Testing Applications for CompTIA PenTest+
by Dale Meredith
Part of any PenTest engagement application is an extremely high target. The reason is because of so many moving parts from operating systems all the way to even interfaces that are involved. In this course you will learn to check these components through testing.
What you'll learn
There are many different ways software can be flawed by both design and implementation, so you will need to accurately execute a wide variety of tests to assess each application that the business is responsible. In this course, Testing Applications for CompTIA PenTest+, you will learn how to exploit the vulnerabilities in web-based applications during an engagement. First, you will learn the commonalities among web-apps. Once you understand this, you will be able to utilize this knowledge to your advantage. Next, you will explore the different types of authentication, injection, and web shell attacks you can use to exploit these apps. Finally, you will use specific analysis techniques on compiled software to see if you can compromise these types of applications. When you are finished with this course, you will have the skills and knowledge of penetration tester needed to exploit most any app on any engagement.
Software required: [software required.] *
- Setting up the Lab environment from the "Laying the Foundation for Penetration Testing for CompTIA PenTest+" course.
About the author
Dale Meredith has been a Certified Ethical Hacker/Instructor EC-Council for the past 15 years, and Microsoft Certified Trainer for over 20 years. Dale also has an additional 7 years of senior IT management experience and worked as a CTO for a popular ISP provider. Dale's expertise is in explaining difficult concepts and ensuring his students have an actionable knowledge of the course material. Straddling the line of fun and function, Dale's instruction is memorable and entertaining. Dale's knowl... moreedge and understanding of current trends in technology and applications have led to many opportunities, such as: training various Inc 500 companies, universities, and Divisions of the Department of Homeland Security for the United States government.
Along with authoring for Pluralsight, consulting, and IT classroom training, you can catch Dale on stage speaking at IT conferences, helping IT teams keep their companies safe, relevant, and "breach" aware. Outside of the professional sphere, Dale spends quite a bit of his time giving back by speaking at adult and youth non-profit community gatherings and posting on his 'Dale Dumbs IT Down' social media sites. Dale uses these speaking engagements and social media sites to 'Dumb Down IT' concepts with the intent to help everyone be safe and smart with their technology and personal devices.
Dale also specializes in Active Directory, Exchange Server, IIS, PowerShell, SharePoint, System Center/Desktop Deployment, and Private Cloud