Bolster your penetration testing skillset by learning three advanced techniques: tunneling, pivoting, and exfiltration.
- [Malcolm] There are three advanced techniques which are useful to understand when doing pen testing or when responding to an attack. These are tunneling, pivoting, and exfiltration. Tunneling is where one protocol is used to carry traffic for another protocol. Pivoting is the technique used to burrow deeper into a network by routing through one machine to another. And exfiltration is the various ways to get information out of a network when it's been collected.
In my LinkedIn Learning course, we look at these three advanced techniques. I'm Malcolm Shore and I've spent a career helping governments and businesses protect their networks and systems against cyber attacks. Understanding how tunneling and pivoting works is valuable in diagnosing attacks, and knowing where to look for exfiltration is key to detection and damage control. As you watch the course, I'd encourage you to take the opportunity to go into the lab and follow the course material with your own hands-on testing.
It's a great way to learn. Now let's get started learning about tunneling, pivoting, and exfiltration.
- How tunneling works
- Running a local SSH tunnel
- Dynamic SSH tunneling
- Pivoting with Armitage and Metaspoit
- Exfiltrating using DET and DNS
- Covert exfiltration with Cachetalk
- Using PyExfil to exfiltrate over HTTPS