Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Coursera

Pentesting Fundamentals for Beginners

Packt via Coursera

Go to class Write review

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
This course features Coursera Coach! A smarter way to learn with interactive, real-time conversations that help you test your knowledge, challenge assumptions, and deepen your understanding as you progress through the course. This comprehensive course introduces you to the world of penetration testing and equips you with hands-on skills in vulnerability scanning, network discovery, and exploitation techniques. You'll benefit from the practical knowledge gained in creating virtual environments and tools such as Kali Linux, Metasploit, OpenVAS, and more. By the end of the course, you'll have learned how to perform basic penetration tests, exploit vulnerabilities, and craft your own scripts to carry out attacks and escalate privileges. The course begins by setting up virtual machines and systems for penetration testing, teaching essential tasks like creating Kali Linux, Windows, and Metasploitable virtual machines. It also includes an introduction to vulnerability scanning tools like Nmap and OpenVAS. You'll also delve into critical documentation such as scoping, statements of work, and final reports that form the foundation of ethical hacking. By taking this course, beginners will learn penetration testing fundamentals and the necessary tools to get started in the cybersecurity field. The course is perfect for anyone with a passion for cybersecurity or aspiring ethical hackers. A basic understanding of computers is recommended, and no prior knowledge of penetration testing is required. This course is ideal for beginners and those looking to expand their knowledge in security practices.

Syllabus

  • Introduction to the Course
    • In this module, we will provide a comprehensive overview of what the course entails. You will learn about the key topics, objectives, and structure, setting the stage for the in-depth content to follow.
  • Virtual Lab Build
    • In this module, we will delve into setting up a virtual lab environment. You will learn to install and configure Kali Linux, Windows 10, Metasploitable2 and Metasploitable3, and OWASP virtual machines. Additionally, we'll cover how to take snapshots of your current configurations.
  • Documentation
    • In this module, we will explore the crucial aspect of documentation in penetration testing. You'll understand the importance of scoping engagements, creating Statements of Work, Rules of Engagement, Master Service Agreements, and NDAs, as well as compiling a comprehensive Pentesting Final Report.
  • Penetration Testing Frameworks
    • In this module, we will cover key penetration testing frameworks. You'll gain high-level insights into the MITRE ATT&CK, NIST, and PTES frameworks, learning how to apply their principles to real-world penetration testing activities.
  • Nmap - Network Discovery
    • In this module, we will focus on Nmap, a powerful tool for network discovery. You'll learn to conduct various scans, including service and version detection, OS detection, and host discovery. Additionally, we'll explore the Nmap Scripting Engine and how to analyze scan results.
  • OpenVAS - Vulnerability Scanning
    • In this module, we will introduce you to OpenVAS, a comprehensive vulnerability scanner. You will learn how to perform vulnerability scans, interpret the results, and understand the scanner's capabilities for various testing scenarios.
  • Information Gathering
    • In this module, we will cover techniques for information gathering. You'll learn about banner grabbing and using tools like WinPEAS for automated enumeration, aiding in the reconnaissance phase of penetration testing.
  • Reverse Shells and Persistent Connections
    • In this module, we will explore reverse shells and persistent connections. You will learn to create persistent backdoors, reverse shells using PowerShell, and launch graphical console windows using SSH and XTERM for remote system management.
  • Privilege Escalation
    • In this module, we will examine privilege escalation techniques. You'll learn to identify vulnerabilities like Unquoted Service Path and perform privilege escalation on Windows 7 and 10 using UAC bypass methods.
  • OWASP Top 10 Mitigations
    • In this module, we will cover the OWASP Top 10 web application vulnerabilities. You'll learn to mitigate these vulnerabilities using various tools and techniques, including assembling fake TCP/IP packets with Hping3 and conducting scans with OWASP ZAP.
  • Web Applications Testing
    • In this module, we will focus on testing web applications. You'll learn to configure BurpSuite, perform SQL injection attacks using SQLmap, detect web application firewalls with WAFW00F, and exploit vulnerabilities like HTTP PUT method and brute-forcing WordPress passwords.
  • Compiling Exploit Code
    • In this module, we will teach you how to compile exploit code for Linux and Windows. You will also learn to prepare a Windows OVA file for your virtual lab and cross-compile exploits using tools like Mingw-w64.
  • Scripting
    • In this module, we will cover scripting techniques for penetration testing. You'll learn to use Kali web shells, transfer files using HTTP and PowerShell's WebClient, and perform tasks like string slicing in Python and disabling Windows 10 UAC using PowerShell.

Taught by

Packt - Course Instructors

Reviews

Start your review of Pentesting Fundamentals for Beginners

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.