Book Image

Practical Pentesting [Video]

By : ACI Learning, Daniel Lowrie, Brad Stine
Book Image

Practical Pentesting [Video]

By: ACI Learning, Daniel Lowrie, Brad Stine

Overview of this book

The course begins by introducing the fundamentals of penetration testing, distinguishing the roles of pentesters – the good, the essential, and the challenges they face. It lays the groundwork with pre-engagement essentials, including data security agreements and crafting a detailed Statement of Work (SOW), ensuring clarity and legal safeguarding before any testing begins. The course focuses on the pentesting methodology, guiding you through the stages of assessment from validating scope to reconnaissance, vulnerability scanning, and exploitation. It emphasizes the importance of maintaining access, covering tracks, and preparing comprehensive deliverables to ensure actionable insights for enhancing security. The course wraps up by exploring personal engagement toolkits and pentesting platforms, providing practical knowledge for effective pentesting. It also touches upon blue team pentesting, highlighting the collaborative effort required in cybersecurity to protect against threats.
Table of Contents (9 chapters)
Chapter 2
Pre-Engagement Essentials for Pentesting
Content Locked
Section 1
Pre-Engagement
In this episode, Daniel and Brad take you through some of the common elements and practices of a pentester during the pre-engagement phase of an assessment. This includes learning what the customer wants out of the engagement, NDAs, getting authorization forms, creating a Statement of Work, generating the correct reports, and making sure the monetary compensation is worked out.