Penetration Testing with Kali Linux OffSec
|
|
specific
machine is directly vulnerable in the first place. Some machines will be dependent on information, credentials, or capabilities that will be found on other machines. And some machines may not even be (intentionally) exploitable until after the Domain Controller is compromised. All machines contain either a local.txt file, a proof.txt file, or both. The contents of these files are randomized hashes that can be submitted to the OLP to log each compromise. Just like the Module exercise flags, the contents of these files will change on every revert of the machine. We’ll discuss more details related to these scenarios in the final Module of PWK. 2.2.8 Challenge Labs 4-6 The second type of Challenge Lab consists of an OSCP-like experience. They are each composed of six OSCP machines. The intention of these Challenges is to provide a mock-exam experience that closely reflects a similar level of difficulty to that of the actual OSCP exam. Each challenge contains three machines that are connected via Active Directory, and three standalone machines that do not have any dependencies or intranet connections. All the standalone machines have a local.txt and a proof.txt. While the Challenge Labs have no point values, on the exam the standalone machines would be worth 20 points each for a total of 60 points. The Active Directory set is worth 40 points all together, and the entire domain must be compromised to achieve any points for it at all. All the intended attack vectors for these machines are taught in the PEN-200 Modules, or are leveraged in the first three Challenge Labs. However, the specific requirements to trigger the vulnerabilities may differ from the exact scenarios and techniques demonstrated in the course material. You are expected to be able to take the demonstrated exploitation techniques and modify them for the specific environment. Also included with your initial purchase of the PWK course is an attempt at the OSCP certification exam 4 itself. The exam is optional, so it is up to you to decide whether or not you would like to tackle it. To schedule your OSCP exam, go to your exam scheduling calendar. The calendar can be located in the OffSec Learning Portal under the course exam page. Here you will find your exam expiry date, as well as schedule the exam for your preferred date and time. Keep in mind that you won’t be able to select a start time if the exam labs are full for that time period so we encourage you to schedule your exam as soon as possible. 4 (OffSec, 2023), https://help.offsec.com/hc/en-us/categories/360002666252-General-Frequently-Asked-Questions-FAQs- Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 26 We will cover the exam in more detail in the final Learning Module of this course. For additional information, please visit our support page . 5 2.3 Summary of PWK Learning Modules This Learning Unit covers the following Learning Objectives: • Obtain a high level overview of what’s covered in each PEN-200 Learning Module In the previous Learning Units, we went over the general structure and specific components of PWK. In this Learning Unit, we will summarize each of the Learning Modules included within the course. 2.3.1 Getting Started: Optional Ramp-up Modules We begin with three optional Modules from our Fundamentals series. These Modules are included in PWK for those learners who desire a softer start to their PWK learning journey. Introduction to Cybersecurity provides a broad survey on the current state of the world of Cybersecurity. It covers how Cybersecurity is practiced as a discipline and what kinds of threats and threat actors exist. It also covers security principles, controls and strategies, Cybersecurity laws, regulations and frameworks, and career opportunities within the industry. Yüklə Dostları ilə paylaş:
|