Home - Paiet/SEC-335 GitHub Wiki

Welcome to the SEC-335 wiki!

Class labs:

• Week 01: Passive Reconnaissance
• Week 05: Password Cracking

Footprinting and Recon

• Footprinting
• Footprinting and Recon Countermeasures
• Protocols and Ports

Network and Perimeter Hacking: Evading Firewalls, IDS, and Honeypots

• IDSs and IPSs
• Firewalls
• Honeypots

Mobile Platform, IoT, and OT Hacking - IoT and OT Hacking

• OTs
• OT Attacks, Tools, and Countermeasures
• IoT Basics
• IoT Threats and Vulnerabilities
• IoT Attacks, Tools, and Countermeasures

Tools for Information Gathering and Vulnerability Identification

• Pentesting Tools: Use Cases
• Pentesting Tools: Scanners
• Pentesting Tools: Credential Testing
• Pentesting Tools: Web Directory Enumeration
• Pentesting Tools: Debuggers
• Pentesting Tools: OSINT
• Pentesting Tools: Wireless
• Pentesting Tools: Web Proxies
• Pentesting Tools: Remote Access
• Pentesting Tools: Networking
• Nmap
  • Nmap: ACK Scan for Firewalls
• Pentest Objectives

Network Enumeration

Penetration Testing Tools

• Network Vulnerabilities: Name Resolution
• Network Vulnerabilities: SNMP, SMTP, and FTP
• Network Vulnerabilities: Pass the Hash
• Network Vulnerabilities: Man in the Middle
• Network Vulnerabilities: Denial of Service
• Network Vulnerabilities: NAC Bypass and VLAN Hopping
• App Vulnerabilities: SQL Injection Attacks
• App Vulnerabilities: File Inclusions
• App Vulnerabilities: XSS, CSRF, and Clickjacking
• App Vulnerabilities: Authentication and Authorization
• A Whole lot of Host Based Vulnerabilities!

Place holder

• Site Security
• Post Exploitation

Reporting and Communication

• Reports
• Vulnerability Mitigation Strategies