CompTIA Pentest+ PT0-002 – Section 11: Application Vulnerabilities Part 1

99. Application Vulnerabilities (OBJ 3.3) In this section of the course, we’re going to discuss the different vulnerabilities that can affect web applications and how these are exploited by attackers. Now, as we move into this section we’re going to be continuing to look at attacks and exploits that we can use during the third… Read More »

CompTIA Pentest+ PT0-002 – Section 10: Network Attacks Part 5

96. Intro to Metasploit (OBJ 3.1) In this lesson, we’re going to talk about Metasploit which is a multipurpose computer security and penetration testing framework. It contains a lot of great things inside of Metasploit. Now it comes installed by default inside of Kali and Parrot Linux and most other penetration testing distributions, because it… Read More »

CompTIA Pentest+ PT0-002 – Section 10: Network Attacks Part 4

93. On-path Attack (OBJ 3.1) In this lesson, we’re going to very briefly cover the concept of an on-path attack. Now, an on-path attack is an attack where the penetration tester is able to put their workstation logically between two hosts during the communication in order to transparently capture, monitor and relay the communications between… Read More »

CompTIA Pentest+ PT0-002 – Section 10: Network Attacks Part 3

90. MAC Spoofing (OBJ 3.1) Spoofing is a category of network attacks that occurs when an attacker masquerades as another person by falsifying their identity. Just like a person in real life might use a mask to cover their face and hide their true identity, spoofing is the electronic equivalent. Really, anything that identifies a… Read More »

CompTIA Pentest+ PT0-002 – Section 10: Network Attacks Part 2

87. ARP Poisoning (OBJ 3.1) The Address Resolution Protocol or ARP, is a procedure that occurs automatically on a given local area network to identify which workstation is currently assigned a particular IP address at any given time. This is because most networks use dynamic IP addresses that are changing over time, but each workstation… Read More »

CompTIA Pentest+ PT0-002 – Section 10: Network Attacks Part 1

84. Network Attacks (OBJ 3.1) In this section of the course, we’re going to discuss network attacks. As we move into this section, we’re going to continue our exploration of various attacks and exploits that we can use during the third stage of our engagement. As we move through this section, we’re going to be… Read More »

CompTIA Pentest+ PT0-002 – Section 9: Wireless Attacks Part 4

81. On-path and Relay Attacks (OBJ 3.2) In this lesson, we’re goin’ discuss On-path and Relay Attacks. First, we have an on-path attack, which was formally referred to as a man in the middle attack. Now, an on-path attack occurs when a threat actor makes an independent connection between two victims, and is able to… Read More »

CompTIA Pentest+ PT0-002 – Section 9: Wireless Attacks Part 3

78. WPA/WPA2 Hacking (OBJ 3.2) In this lesson, I’m going to demonstrate how to use a dictionary attack to crack the pre-shared key in a WPA/WPA2 protected network. To do this, I’m going to use the Aircrack-ng suite of tools to penetrate this wireless network. First, I’m going to put my network card into monitor… Read More »

CompTIA Pentest+ PT0-002 – Section 9: Wireless Attacks Part 2

76. Signal Exploitation (OBJ 3.2) When someone is using a wireless network like Wi-Fi, the data is being transmitted through the air using radio waves. This means that the signal is being exposed to possible exploitation, because there’s no bounded media containing the data as it’s being transmitted, like you would inside a copper or… Read More »

CompTIA Pentest+ PT0-002 – Section 9: Wireless Attacks Part 1

73. Wireless Attacks (OBJ 3.2) In this section of the course, we’re going to discuss wireless attacks. Now, as we move into this section, we’re going to continue to cover our exploration of the various attacks and exploits that we’re going to be able to use during the third stage of our engagement. As we… Read More »