CompTIA Pentest+ PT0-002 – Section 9: Wireless Attacks Part 4
81. On-path and Relay Attacks (OBJ 3.2) In this lesson, we’re goin’ discuss On-path and Relay Attacks. First, we have an on-path attack, which was formally referred to as a man in the middle attack. Now, an on-path attack occurs when a threat actor makes an independent connection between two victims, and is able to… Read More »
CompTIA Pentest+ PT0-002 – Section 9: Wireless Attacks Part 3
78. WPA/WPA2 Hacking (OBJ 3.2) In this lesson, I’m going to demonstrate how to use a dictionary attack to crack the pre-shared key in a WPA/WPA2 protected network. To do this, I’m going to use the Aircrack-ng suite of tools to penetrate this wireless network. First, I’m going to put my network card into monitor… Read More »
CompTIA Pentest+ PT0-002 – Section 9: Wireless Attacks Part 2
76. Signal Exploitation (OBJ 3.2) When someone is using a wireless network like Wi-Fi, the data is being transmitted through the air using radio waves. This means that the signal is being exposed to possible exploitation, because there’s no bounded media containing the data as it’s being transmitted, like you would inside a copper or… Read More »
CompTIA Pentest+ PT0-002 – Section 9: Wireless Attacks Part 1
73. Wireless Attacks (OBJ 3.2) In this section of the course, we’re going to discuss wireless attacks. Now, as we move into this section, we’re going to continue to cover our exploration of the various attacks and exploits that we’re going to be able to use during the third stage of our engagement. As we… Read More »
CompTIA Pentest+ PT0-002 – Section 8: Social Engineering and Physical Attacks Part 4
70. Lock Picking (OBJ 3.6) Lock picking, in this demonstration I want to show you how easy it is to bypass a security that a standard padlock tries to afford you. You can do this by using an inexpensive lock picking set you can find on eBay or Amazon for about $25. This same basic… Read More »
CompTIA Pentest+ PT0-002 – Section 8: Social Engineering and Physical Attacks Part 3
67. Baiting Victims (OBJ 3.6) There are a lot of different ways to get a victim to infect their computer with malware for you or to give you access. All these involve some kind of social engineering, but on a more technical level. For example, you might use a USB drop key, a watering hole… Read More »
CompTIA Pentest+ PT0-002 – Section 8: Social Engineering and Physical Attacks Part 2
64. Phishing Campaigns (OBJ 3.6) In this lesson I’m going to show you how easy it is to conduct your own phishing campaign, so you can test your users and see if they know the correct practices and how to avoid a phishing scam. Now, in this campaign, what we’re going to do is create… Read More »
CompTIA Pentest+ PT0-002 – Section 8: Social Engineering and Physical Attacks Part 1
61. Social Engineering and Physical Attacks (OBJ 3.6) In this section of the course, we’re going to discuss social engineering and physical attacks. Now, as we move into this section, we’re finally entering the third stage of the engagement, attacks and exploits. During this stage, a penetration tester is conducting research on various attack vectors,… Read More »
CompTIA Pentest+ PT0-002 – Section 7: Nmap Part 2
58. Nmap Fingerprinting (OBJ 2.3 and 2.4) In this lesson, we are going to talk a little bit more in depth about fingerprinting scans. So we’ve talked about ports and we’ve talked about port states. But there’s more information that you can get by doing your fingerprinting. When you do fingerprinting, this is a technique… Read More »
CompTIA Pentest+ PT0-002 – Section 7: Nmap Part 1
55. Nmap (OBJ 2.3 and 2.4) In this section of the course, we’re going to cover Nmap, which is an extremely versatile security tool that can be used to conduct active reconnaissance, enumeration, and even some basic vulnerability scanning when you use the Nmap scanning engine or NSE. Because of this, Nmap really does fit… Read More »
