CompTIA PenTest+ بالعربي

Your Way To succeed & Your Way To Pass The Exam

3.00 (51 reviews)
Udemy
platform
العربية
language
Network & Security
category
CompTIA PenTest+ بالعربي
368
students
38.5 hours
content
Oct 2019
last update
$19.99
regular price

What you will learn

PenTest+ Complete Course

Practical Tests

Complete Practical Lab

Description

الكورس شامل كل المنهج سواء عملي  أو نظري بالاضافة إلي  عدد كبير من الاسئلة تأهلك للامتحان

ينقسم المنهج إلي 12 فصل يتم شرح كل فصل علي حدي مع حل أسئلة خاصة به

في 6  أقسام الاولي يتكلم المنهج بشكل نظري بحت أما  أخر 6 أقسام يتكلم المنهج عن الجزء العملي بشكل مكثف

وفي النهاية يتم مراجعة جميع الاسئلة في إمتحان منفرد مع مراجعة أهم وأجدد الاسئلة المقترحة أو المطروحة في التحديثات

Chapter 1   Penetration Testing

Chapter 2   Planning and Scoping Penetration Tests

Chapter 3   Information Gathering

Chapter 4   Vulnerability Scanning

Chapter 5   Analyzing Vulnerability Scans

Chapter 6   Exploit and Pivot

Chapter 7   Exploiting Network Vulnerabilities

Chapter 8   Exploiting Physical and Social Vulnerabilities

Chapter 9   Exploiting Application Vulnerabilities

Chapter 10  Exploiting Host Vulnerabilities

Chapter 11  Scripting for Penetration Testing

Chapter 12  Reporting and Communication

Content

Introduction

Introduction

Penetration Testing-chapter 1

Intro
What Is Penetration Testing
Cybersecurity Goals
Reasons for Penetration Testing
Threat Hunting
Regulatory Requirements for Penetration Testing
CompTIA Penetration Testing Process
Cyber Kill Chain
Reconnaissance Tools
Vulnerability Scanners&Social Engineering Tools
Credential-Testing&Debuggers Tools
Software Assurance&Network Testing
Remote Access&Exploitation Tools
Questions

Planning and Scoping Penetration Tests-chapter 2

intro
scoping and Planning Engagements
Assessment Types
White Box, Black Box, Gray Box
Rules of Engagement
Documentation
Access and Accounts
Certificate Pinning
Budget
Contracts
Data Ownership & Retention
Authorization&Third-Party Authorization
Environmental Differences
Compliance-Based Assessments
Questions

Information Gathering - Chapter 3

intro
Footprinting and Enumeration
MITRE
Location and Organizational Data & Electronic Documents
Financial Data & domains
DNS and Traceroute Information & Zone Transfers
IP Ranges & Security Search Engines
Active Reconnaissance and Enumeration
Nmap Port Scanning
Network Topology & wireshark & zenmap
email address gathering
Defenses Against Active Reconnaissance&Preventing Passive Information Gathering
Questions

Vulnerability Scanning - chapter 4

Intro
Regulatory Environment
PCIDSS
FISMA
Determining Scan Frequency
Scanner Software&Scanner Maintenance&Scan Perspective
Supplementing Network Scans&Vulnerability Plug-In Feeds
SCAP
Analyzing and Testing Code
Fuzzing&Web Application Vulnerability Scanning
Database Vulnerability Scanning
Developing a Remediation Workflow&Testing and Implementing Fixes
OpenVas Installation
OpenVas Scanning
Nessus
web app vulnerability scanning
Questions

Analyzing Vulnerability Scans - Chapter 5

Intro
CVSS & Access Vector & Access Complexity Metrics
Confidentiality & Integrity & Availability Metrics
Exploitability score, impact score, and impact function
False Positives
Informational Results & Reconciling Scan Results with Other Data Sources
Trend Analysis & Server and Endpoint Vulnerabilities & Missing Patches
Buffer Overflows & Privilege Escalation
Arbitrary Code Execution & Hardware Flaws & Firmware Vulnerabilities
Spectre and Meltdown
Point-of-Sale System Vulnerabilities & Insecure Protocol Use
Debug Modes&Network Vulnerabilities
Missing Firmware Updates & SSL and TLS Issues & Outdated SSLTLS Versions
Certificate Problems
Domain Name System (DNS) & Internal IP Disclosure
Virtualization Vulnerabilities
Virtual Host Patching
Internet of Things (IoT)
Web Application Vulnerabilities
Questions

Exploit and Pivot- chapter 6

Intro
Exploit Databases
Developing Exploits & Proof-of-Concept Development & Exploit Chaining
Metasploit & PowerSploit & RPC-DCOM & PsExec
PS Remoting & WinRM & WMI & Scheduled Tasks and cron Jobs
SMB & RDP & VNC & X-Server Forwarding
SSH
Common Post-Exploit Attacks
Privilege Escalation
Social Engineering
Inetd Modification & Scheduled Jobs
Daemons and Services & Back Doors & new users
Pivoting & Covering Your Tracks
Questions

Exploiting Network Vulnerabilities - Chapter 7

Intro
Vlans Hopping
ProxyChains
MITM
SMB Relay Attack
ntlmrelayx
Downgrade Attacks
NAC Bypass
DoS Attacks and Stress Testing
NetBIOS Name Resolution Exploits & SMB Exploits
SNMP Exploits
FTP Exploits & SMTP Exploits
Samba & SSH Exploits
symfonos-1 CTF
SOWSNIFF CTF
Wireless Exploits
wifite
airmon & ariodump & aircrack
Airgedoon
Bluetooth Attacks
RFID Cloning
Questions

Exploiting Physical and Social Vulnerabilities-chapter 8

Intro
Entering Facilities
Piggybacking and Tailgating
Bypassing Locks and Entry Control Systems
Bypassing Perimeter Defenses and Barriers
Information Gathering
Social Engineering_1
Social Engineering_2
In-Person Social Engineering & Elicitation
Interrogation and Interviews& Impersonation
Quid Pro Quo & Shoulder Surfing& USB Key Drops
Bribery & Phishing Attacks
Website-Based Attacks
setoolkit
BEEF
Questions

Exploiting Application Vulnerabilities - Chapter 9

Intro
Input Validation
WAF
SQL Injection
Command Injection
Password Authentication
Session Attacks
Unvalidated Redirects
Kerberos Exploits
Common Kerberos attacks
Insecure Direct Object References
Directory Traversal
File Inclusion
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF/XSRF)
Clickjacking
Source Code Comments
Error Handling
Hard-Coded Credentials
Race Conditions
Unprotected APIs&Unsigned Code
SAST&DAST
burpsuite
owasp zap
Fuzzing
Debuggers & Mobile Tools
Questions

Exploiting Host Vulnerabilities-Chapter 10

Intro
SUID&SGID&Sticky Bits
Unsecure SUDO
Ret2libc&Linux Kernel Exploits
Obtaining Credentials
cPassword
Cleartext Credentials in LDAP
Service Account Attacks and Kerberoasting
Acquiring and Using Hashes
Credentials in LSASS & LSA Secrets
Unattended Installation
SAM Database
DLL Hijacking
Unquoted Service Paths & Writeable Services
Windows Credential Manager & Windows Kernel Exploits
Cross-Platform Exploits & Unsecure File-Folder Permissions
Stored Credentials
Key loggers & Default Account Settings
SSH & NC
Virtualization and Containers, What’s the Difference
Virtual Machine Attacks
Container Attacks
Cold-Boot Attacks
Serial Consoles
JTAG Debug Pins and Ports
Attacking Mobile Devices
Offline Password Cracking
Credential Testing and Brute-Forcing Tools
Questions

Scripting for Penetration Testing-chapter 11

Intro
Python History & installation
Python3 Basic Syntax
Quotation in Python3 & comments & Variables
Arithmetic Operators & Assignment Operators
Comparison Operators&Membership Operators
Identity Operators & format
If statement
while & for
input
Built-in String Methods
List
List methods
Python Tuples
Python Dictionary
Dictionary Methods
File IO
Python Method
python class
python-nmap
Bash Scripting intro
Bash Scripting comments & variables
Bash Scripting execute commands
Bash Scripting Input
Bash Scripting IF statement
Bash Scripting Array
Bash Scripting for & while
Bash Scripting functions
Questions

Reporting and Communication - Chapter 12

Intro
Defining a Communication Path
Communication Triggers
Goal Reprioritization
Recommending Mitigation Strategies
specific coverage of remediation strategies
No Multifactor Authentication
SQL Injection & Unnecessary Open Services
Writing a Penetration Testing Report
Methodology & Conclusion
Secure Handling and Disposition of Reports & Post-Engagement Cleanup
Client Acceptance & Follow-Up Actions-Retesting
Questions

TEST

Questions

Reviews

Astrogildo
March 11, 2023
I tried the practice test to assess my prior knowledge and vas given a score of 35%. But when I went through the review I found out that I answered correctly 30 questions and incorrectly 12 ones (none unanswered). How can that translate to a 35% score? Besides, despite I do not understand Arabic, I can see the the instructor is merely reading slides.
Mahmoud
December 1, 2020
مستوي قراءة اللغه الانجليزيه سئ جدا... وخطأ في المصطلحات تسبب في شرح بعض المفاهيم خطأ الكورس حتي الان مستوي متوسط أو أقل
Znaiber
December 24, 2019
شكراً لجهدكم ، هذه هي أول دورة لي على الإنترنت وأرسل لك تحية من المغرب. استمر لأنك تنشط المحتوى العربي

Charts

Price

CompTIA PenTest+ بالعربي - Price chart

Rating

CompTIA PenTest+ بالعربي - Ratings chart

Enrollment distribution

CompTIA PenTest+ بالعربي - Distribution chart
2512048
udemy ID
8/16/2019
course created date
11/23/2019
course indexed date
Bot
course submited by