O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CompTIA PenTest+ (PT0-001)

Video Description

This highly hands-on course gives participants experience in network and system penetration testing. It covers all of the exam objectives for the PT0-001 exam while taking the learner step-by-step through hacking and exploiting each network and system type. Tools used in the activities are mostly Kali Linux-based, covering a broad range of real-world examples used by penetration testers and red teams. The PenTest+ certification is a much-sought-after security certification offered by CompTIA. It is the final step in achieving the new CompTIA Network Vulnerability Assessment Professional (CNVP) or Network Security Professional (CNSP) stackable certification. It is also an intermediary step in achieving the CompTIA Security Infrastructure Expert (CSIE) top level certification. In this course you will learn hands-on penetration testing and hacking skills including: Client engagement and documentation Passive and active reconnaissance Windows, Linux, and mobile device system hacking Physical security testing and social engineering Wired and wireless network hacking and exploitation Network service hacking and exploitation Application and web app hacking and exploitation Lateral movement and persistence in a compromised network Covering your tracks Report writing and post-test cleanup This course is intended for advanced students and cybersecurity practitioners who will actively test networks and computer systems for vulnerabilities. Successful completion of two pre-requisite courses, Network+ and Security+, is highly recommended.

Table of Contents

  1. 21.4 PenTest Plus Conclusion 00:00:28
  2. 1.0 PenTest Plus Introduction 00:00:33
  3. 1.1 PenTest Plus Topics 00:01:02
  4. 1.2 PenTest Engagement 00:44:15
  5. 1.3 Threat Modeling 00:47:40
  6. 1.4 Technical Constraints 00:18:54
  7. 1.5 PenTest Engagement Review 00:02:09
  8. 1.6 Examining PenTest Engagement Documents Act 00:14:14
  9. 2.1 Passive Reconnaissance part1 00:06:09
  10. 2.2 WHOIS Act 00:02:20
  11. 2.3 Passive Reconnaissance part2 00:05:48
  12. 2.4 Google Hacking Act 00:02:48
  13. 2.5 Passive Reconnaissance part3 00:04:01
  14. 2.6 DNS Querying Act 00:15:03
  15. 2.7 Passive Reconnaissance part4 00:03:37
  16. 2.8 Email Server Querying Act 00:14:02
  17. 2.9 SSL-TLS Cerfificates 00:03:56
  18. 2.10 Shodan Act 00:04:14
  19. 2.11 The Havester 00:01:09
  20. 2.12 TheHarvester Act 00:01:39
  21. 2.13 Recon-ng 00:01:48
  22. 2.14 Recon-g Act 00:32:04
  23. 2.14 Recon-ng-Part-2-API-key Act 00:11:43
  24. 2.15 Maltego 00:01:46
  25. 2.16 Have I been Pwned 00:00:40
  26. 2.17 Punked and Owned Pwned Act 00:03:45
  27. 2.18 Fingerprinting Organization with Collected Archives 00:02:02
  28. 2.19 FOCA Act 00:04:48
  29. 2.20 Findings Analysis Weaponization 00:08:01
  30. 2.21 Chp 2 Review 00:02:56
  31. 3.1 Active Reconnaissannce 00:24:29
  32. 3.2 Discovery Scans Act 00:20:39
  33. 3.3 Nmap 00:03:52
  34. 3.4 Nmap Scans Types Act 00:24:33
  35. 3.5 Nmap Options 00:07:34
  36. 3.6 Nmap Options Act 00:22:23
  37. 3.7 Stealth Scans 00:15:16
  38. 3.8 Nmap Stealth Scans Act 00:21:06
  39. 3.9 Full Scans 00:02:26
  40. 3.10 Full Scans Act 00:01:44
  41. 3.11 Packet Crafting 00:03:40
  42. 3.12 Packet Crafting Act 00:18:03
  43. 3.13 Network Mapping 00:01:28
  44. 3.14 Metasploit 00:04:49
  45. 3.15 Scanning with Metasploit Act 00:08:06
  46. 3.16 Enumeration 00:04:50
  47. 3.17 Banner Grabbing Act 00:08:59
  48. 3.18 Windows Host Enumeration 00:04:19
  49. 3.19 Winddows Host Enumeration Act 00:34:44
  50. 3.20 Linux Host Enumeration 00:04:30
  51. 3.21 Linux Host Enumeration Act 00:32:10
  52. 3.22 Service Enumeration 00:12:24
  53. 3.23 Service Enumeration Act 00:14:59
  54. 3.24 Network Shares 00:05:38
  55. 3.25 SMB Share Enumeration Act 00:44:59
  56. 3.26 NFS Network Share Enumeration 00:03:57
  57. 3.27 NFS Share Enumeration Act 00:14:20
  58. 3.28 Null Sessions 00:05:17
  59. 3.29 Null Sessions Act 00:37:31
  60. 3.30 Website Enumeration 00:03:00
  61. 3.31 Website Enumeration Act 00:07:10
  62. 3.32 Vulnerability Scans 00:07:40
  63. 3.33 Compliance Scans Act 00:03:49
  64. 3.34 Credentialed Non-credentialed Scans 00:01:32
  65. 3.35 Using Credentials in Scans Act 00:19:01
  66. 3.36 Server Service Vulnerability Scan 00:04:18
  67. 3.37 Vulnerability Scanning Act 00:17:22
  68. 3.38 Web Server Database Vulnerability Scan 00:04:47
  69. 3.39 SQL Vulnerability Scanning Act 00:14:28
  70. 3.40 Vulnerability Scan Part 2 OpenVAS Act 00:17:48
  71. 3.41 Web App Vulnerability Scan 00:02:32
  72. 3.42 Web App Vulnerability Scanning Act 00:16:01
  73. 3.43 Network Device Vulnerability Scan 00:02:10
  74. 3.44 Network Device Vuln Scanning Act 00:01:45
  75. 3.45 Nmap Scripts 00:02:24
  76. 3.46 Using Nmap Scripts for Vuln Scanning Act 00:22:40
  77. 3.47 Packet Crafting for Vulnerbility Scans 00:02:42
  78. 3.48 Firewall Vulnerability Scans 00:07:01
  79. 3.49 Wireless Access Point Vunerability 00:04:41
  80. 3.50 Wireless AP Scans Act 00:02:05
  81. 3.51 WAP Vulnerability Scans 00:14:57
  82. 3.52 Container Security issues 00:08:36
  83. 3.53 How to Update Metasploit Pro Expired Trial License 00:01:50
  84. 4.1 Physical Security 00:13:24
  85. 4.2 Badge Cloning Act 00:08:08
  86. 4.3 Physical Security Review 00:01:45
  87. 5.1 Social Engineering 00:11:03
  88. 5.2 Using Baited USB Stick Act 00:24:41
  89. 5.3 Using Social Enginnering to Assist Attacks 00:10:48
  90. 5.4 Phishing Act 00:15:53
  91. 5.5 Social Engineering Review 00:01:28
  92. 6.1 Vulnerbility Scan Analysis 00:13:51
  93. 6.2 Validating Vulnerability Scan Results Act 00:06:09
  94. 6.3 Vulnerbility Scan Analysis Review 00:01:03
  95. 7.1 Password Cracking 00:11:03
  96. 7.2 Brute Force Attack Against Network Service Act 00:10:52
  97. 7.3 Network Authentication Interception Attack 00:03:31
  98. 7.4 Intercepting Network Authentication Act 00:03:32
  99. 7.5 Pass the Hash Attacks 00:02:25
  100. 7.6 Pass the Hash Act 00:15:49
  101. 7.7 Password Cracking Review 00:00:48
  102. 8.1 Penetrating Wired Network 00:16:32
  103. 8.2 Sniffing Act 00:07:15
  104. 8.3 Eavesdropping 00:03:12
  105. 8.4 Eavesdropping Act 00:05:18
  106. 8.5 ARP Poisoning 00:05:13
  107. 8.6 ARP Poisoning Act 00:08:28
  108. 8.7 Man In The Middle 00:04:48
  109. 8.8 MITM Act 00:03:29
  110. 8.9 TCP Session HiJacking 00:04:24
  111. 8.10 Server Message Blocks SMB Exploits 00:07:06
  112. 8.11 SMB Attack Act 00:47:14
  113. 8.12 Web Server Attacks 00:03:38
  114. 8.13 FTP Attacks 00:04:21
  115. 8.14 Telnet Server Attacks 00:01:06
  116. 8.15 SSH Server Attacks 00:04:05
  117. 8.16 Simple Network Mgmt Protocol SNMP 00:04:42
  118. 8.17 Simple Mail Transfer Protocol SMTP 00:09:41
  119. 8.18 Domain Name System DNS Cache Poisoning 00:11:02
  120. 8.19 Denail of Service Attack DoS-DDoS 00:08:42
  121. 8.20 DoS Attack Act 00:05:56
  122. 8.21 VLAN Hopping Review 00:12:11
  123. 9.1 Penetrating Wireless Networks 00:18:06
  124. 9.2 Jamming Act 00:10:23
  125. 9.3 Wireless Sniffing 00:02:47
  126. 9.4 Replay Attacks 00:04:45
  127. 9.5 WEP Cracking Act 00:05:48
  128. 9.6 WPA-WPA2 Cracking 00:03:25
  129. 9.7 WAP Cracking Act 00:07:03
  130. 9.8 Evil Twin Attacks 00:05:13
  131. 9.9 Evil Twin Attack Act 00:29:49
  132. 9.10 WiFi Protected Setup 00:03:24
  133. 9.11 Bluetooth Attacks 00:02:34
  134. 9.12 Penetrating Wireless Networks 00:01:55
  135. 10.1 Windows Exploits 00:31:54
  136. 10.2 Dumping Stored Passwords Act 00:19:44
  137. 10.3 Dictionary Attacks 00:01:17
  138. 10.4 Dictionary Attack Against Windows Act 00:07:41
  139. 10.5 Rainbow Table Attacks 00:00:35
  140. 10.6 Credential Brute Force Attacks 00:02:48
  141. 10.7 Keylogging Attack Act 00:16:12
  142. 10.8 Windows Kernel 00:03:34
  143. 10.9 Kernel Attack Act 00:29:10
  144. 10.10 Windows Components 00:10:30
  145. 10.11 Memory Vulnerabilities 00:02:39
  146. 10.12 Buffer Overflow Attack Act 00:18:16
  147. 10.13 Privilegde Escalation in Windows 00:05:03
  148. 10.14 Windows Accounts 00:04:10
  149. 10.15 Net and WMIC Commands 00:04:26
  150. 10.16 Sandboxes 00:08:02
  151. 11.1 Linux Exploits 00:15:59
  152. 11.2 Exploiting Common Linux Features Act 00:36:11
  153. 11.3 Password Cracking in Linux 00:07:07
  154. 11.4 Cracking Linux Passwords Act 00:11:16
  155. 11.5 Vulnerability Linux 00:21:46
  156. 11.6 Priviledge Escalation Linux 00:03:12
  157. 11.7 Linux Accounts 00:03:17
  158. 11.8 Linux Exploits Review 00:02:06
  159. 12.1 Mobile Devices 00:08:17
  160. 12.2 Hacking Android Act 00:21:34
  161. 12.3 Apple Exploits 00:06:56
  162. 12.4 Moblie Devices Review 00:01:25
  163. 13.1 Specialized Systems 00:18:51
  164. 13.2 Specialized Systems Review 00:01:13
  165. 14.1 Scripts 00:03:51
  166. 14.2 Powershell 00:01:52
  167. 14.3 Python 00:02:18
  168. 14.4 Ruby 00:01:57
  169. 14.5 Common Scripting Elements 00:17:23
  170. 14.6 Ping Sweep 00:15:24
  171. 14.7 Better Ping Sweep 00:07:06
  172. 14.8 Simple Port Scanner2 00:07:09
  173. 14.9 Multitarget Port Scanner 00:19:48
  174. 14.10 Port Scanner with Nmap 00:05:28
  175. 14.11 Scripts Review 00:01:30
  176. 15.1 Application Testing 00:09:28
  177. 15.2 Reverse Engineering 00:11:37
  178. 16.1 Webb App Exploits 00:21:07
  179. 16.2 Injection Attacks 00:03:03
  180. 16.3 HTML Injection 00:09:25
  181. 16.4 SQL Hacking - SQLmap Act 00:24:45
  182. 16.5 Cross-Site Attacks 00:03:09
  183. 16.6 Cross-Site Request Forgery 00:03:50
  184. 16.7 Other Web-based Attacks 00:02:35
  185. 16.8 File Inclusion Attacks 00:01:10
  186. 16.9 Web Shells 00:01:12
  187. 16.10 Web Shells Review 00:02:11
  188. 17.1 Lateral Movement 00:08:47
  189. 17.2 Lateral Movement with Remote Mgmt Services 00:09:50
  190. 17.3 Process Migration Act 00:19:39
  191. 17.4 Passing Control Act 00:43:45
  192. 17.5 Pivoting 00:03:43
  193. 17.6 Tools the Enable Pivoting 00:02:36
  194. 17.7 Lateral Movement Review 00:01:05
  195. 18.1 Persistence 00:05:21
  196. 18.2 Breeding RATS Act 00:20:39
  197. 18.3 Bind and Reverse Shells 00:04:04
  198. 18.4 Bind Shells Act 00:14:05
  199. 18.5 Reverse Shells 00:03:46
  200. 18.6 Reverse Shells Act 00:12:01
  201. 18.7 Netcat 00:02:29
  202. 18.8 Netcat Act 00:17:04
  203. 18.9 Scheduled Tasks 00:08:25
  204. 18.10 Scheduled Tasks Act 00:14:48
  205. 18.11 Services and Domains 00:01:49
  206. 18.12 Persistence Review 00:01:49
  207. 19.1 Cover Your Tracks 00:11:12
  208. 19.2 Cover Your Tracks - Timestomp Files Act 00:13:00
  209. 19.3 Cover Your Tracks - Frame the Administrator Act 00:07:49
  210. 19.4 Cover Your Tracks - Clear the Event Log Act 00:03:03
  211. 19.5 Cover Your Tracks Review 00:01:20
  212. 20.1 The Report 00:26:39
  213. 20.2 The Report Review 00:02:44
  214. 21.1 Post Engagement Cleanup 1 00:09:46
  215. 21.1 Post Engagement Cleanup 00:00:03
  216. 21.3 Post Engagement Cleanup Review 00:01:14