Temario

1 Penetration Testing with Kali Linux: General Course Information
About The PWK Course
Overall Strategies for Approaching the Course
Obtaining Support
About Penetration Testing
Legal
The MegaCorpone.com and Sandbox.local Domains
About the PWK VPN Labs
Reporting
About the OSCP Exam
Wrapping Up
2 Getting Comfortable with Kali Linux
2.1 Booting Up Kali Linux
2.2 The Kali Menu
2.3 Kali Documentation
2.4 Finding Your Way Around Kali
2.5 Managing Kali Linux Services
2.6 Searching, Installing, and Removing Tools
2.7 Wrapping Up
3 Command Line Fun
3.1 The Bash Environment
3.2 Piping and Redirection
3.3 Text Searching and Manipulation
3.4 Editing Files from the Command Line
3.5 Comparing Files
3.6 Managing Processes
3.7 File and Command Monitoring
3.8 Downloading Files
3.9 Customizing the Bash Environment
3.10 Wrapping Up
4 Practical Tools
4.1 Netcat
4.2 Socat
4.3 PowerShell and Powercat
4.4 Wireshark
4.5 Tcpdump
4.6 Wrapping Up
5 Bash Scripting
5.1 Intro to Bash Scripting
5.3 If, Else, Elif Statements
5.4 Boolean Logical Operations
5.5 Loops
5.6 Functions
5.7 Practical Examples
5.8 Wrapping Up
6 Passive Information Gathering
6.1 Taking Notes
6.2 Website Recon
6.3 Whois Enumeration
6.4 Google Hacking
6.5 Netcraft
6.6 Recon-ng
6.7 Open-Source Code
6.8 Shodan
6.9 Security Headers Scanner
6.10 SSL Server Test
6.11 Pastebin
6.12 User Information Gathering
6.13 Social Media Tools
6.14 Stack Overflow
6.15 Information Gathering Frameworks
6.16 Wrapping Up
7 Active Information Gathering
7.1 DNS Enumeration
7.2 Port Scanning
7.3 SMB Enumeration
7.4 NFS Enumeration
7.5 SMTP Enumeration
7.6 SNMP Enumeration
7.7 Wrapping Up
8 Vulnerability Scanning
8.1 Vulnerability Scanning Overview and Considerations
8.2 Vulnerability Scanning with Nessus
8.3 Vulnerability Scanning with Nmap
8.4 Wrapping Up
9 Web Application Attacks
9.1 Web Application Assessment Methodology
9.2 Web Application Enumeration
9.3 Web Application Assessment Tools
9.4 Exploiting Web-based Vulnerabilities
9.5 Extra Miles
9.6 Wrapping Up
10 Introduction to Buffer Overflows
10.1 Introduction to the x Architecture
10.2 Buffer Overflow Walkthrough
10.3 Wrapping Up
11 Windows Buffer Overflows
11.1 Discovering the Vulnerability
11.2 Win Buffer Overflow Exploitation
11.3 Wrapping Up
12 Linux Buffer Overflows
12.1 About DEP, ASLR, and Canaries
12.2 Replicating the Crash
12.3 Controlling EIP
12.4 Locating Space for Our Shellcode
12.5 Checking for Bad Characters
12.6 Finding a Return Address
12.7 Getting a Shell
12.8 Wrapping Up
13 Client-Side Attacks
13.1 Know Your Target
13.2 Leveraging HTML Applications
13.3 Exploiting Microsoft Office
13.4 Wrapping Up
14 Locating Public Exploits
14.1 A Word of Caution
14.2 Searching for Exploits
14.3 Putting It All Together
14.4 Wrapping Up
15 Fixing Exploits
15.1 Fixing Memory Corruption Exploits
15.2 Fixing Web Exploits
15.3 Wrapping Up
16 File Transfers
16.1 Considerations and Preparations
16.2 Transferring Files with Windows Hosts
16.3 Wrapping Up
17 Antivirus Evasion
17.1 What is Antivirus Software
17.2 Methods of Detecting Malicious Code
17.3 Bypassing Antivirus Detection
17.4 Wrapping Up
18 Privilege Escalation
18.1 Information Gathering
18.2 Windows Privilege Escalation Examples
18.3 Linux Privilege Escalation Examples
18.4 Wrapping Up
19 Password Attacks
19.1 Wordlists
19.2 Brute Force Wordlists
19.3 Common Network Service Attack Methods
19.4 Leveraging Password Hashes
19.5 Wrapping Up
20 Port Redirection and tunnelling
20.1 Port Forwarding
20.2 SSH tunnelling
20.3 PLINK.exe
20.4 NETSH
20.5 HTTP Tunnelling Through Deep Packet Inspection
20.6 Wrapping Up
21 Active Directory Attacks
21.1 Active Directory Theory
21.2 Active Directory Enumeration
21.3 Active Directory Authentication
21.3.5 Low and Slow Password Guessing
21.4 Active Directory Lateral Movement
21.5 Active Directory Persistence
21.6 Wrapping Up
22 The Metasploit Framework
22.1 Metasploit User Interfaces and Setup
22.2 Exploit Modules
22.3 Metasploit Payloads
22.4 Building Our Own MSF Module
22.5 Post-Exploitation with Metasploit
22.6 Metasploit Automation
22.7 Wrapping Up
23 PowerShell Empire
23.1 Installation, Setup, and Usage
23.2 PowerShell Modules
23.3 Switching Between Empire and Metasploit
23.4 Wrapping Up
24 Assembling the Pieces: Penetration Test Breakdown
24.1 Public Network Enumeration
24.2 Targeting the Web Application
24.3 Targeting the Database
24.4 Deeper Enumeration of the Web Application Server
24.5 Targeting the Database Again
24.6 Targeting Poultry
24.7 Internal Network Enumeration
24.8 Targeting the Jenkins Server
24.9 Targeting the Domain Controller
24.10 Wrapping Up
25 Trying Harder: The Labs
25.1 Real Life Simulations
25.2 Machine Dependencies
25.3 Cloned Lab Machines
25.4 Unlocking Networks
25.5 Routing
25.6 Machine Ordering & Attack Vectors
25.7 Firewall / Routers / NAT
25.8 Passwords