Overview
In this online, instructor led training course students will get a hands-on feel for penetration testing. The instructor goes through many of the tools available through demonstrations allowing you to scan multiple port numbers and protocols. This course will be useful for any students who are wanting to do penetration testing in the real world.
Course Instructor: Alex Achs
Course Outline
01. Discovering hosts via Ping Scan
- nmap -sn 10.0.0.0/8
- What difference TTL means
02. TCP Scanning:
- nmap -v -p- -sT
- unicornscan -i -I -mT $IP:a
03. UDP Scanning:
- nmap -v -p- -sU
- unicornscan -i -I -mU $IP:a
04. Searchsploit (Searches exploitdb)
05. Some common ports and what to do:
- 21 – FTP
- Fingerprint version
- Check for Anonymous access
- Brute Forcing
- MITM (Requires more setup)
06. SSH
- Fingerprint version
- Brute Force
07. Telnet
- Fingerprint version
- Brute Force
08. SMTP
- Fingerprint version
- Enumerate Users
09. DNS
- Fingerprint version
- Zone transfer
- DNSRecon
- DNSEnum
10. FINGER
- User enumeration
- Potential command execution
11. WEB
- Fingerprint version
- robots.txt
- Nikto
- Dirbuster Gobuster
- Local Remote File Inclusion (LFI & RFI)
12. SNMP
- Default Community Strings
- MIBS
- .1.3.6.1.2.1.1.5 Hostnames
- .1.3.6.1.4.1.77.1.4.2 Domain Name
- .1.3.6.1.4.1.77.1.2.25 Usernames
- .1.3.6.1.4.1.77.1.2.3.1.1 Running Services
- .1.3.6.1.4.1.77.1.2.27 Share Information
- snmpwalk
- SNMP Bruteforce
13. LDAP
- Enumeration
14. SMB
- enum4linux
- smbclient
- Mounting Shares
Skills Learned
After completing this online training course, students will be able to:
- Introduction to TCP and UDP scanning
- FTP scanning of Linux OS
- SSH scanning of Linux OS
- Real world application of penetration testing tools
- Scan protocols such as LDAP, SMB, and SNMP