English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 15m | 176 MB
Bolster your penetration testing skillset by learning three advanced techniques: tunneling, pivoting, and exfiltration. In this installment of the Penetration Testing series, instructor Malcolm Shore helps you grasp the basics of these three techniques, detailing what they are and how to leverage them when doing pen testing or responding to an attack. To begin, Malcom goes over how to tunnel through a network to gain access to deeper subnets. Next, he discusses what pivoting is and how to pivot with Armitage and Metaspoit. To wrap up, he goes over exfiltration, the covert extraction of information. Discover the ten rules for successful exfiltration, how to use PyExfil to exfiltrate over HTTPS, how to use the dnsteal tool to exfiltrate data across a DNS service, and more.
Topics include:
- How tunneling works
- Running a local SSH tunnel
- Dynamic SSH tunneling
- Pivoting with Armitage and Metaspoit
- Exfiltrating using DET and DNS
- Covert exfiltration with Cachetalk
- Using PyExfil to exfiltrate over HTTPS
Table of Contents
1 Advanced penetration testing techniques
2 What you should know before watching this course
3 Disclaimer
4 Setting up a VirtualBox subnet
5 Introduction to tunneling
6 Secure Shell (SSH) tunneling
7 Running a local SSH tunnel
8 Running a remote port forwarding SSH tunnel
9 Running HTTP through an SSH tunnel
10 Dynamic SSH tunneling
11 What is a pivot
12 Pivoting with Armitage
13 Pivoting with Metasploit
14 Introduction to exfiltration
15 The ten commandments of exfiltration
16 Beaconing
17 Installing PyExfil
18 Using PyExfil to exfiltrate over HTTPS
19 Exfiltrating using DET
20 Enhancing the Cachetalk tool
21 Covert exfiltration with Cachetalk
22 Exfiltrating using DNS
23 DNS exfiltration using dnsteal
24 Installing OpenPuff
25 Demonstrating video exfiltration using OpenPuff
26 Understanding the OilRig attack’s exfiltration
27 Next steps
Resolve the captcha to access the links!