Hello and welcome to another penetration testing execution Standard discussion. Today we're going to do a quick overview of what will be exploring in the exploitation section of the Pee test standard. Now our first discussion is going to be over the purpose of exploitation. So what is exploitation?
What are some common tools that will find within exploitation and what should be the primary focus of exploitation?
Well, then get into countermeasures what they are types of countermeasures with some kind of standard ways that those air typically bypassed.
We'll discuss data execution prevention and Web application. Firewalls within countermeasures will jump over into evasion. Discuss what evasion is common techniques, and the overall goal of evasion within a penetration test will then get into precision strike.
We'll just discuss what that is at a high level and what it is not. That won't be too deep of a discussion.
We're going to do some customized exploitation Avenue discussions where we looked at Look at what those are some examples and tailoring exploits from publicly available areas as well as modification of those exploits.
We'll discuss the zero day angle. What that means, what fuzzing is source code analysis will then jump into some different types of exploits that are typically developed as a component of zero day development.
We'll get into example avenues of attack with respect. The Web application attacks will talk about us be deployment and Dr Deployment, memory based exploits and cracking graphics processing units.
Well, then jump into what the overall objectives are again within exploitation areas of the pee test standard
identifying path of least resistance, simulating potential loss and the need to do that. And so overall, these will make up the core discussions for the exploitation area of the Pee test standard. So with that in mind, I want to thank you for your time today and let's go ahead and jump right in.