4.55 out of 5
4.55
25 reviews on Udemy

CompTIA PenTest+ بالعربي

Your Way To succeed & Your Way To Pass The Exam
Instructor:
Abdallah Elsokary
93 students enrolled
PenTest+ Complete Course
Practical Tests
Complete Practical Lab

الكورس شامل كل المنهج سواء عملي  أو نظري بالاضافة إلي  عدد كبير من الاسئلة تأهلك للامتحان

ينقسم المنهج إلي 12 فصل يتم شرح كل فصل علي حدي مع حل أسئلة خاصة به

في 6  أقسام الاولي يتكلم المنهج بشكل نظري بحت أما  أخر 6 أقسام يتكلم المنهج عن الجزء العملي بشكل مكثف

وفي النهاية يتم مراجعة جميع الاسئلة في إمتحان منفرد مع مراجعة أهم وأجدد الاسئلة المقترحة أو المطروحة في التحديثات

Chapter 1   Penetration Testing

Chapter 2   Planning and Scoping Penetration Tests

Chapter 3   Information Gathering

Chapter 4   Vulnerability Scanning

Chapter 5   Analyzing Vulnerability Scans

Chapter 6   Exploit and Pivot

Chapter 7   Exploiting Network Vulnerabilities

Chapter 8   Exploiting Physical and Social Vulnerabilities

Chapter 9   Exploiting Application Vulnerabilities

Chapter 10  Exploiting Host Vulnerabilities

Chapter 11  Scripting for Penetration Testing

Chapter 12  Reporting and Communication

Introduction

1
Introduction

Penetration Testing-chapter 1

1
Intro
2
What Is Penetration Testing
3
Cybersecurity Goals
4
Reasons for Penetration Testing
5
Threat Hunting
6
Regulatory Requirements for Penetration Testing
7
CompTIA Penetration Testing Process
8
Cyber Kill Chain
9
Reconnaissance Tools
10
Vulnerability Scanners&Social Engineering Tools
11
Credential-Testing&Debuggers Tools
12
Software Assurance&Network Testing
13
Remote Access&Exploitation Tools
14
Questions

Planning and Scoping Penetration Tests-chapter 2

1
intro
2
scoping and Planning Engagements
3
Assessment Types
4
White Box, Black Box, Gray Box
5
Rules of Engagement
6
Documentation
7
Access and Accounts
8
Certificate Pinning
9
Budget
10
Contracts
11
Data Ownership & Retention
12
Authorization&Third-Party Authorization
13
Environmental Differences
14
Compliance-Based Assessments
15
Questions

Information Gathering - Chapter 3

1
intro
2
Footprinting and Enumeration
3
MITRE
4
Location and Organizational Data & Electronic Documents
5
Financial Data & domains
6
DNS and Traceroute Information & Zone Transfers
7
IP Ranges & Security Search Engines
8
Active Reconnaissance and Enumeration
9
Nmap Port Scanning
10
Network Topology & wireshark & zenmap
11
email address gathering
12
Defenses Against Active Reconnaissance&Preventing Passive Information Gathering
13
Questions

Vulnerability Scanning - chapter 4

1
Intro
2
Regulatory Environment
3
PCIDSS
4
FISMA
5
Determining Scan Frequency
6
Scanner Software&Scanner Maintenance&Scan Perspective
7
Supplementing Network Scans&Vulnerability Plug-In Feeds
8
SCAP
9
Analyzing and Testing Code
10
Fuzzing&Web Application Vulnerability Scanning
11
Database Vulnerability Scanning
12
Developing a Remediation Workflow&Testing and Implementing Fixes
13
OpenVas Installation
14
OpenVas Scanning
15
Nessus
16
web app vulnerability scanning
17
Questions

Analyzing Vulnerability Scans - Chapter 5

1
Intro
2
CVSS & Access Vector & Access Complexity Metrics
3
Confidentiality & Integrity & Availability Metrics
4
Exploitability score, impact score, and impact function
5
False Positives
6
Informational Results & Reconciling Scan Results with Other Data Sources
7
Trend Analysis & Server and Endpoint Vulnerabilities & Missing Patches
8
Buffer Overflows & Privilege Escalation
9
Arbitrary Code Execution & Hardware Flaws & Firmware Vulnerabilities
10
Spectre and Meltdown
11
Point-of-Sale System Vulnerabilities & Insecure Protocol Use
12
Debug Modes&Network Vulnerabilities
13
Missing Firmware Updates & SSL and TLS Issues & Outdated SSLTLS Versions
14
Certificate Problems
15
Domain Name System (DNS) & Internal IP Disclosure
16
Virtualization Vulnerabilities
17
Virtual Host Patching
18
Internet of Things (IoT)
19
Web Application Vulnerabilities
20
Questions

Exploit and Pivot- chapter 6

1
Intro
2
Exploit Databases
3
Developing Exploits & Proof-of-Concept Development & Exploit Chaining
4
Metasploit & PowerSploit & RPC-DCOM & PsExec
5
PS Remoting & WinRM & WMI & Scheduled Tasks and cron Jobs
6
SMB & RDP & VNC & X-Server Forwarding
7
SSH
8
Common Post-Exploit Attacks
9
Privilege Escalation
10
Social Engineering
11
Inetd Modification & Scheduled Jobs
12
Daemons and Services & Back Doors & new users
13
Pivoting & Covering Your Tracks
You can view and review the lecture materials indefinitely, like an on-demand channel.
Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don't have an internet connection, some instructors also let their students download course lectures. That's up to the instructor though, so make sure you get on their good side!
4.6
4.6 out of 5
25 Ratings

Detailed Rating

Stars 5
16
Stars 4
3
Stars 3
3
Stars 2
1
Stars 1
2
4abbe7202a0265eff655062853fa398d
30-Day Money-Back Guarantee

Includes

39 hours on-demand video
Full lifetime access
Access on mobile and TV
Certificate of Completion