Join Malcolm Shore for an in-depth discussion in this video What you should know before watching this course, part of Penetration Testing: Advanced Tunneling and Exfiltration.
- [Instructor] This is a practical course and during this course, I'll be using Kali Linux based tools running against test servers on my VirtualBox lab. If you don't have a VirtualBox lab, you'll find the details for setting one up in my Learning Kali Linux course. I'll be using the Kali testing framework and a variety of targets. Metasploitable, Tiny Linux, Ubuntu, and Windows hosts. I'll also be introducing some new tools.
This is an advanced course and you'll need to have a good working knowledge of Kali and some hands-on experience of ethical hacking. I'll be looking at advanced features of Kali which build on an assumed basic level of knowledge. It would be beneficial to have taken the Advanced Kali and Advanced web testing courses. Pen testing is a challenging pursuit. You should be competent in Windows and Linux host technologies, as well as having a good grasps of network protocols.
You'll also need to be very persistent.
- How tunneling works
- Running a local SSH tunnel
- Dynamic SSH tunneling
- Pivoting with Armitage and Metaspoit
- Exfiltrating using DET and DNS
- Covert exfiltration with Cachetalk
- Using PyExfil to exfiltrate over HTTPS