StC Pentesting Fundamentals Study Group — Week #6 Recap

Today we had our sixth session of the Pentesting Fundamentals Study Group. We’re half way through!

We covered Chapter 6 Exploit and Pivot of the CompTIA PenTest+ Study Guide and learned about the following topics:

• How to review vulnerabilities and choose the appropriate exploits
• Metasploit basics
• Post-exploitation and lateral movement techniques
• Techniques to achieve persistence and hide your tracks

We also watched IppSec’s videos on how to get system/root level access on the Nibbles and Valentine Hack The Box (HTB) machines.

Next week, we’ll cover Ch-7 of the CompTIA Pentest+ book and work on the Cronos (Linux) & Blue (Windows) HTB boxes.

Additional Resources

• Hack The Box — Nibbles Writeup w/o Metasploit
• Hack The Box — Valentine Writeup w/o Metasploit
• The Heartbleed Bug
• Dirty COW