Part of any PenTest engagement application is an extremely high target. The reason is because of so many moving parts from operating systems all the way to even interfaces that are involved. In this course you will learn to check these components through testing.
There are many different ways software can be flawed by both design and implementation, so you will need to accurately execute a wide variety of tests to assess each application that the business is responsible. In this course, Testing Applications for CompTIA PenTest+, you will learn how to exploit the vulnerabilities in web-based applications during an engagement. First, you will learn the commonalities among web-apps. Once you understand this, you will be able to utilize this knowledge to your advantage. Next, you will explore the different types of authentication, injection, and web shell attacks you can use to exploit these apps. Finally, you will use specific analysis techniques on compiled software to see if you can compromise these types of applications. When you are finished with this course, you will have the skills and knowledge of penetration tester needed to exploit most any app on any engagement.
Software required: [software required.] *
Setting up the Lab environment from the "Laying the Foundation for Penetration Testing for CompTIA PenTest+" course.
Dale Meredith has been a Certified Ethical Hacker/Instructor EC-Council for the past 15 years, and Microsoft Certified Trainer for over 20 years. Dale also has an additional 7 years of senior IT management experience and worked as a CTO for a popular ISP provider. Dale's expertise is in explaining difficult concepts and ensuring his students have an actionable knowledge of the course material.
Course Overview Hey everyone, my name is Dale Meredith, and I want to welcome you to my course, Testing Applications for CompTIA PenTest+. Now, this course is part eight of a series for the CompTIA PenTest+ certification program. But guess what? If you know me, you know that this isn't going to be just a course about what you need to know to get your certification. We'll also cover other information that's more real world and based on some of my experiences. In this course, you'll learn how to exploit the vulnerabilities in a web‑based application during an engagement. First, you'll learn about the commonalities among web apps. Once we understand this, you'll be able to utilize this knowledge to your advantage. Next, you'll learn about the different types of authentication, injection, and web shell attacks that you can use to exploit these apps. And finally, you'll use specific analysis techniques on compiled software to see if you can compromise these type of applications. When you finish this course, you'll have the skills and knowledge that a penetration tester needs to exploit most any app in an engagement. As far as additional prerequisites are concerned, please, please don't start this course without watching the first seven in this series. Most importantly is that first one, Laying the Foundation for Penetration Testing for CompTIA PenTest+. This is where you will learn to set up a lab environment, just like the one you'll see me using my demos, and I'd like you to be able to follow along. Also, you should have a background in networking, their devices, and possibly their security. I'd recommend checking out our Security+ series here at Pluralsight, or even the ethical hacking series. Now, after you watch this course, you should also feel comfortable diving further into the series, as well as maybe even going back and looking at our ethical hacking course. Now that author is pretty cool. I hope you'll join me in learning in understanding the concepts of testing applications for CompTIA PenTest+, here at Pluralsight.