Certified Virtualization Security Expert, Part 3 of 6: Penetration Testing 101

To be secure you have to think like a hacker. This course covers penetration testing, how much hacks cost, evolving threats, information gathering, scanning, enumeration and finishes with tools that hackers and you can utilize to gather information. This course contains the following lessons:

Lesson 1:

• Benefits of a Penetration Test
• The Cost of Hacks
• Cost of a Hack: Example
• Current Issues: Malware
• Zombies
• Current Issues: Zombies
• Current Issues: Botnets
• Stolen Information
• Current Issues: Social Engineering and Exploits
• Chained Exploit Example
• Gonzalez Indictment.

Lesson 2:

• The Evolving Threat
• Methodology for Pen Testing/Ethical Hacking
• Penetration Testing Methodologies
• Different Types of Penetration Tests
• Website Review
• Demo: Security Websites
• Demo: More Security Websites
• Management Errors
• VMware Concerns.

Lesson 3:

• Methods of Obtaining Information
• Foot printing
• Foot printing Tools
• Maltego GUI
• Demo: Maltego
• Demo: Maltego Transforms
• FireCAT
• Demo: FireCAT.

Lesson 4:

• FireFox Fully Loaded
• Google Hacking
• Advanced Query Operators
• Google Continued
• Shodan
• Demo: Shodan
• Port Scanning
• Popular Port Scanning Tools
• ICMP Disabled
• TCP Connect Port Scan and NMAP
• Half-Open Scan, Firewalled Ports, and UDP Ports
• Demo:
• Demo: Port Scanning with NMAP
• Demo: Perform Scan
• Demo: Discovered Ports
• Demo: Reading Output.

Lesson 5:

• UDP Port Scan
• Enumeration
• Banner Grabbing
• DNS Enumeration
• Zone Transfers
• Backtrack DNS Enumeration
• Active Directory Enumeration
• LDAPMiner
• Null Session
• Syntax for a Null Session
• Enumeration with Cain and Abel
• NAT Dictionary Attack Tool
• THC-Hydra
• Injecting Abel Service
• Demo: Cain and Abel
• Demo: ARP Poisoning
• Demo: Certificates
• Demo: Modify Port Function.