Practical Ethical Hacking

Networking Refresher

I used my own notes on these subjects, added some of Heaths notes.

Networking - TCP, UDP, 3-Way Handshake - OSI Model - Common Ports - Subnetting

Intro to Linux

Lab Setup

The previous section was setting up Kali, I've done this prior so I skipped this section.

I used the pre-made VM (using 7-Zip to extract it) using the VMWare Pro software.

Intro to Linux

I've worked with Linux prior to this, so I have my own notes on these sections as well:

Common Commands - Permissions - Sudo - Files and File contents

Scripting with Bash

Intro to Python

The Ethical Hacker Methodology

Information Gathering (Reconnaissance)

I have a section on OSINT and OSINT tools/methods here.

Scanning and Enumeration

As I have worked with these tools prior, I have other notes here as well.

Nmap - Dirb/Dirbuster - GoBuster - Metasploit

Vuln Scanning with Nessus

As I have worked with Nessus prior, my notes in general can be found here.

Exploitation Basics

New Capstone

For Dev I did need to change the VM settings to NAT and run dhclient to get an IP.

For Black Pearl I did need to change the VM settings to NAT and run dhclient to get an IP.

Introduction to Exploit Development (Buffer Overflows)

Active Directory Overview

For their lab you will need roughly:

  • 1x Win Server

  • 2x Windows Workstations

  • 60GB Disk Space

  • 16GB RAM

There is a Cloud Alternative by Kamran Bilgrami that can be found here: Building Free Active Directory Lab in Azure

I have done this in the past so my notes and setup can be found: Lab Setup

Windows Server VM - Windows User VM

Attacking AD: Initial Attack Vectors

Attacking Active Directory: Post-Compromise Enumeration

Attacking Active Directory: Post-Compromise Attacks

We've Compromised the Domain - Now What?

Additional Active Directory Attacks

Active Directory Case Studies

He goes over Blog posts about case studies about pentests.

Post Exploitation

Web Application Enumeration, Revisited

Find & Exploit Common Web Vulnerabilities


Last updated