration
  • Using Nmap for User Enumeration
  • Using Nmap for Group Enumeration
  • Using Nmap for Web Application Enumeration
  • Using Nmap for Network Enumeration
  • Performing Domain Enumeration
  • Using DNSdumpster
  • Using Recon-ng
  • Zone Transfer Using dig   
  • Using Automated Vulnerability Scanning
  • Exploit SMB
  • Exploiting SNMP
  • Exploiting SMTP
  • Exploiting LDAP-Based Authentication
  • DNS Cache Poisoning Attack    
  • Understanding Pass-the-hash attack
  • Using searchsploit
  • ARP Spoofing
  • Performing Man-in-Middle Attack
  • DHCP Starvation Attack
  • Using Metasploit to exploit known vulnerabilities
  • Using The Empire Tool
  • Understanding MAC Bypass
  • Simulating DDoS Attack
  • Using the EternalBlue Exploit in Metasploit
  • Using Nmap to Perform recon
  • Exploiting SQL Injection Vulnerabilities
  • Packet Capture of an HTTP Request and Response Using tcpdump
  • Exploiting Blind SQL Injection Vulnerabilities
  • Exploiting HTML Injection vulnerability
  • Exploit PHP Object Injection
  • Exploting Stored (persistent) XSS Attack
  • Exploting DOM-Based XSS Attack
  • Exploiting Reflected XSS Attack
  • Exploiting Cross-site request forgery (CSRF or XSRF) attacks
  • Exploiting Command Injection Vulnerabilities
  • Exploiting weak credential
  • Exploiting Default credential
  • Exploiting Kerberos Vulnerabilities
  • Understanding Credential based Bruteforce attack
  • Performing Session Hijacking
  • Exploiting Directory Traversal Vulnerabilities
  • Understanding Cookie Manipulation Attack
  • Exploiting Local File Inclusion Vulnerabilities
  • Exploiting Remote File Inclusion Vulnerabilities
  • Understanding SUI or SGID and Unix Program
  • Understanding Insecure sudo implementation
  • Capturing Passwords and Sniffing Traffic from Clear-Text Protocols by Using Tcpdump
  • Local Privilege Escalation
  • Exploting SAM Database
  • Using Apktool to decode and Analyze apk file
  • Creating Reverse and Bind Shells using Netcat
  • Using the Metasploit RDP Post-Exploitation Module
  • Using the PowerSploit Framework for post-exploitation
  • Understanding lateral movement/pivoting, and exfiltration
  • Using Nslookup for Passive Reconnaissance
  • Using Dig for Passive Reconnaissance
  • Using ExifTool
  • Using the Theharvester Tool to Gather Information about a victim
  • Using Nikto
  • Using Burp and the OWASP Zed Attack Proxy
  • Using meterpreter
  • Using Bash for Penetration Testing
  • Using Powershell for Penetration Testing
  • Using Python for penetration testing
  • Using Ruby for penetration testing
  • Using Maltego
  • Using Zenmap
  • Using OpenVAS
  • Using the Dradis Framework CE on Kali Linux
  • Study the communication plan and how the main elements of a pen test report
2 2
pearson-PT0-001-complete
Pearson CompTIA Pentest+ (Course & Labs)