Penetration Testing with Kali Linux OffSec
|
|
reasoning under
uncertainty . Consider how a game like chess is different from a game like poker. In chess, you know everything that your opponent does about the game state (and vice versa). You may not know what they are thinking, but you can make predictions about their next move based on the exact same information that they are using to determine it. When playing poker, however, you do not have all of the information that your opponent possesses, so you must make predictions based on incomplete data. In this regard, penetration testing is a lot closer to poker than chess. When we simulate an attack, we will never know everything there is to know about the machine/system/network/organization we are targeting. We therefore must make assumptions and estimate probabilities - sometimes implicitly and sometimes explicitly. Conversely, as the defender, we will not be aware of every potential attack vector or vulnerability we might be exposed to. We therefore need to hedge our bets and make sure that our attack surfaces that are most likely to be vulnerable are adequately protected. As a general rule, the only reason why hacking a machine takes any time at all is because there are things about it that we don’t know. In a majority of cases, if we knew everything there was to know about a specific target ahead of time, then we would already know the precise few commands or lines of code necessary to compromise it. With this in mind, we can think about PWK as teaching two sets of different skills at the same time: one relating to penetration testing technique, and one relating to methodology, approach, and attitude. The object level set of skills is taught explicitly via the Modules’ Learning Objectives. You will read about how to gather information, find and exploit perimeter defenses, escalate your privileges, Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 23 move laterally between machines, and pivot to other networks. All of this information is covered extensively and inside the PWK Modules themselves. However, the structure of the course enables a second order of learning. This second layer is arguably the more important one, though it is much more difficult to quantify. It provides learners with a framework for how to think, feel, and act in novel scenarios. And since penetration testing is about novel scenarios (i.e. uncertainty), it is critical that we become comfortable orienting them. PWK contains seven learning modalities: 1. Learning Modules 2. Demonstration Module Exercises 3. Application Module Exercises 4. Capstone Module Exercises 5. The Assembling the Pieces Module 6. Challenge Labs (type one) 7. Challenge Labs (type two) We can think about these learning modalities as points along a spectrum, where our uncertainty about the space we’re operating in increases as we progress through the course. Let’s consider each mode one by one. 2.2.2 Learning Modules As mentioned above, the text-based Learning Modules all cover specific penetration testing concepts, techniques, and skills. They are each approximately between 30 and 50 pages in length, and they are accompanied by videos that go over the same concepts in a visual and interactive manner. They are logically ordered in a way that allows for progressively building on top of previously learned skills. In our model of uncertainty, they are considered to be no/low uncertainty , because the learner only needs to passively read or watch the content. However, we encourage you to start the relevant lab machines and follow along by typing the commands and clicking around in the same manner as demonstrated. This helps you internalize the material. 2.2.3 Demonstration Module Exercises There are several types of Module exercise. The objective of the first kind is for the learner to actually absorb the content by following the demonstration. This type of exercise asks the learner to either input some factual, knowledge based answer to the question, or to obtain a randomized flag by copying the exact some commands and input shown in the course material. The amount of uncertainty here is still very low, because the learner can obtain the solution directly by reading or watching the Module. For example, the Yüklə Dostları ilə paylaş:
|