CompTIA Pentest+ PT0-002 – Section 8: Social Engineering and Physical Attacks Part 4

70. Lock Picking (OBJ 3.6) Lock picking, in this demonstration I want to show you how easy it is to bypass a security that a standard padlock tries to afford you. You can do this by using an inexpensive lock picking set you can find on eBay or Amazon for about $25. This same basic… Read More »

CompTIA Pentest+ PT0-002 – Section 8: Social Engineering and Physical Attacks Part 3

67. Baiting Victims (OBJ 3.6) There are a lot of different ways to get a victim to infect their computer with malware for you or to give you access. All these involve some kind of social engineering, but on a more technical level. For example, you might use a USB drop key, a watering hole… Read More »

CompTIA Pentest+ PT0-002 – Section 8: Social Engineering and Physical Attacks Part 2

64. Phishing Campaigns (OBJ 3.6) In this lesson I’m going to show you how easy it is to conduct your own phishing campaign, so you can test your users and see if they know the correct practices and how to avoid a phishing scam. Now, in this campaign, what we’re going to do is create… Read More »

CompTIA Pentest+ PT0-002 – Section 8: Social Engineering and Physical Attacks Part 1

61. Social Engineering and Physical Attacks (OBJ 3.6) In this section of the course, we’re going to discuss social engineering and physical attacks. Now, as we move into this section, we’re finally entering the third stage of the engagement, attacks and exploits. During this stage, a penetration tester is conducting research on various attack vectors,… Read More »

CompTIA Pentest+ PT0-002 – Section 7: Nmap Part 2

58. Nmap Fingerprinting (OBJ 2.3 and 2.4) In this lesson, we are going to talk a little bit more in depth about fingerprinting scans. So we’ve talked about ports and we’ve talked about port states. But there’s more information that you can get by doing your fingerprinting. When you do fingerprinting, this is a technique… Read More »

CompTIA Pentest+ PT0-002 – Section 7: Nmap Part 1

55. Nmap (OBJ 2.3 and 2.4) In this section of the course, we’re going to cover Nmap, which is an extremely versatile security tool that can be used to conduct active reconnaissance, enumeration, and even some basic vulnerability scanning when you use the Nmap scanning engine or NSE. Because of this, Nmap really does fit… Read More »

CompTIA Pentest+ PT0-002 – Section 6: Vulnerability Scanning Part 2

>51. Scanning Considerations (OBJ 2.3 and 2.4) There are several scanning considerations that need to be made before you start running a vulnerability scanner, like Nmap, OpenVAS, Nessus, or Nikto. Now these considerations include things like the time to run the scans, the protocols to scan, the topology of the network, the bandwidth limitations you… Read More »

CompTIA Pentest+ PT0-002 – Section 6: Vulnerability Scanning Part 1

48. Vulnerability Scanning (OBJ 2.3 and 2.4) In this section of the course, we’re going to discuss vulnerability scanning. This is going to be the second part of the information gathering and vulnerability scanning stage of our engagement. Up until this point, we’ve conducted both passive and active reconnaissance, but now we’re going to try… Read More »

CompTIA Pentest+ PT0-002 – Section 5: Active Reconnaissance Part 6

47. Networking Traffic Analysis (OBJ 2.3) In this lesson, we’re going to conduct some basic network traffic analysis. Now, for the exam, you need to be able to understand how to analyze the results of a reconnaissance exercise as you look at network traffic. You can do this either using Wireshark or tcpdump, or some… Read More »

CompTIA Pentest+ PT0-002 – Section 5: Active Reconnaissance Part 5

45. Wardriving (OBJ 2.2) Another form of active reconnaissance is known as wardriving. Now, wardriving is specifically focused against wireless networks. Wardriving involves driving around near a facility to detect if there are any wireless networks that you might be able to attack as part of your attack and exploitation phrase. Now often, wardriving was… Read More »