OBJECTIVE
2
Install, configure and test security hardware and software tools with supporting documentation such as port scanners, vulnerability detection systems, intrusion detection systems, firewalls, system hardening, anti-virus tools, patch management, auditing and assessment.
Recon
A local company has hired you as a contract Penetration (PEN) tester. As there is contention within the company of the value of PEN testing, the CEO has decided to test your knowledge and skills using mutil-level testing scenarios. As you progress through each scenario you will provide the CEO comprehensive industry standard PEN testing documentation. Your final pay (grade) will be directly proportional to your communication skills and your progression through each level.
Recon: Lab-02
In this lab you will gather information on an organization and document your results. Don’t pick an organization that you are intimately familiar with. Also, don’t pick an organization that is too small. You want enough information to make this exercise valuable; however, one that is too big can cause problems as well. For a list of companies look at the HackerOne’s Directory, under the right conditions, these companies have agreed to recon and scanning.
INSTALL, CONFIGURE & TEST
Scan & Enumerate
A local company has hired you as a contract Penetration (PEN) tester. As there is contention within the company of the value of PEN testing, the CEO has decided to test your knowledge and skills using mutil-level testing scenarios. As you progress through each scenario you will provide the CEO comprehensive industry standard PEN testing documentation. Your final pay (grade) will be directly proportional to your communication skills and your progression through each level.
Scanning: Lab-03
In this lab you will gather information on the HackerOne company you have chosen.
If you do not wish to scan a live site an alternative is to use your choice of virtual machines from https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms.html (Links to an external site.)
you will need to download and create them, either on your local machine or in the cybercave.
Some hints https://www.vulnhub.com/series/kioptrix,8/ (Links to an external site.)
With the kioptrix images you may need to remove the network device and add a new one. Seems to be a bug somewhere in the image.
INSTALL, CONFIGURE & TEST
Web Attack
A local company has hired you as a contract Penetration (PEN) tester. As there is contention within the company of the value of PEN testing, the CEO has decided to test your knowledge and skills using mutil-level testing scenarios. As you progress through each scenario you will provide the CEO comprehensive industry standard PEN testing documentation. Your final pay (grade) will be directly proportional to your communication skills and your progression through each level.
INSTALL, CONFIGURE & TEST
Network Sniffing
A local company has hired you as a contract Penetration (PEN) tester. As there is contention within the company of the value of PEN testing, the CEO has decided to test your knowledge and skills using mutil-level testing scenarios. As you progress through each scenario you will provide the CEO comprehensive industry standard PEN testing documentation. Your final pay (grade) will be directly proportional to your communication skills and your progression through each level.