Active reconnaissance is a necessary evil. It can sometimes alert defense teams and systems that you're snooping around, but it also helps you to see and document everything about each note on the network. Learn how to active recon the right way.
Up until now, we have been "quiet" as far as reconnaissance goes. But the downside is that many times we won't see every single system through passive methods. This is were Active Reconnaissance comes in to play.
In this course, Conducting Active Reconnaissance for CompTIA PenTest+, you will gain the ability to discover more network nodes and collect system information during your penetration tests. First, you will learn how to discover all the targets on a given network. Next, you will discover how to use enumeration to find services and even accounts on the targets. Then, you will see how to scan each one for vulnerabilities which might allow someone to gain unauthorized access to protected digital or electronic materials, and may go around routers or even firewalls to get in. Finally, you will explore how to look at different types of scripts and some cool tools to help automate your tasks.
When you’re finished with this course, you will have the skills and knowledge of discovering as many nodes, services accounts, and even some vulnerabilities needed to cover every aspect of the active reconnaissance step within any pentest engagement.
Dale Meredith received his Certified Ethical Hacker and Certified EC-Counsel Instructor certifications back in 2006, as well as being a Microsoft Certified Trainer since 1998 (yes we had computers back then). Dale takes great pride in helping students comprehend and simplify complex IT concepts.
Course Overview Hey everybody. My name is Dale Meredith, and I want to welcome you to my course, Conducting Active Reconnaissance for CompTIA PenTest+. Now this particular course is a part of a series for the CompTIA PenTest+ certification. But, hey, guess what? This isn't going to be just like any other course that you want to watch for certification. I'll also be covering other information that's more real world based on some of my own personal experiences. We'll cover some of the industry's most famous tools, as well as some commands that are built in that you might not have thought of as being important until now. We're going to go through and learn about scanning the network to find all the systems, devices, switches, anything that's connected. Then we'll go through and map out the networks so that we can visually see and understand what we've scanned. After that, we're going to look at the enumeration process. Then we'll go through and look at how to read scripts and use some automation scripts to make our life a little easier. Oh, guess what? I found another really cool tool to help us document our findings, and it creates some really cool reports. By the end of this course, you'll have all the skills and knowledge to perform active reconnaissance on your own virtual systems that we created at the start of the series and to help you improve your skills and knowledge. Remember, don't execute any of these attacks on your own organization's network or any network without permission. Remember what I've said before, just because you can, doesn't mean you can. Now before you start this course, you should be somewhat familiar with basic network technologies. You should also be familiar with operating systems like Windows and a little familiar with Linux, in particular Kali Linux. And you'll need to make sure that you go back and watch, it's kind of a requirement, the very first course in this series, Laying the Foundation for Penetration Testing for CompTIA's PenTest+. It's where we build up the labs so that you can go and do the same type of attacks that I'll be demonstrating. Now, after you watch this course, you should feel real comfortable in diving into other courses within this series. I would even go back and look at some of our ethical hacking courses as well. I think that author is one of my favorites. So I hope you'll join me in this journey as we all learn how to think and do things like an attacker without getting caught because you're conducting active reconnaissance for CompTIA PenTest+ here, at Pluralsight.