CF

Ethical Hacking: Penetration Testing

4h 43m 59s
English
Paid

Enhance your cybersecurity skills with our comprehensive course on Ethical Hacking: Penetration Testing. As security professionals, our primary goal is to create robust systems that are highly resistant to intrusions. Remember, while you can't fully prevent attackers, your mission is to impede them significantly. How do you achieve this? By adopting the same strategies they use. Penetration testing, or pen testing, involves simulating cyber attacks on your own or a client's network using the very tools, techniques, and procedures an attacker would utilize.

Understanding Penetration Testing

The essence of pen testing is to uncover vulnerabilities, weaknesses, and potential access points without causing actual harm. Engage in this course to master the art of defending networks by thinking like an attacker.

Course Objectives

  • Learn the fundamentals of penetration testing.
  • Understand how to prepare and execute a pen test successfully.
  • Gain insights into reporting findings effectively.
  • Understand the importance of documenting results to enhance security measures moving forward.

Course Outline

Preparation for Penetration Testing

Gain insights into the initial steps required to prepare for a successful penetration test.

Executing the Pen Test

Learn how to carry out a pen test efficiently and effectively, employing real-world scenarios.

Tools and Techniques

Explore various tools and methodologies used during penetration testing to mirror actual cyber attacks.

Reporting and Documentation

Understand the significance of detailed reporting to add value to your security initiatives. Learn how to articulate findings in a manner that informs and improves organizational security policies and practices.

About the Author: Pluralsight

Pluralsight thumbnail

Pluralsight is one of the largest enterprise-focused online technology training platforms in the world, founded in 2004 by Aaron Skonnard and acquired by Vista Equity Partners in 2021. The platform has historically been the dominant choice for corporate IT training, with a catalog of over 7,000 courses covering software development, IT operations, security, data, and cloud across virtually every major vendor and open-source platform.

The instructor roster includes Microsoft Regional Directors, AWS / Azure / GCP MVPs, and named experts in essentially every active technology track. Course material is structured for the corporate-training market: each course covers a specific skill at a defined depth, and Pluralsight's role-based learning paths are widely used by enterprises for upskilling engineering teams.

The CourseFlix listing under this source carries 12 Pluralsight courses — a small slice of the broader platform's catalog. Material is paid; Pluralsight itself runs on a monthly / annual subscription on the original platform, with Pluralsight Skills (individual) and Pluralsight Flow (engineering analytics) as the main product lines.

Watch Online 78 lessons

This is a demo lesson (10:00 remaining)

You can watch up to 10 minutes for free. Subscribe to unlock all 78 lessons in this course and access 10,000+ hours of premium content across all courses.

View Pricing
0:00
/
#1: Understanding Penetration Testing
All Course Lessons (78)
#Lesson TitleDurationAccess
1
Understanding Penetration Testing Demo
04:08
2
Why Do Penetration Tests?
08:26
3
Types of Pen Tests
04:01
4
Stage 1: Pre-attack
16:04
5
Stage 2: Attack
06:38
6
Stage 3: Post-attack
01:46
7
Pen Testing Standards
16:50
8
Summary
03:11
9
Laying the Foundation
01:20
10
The Steps to a Successful Pen Test
06:19
11
Summary
00:52
12
Intro to Scanning the Target
01:58
13
Steps to Scan the Target
06:05
14
Summary
00:51
15
Intro to Enumerating the Target
01:47
16
Steps to Enumerate the Target
07:24
17
Summary
05:12
18
Intro to Hacking the Target
03:18
19
Password Cracking
10:06
20
Privilege Escalation
02:14
21
Service Accounts
02:09
22
Hide & Seek Time
03:33
23
Covering Our Tracks
01:32
24
Summary
02:28
25
Intro to Sniffing the Target
01:50
26
Flooding, Spoofing, & Poisoning
05:31
27
Summary
01:57
28
Intro to Social Engineering
04:33
29
Reconnaissance & Creating the Scenario
04:14
30
Attacking
06:16
31
Summary
01:46
32
Intro to DoS/DDoS the Target
03:09
33
Outline Objectives
00:56
34
Load up the Server
02:17
35
Look for Vulnerabilities & Flooding
01:34
36
Email-bombing & Flood Web-forms
01:50
37
Summary
02:42
38
Intro to Session Hijacking the Target
02:54
39
Steps to Test for Session Hijacking
05:31
40
Summary
01:42
41
Intro to Targeting Web Servers
03:26
42
Recon Your Targets
04:12
43
More In-depth Recon
03:56
44
Summary
01:51
45
Intro to Hitting the Web Apps
03:33
46
Define Targets & Gather Information
03:36
47
Configuration Management Testing
02:11
48
Authentication Testing
02:18
49
Session Management Testing
01:49
50
Authorization Testing
01:10
51
Data Validation Testing
03:47
52
Denial of Service Testing
02:24
53
Web Services Testing
03:32
54
AJAX Testing
02:19
55
Summary
03:21
56
Intro to Looking at the Wi-Fi
02:31
57
Who's Out There!?
01:26
58
WEP Testing
01:07
59
WPA/WPA2 Testing
02:09
60
General Wi-Fi Testing
02:08
61
Summary
01:54
62
Intro to Focusing on the Mobile Devices
03:16
63
Android Pen Testing
04:25
64
iPhone Pen Testing
03:26
65
Windows Phone Pen Testing
02:41
66
BlackBerry Pen Testing
04:16
67
Summary
01:56
68
Intro to Target the Firewall and/or IDS
02:34
69
Firewall Testing
04:03
70
IDS Testing
08:49
71
Summary
01:20
72
Intro to Going After the Cloud
02:10
73
It's Not All About You: Before You Begin
03:30
74
It's Not All About You: The Steps
06:36
75
Summary
01:29
76
Intro to How to Bring It All Together
01:52
77
What's in the Report?
08:02
78
Summary
02:00
Unlock unlimited learning

Get instant access to all 77 lessons in this course, plus thousands of other premium courses. One subscription, unlimited knowledge.

Learn more about subscription

Related courses

Frequently asked questions

What are the prerequisites for enrolling in this course?
There are no formal prerequisites for this course on Ethical Hacking: Penetration Testing. However, a basic understanding of computer networks and cybersecurity concepts is beneficial. Familiarity with operating systems, network protocols, and IT infrastructure will help you grasp the course material more effectively.
What kind of projects or exercises will I work on during the course?
Throughout the course, you will engage in various exercises that simulate real-world cyber attack scenarios. These include scanning and enumerating targets, password cracking, privilege escalation, and testing for vulnerabilities in web applications. You will also practice techniques such as sniffing, spoofing, social engineering, and DoS/DDoS attacks. These exercises are designed to provide practical experience in penetration testing.
Who is the target audience for this course?
The course is aimed at security professionals, IT administrators, and anyone interested in enhancing their cybersecurity skills. It is suitable for individuals looking to understand penetration testing processes and techniques to better defend networks by thinking like an attacker. The course is also ideal for those seeking to transition into a cybersecurity role.
How does this course compare in depth and scope to other similar courses?
This course provides a comprehensive overview of penetration testing, covering everything from pre-attack preparation to post-attack analysis. With 78 lessons, the course offers detailed insights into various stages of pen testing, including tools and methodologies. Compared to other courses, this one focuses on hands-on application and real-world scenarios, making it suitable for those who want practical experience.
What specific tools or platforms will I learn to use during the course?
During the course, you will explore a range of tools and methodologies used in penetration testing. While specific tool names are not listed in the outline, you will learn about tools for scanning, enumerating, and attacking targets. The course emphasizes using tools that mirror actual cyber attacks, providing you with practical knowledge applicable in the field.
What topics are not covered in this course?
This course focuses on the practical aspects of penetration testing and does not cover broader cybersecurity topics such as threat intelligence, incident response, or security management frameworks. It also does not delve into advanced cryptography or the development of custom hacking tools. The primary goal is to provide hands-on experience with penetration testing techniques and tools.
What is the expected time commitment to complete the course?
The course consists of 78 lessons, but the total runtime is not specified. Assuming an average lesson length, you can expect to spend several hours to complete the course. The time commitment will vary based on your familiarity with the material and how much time you dedicate to practicing the hands-on exercises. It is advisable to allocate time for reviewing lessons and practicing independently to get the most out of the course.