Join Malcolm Shore for an in-depth discussion in this video Exploiting a target, part of Penetration Testing Essential Training.
- [Instructor] We earlier covered the cyber kill chain…and discussed the seven stages of a cyberattack.…Let's take a look, in more detail, at the delivery…and exploitation phases.…This are the phases in which a pen tester…spends most of their time.…At the delivery phase, the objective is to find a way…to deliver a payload to a target.…There are four common ways to do that.…The first is to send someone the payload as an attachment…to an email and have them execute it.…Or, more usually, a document with malicious code…installed in it.…
Regardless, the delivery mechanism is the same.…Another way of delivering a malware payload to a target…is to have the target come and get it by sending them…an email containing a hyperlink to a malicious website.…This may be a website which, when the user visits it,…can automatically drop the malware into their system.…It might be a site which contains trojanized software,…containing malicious code hidden inside the legitimate code.…Another way to deliver a payload is to connect to…
Author
Malcolm Shore
Released
10/23/2017Cybersecurity expert Malcolm Shore reviews popular pen testing tools, as well as the Bash and Python scripting skills required to be able to acquire, modify, and re-use exploit code. He also provides a refresher on Kali Linux and introduces techniques for testing web services. At the end of this course, you'll be prepared to take more advanced training, and to pursue the popular Offensive Security Certified Professional (OSCP) certification.
- Pen testing overview
- Pen testing tools
- Bash scripting
- Python scripting
- Kali and Metasploit
- Web testing
- Finding exploit code
Skill Level Intermediate
Duration
Views
-
Introduction
-
Welcome1m 14s
-
Course disclaimer1m 8s
-
-
1. What is Pen Testing?
-
Pen testing overview8m 54s
-
The cyber kill chain7m 1s
-
-
2. Pen Testing Tools
-
An Nmap refresher4m 33s
-
A Netcat refresher4m 39s
-
-
3. Bash Scripting
-
Refreshing your bash skills2m 29s
-
Using functions in bash1m 19s
-
-
4. Python Scripting
-
Using the system functions1m 47s
-
Using networking functions1m 47s
-
Working with websites3m 48s
-
Accessing SQLite databases1m 51s
-
5. Kali and Metasploit
-
A Kali refresher2m 23s
-
Fuzzing with Spike2m 38s
-
A refresher on Metasploit4m 48s
-
Exploiting with Armitage6m 8s
-
-
6. Web Testing
-
Approaching web testing3m 31s
-
Fingerprinting webservers4m 44s
-
-
7. Understanding Exploit code
-
Exploiting a target8m 26s
-
Understanding code injection14m 15s
-
Finding exploit code2m 35s
-
-
Conclusion
-
What's next1m 27s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Exploiting a target