uCertify

Vulnerability Analysis

(VULNERABLE-ANALYSIS.ABE1)
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Instructor-Led (Add-on)
Video Lessons (Add-on)
Get A Free Trial

Skills You’ll Get

Get the support you need. Enroll in our Instructor-Led Course.

Download Course Outline

1

Introduction to Penetration Testing

  • What Is Penetration Testing?
  • Terminology
  • Methodologies
  • Ethical Issues
  • Legal Issues
  • Certifications
  • Careers in Penetration Testing
  • Building Your Skillset
  • Summary
  • Test Your Skills
2

Standards

  • PCI DSS
  • NIST 800-115
  • National Security Agency InfoSec Assessment Methodology (NSA-IAM)
  • PTES
  • CREST (UK)
  • A Synthesis (Putting Standards Together into a Single Unified Approach)
  • Related Standards
  • Other Standards
  • Summary
  • Test Your Skills
3

Cryptography

  • Cryptography Basics
  • History of Encryption
  • Modern Methods
  • Public Key (Asymmetric) Encryption
  • Digital Signatures
  • Hashing
  • MAC and HMAC
  • Password Crackers
  • Steganography
  • Cryptanalysis
  • Learning More
  • Summary
  • Test Your Skills
4

Reconnaissance

  • Passive Scanning Techniques
  • Active Scanning Techniques
  • Wireshark
  • Maltego
  • Other OSINT Tools
  • Summary
  • Test Your Skills
5

Malware

  • Viruses
  • Trojan Horses
  • Other Forms of Malware
  • Creating Malware
  • Summary
  • Test Your Skills
6

Hacking Windows

  • Windows Details
  • Windows Password Hashing
  • Windows Hacking Techniques
  • Windows Scripting
  • Windows Password Cracking
  • Detecting Malware in Windows
  • Cain and Abel
  • Summary
  • Test Your Skills
7

Web Hacking

  • Web Technology
  • Specific Attacks on Websites
  • Tools
  • Summary
  • Test Your Skills
8

Vulnerability Scanning

  • Vulnerabilities
  • Packet Capture
  • Network Scanners
  • Wireless Scanners/Crackers
  • General Scanners
  • Web Application Scanners
  • Cyber Threat Intelligence
  • Summary
  • Test Your Skills
9

Introduction to Linux

  • Linux History
  • Linux Commands
  • Directories
  • Graphical User Interface
  • Summary
  • Test Your Skills
10

Linux Hacking

  • More on the Linux OS
  • Linux Firewall
  • Syslogd
  • Scripting
  • Linux Passwords
  • Linux Hacking Tricks
  • Summary
  • Test Your Skills
11

Introduction to Kali Linux

  • Kali Linux History
  • Kali Basics
  • Kali Tools
  • Summary
  • Test Your Skills
12

General Hacking Techniques

  • Wi-Fi Testing
  • Social Engineering
  • DoS
  • Summary
  • Test Your Skills
13

Introduction to Metasploit

  • Background on Metasploit
  • Getting Started with Metasploit
  • Basic Usage of msfconsole
  • Scanning with Metasploit
  • How to Use Exploits
  • Exploit Examples
  • Post Exploits
  • Summary
  • Test Your Skills
14

More with Metasploit

  • Meterpreter and Post Exploits
  • msfvenom
  • More Metasploit Attacks
  • Summary
  • Test Your Skills
15

Introduction to Scripting with Ruby

  • Getting Started
  • Basic Ruby Scripting
  • Summary
  • Test Your Skills
16

Write Your Own Metasploit Exploits with Ruby

  • The API
  • Getting Started
  • Examine an Existing Exploit
  • Extending Existing Exploits
  • Writing Your First Exploit
  • Summary
  • Test Your Skills
17

General Hacking Knowledge

  • Conferences
  • Dark Web
  • Certification and Training
  • Cyber Warfare and Terrorism
  • Nation State Actors
  • Summary
  • Test Your Skills
18

Additional Pen Testing Topics

  • Wireless Pen Testing
  • Mainframe and SCADA
  • Mobile Pen Testing
  • Summary
  • Test Your Skills
19

A Sample Pen Test Project

  • Pen Test Outline
  • Report Outline
  • Summary
20

Introduction to Penetration Testing

  • Defining Penetration Testing
  • Preserving Confidentiality, Integrity, and Availability
  • Appreciating the Evolution of Hacking
21

Introduction to Operating Systems and Networking

  • Comparing Common Operating Systems
  • Exploring Networking Concepts
22

Outlining the Pen Testing Methodology

  • Determining the Objective and Scope of the Job
  • Choosing the Type of Test to Perform
  • Gaining Permission via a Contract
  • Following the Law While Testing
23

Gathering Intelligence

  • Introduction to Intelligence Gathering
  • Examining a Company's Web Presence
  • Finding Websites That Don't Exist Anymore
  • Gathering Information with Search Engines
  • Targeting Employees with People Searches
  • Discovering Location
  • Do Some Social Networking
  • Looking via Financial Services
  • Investigating Job Boards
  • Searching Email
  • Extracting Technical Information
24

Scanning and Enumeration

  • Introduction to Scanning
  • Checking for Live Systems
  • Performing Port Scanning
  • Identifying an Operating System
  • Scanning for Vulnerabilities
  • Using Proxies (Or Keeping Your Head Down)
  • Performing Enumeration
25

Conducting Vulnerability Scanning

  • Introduction to Vulnerability Scanning
  • Recognizing the Limitations of Vulnerability Scanning
  • Outlining the Vulnerability Scanning Process
  • Types of Scans That Can Be Performed
26

Cracking Passwords

  • Recognizing Strong Passwords
  • Choosing a Password-Cracking Technique
  • Executing a Passive Online Attack
  • Executing an Active Online Attack
  • Executing an Offline Attack
  • Using Nontechnical Methods
  • Escalating Privileges
27

Retaining Access with Backdoors and Malware

  • Deciding How to Attack
  • Installing a Backdoor with PsTools
  • Opening a Shell with LAN Turtle
  • Recognizing Types of Malware
  • Launching Viruses
  • Launching Worms
  • Launching Spyware
  • Inserting Trojans
  • Installing Rootkits
28

Working with Defensive and Detection Systems

  • Detecting Intrusions
  • Recognizing the Signs of an Intrusion
  • Evading an IDS
  • Breaching a Firewall
  • Using Honeypots: The Wolf in Sheep's Clothing
29

Covering Your Tracks and Evading Detection

  • Recognizing the Motivations for Evasion
  • Getting Rid of Log Files
  • Hiding Files
  • Evading Antivirus Software
  • Evading Defenses by Entering Through a Backdoor
  • Using Rootkits for Evasion
30

Detecting and Targeting Wireless

  • An Introduction to Wireless
  • Breaking Wireless Encryption Technologies
  • Conducting a Wardriving Attack
  • Conducting Other Types of Attack
  • Choosing Tools to Attack Wireless
  • Knocking Out Bluetooth
  • Hacking the Internet of Things (IoT)
31

Performing Social Engineering

  • Introduction to Social Engineering
  • Exploiting Human Traits
  • Acting Like a Social Engineer
  • Targeting Specific Victims
  • Leveraging Social Networking
  • Conducting Safer Social Networking
32

Hardening a Host System

  • Introduction to Hardening
  • Three Tenets of Defense
  • Creating a Security Baseline
  • Hardening with Group Policy
  • Hardening Desktop Security
  • Backing Up a System
33

Hardening Your Network

  • Introduction to Network Hardening
  • Intrusion Detection Systems
  • Firewalls
  • Physical Security Controls
34

Network Hardening Techniques

35

Physical Security

1

Introduction to Penetration Testing

  • Reviewing an Authorization Letter for Penetration Testing
  • Reviewing a Confidential Penetration Report
2

Cryptography

  • Using OpenSSL to Create a Public/Private Key Pair
  • Observing an SHA-Generated Hash Value
  • Observing an MD5-Generated Hash Value
  • Using Cain and Abel
  • Using DeepSound
3

Reconnaissance

  • Detecting a Phishing Site Using Netcraft
  • Searching with builtwith.com
  • Observing a Website Using archive.org
  • Using Censys
  • Scanning Live Systems Using Nmap
  • Scanning an OS Using Nmap
  • Scanning a Port Using nmap
  • Enumerating Data Using enum4linux
  • Capturing Packets Using Wireshark
  • Footprinting a Website
4

Malware

  • Causing a DarkComet Trojan Infection
  • Creating a Trojan File
  • Scanning Malware Using Antivirus
5

Hacking Windows

  • Covering Tracks
  • Using the net Command
  • Cracking Windows Password Using Ophcrack
  • Cracking a Linux Password Using John the Ripper
6

Web Hacking

  • Exploiting a Website Using SQL Injection
  • Attacking a Website Using XSS Injection
  • Using Burp Suite
  • Using BeEF
7

Vulnerability Scanning

  • Reviewing the Top 10 OWASP Attacks
  • Consulting a Vulnerability Database
  • Capturing Network Packets Using TCPdump
  • Grabbing User Credentials Using Wireshark
  • Scanning a Network using LanHelper
  • Using MBSA
  • Conducting Vulnerability Scanning Using Nessus
  • Conducting Web Application Vulnerability Scanning Using OWASP ZAP
8

Introduction to Linux

  • Using Basic Linux Commands
9

Linux Hacking

  • Creating a Personal Linux Firewall Using iptables
  • Writing Bash Shell Script
10

Introduction to Kali Linux

  • Installing Kali Linux
  • Using Sparta
11

General Hacking Techniques

  • Performing a DoS Attack with the SYN Flood
  • Simulating DDoS Attack
  • Exploiting Windows 7 Using Metasploit
12

Introduction to Metasploit

  • Searching Vulnerability Using Metasploit
  • Grabbing a Screenshot of a Target Machine Using Metasploit
  • Scanning Ports Using Metasploit
  • Create Unlimited Folders in a Victim Machine using Metasploit
  • Hiding a Remote Machine Disk Using Metasploit
13

More with Metasploit

  • Hacking Windows Using Metasploit
  • Enabling a Keylogger in a Target Machine
  • Enabling Payload on a Target Machine Using Metasploit
  • Getting a Persistence Session of Metasploit
14

Introduction to Scripting with Ruby

  • Creating Ruby Script
  • Creating Ruby Script for Arithmetic Operations
  • Creating Ruby Script for Loops
15

Write Your Own Metasploit Exploits with Ruby

  • Creating Ruby Script to Run Commands

Related Courses

All Courses