SECRET OF CSS

Network Penetration Testing (Ethical Hacking) From Scratch


This is a review of the TWR course hosted on Udemy by Latest Hacking News. With over 7 hours of content this course will help you learn about ethical hacking and how to properly conduct a pentest from a networking based perspective. There are various modules including legal considerations, information gathering, post exploitation and reporting. If you have a general understanding of how a network operates and are interested in network penetration testing, this course is for you.

Course Introduction modules (S1-s3)

The first module is filled with useful information. You get the syllabus and an intro to penetration testing as well as a 10 minute on how to properly report your results to the client. Another great thing about the first section is the Glossary. Not only do you get definitions but they also provide examples for further clarification. The legal considerations section is really just a primer to ethical hacking laws. While it is full of useful information please do your own research before agreeing to any testing with a company. Consult a lawyer if needed. The third introductory module talks about setting up the working environment for your test. It has tutorials on how to set up Kali Linux, setting up hacking tools on MacOS. It talks about cloud services and vulnerable VMs like VulnHub and Metasploitable.

Exploitation Modules(S4-S7)

The next four modules contain training on how to use various tools during the pentest. We talk about passive information gathering versus active information gathering and all the tools involved like Nmap, OpenVAS and Metasploit. These are the nitty gritty videos that you will want to watch more than once to make sure you get a handle on the various tools. Please be aware that this is a lot of information to process so take your time, pay attention and repeat. there is also a 10 minute module on phishing and tools used for that.

Final Modules

The final two modules have post exploitation techniques for Linux and Windows machines. In the post exploitation section you can learn how to extract hashes from memory, learn about pivoting and persistence and various other ways to maintain access. The other techniques module is packed with a Wireshark tutorial and a section about hardware penetration testing like wire taps, electronic locks and wireless captures.

hardware-agnostic side-channel attack

Conclusion

This course is very beneficial for someone who is already in an IT role. If your totally new I would recommend getting some network knowledge under your belt and learn a little more about how packets work and such. The tool walkthroughs are very thorough and cover pentest from many different devices. What I would like to see is more on the Hardware Penetration Testing as well as maybe a networking refresher. All in all a wonderful learning tool.

If you wish to enrol you can do so here



News Credit

%d bloggers like this: