StC Pentesting Fundamentals Study Group — Week #11 Recap

This week we had our eleventh session of the Pentesting Fundamentals Study Group.

We covered Chapter 10 Exploiting Host Vulnerabilities of the CompTIA PenTest+ Study Guide and learned about the following topics:

• Common Linux exploit techniques
• Common Windows exploit techniques
• Cross platform exploits
• Virtual machine and container exploits
• Physical device attacks such as cold-boot attacks, insecure serial console access, and JTAG debug exploits.
• Attacking mobile devices and common tools used for testing Android and iOS devices

We also watched IppSec’s videos on how to get root level access on the LaCasaDePapel Hack The Box (HTB) machine.

Next week, we’ll cover Ch-11 of the CompTIA Pentest+ book and work on the Node Hack The Box (HTB) box.