Description
Bolster your penetration testing skillset by learning three advanced techniques: tunneling, pivoting, and exfiltration.
Bolster your penetration testing skillset by learning three advanced techniques: tunneling, pivoting, and exfiltration. In this installment of the Penetration Testing series, instructor Malcolm Shore helps you grasp the basics of these three techniques, detailing what they are and how to leverage them when doing pen testing or responding to an attack. To begin, Malcom goes over how to tunnel through a network to gain access to deeper subnets. Next, he discusses what pivoting is and how to pivot with Armitage and Metaspoit. To wrap up, he goes over exfiltration, the covert extraction of information. Discover the ten rules for successful exfiltration, how to use PyExfil to exfiltrate over HTTPS, how to use the dnsteal tool to exfiltrate data across a DNS service, and more.
Tags
Syllabus
- Advanced penetration testing techniques
- What you should know before watching this course
- Disclaimer
- Setting up a VirtualBox subnet
- Introduction to tunneling
- Secure Shell (SSH) tunneling
- Running a local SSH tunnel
- Running a remote port forwarding SSH tunnel
- Running HTTP through an SSH tunnel
- Dynamic SSH tunneling
- What is a pivot?
- Pivoting with Armitage
- Pivoting with Metasploit
- Introduction to exfiltration
- The ten commandments of exfiltration
- Beaconing
- Installing PyExfil
- Using PyExfil to exfiltrate over HTTPS
- Exfiltrating using DET
- Enhancing the Cachetalk tool
- Covert exfiltration with Cachetalk
- Exfiltrating using DNS
- DNS exfiltration using dnsteal
- Installing OpenPuff
- Demonstrating video exfiltration using OpenPuff
- Understanding the OilRig attack's exfiltration
- Next steps
Online Course 
Penetration Testing: Advanced Tunneling and Exfiltration
-
TypeOnline Course
-
Provider
Bolster your penetration testing skillset by learning three advanced techniques: tunneling, pivoting, and exfiltration. In this installment of the Penetration Testing series, instructor Malcolm Shore helps you grasp the basics of these three techniques, detailing what they are and how to leverage them when doing pen testing or responding to an attack. To begin, Malcom goes over how to tunnel through a network to gain access to deeper subnets. Next, he discusses what pivoting is and how to pivot with Armitage and Metaspoit. To wrap up, he goes over exfiltration, the covert extraction of information. Discover the ten rules for successful exfiltration, how to use PyExfil to exfiltrate over HTTPS, how to use the dnsteal tool to exfiltrate data across a DNS service, and more.
- Advanced penetration testing techniques
- What you should know before watching this course
- Disclaimer
- Setting up a VirtualBox subnet
- Introduction to tunneling
- Secure Shell (SSH) tunneling
- Running a local SSH tunnel
- Running a remote port forwarding SSH tunnel
- Running HTTP through an SSH tunnel
- Dynamic SSH tunneling
- What is a pivot?
- Pivoting with Armitage
- Pivoting with Metasploit
- Introduction to exfiltration
- The ten commandments of exfiltration
- Beaconing
- Installing PyExfil
- Using PyExfil to exfiltrate over HTTPS
- Exfiltrating using DET
- Enhancing the Cachetalk tool
- Covert exfiltration with Cachetalk
- Exfiltrating using DNS
- DNS exfiltration using dnsteal
- Installing OpenPuff
- Demonstrating video exfiltration using OpenPuff
- Understanding the OilRig attack's exfiltration
- Next steps
