Options
Any UDEMY course demonstrating hands on Vulnerability assessment and Pen testing?
I am not studying for CEH but want to set up a lab to gain more hands on experience of tools like Nessus, Metasploit, WireShark, Kismet, Webscarab, BurpSuite, Nikto, Tcpdump, IBM AppScan etc. I also want to get insights into real life usage and application of these Vulnerability scanning and pen testing techniques in big organizations so would love to discuss, learn or hear about the practical aspects.
1. has anyone seen any comprehensive video showing all or most of above? (hands on type, not just the theory)
2. Do we have anyone here who can walk me through the using webex or gotomeeting etc. and help me setup the lab? I do have a lab set up already with some of the above mentioned tools but need compromised network
1. has anyone seen any comprehensive video showing all or most of above? (hands on type, not just the theory)
2. Do we have anyone here who can walk me through the using webex or gotomeeting etc. and help me setup the lab? I do have a lab set up already with some of the above mentioned tools but need compromised network
Comments
-
Options
binarysoul
Member Posts: 993
Do it yourself. You may find yourself watching hours of video and not retaining a lot. Find lab manuals and practice yourself. Good luck. -
Options
Khohezion
Member Posts: 57 ■■■□□□□□□□
I would suggest looking at VULN Hub for VM's and checking the Security Certification section of the forum and seeing how people prepare for the OSCP. -
OptionsTheFORCE
Member Posts: 2,297 ■■■■■■■■□□
You dont need a compromised network, you need a vulnerable machine. Get an old compy of Windows XP or an unpatched Windows 7/10 version run it on a VM, and scan it from your lab machine. That is essential for any lab. Thought you had a lab already? Having a machine with all the tools is not a "lab" if you have no where to use those tools on. I posted a thread on how I passed EJPT few months back, I have some tips there, see if you can find the post.
-
Options
SteveLavoie
Member Posts: 1,133 ■■■■■■■■■□
Look at Cybrary. They have a lot of nice security course at 0$ -
OptionsSnooper
Member Posts: 29 ■□□□□□□□□□
binarysoul, Khohezion , TheFORCE and SteveLavoieFirst of all Thanks for replying.
Cybrary and Youtube have lots of videos but not of actual demos running vuln scans and pen testing. I do have lab, still setting it up, but have already setup vm player, virtual box, several images of win xp win 7 and win 10, owasp top 10 etc. Will look at vulnhub next. I will also check out TheForce's thread for further details.
However what I was expecting to see from a video (example - https://www.youtube.com/watch?v=WCZDeRZm0xc&list=PL-_nNkvg3XpEaw5fInsjRqiM6mESoubRc) was to see some sort of real life vulnerability scan and secondly find out if it is possible to scan a pre configured network so I dont have to load each vm individually and scan it.
As you can see from video series example i posted above, this person has posted videos of actual actions being performed - https://www.youtube.com/watch?v=sw0TjqymcCA&index=5&list=PL-_nNkvg3XpEaw5fInsjRqiM6mESoubRc
I am looking for similar vulnerability scanning and pen testing video. I have found videos of nikto/nessus in action but is it not possible to find one video showing most popular vuln scans in action by someone who studied this part of ceh?