Скачать или смотреть Pentesting Fundamentals - TryHackMe Walkthrough

Introduction:-
To learn the important ethics and methodologies behind every pentest.
A Penetration test or pentest is an ethically-driven attempt to test and analyse the security defences to protect these assets and pieces of information.

Stages of Penetration Testing:-
1. Information Gathering
2. Enumeration/ Scanning
3. Exploitation
4. Privilege Escalation
5. Post Exploitation

Chapters:-
0:00 - Room Introduction
0:10 - What is Penetration Testing?
0:37 - Penetration Testing Ethics
1:59 - Penetration Testing Methodologies
3:52 - Black box, White Box, Grey box PenTesting
4:28 - Practical - Phases of Pentesting

Hacker Types:-
White Hat (Good guy, working with permission to pentest)
Black Hat (Bad guy, doing hacking for own good)
Grey Hat (Without following law/ ethics; pentest for people good)

Pentest Types:-
White Box Testing (done by a software developer who knows programming and application logic)
Black Box Testing (tester is not given any information about the inner workings of the application)
GreyBox Testing - (The tester will have some limited knowledge of the internal components of the application or piece of software.)

Room Link:-
https://tryhackme.com/room/pentesting...

Penetration Testing Methodologies:-
OWASP (Open Web Application Security Project)
OSSTMM (The Open Source Security Testing Methodology Manual)
NIST Cybersecurity Framework 1.1 (https://www.nist.gov/cyberframework)
NCSC CAF (https://www.ncsc.gov.uk/collection/ca...)