Ethical Hacking and Penetration Testing - morgan-hanrahan/Tech-Journal GitHub Wiki
Helpful Resources
Module 1 - Passive Recon
This week we learned all about passive recon, the main goals of recon, and active versus passive recon.
Assignments
Module 2 - Active Recon
This week we used active measures against our hosts including Host Discovery and Port Scanning.
Activities
Labs
Module 3 - DNS
This week we leveraged DNS services to find more information about the targets on our network. There was no lecture this week to take notes on.
Activities
Module 4 - Manual Vulnerability Detection
This week we used manual techniques to assess a target's services, find potential vulnerabilities in the services, gain a foothold on the target, and elevate our permissions to root.
Activities
Module 5 - Password Guessing
This week we examined techniques for guessing passwords and used them on two new targets.
Assignments
Module 6 - Password Cracking
This week we analyzed the format of password hashes and worked with them to crack various passwords.
Labs
Module 7 - File Vulnerability
This week we learned about how insecure configurations of a fully patched system can easily lead to compromise, while learning various techniques to exploit these systems.
Labs
Floating Lab
This assignment focused on constructing our own controlled lab environment to practice penetration testing
Module 8 - Reverse Shells
This week we investigated a stealthy webshell and learned how to invoke reverse or connect back to the attacker command and control channels.
Labs
Module 9 - SQLi and Exploiting Gloin
This week we reviewed SQL injections and exploited a local target as well as a range target.
Labs
Module 10 - Permission Errors and Exploiting Nancurinir
This week we looked at some common file permission vulnerabilities on linux.