Penetration Testing with Kali Linux OffSec


səhifə9/132
tarix21.12.2023
ölçüsü
#187693
1   ...   5   6   7   8   9   10   11   12   ...   132
PEN-200

Effective Learning Strategies
is a practical introduction to learning theory that explains OffSec’s 
unique approach to teaching. This module begins with an overview of how learning happens and 
then explores the construction of OffSec materials. The second half of the module is immediately 
applicable for learners and includes tactics, strategies, and specific, practical steps. 
Finally, we continue with a Module on 
Report Writing for Penetration Testers
. This Module 
provides a framework, some advice, and some tips on writing notes as you progress through a 
penetration test. It also covers how you might think about writing a penetration testing report. The 
OSCP exam requires each learner to submit a report of their exam penetration test, so it is 
recommended to practice your note taking and report writing skills as you proceed with the 
Module exercises and Challenge Lab machines. 
2.3.2
Enumeration and Information Gathering 
We then dive into PWK proper, starting with one of the most important aspects of penetration 
testing: 
Information Gathering
. Often called by its synonym 
enumeration
, the vast majority of one’s 
time during a penetration test is spent on information gathering of one form or another. However, 
this Module is specifically about how to approach a network at the very outset of an engagement. 
We extend our information gathering toolkit by exploring the concept of 
Vulnerability Scanning
.
6
Vulnerability scanning offers us several techniques to narrow our scope within a particular 
network. It helps us identify machines that are especially likely to be vulnerable. Attack vectors on 
such machines are often colloquially called 
low-hanging fruit
, as the imagery of reaching up to 
take the easy pieces of fruit off a tree is particularly powerful. 
5
(OffSec, 2023), https://help.offsec.com/ 
6
(Wikipedia, 2023), https://en.wikipedia.org/wiki/Vulnerability_scanner 


Penetration Testing with Kali Linux
PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 
27 
2.3.3
Web Application and Client Side Attacks 
It is now time to start learning some 
perimeter attacks
. By perimeter attacks, we mean methods 
of infiltration that can be reliably done from the internet. In other words, attacks that can be 
initiated without any sort of access to an organization’s internal network. 
We begin with an extensive exploration of Web Application attacks. There are two primary 
reasons for starting here. The first is that Web vulnerabilities are among the most common 
attacks vectors available to us, since modern web apps usually allow users to submit data to 
them. The second is that web applications are inherently visual and therefore provide us with a 
nice interface for understanding why our attacks work in the way that they do. 
Introduction to Web Applications
begins by covering a methodology, a toolset, and an 
enumeration framework related to web applications that will help us throughout the course. It 
then covers our first vulnerability class: 
Cross-Site Scripting
(XSS).
7
XSS is an excellent 
vulnerability to start with because it targets the 
user
of a web application as opposed to the 
server running it. Since the vast majority of our regular day-to-day usage of web applications is as 
normal users, XSS can be unusually intuitive, compared to other types of attacks. 
Due to the fact that XSS targets users, it can be considered both a Web 
Application attack and a Client-Side Attack as we’ll soon learn. 
We continue our exploration of web application attacks in 

Yüklə

Dostları ilə paylaş:
1   ...   5   6   7   8   9   10   11   12   ...   132




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin