Section 01: Planning and Engagement |
|
Introduction to the CompTIA PenTest+ (PT0-002) Course |
|
00:02:00 |
|
About the CompTIA PenTest+ (PT0-002) Exam |
|
00:07:00 |
|
Planning a Pen Test |
|
00:08:00 |
|
Rules of Engagement |
|
00:10:00 |
|
Resources and Budget |
|
00:07:00 |
|
Impact and Constraints |
|
00:05:00 |
|
Support Resources |
|
00:13:00 |
|
Legal Groundwork |
|
00:12:00 |
|
Service Provider Agreements |
|
00:02:00 |
|
Standards and Methodologies, Part 1 |
|
00:07:00 |
|
Standards and Methodologies, Part 2 |
|
00:09:00 |
|
Environmental and Scoping Considerations |
|
00:14:00 |
|
Ethical Mindset |
|
00:06:00 |
|
Lab Environment Setup |
|
00:18:00 |
|
Project Strategy and Risk |
|
00:09:00 |
|
Scope Vulnerabilities |
|
00:13:00 |
|
Compliance-Based Assessments |
|
00:04:00 |
Section 02: Information Gathering and Vulnerability Scanning |
|
Scanning and Enumeration |
|
00:04:00 |
|
Scanning Demo |
|
00:11:00 |
|
Packet Investigation |
|
00:08:00 |
|
Packet Inspection Demo |
|
00:06:00 |
|
Labtainers Setup |
|
00:12:00 |
|
Labtainers Lab (Wireshark) |
|
00:09:00 |
|
Application and Open-Source Resources |
|
00:12:00 |
|
Passive Reconnaissance |
|
00:10:00 |
|
Active Reconnaissance |
|
00:08:00 |
|
Vulnerability Scanning |
|
00:09:00 |
|
Vulnerability Scanning Demo |
|
00:16:00 |
|
Labtainers Lab (Network Basics) |
|
00:03:00 |
|
Labtainers Lab (Nmap Discovery) |
|
00:03:00 |
|
Target Considerations |
|
00:16:00 |
|
Analyzing Scan Output |
|
00:05:00 |
|
Nmap Scoping and Output Options |
|
00:21:00 |
|
Nmap Timing and Performance Options |
|
00:07:00 |
|
Prioritization of Vulnerabilities |
|
00:09:00 |
|
Common Attack Techniques |
|
00:12:00 |
|
Automating Vulnerability Scans |
|
00:04:00 |
|
Credential Attacks |
|
00:15:00 |
|
|
00:00 |
|
Labtainers Lab (Secure Socket Layers) |
|
00:07:00 |
|
Labtainers Lab (Routing Basics) |
|
00:02:00 |
Section 03: Network-Based Attacks |
|
Exploit Resources and Network Attacks |
|
00:05:00 |
|
Network-Based Exploits |
|
00:07:00 |
|
FTP Exploit Demo |
|
00:08:00 |
|
Man-in-the-middle Exploits |
|
00:07:00 |
|
Labtainers Lab (TCP/IP Attacks) |
|
00:02:00 |
|
Labtainers Lab (ARP Spoof Attacks) |
|
00:02:00 |
|
Labtainers Lab (Local DNS Attacks) |
|
00:02:00 |
|
Labtainers Lab (MACs and Hash Functions) |
|
00:01:00 |
Section 04: Selecting Pen Testing Tools |
|
Wireless Exploits, Part 1 |
|
00:13:00 |
|
Wireless Exploits, Part 2 |
|
00:03:00 |
|
Antennas |
|
00:04:00 |
Section 05: Reporting and Communication |
|
OWASP Top 10 |
|
00:09:00 |
|
Application Exploits, Part 1 |
|
00:06:00 |
|
SQL Injection Demo |
|
00:09:00 |
|
Labtainers Lab (SQL Injection) |
|
00:03:00 |
|
Application Exploits, Part 2 |
|
00:08:00 |
|
Application Exploits, Part 3 |
|
00:09:00 |
|
Cross-Site Scripting Demo |
|
00:07:00 |
|
Labtainers Lab (Cross-Site Scripting) |
|
00:02:00 |
|
Labtainers Lab (Cross-Site Request Forgery) |
|
00:01:00 |
|
Code Vulnerabilities |
|
00:17:00 |
|
API Attacks and Attack Resources |
|
00:06:00 |
|
Privilege Escalation (Linux) |
|
00:10:00 |
|
Privilege Escalation (Windows) |
|
00:06:00 |
|
Misc. Privilege Escalation |
|
00:08:00 |
|
Misc. Local Host Vulnerabilities |
|
00:08:00 |
Section 06: Attacking the Cloud |
|
Cloud Attacks, Part 1 |
|
00:05:00 |
|
Cloud Attacks, Part 2 |
|
00:05:00 |
Section 07: Specialized and Fragile Systems |
|
Mobile Attacks |
|
00:10:00 |
|
IoT Attacks |
|
00:10:00 |
|
Data Storage and Management Interface Attacks |
|
00:09:00 |
|
Virtual and Containerized Environment Attacks |
|
00:08:00 |
|
Labtainers Lab (Industrial Control System) |
|
00:02:00 |
Section 08: Social Engineering and Physical Attacks |
|
Pretext for a Social Engineering Attack |
|
00:03:00 |
|
Remote Social Engineering |
|
00:06:00 |
|
Spear Phishing Demo |
|
00:10:00 |
|
In-Person Social Engineering |
|
00:12:00 |
|
Physical Security |
|
00:11:00 |
Section 09: Post-Exploitation |
|
Post-Exploitation Techniques |
|
00:11:00 |
|
Post-Exploitation Tools |
|
00:03:00 |
|
Network Segmentation Testing |
|
00:03:00 |
|
Persistence and Stealth |
|
00:11:00 |
|
Detection Avoidance Techniques |
|
00:06:00 |
Section 10: Post-Engagement Activities |
|
Report Writing |
|
00:15:00 |
|
Important Components of Written Reports |
|
00:03:00 |
|
Mitigation Strategies |
|
00:05:00 |
|
Technical and Physical Controls |
|
00:04:00 |
|
Administrative and Operational Controls |
|
00:05:00 |
|
Communication |
|
00:09:00 |
|
Presentation of Findings |
|
00:03:00 |
|
Post-Report Activities |
|
00:05:00 |
|
Data Destruction Process |
|
00:02:00 |
Section 11: Tools and Programming |
|
Using Scripting in Pen Testing |
|
00:13:00 |
|
Bash Scripting Basics |
|
00:15:00 |
|
Bash Scripting Techniques |
|
00:10:00 |
|
PowerShell Scripts |
|
00:04:00 |
|
Ruby Scripts |
|
00:07:00 |
|
Python Scripts |
|
00:06:00 |
|
Scripting Languages Comparison |
|
00:11:00 |
|
Data Structures, Part 1 |
|
00:08:00 |
|
Data Structures, Part 2 |
|
00:08:00 |
|
Libraries |
|
00:03:00 |
|
Classes |
|
00:08:00 |
|
Procedures and Functions |
|
00:06:00 |
|
Perl and JavaScript |
|
00:06:00 |
Section 12: Tools Inventory |
|
Pen Testing Toolbox |
|
00:07:00 |
|
Using Kali Linux |
|
00:06:00 |
|
Scanners & Credential Tools |
|
00:10:00 |
|
Code-Cracking Tools |
|
00:04:00 |
|
Open-Source Research Tools |
|
00:06:00 |
|
Wireless and Web Pen Testing Tools |
|
00:11:00 |
|
Remote Access Tools |
|
00:06:00 |
|
Analyzers and Mobile Pen Testing Tools |
|
00:02:00 |
|
Other Pen Testing Tools |
|
00:04:00 |
|
Labtainers Lab (Metasploit Framework) |
|
00:02:00 |
|
Labtainers Lab (Wireshark Packet Inspection) |
|
00:12:00 |
|
Labtainers Lab (SSH) |
|
00:01:00 |
|
Scanners, Debuggers, and Wireless Tools |
|
00:10:00 |
|
Web, Steganography, and Cloud Tools |
|
00:09:00 |