Complete Penetration Testing Course Bootcamp – Discover the Art of Penetration Testing and Ethical Hacking.
In this course you will start as beginner without previous knowledge about penetration testing. This course will take you through complete network penetration testing where you will go through 5 stages; Information Gathering, Enumeration, Vulnerability Scanning, Exploitation and Post Exploitation.
This course is focused on practical, hands-on side of penetration testing.
Course is divided into standard pentest stages:
- Information gathering : in this stage we will try to collect as much information as we can such as target hostname and related hosts using active and passive information gathering techniques.
- Enumeration; you will never enumerate too much. I would say that enumeration is the key of successful exploitation. In this stage we need to find out what services, service’s version and applications are running on target machine and what operating system is running on target.
- Vulnerability Scanning; in this stage you will learn how to find vulnerabilities/security issues using automated scanning tools or manually in services that we discovered in last stage.
- Exploitation; this is very important stage in which you are trying to exploit vulnerabilities in applications or services that we discovered in „Vulnerability Scanning“ stage. Sometimes this can be stressful process because there might be firewall, intrusion detection system (IDS) or intrusion prevention system (IPS) that will detect us as attackers – in that case we need to find bypass. Remember to think „outside the box“.
- Post Exploitation; after we successfully exploited our target over vulnerabilities that we discovered, we need to check if that machine is related to other machines on the network or machine is part of more networks, in that case we can use exploited machine as pivot to gather more information about network we didn’t have access before.
NOTE: Everything shown in the course is made for educational purposes only. In order to do penetration testing on network, web application, server or other device(s) you must have written permission by the owner.