Time
14 hours 43 minutes
Difficulty
Advanced
CEU/CPE
15

Video Transcription

00:00
Hello, everybody. Welcome to the final episode number 47 Summary. My name is Alejandro Gonna and I'll be instructor for today session
00:11
in these long course long, John, you have being together that we saw several techniques we implemented starting from, you know, from basic stuff, like maybe getting to know the bash shell commands. Ah, how to You know how to manage service is how to actually manage
00:30
processes, Catalina.
00:32
And you know the basic stuff we need to learn before we can actually dive in into, you know, trying to hack something. Then we've saw module tree hackers, main tools, which are, you know, for example, we saw how to execute commands ing with that cat egg map may have exploited some basic from med exploit.
00:51
We also saw burps it.
00:53
We saw, you know, the main tool we use win hacking systems. Then we saw techniques for information gathering, which may be the first step in a real penetration test that the first modules were just an introduction. Eso We saw information gathering techniques from googling stuff. Ah, plane
01:12
filters to that Google search
01:14
defined maybe reports or something like that. The famous Google hacks Ah, from, you know, getting the n s and M oration and all the stuff that's actually, you know, getting to know the customer system Very well, then. We saw some exploits.
01:30
For example. Look, a final inclusion, remote filing, collusion,
01:34
cross ice, krypton askyou injection and all those exploits that will help us. You know, fine. I went away in into the customers system. Then we focus on a specific exploit, which was both for powerful. And the reason is because of this, uh, exploit, um
01:53
is worth 25% of your escort attests court when you're actually taking the gossipy exam. So
02:01
this is the way we set aside this model just for this exploit Model seven and privilege escalation. Just you know, now that you are in the system, you need to now escalate religious t get rude or to gain admin. So you know, to successfully
02:19
I have full control over a machine and maybe, you know, gather information or maybe move
02:23
to another system or to another machine from that point on. And then we saw how to actually carry out Ah, full penetration test, you know, simulated from again, gather information from created exploit financial deniability final weigh in. Now, you know, it
02:43
escalated privileges.
02:45
And, you know, maybe you also how to report And, you know, the pre the pre the steps that you have to take that from, You know, the pre engagement steps you have to take before you can actually take your keyboard and actually perform the penetration test.
03:01
Well, thank you. Thank you really much. Very much for for for actually bearing with me. I know. You know, I have Bean may be a pain for you teaching you all the things I could teach. Remember, this course was to just, uh, you know,
03:19
lead you into in the right direction. You have to make a lot of racers. You have to
03:23
cool this stuff. You have to read books in order to be fully prepared for this exam. These are really, really ah, hard exam to take, but, you know, once you take it Ah, you win. Um, it's one of the best feeling that you can, you know, ever feel s o. I can't Thank you all. You want to reach out? Please do.
03:44
Please tell me you know if I have to improve something I know I have to improve a lot of things,
03:49
you know, reach out and we can discuss thing we can. Sure, you know, experiences and everything with the customer. And I can if I can, I can. I am more than happy to give you some advice is on how to execute penetration, testing. You know, we can just chat. I'm linked in a cell 100 now,
04:06
and I'm also on Twitter. I don't use it much, but you know, you can also
04:11
direct message me and we can start come percent a conversation. Something that so That's it. Not just for today Faults, but, you know, for an entire course. I hope to see you in another course very soon. And you know,
04:24
we'll see each other. Thank you.

Offensive Penetration Testing

This is a deep course about penetration testing. In this course, you’ll learn from basic to the most advanced and modern techniques to find vulnerabilities through information gathering, create and/or use exploits and be able to escalate privileges in order to test your information systems defenses.

Instructed By

Instructor Profile Image
Alejandro Guinea
CERT Regional Director
Instructor