Learning Path: Real-World Ethical Hacking And Pen Testing

Get acquainted with proven techniques and methods to defeat even the toughest threats

What you'll learn

Penetration testing classification and methodology

Essential tool walkthroughs

Bypass modern security defenses to understand the ins and outs of security

Understand how networks are exploited by attackers

Work with the Metasploit toolkit to test the effectiveness of defenses

Import Nessus results in Metasploit and perform targeted exploitation

Exploit the target using well-known applications such as MS Office documents and PDF documents

Create custom backdoors using Msfvenom and Encoders

Document the findings of the VAPT activity to prepare an impressive report

Requirements

Practical knowledge on C# and .NET

Some familiarity with networking-related concepts such as TCP/IP

No IT security-related background is required.

Description

With the increase of threats and other security issues in the virtual world, proficiency with penetration testing has become vital for individuals who are trying to protect their organizations' systems. So, if you're a pentester, ethical hacker, or network security professional and want to learn the latest and advanced techniques of ethical hacking and pentesting, then go for this Learning Path.



Packt’s Video Learning Paths are a series of individual video products put together in a logical and stepwise manner such that each video builds on the skills learned in the video before it. 
The highlights of this Learning Path are:




Build your own pentesting lab environment to practice advanced techniques
Make use of tools on the likes of Kali Linux, Metasploit, and Wireshark
Get familiar with performing detailed vulnerability assessments to find vulnerabilities
Explore a vast variety of stealth techniques to bypass a number of protections when penetration testing



This Learning Path presents a step-by-step instruction in information gathering and intelligence, and will allow you to gather the required information on the targets you are testing. You'll begin with the introduction to the best tools to get started with penetration testing. You'll get hands-on experience working with Metasploit and testing the effectiveness of different defenses. Next, you'll learn about sniffing and how effective the man-in-the-middle attack can be. You’ll learn how to perform vulnerability assessments using well-known software such as Nessus and OpenVas. After finding the vulnerabilities, the next step for a pentester is to try to exploit those vulnerabilities to show the consequences. This being said you’ll also learn about many key features of Metasploit Framework and use it to exploit the vulnerabilities on the target device/machine. Finally, you’ll dive into documenting every step with Proof of Concept (POCs). 
By the end of this Learning Path, you'll gain all the knowledge and skills that is required to build a robust, secured, threat-free environment.

Meet Your Expert:


 We have the best works of the following esteemed authors to ensure that your learning journey is smooth:
Tajinder Kalsi has more than 9 years of working experience in the field of IT. Tajinder has conducted seminars in engineering colleges all across India, on topics such as information security and Android application development at more than 120 colleges and teaching 10,000+ students. Apart from training, he has also worked on VAPT projects for various clients. When talking about certifications, he is a certified ISO 27001:2013 Auditor. Prior to this course, Tajinder has authored Practical Linux Security Cookbook published by Packt Publishing. He was also a technical reviewer with Packt, in his spare time and has reviewed the books titled Web Application Penetration Testing with Kali Linux and Mastering Kali Linux for Advanced Penetration Testing.
Gary Dewey is an IT consultant specializing in security. A graduate of SUNY Broome's computer security and forensics degree program in New York, he has attended numerous B-Sides conferences and spoken at B-Sides in Rochester, New York. Gary participated in the 2015 US Cyber Challenge held at Virginia Tech. He is an active member of the Triple Cities Makerspace, a non-profit organization dedicated to community collaboration and learning.

Overview

Section 1: Getting Started with Pentesting

Lecture 1 The Course Overview

Lecture 2 Installing Kali Virtual Machine

Lecture 3 Setting Up Metasploitable2

Lecture 4 Setting up Kali Virtual Machine

Lecture 5 Setting up Third Party Tools on Kali

Lecture 6 Penetration Testing Classification

Lecture 7 Pentesting Methodology

Lecture 8 Gathering the Client Requirements

Lecture 9 Target Scoping

Lecture 10 Walkthrough of Kali

Lecture 11 Using Nmap

Lecture 12 Introduction to the Metasploit Framework

Lecture 13 Wireshark Basics

Lecture 14 A Burpsuite Walkthrough – Basics

Lecture 15 Types of Reconnaissance – Active and Passive

Lecture 16 Using NsLookup

Lecture 17 Using Traceroute/Tracert

Lecture 18 Gathering Open Web Information

Lecture 19 Scanning Using Nmap

Lecture 20 Detailed Walkthrough - Nmap

Lecture 21 Nmap Scripting Engine (NSE)

Lecture 22 Scan Types – Nmap

Lecture 23 Exporting Nmap Scan Output

Lecture 24 Introduction to Zenmap – Graphical Nmap

Lecture 25 Banner Grabbing with Netcat

Section 2: Ethical Hacking for Beginners

Lecture 26 The Course Overview

Lecture 27 Basic Terminologies

Lecture 28 Operating Systems and Tools Used

Lecture 29 What is Reconnaissance?

Lecture 30 Working with NMap

Lecture 31 Shodan for scanning

Lecture 32 Other Types of Reconnaissance

Lecture 33 Metasploit Basics

Lecture 34 Exploiting a Vulnerability

Lecture 35 Armitage

Lecture 36 Aircrack-ng

Lecture 37 MitM (Man-in-the-Middle) Attack

Lecture 38 Social Engineering Toolkit

Lecture 39 Working with Wireshark

Section 3: Finding and Exploiting Hidden Vulnerabilities

Lecture 40 The Course Overview

Lecture 41 Installing Nessus Vulnerability Scanner

Lecture 42 Using Nessus

Lecture 43 Exporting Nessus Output

Lecture 44 Installing OpenVas

Lecture 45 Using OpenVas

Lecture 46 Setting up Metasploit

Lecture 47 Understanding Payloads and Exploits

Lecture 48 Importing Nessus Results

Lecture 49 Scanning with Metasploit

Lecture 50 Metasploit Interfaces

Lecture 51 Using Meterpreter

Lecture 52 Creating Custom Backdoors for Different Platforms

Lecture 53 Msfvenom

Lecture 54 Encoders

Lecture 55 Exploiting MS Office and PDF Documents

Lecture 56 Social Engineering Toolkit

Lecture 57 Recap of Scope

Lecture 58 Information Gathered

Lecture 59 Vulnerabilities Identified

Lecture 60 Exploitable Vulnerabilities

Lecture 61 Documentation

This Learning Path is targeted at penetration testers and ethical hackers who want to improve their skills in penetration testing.