StC Pentesting Fundamentals Study Group — Week #1 Recap
Today we had our first session of the Pentesting Fundamentals Study Group and it was a success!
We covered Chapter 1 of the CompTIA PenTest+ Study Guide and learned about the following topics:
- Definition of penetration testing
- The reasons behind conducting a penetration test
- The different types of penetration tests and individuals who conduct these tests
- The CompTIA penetration testing process
- The cyber kill chain
- The most popular tools used in a penetration test
Next, we installed Kali and Metasploitable 2 VMs on our laptops. We’ll be using those two VMs extensively in the upcoming weeks!
Finally, we ended the session by watching IppSec’s video on how to get root level access on the Bashed Hack The Box (HTB) machine.
It was interesting to see the methodology ippsec used to own the machine. What was even more interesting is the discussions we had throughout the video! We went over reverse shells vs bind shells, firewall configurations, vulnerabilities that allowed the compromise to happen and how these vulnerabilities could have been avoided.
Next week, we’ll cover Ch-2 of the CompTIA Pentest+ book and work on the Devel HTB box.
