- [Narrator] In this scenario, a user will login…to a website, and I'll use Wireshark…which is installed on Kali Linux…as the network sniffing tool to capture…and analyze the traffic.…I'll start by launching Wireshark…on a system that will be the source…of the traffic we're monitoring.…I'll go to Applications, Sniffing and Spoofing,…and Wireshark.…You may get an error.…If you do, just click OK.…I'll tell Wireshark to capture all packets…crossing the ethernet zero interface…by double-clicking on the eth0 filter.…
Wireshark is now in capture mode…as we can see from the status messages…at the top and bottom of the Wireshark window.…Then I'll go to a website that requires me to login.…In this case, I'll go to a site I know…doesn't encrypt the transmission of user credentials,…the DVWA site on the Metasploitable VM.…I'll login with credentials I know will work…which are the username admin…and the password password.…Now I'll go back to Wireshark.…
I'll stop the capture and look at the results.…I'll expand the window with all the packets.…
- Cite the three phases of external security assessments.
- Explain the reasons for conducting a log review.
- Explain what network sniffing is and why it’s used.
- Describe when to use a file integrity checking tool.
- Differentiate between active network discovery and passive network discovery.
- Explain how to scan for vulnerabilities.
- Relate the three techniques useful for validating target vulnerabilities.
- Explain the four-stage methodology of conducting penetration tests.
Skill Level Intermediate
1. Overview of Technical Security Assessments
2. Technical Security Assessment Reviews
3. Identify and Analyze Targets
4. Validate Target Vulnerabilities
5. Planning Technical Security Assessments
6. Executing the Technical Security Assessment
7. Post-Testing Activities
Report the results2m 16s
Next steps1m 32s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.