2.3 OSCP's Six Phases of a Pentester and Offensive

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

48 minutes
Video Transcription
So now we're gonna get back into a little bit more hard information. OSC peace. Six phases of pen testing so they hear on screen, obviously won't read them out to you. But, Mark, I'm gonna come back to you to talk about this framework a little bit in this structure through which it sounds like a lot of pen testers are actually leveraging their skills.
So can you try a little bit about these?
Yes. I'll go. I'll go through these really quick just for everybody's time. So this is pulled directly from ow STP, which is kind of the
the prize that a lot by people contesting or going forward, pre engagement is simply going to be Win your meeting with the customer and you're kind of hashing out what the pin test is gonna be. White box, black box gray box Constable in the middle. That's where you're gonna get the rules of engagement. You're out of jail free card.
And then once you have the scope, you're gonna jump in the information gathering, which this is gonna be
using free things. Google hacking, research, doing dampness,
these kinds of things to really understand and go through all the free resource is to get as much information as you can. There's lots of tools on Callie that allowed you to even
search Facebook, Google plus figure out Cos email addresses and people you can even jump on job sites, see what they're hiring for. That'll tell you a lot of kind of what technology they're using
to kind of help pinpoint the scope of your tests so that you kind of know what exploits to use.
***, Billy, Identification, privatization. That's where you're going to start going through
the you know, scanning, gaining access. You're going a little more aggressive with your approach, still trying to avoid being detected, that that's where you're gonna start
digging into the things that you found in the information gathering faith really applying that information to start flying vulnerabilities
from there,
What you're going to do is
going to research development. That's where you know you found the vulnerabilities. This is where you're gonna line things up. Neither Medicine ploy, corn impact pro. We're depending what you have and think what you found
really kind of playing your attack to try to gain access for privilege escalation kind of work your way through.
After that,
you're gonna go exploitation. That's where you're going to execute
t gain access and financial vulnerabilities, and you're gonna keep yourself in the system. And you're going to really kind of parts to the network to see what you can get to in the matter of, like, OSC He's exam. What you're really gonna try to do is we're gonna try to work your way from from their, you know, student at work, and you try to work your way through all of the machines that they have, which
you know, if you ever do the course, you'll understand. But
the end game, which is toe to gain root access Thio, an admin network where pretty much gives you everything. So that's what you're gonna do to the real world, too. That's why they're
their exam is kind of seeking as what it is is because it really simulates what you're gonna go to the real world.
And after that
post exploitation, what you're gonna do is you're gonna try to maintain that expense so that you can get to the systems, use you exploit it
at any time you do the Trojan to do a back door and there's tons and tons of tools that all of the courses we offer go through
on what to use. How do you use on how to maintain the access? This is also where you're gonna start doing covering your tracks and you're gonna start
hiding things and make sure that if somebody from the stock analyst roll comes in, they can't figure out that you've been there and they think that may have been triggered. But your your entire purpose is that you can't be tracked
and the last part's gonna be the reporting, which is where you're gonna use a lot of soft skills and you're gonna do about a technical writing. Uh, offensive security has an example report of theirs out there that you can look at the sea of what kind of report they're looking at. You can pretty much Google pen testing report and there there's tons of them out there that go over a lot of that stuff.
But if you join the cohort, obviously, when we can get a lead on a lot more detail on the faces and how did you do all of these things?
We've got the pen tests put the plus course or county area that's coming up. We're also gearing the pen testing cohort or tow line up with the S E P. And there's some great courses on there right now from the beginning Pence test. And we also have the advancement test, which is Georgia Wiseman
Georgia Weidman, which her book is one of the staples of learning pen testing. So it goes through all this stuff too.
But you know any other questions, Especially once you get in the in the covert and you join up,
we're all here to chat with you.
Wonderful. Thank you. More. That was great. Very thorough. So good. Okay,
here we are until our next slide. Thank you so much. I find so security we wanted friendless in This is an important piece in pen testing. They want to look at the red team versus the blue team. Some of you may be familiar with this concept, but we wanted to bring it to your attention if you're not
So Red. Team is a group of security professionals who attack something. Blue team is a group of security professionals, uh, basically who defends something
and so when I was thinking about this kind of made me think of what we're kind of going through here in the U. S. With American football practice going on right now, you know, you've got teams playing against each other internally, right? So you've got a team. Let's say we're in the kind of the D C. Metro area here. So you've got the Washington Redskins and
Red team versus Blue Team. That's
anyway. You guys get it. I'm not gonna go in for originally. These exercises for Red Team and Blue Team were used by the military to test force readiness. They've also been used to test physical security off sensitive areas. Etcetera
again won't read all of this. You can see what's going on here. So I wanted to make you aware that as a contest, er you may be a red team person. You may be a blue team person. You may migrate back and forth, so Okay, let's take a look at our next bit of information.
Up Next
Launching Your Penetration Tester Career

In this course on “Launching Your Penetration Tester Career” presented by Cybrary’s own Gina Palladino, you will hear directly from the experts on what it takes to boost your career to the next level. From interview prep to resume writing, expect a thorough overview on how to achieve one of the industries most prestigious titles in cybersecurity.

Instructed By