Overview What You Will Learn Curriculum Instructor

Course Overview

When you perform a penetration test, finding one target is easy.  Detecting them all plus identifying the supporting infrastructure and other services is hard and needs a more structured approach.  And you need the experience to analyze and understand what your tools and techniques are telling you so that you can pivot around on the information to detect even more.

If you’re constantly wondering just how many targets you’ve missed over the years or what your tools really do, this class is for you.  In this class we will look at both passive and active methods from basic tools that you probably know a little bit already such as simple dig queries and Google hacking all the way up to enumerating hosts and ports with Nmap, finding forms with BurpSuite, and even automating scanning with Metasploit.  But we’ll get into even more depth on the tools to squeeze out every bit of information that can make or break our day.

What You Will Learn

  • Understand a structured approach to reconnaissance to ensure completeness and accuracy
  • Level-up your existing tool knowledge by getting more out of the ones that you know about and learning new ones
  • Analyze some of the typical reconnaissance results that will affect testing like hosted environments
  • content delivery networks
  • outsourced DNS
  • domain controllers
  • print servers
  • etc.
  • Skills to record findings as you conduct your testing

Program Curriculum

  • Installing Kali
  • Installing Flameshot
  • Installing Metasploitable
  • Building a Recording Structure
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • Introduction to Google Advanced Operators
  • Enumerating Web Hosts with Google
  • Detecting Login Pages and Other Fun Things
  • Reading the Fine Developer Manual
  • Find the Not-So Hidden Documents
  • Use Case: Find the Shopping Cart
  • Use Case: Build a New Site Alerting System
  • Reporting on Google Reconnaissance
  • Chapter 2 Lab
  • Chapter 2 Quiz

  • Find the People and Their Skills using LinkedIn
  • Find the Technology Stack
  • Find the Office and Datacenter Locations
  • Reporting on OSINT Findings
  • Chapter 3 Quiz

  • Exploring Hosts with Dig
  • Dumping Zone Files with DNSEnum
  • Typical DNS Query Results
  • Finding Email Hosts with MX Records
  • Passive DNS Recon with DNSDumpster
  • Recording DNS Results
  • Chapter 4 Lab
  • Chapter 4 Quiz

  • Finding Network Blocks with ARIN
  • Learning About Hosting Providers with Whois and Traceroute
  • Finding Active Hosts with Nmap
  • Nmap Port Enumeration and OS Detection
  • Hiding Yourself with Nmap Stealth Scanning
  • Reporting on Network Scanning
  • Chapter 5 Lab
  • Chapter 5 Quiz

  • Passive Scanning Using BuiltWith
  • Finding TLS Vulnerabilities with SSL Labs
  • Finding Paths and Vulnerabilities with Nikto
  • Vulnerability Scanning with Skipfish
  • Locate other paths with Parsero and Dirbuster
  • Spidering with BurpSuite
  • Analyzing web Forms with BurpSuite
  • Reporting on Web Vulnerabilities
  • Chapter 6 Lab
  • Chapter 6 Quiz

  • Building and Exploring a Server
  • Exploring Webservers
  • Web Application Frameworks
  • Application Cache Servers
  • MySQL and other Database Servers
  • Reporting on Server Exploration
  • Chapter 7 Lab
  • Chapter 7 Quiz

  • Finding Internal Network Resources
  • Recon with Nmap on the Inside
  • Network Scanning with Nmap inside Metasploit
  • Stealthier Internal Scanning
  • Metasploit and Vulnerability Scanning
  • Reporting on Internal Recon
  • Chapter 8 Lab
  • Chapter 8 Quiz
Load more modules

Instructor

Michael Smith

Author

Michael Smith is the CEO and CSO of Rising Tide Cybersecurity Management, an independent consultancy that assists large-scale websites. Prior to going independent, Mr. Smith spent 10 years at Akamai Technologies in a variety of roles including Security CTO and CSIRT Director. He lived and worked in the Washington, DC area for 10 years as a security technologist and assessor.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • 15 Must Have Tools for Pentesters

    15 Must Have Tools for Pentesters

    Short Course

    15 Must Have Tools for Pentesters

    Vulnerability Assessment and Pentesting

    Upgrade your penetration testing skillset by adopting the bes...

    $59.99

    Intermediate

    9 hr 15 m

  • Kali for Penetration Testers

    Kali for Penetration Testers

    Short Course

    Kali for Penetration Testers

    Vulnerability Assessment and Pentesting

    Ethical Hacking with Kali Linux

    $69.99

    Beginner

    6 hr 49 m

  • Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Short Course

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Vulnerability Assessment and Pentesting

    The comprehensive course to secure & crack WEP/WPA/WPA2 k...

    $69.99

    Intermediate

    5 hr 12 m

  • Getting Started with Bug Bounty Hunting

    Getting Started with Bug Bounty Hunting

    Short Course

    Getting Started with Bug Bounty Hunting

    Vulnerability Assessment and Pentesting

    Perfect Guide for Making You a Noob to Pro Bug Hunter

    $79.99

    Beginner

    2 hr 45 m

  • Web Hacker’s Toolbox: Tools Used by Successful Hackers

    Web Hacker’s Toolbox: Tools Used by Successful Hackers

    Short Course

    Web Hacker’s Toolbox: Tools Used by Successful Hackers

    Vulnerability Assessment and Pentesting

    Discover the Tools Used by Successful Hackers and Learn How t...

    $59.99

    Intermediate

    3 hr 4 m

  • Full-Stack Attacks on Modern Web Applications

    Full-Stack Attacks on Modern Web Applications

    Short Course

    Full-Stack Attacks on Modern Web Applications

    Vulnerability Assessment and Pentesting

    Learn About HTTP Parameter Pollution, Subdomain Takeover, and...

    $59.99

    Intermediate

    0 hr 59 m

  • Learn Hacking Using Raspberry Pi from Scratch

    Learn Hacking Using Raspberry Pi from Scratch

    Short Course

    Learn Hacking Using Raspberry Pi from Scratch

    Vulnerability Assessment and Pentesting

    Improve your Ethical Hacking Skills by using your portable Ra...

    $69.99

    Beginner

    8 hr 20 m

  • Digital Forensics for Pentesters - Hands-on Learning

    Digital Forensics for Pentesters - Hands-on Learning

    Short Course

    Digital Forensics for Pentesters - Hands-on Learning

    Vulnerability Assessment and Pentesting

    Detect and backtrack cyber criminals and hackers with digital...

    $69.99

    Beginner

    5 hr 10 m

1 8