Penetration Testing: Planning, Scoping, and Recon

Focused View

Jurriën

1:29:05

55 View

Module 1 - Course Overview

1. Course Overview.mp4

01:12

Module 2 - Engagement Documents - Starting Point of a Pentest

1. Rules of Engagement.mp4

06:58

2. Statement of Work.mp4

04:15

3. Non-disclosure Agreement.mp4

04:08

Module 3 - OSINT - Domains, DNS, Documents & Breach Data

1. The Different Parts of Information Gathering.mp4

06:15

2. Gathering Domain Information.mp4

03:26

3. Information Life Cycle and MITRE Framework.mp4

04:29

Module 4 - OSINT - Anonymity and Search Engine Abuse

1. Why OSINT, Online Anonymity, and Sock Puppets.mp4

11:00

2. Search Engine Abuse.mp4

04:00

3. Summary.mp4

00:39

Module 5 - OSINT - Internet Presence

1. Measuring Internet Presence.mp4

02:23

2. Web Investigations - DNS, WHOIS, and Subdomains Current and Historical.mp4

06:45

3. Gathering Documents and Harvesting Metadata.mp4

04:40

4. Business Information, Breach Passwords. and Darkweb.mp4

05:19

5. OSINT Framework and OSINT Automation.mp4

05:27

6. Module Recap.mp4

00:39

Module 6 - OSINT - Human Investigations

1. Data gathering and Creating Profiles.mp4

04:57

2. People Search Engines, Social Networks, and Reverse Image Search.mp4

06:27

3. Personal Investigation Automation with Frameworks.mp4

03:48

4. What to Do with All This Data.mp4

02:18

Description

This course will teach you what specific parts are required within the pre-engagement documentation and how to perform the initial investigation of the target while only using open-source intelligence and passive reconnaissance methods.

What You'll Learn?

Before you can start your penetration tests there are a lot of things that come to mind. What documents are needed, what should be in them, what is information gathering, and how/where should you start? In this course, Penetration Testing: Planning, Scoping, and Recon, you’ll learn to perform passive reconnaissance through OSINT and passive methods, and learn what is required in document pre-engagement for you, as a pentester, and your customer to finalize. First, you’ll explore the most important information in the pre-engagement documents like SoW, NDA, and Rules of Engagement. Next, you’ll discover how to leverage OSINT tools and frameworks to gather information about your target. Finally, you’ll learn how to leverage passive scanning tools to gather the information which will aid you in finding targets that could lead you to initial compromise. When you’re finished with this course, you’ll have the skills and knowledge needed to create documents with all the required elements to start an engagement, as well as a good foundation on how to gather information through OSINT and passive reconnaissance tools allowing you to gather valuable data about the target company.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Penetration Testing

Jurriën

Instructor's Courses

Jurrien started off in a datacenter fixing up issues for customers which had their server compromised. Moved into the IT Security field, making him a seasoned IT Security Specialist. Working for and with fortune 500 companies and critical infrastructure as a consultant he has proven himself to be a capable ethical hacker. He has also helped develop procedures and best practices for growing departments and furthering the security maturity of the organization as a whole. While his focus has shifted from ethical hacking to setting up Red Teams, he regularly gets his hands dirty to keep up with developments and to learn new skills. As he called it "The more you learn, the more you see that there is so much more that you haven't discovered yet."

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.