Search the Community

Description Websites are one of the most vulnerable pieces of information technology, since their contents are exposed to access from the internet. By understanding how attackers locate and exploit these vulnerabilities, you can help build more secure websites and protect web applications. This course shows you how to perform advanced web testing using the tools available in Kali, the professional pen testing framework. After a brief refresher on web testing, instructor Malcolm Shore introduces some new tools for enumerating and exploiting websites. Malcom teaches you how to spider a website using Burp Suite and check for vulnerable pages, how to find hidden pages on a website, and shows how the common web technologies such as PHP, Nodejs, and ASP can be exploited. He also explains how to integrate Burp Suite and sqlmap to enable deep testing of a web site for hidden access vectors, as well as using tools like Cadaver and Jhead which attackers use to upload malware. [hide][Hidden Content]]

Description This course will teach you what specific parts are required within the pre-engagement documentation and how to perform the initial investigation of the target while only using open-source intelligence and passive reconnaissance methods. What you’ll learn Before you can start your penetration tests there are a lot of things that come to mind. What documents are needed, what should be in them, what is information gathering, and how/where should you start? In this course, Penetration Testing: Planning, Scoping, and Recon, you’ll learn to perform passive reconnaissance through OSINT and passive methods, and learn what is required in document pre-engagement for you, as a pentester, and your customer to finalize. First, you’ll explore the most important information in the pre-engagement documents like SoW, NDA, and Rules of Engagement. Next, you’ll discover how to leverage OSINT tools and frameworks to gather information about your target. Finally, you’ll learn how to leverage passive scanning tools to gather the information which will aid you in finding targets that could lead you to initial compromise. When you’re finished with this course, you’ll have the skills and knowledge needed to create documents with all the required elements to start an engagement, as well as a good foundation on how to gather information through OSINT and passive reconnaissance tools allowing you to gather valuable data about the target company. [hide][Hidden Content]]

View File The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy The Basics of Hacking and Penetration Testing, Second Edition, serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. The book teaches students how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. It provides a simple and clean explanation of how to effectively utilize these tools, along with a four-step methodology for conducting a penetration test or hack, thus equipping students with the know-how required to jump start their careers and gain a better understanding of offensive security. Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. Tool coverage includes: Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. This is complemented by PowerPoint slides for use in class. This book is an ideal resource for security consultants, beginning InfoSec professionals, and students. Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases. Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University. Utilizes the Kali Linux distribution and focuses on the seminal tools required to complete a penetration test. Submitter dEEpEst Submitted 29/05/18 Category Libro Online Password ********