Penetration Testing with Kali Linux OffSec
|
|
Effective Learning Strategies
is a practical introduction to learning theory that explains OffSec’s unique approach to teaching. This module begins with an overview of how learning happens and then explores the construction of OffSec materials. The second half of the module is immediately applicable for learners and includes tactics, strategies, and specific, practical steps. Finally, we continue with a Module on Report Writing for Penetration Testers . This Module provides a framework, some advice, and some tips on writing notes as you progress through a penetration test. It also covers how you might think about writing a penetration testing report. The OSCP exam requires each learner to submit a report of their exam penetration test, so it is recommended to practice your note taking and report writing skills as you proceed with the Module exercises and Challenge Lab machines. 2.3.2 Enumeration and Information Gathering We then dive into PWK proper, starting with one of the most important aspects of penetration testing: Information Gathering . Often called by its synonym enumeration , the vast majority of one’s time during a penetration test is spent on information gathering of one form or another. However, this Module is specifically about how to approach a network at the very outset of an engagement. We extend our information gathering toolkit by exploring the concept of Vulnerability Scanning . 6 Vulnerability scanning offers us several techniques to narrow our scope within a particular network. It helps us identify machines that are especially likely to be vulnerable. Attack vectors on such machines are often colloquially called low-hanging fruit , as the imagery of reaching up to take the easy pieces of fruit off a tree is particularly powerful. 5 (OffSec, 2023), https://help.offsec.com/ 6 (Wikipedia, 2023), https://en.wikipedia.org/wiki/Vulnerability_scanner Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 27 2.3.3 Web Application and Client Side Attacks It is now time to start learning some perimeter attacks . By perimeter attacks, we mean methods of infiltration that can be reliably done from the internet. In other words, attacks that can be initiated without any sort of access to an organization’s internal network. We begin with an extensive exploration of Web Application attacks. There are two primary reasons for starting here. The first is that Web vulnerabilities are among the most common attacks vectors available to us, since modern web apps usually allow users to submit data to them. The second is that web applications are inherently visual and therefore provide us with a nice interface for understanding why our attacks work in the way that they do. Introduction to Web Applications begins by covering a methodology, a toolset, and an enumeration framework related to web applications that will help us throughout the course. It then covers our first vulnerability class: Cross-Site Scripting (XSS). 7 XSS is an excellent vulnerability to start with because it targets the user of a web application as opposed to the server running it. Since the vast majority of our regular day-to-day usage of web applications is as normal users, XSS can be unusually intuitive, compared to other types of attacks. Due to the fact that XSS targets users, it can be considered both a Web Application attack and a Client-Side Attack as we’ll soon learn. We continue our exploration of web application attacks in Yüklə Dostları ilə paylaş:
|