Book Image

Practical Pentesting [Video]

By : ACI Learning, Daniel Lowrie, Brad Stine
Book Image

Practical Pentesting [Video]

By: ACI Learning, Daniel Lowrie, Brad Stine

Overview of this book

The course begins by introducing the fundamentals of penetration testing, distinguishing the roles of pentesters – the good, the essential, and the challenges they face. It lays the groundwork with pre-engagement essentials, including data security agreements and crafting a detailed Statement of Work (SOW), ensuring clarity and legal safeguarding before any testing begins. The course focuses on the pentesting methodology, guiding you through the stages of assessment from validating scope to reconnaissance, vulnerability scanning, and exploitation. It emphasizes the importance of maintaining access, covering tracks, and preparing comprehensive deliverables to ensure actionable insights for enhancing security. The course wraps up by exploring personal engagement toolkits and pentesting platforms, providing practical knowledge for effective pentesting. It also touches upon blue team pentesting, highlighting the collaborative effort required in cybersecurity to protect against threats.
Table of Contents (9 chapters)
Chapter 8
Assessing and Exploiting Vulnerabilities
Content Locked
Section 4
Stages of Assessment: Vulnerability Scan Part 2
In this episode, Daniel and Brad get deeper into the stages of assessment by performing a vulnerability scan. Here you'll see how to analyze the Nessus report and refactoring certain items to better prioritize your attack methodology. They also further explore BurpSuite and introduce you to the Dradis collaboration and data organization software.