Join Malcolm Shore for an in-depth discussion in this video Fuzzing with Spike, part of Penetration Testing Essential Training.
- [Narrator] Let's take a look at a fuzzing tool…called Spike, that's included in Kali.…Stephen Bradshaw has created quite a cool little…pen testing target called the vulnerable server, shown here…and I've downloaded this and extracted it…into my Windows system.…I'll use this target to demonstrate how we can use Spike…to fuzz the server and find vulnerabilities.…The server listens on port 9999.…The first thing I'll do is to connect…to the server using Netcat.…
Okay, we get the banner, and I can enter "HELP"…to see what commands it takes.…Okay, we have some commands here, and we can start fuzzing.…To use Spike, I need to set up an action file.…I've called this command dot spk…and we can look at it in Nano.…I'm instructing Spike to send the string TRUN xxxxx…to the server where xxxx is the fuzzed data…created by Spike.…To see it in action, we'll use Wireshark…to capture the packets.…
I'll start Wireshark.…There's various Spike modules listed in the applications…vulnerability analysis, fuzzing tools menu…and we can call them directly from the command line.…
Cybersecurity expert Malcolm Shore reviews popular pen testing tools, as well as the Bash and Python scripting skills required to be able to acquire, modify, and re-use exploit code. He also provides a refresher on Kali Linux and introduces techniques for testing web services. At the end of this course, you'll be prepared to take more advanced training, and to pursue the popular Offensive Security Certified Professional (OSCP) certification.
- Pen testing overview
- Pen testing tools
- Bash scripting
- Python scripting
- Kali and Metasploit
- Web testing
- Finding exploit code
Skill Level Intermediate
Ethical Hacking: Penetration Testingwith Lisa Bock1h 21m Intermediate
1. What is Pen Testing?
2. Pen Testing Tools
3. Bash Scripting
4. Python Scripting
5. Kali and Metasploit
6. Web Testing
7. Understanding Exploit code
What's next1m 27s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.