TMG Security

TMG English Courses

External Penetration Testing

Wishlist Share
Share Course
Page Link
Share On Social Media

About Course

External Penetration Testing

Description

This course introduces students or security professionals to the External Penetration Testing concepts associated with black box pentesting. We encourage you to take this course if you are a complete beginner in Advance External Penetration Testing world. This course uses a custom-developed vulnerable External Penetration Testing to demonstrate how, web vulnerabilities can be identified and exploited. This course teaches you how to identify a variety of Advance web vulnerabilities lies in the Server-side, Client-side.

Introduction

– What is External Penetration Testing
– Phases of External Penetration Testing
– Checklist to perform External Penetration Testing

Dealing with a Client

1. Create a ROE for client
2. Complete the Signing Process
3. Be available for kick off meetings

Information Gathering / Recon / OSINT

– Collect all Internal IP’s
– Do Port Scanning
– Collect Employees Information through Open Source
– Collect Employees Email Addresses
– Look For Password Leaks on GitHub
– Look For Sensitive Information in Activity / Commit history
– Look into Stack Trace error or Leaks Any Server Information
– Look For Lower Versions of Server or Whatever technology they use to find CVE’s
– Fuzz the Parameters or Perform Directory Brute Forcing to Find Sensitive Information
– Use Google Dorks to Find Secrets like AWS Bucket or Azure AD
– Collect JWT Tokens, Email Addresses , IP Addresses , User’s Unsubscribe Tokens and many more through Wayback Urls

Exploitation

– Perform Vulnerability Scanning
– Look for gaining access of admin panels
– Check for Weak Password Policy
– Try to gain Internal access through Open Ports
– Try to enumerate accounts on login, signup, password reset functions etc.
– Perform Brute force attacks on login portals
– Look For Security Misconfigurations like : Clickjacking, SPF/DMARC, CORS and many more..

Write Professional Reports

– Write about your company
– Give a brief description about when you started the project and when you ended.
– Create a Index of report
-. Make a severity chart with beautiful colours
– Start the report writing with sequence & priority wise
– Follow the steps to write a report

Benefits

  • Get ISO Certified Certification
  • Get Advance Bug Bounty Hunter Badge ( ID CARD )
  • Live Targets to hunt

Trainer

Mayank Gandhi

Show More

Course Content

Introduction to External Penetration Testing

  • Join WhatsApp Group
    00:00

Start Learning

Scroll to Top