Attacks and Exploits (30%)PT0-002 Study Guide

Network Exploitation

Objective 3.1 · Attacks Exploits

Web Application Attacks

Objective 3.2 · Attacks Exploits

Social Engineering Attacks

Objective 3.3 · Attacks Exploits

Post-Exploitation Techniques

Objective 3.4 · Attacks Exploits

Wireless and RF Attacks

Objective 3.5 · Attacks Exploits

Metasploit Framework for PenTesters

Objective 3.1 · Attacks Exploits

Burp Suite for Web Application Testing

Objective 3.2 · Attacks Exploits

SQL Injection: Union, Blind, Time-Based

Objective 3.2 · Attacks Exploits

Cross-Site Scripting (XSS) Types

Objective 3.2 · Attacks Exploits

CSRF and SSRF Attacks

Objective 3.2 · Attacks Exploits

Command Injection and Directory Traversal

Objective 3.2 · Attacks Exploits

IDOR and Broken Access Control

Objective 3.2 · Attacks Exploits

Mimikatz and Credential Extraction

Objective 3.4 · Attacks Exploits

Privilege Escalation on Linux

Objective 3.4 · Attacks Exploits

Privilege Escalation on Windows

Objective 3.4 · Attacks Exploits

Lateral Movement Techniques

Objective 3.4 · Attacks Exploits

Pivoting and Tunnelling Through Networks

Objective 3.4 · Attacks Exploits

Cloud Pentesting: AWS and Azure

Objective 3.5 · Attacks Exploits

Mobile Application Testing

Objective 3.5 · Attacks Exploits

Phishing Campaigns in Penetration Testing

Objective 3.3 · Attacks Exploits

Physical Security Testing Techniques

Objective 3.3 · Attacks Exploits

Command and Control (C2) Framework Concepts

Objective 3.4 · Attacks Exploits

Exploit Frameworks: Core Impact and Canvas

Objective 3.1 · Attacks Exploits

Buffer Overflow Exploitation Concepts

Objective 3.1 · Attacks Exploits

Remote Code Execution (RCE) Vulnerabilities

Objective 3.1 · Attacks Exploits

SMB Exploitation: EternalBlue and PsExec

Objective 3.1 · Attacks Exploits

Kerberoasting and AS-REP Roasting

Objective 3.4 · Attacks Exploits

DCSync Attack and Domain Replication

Objective 3.4 · Attacks Exploits

Golden Ticket and Silver Ticket Attacks

Objective 3.4 · Attacks Exploits

LSASS Credential Dumping Methods

Objective 3.4 · Attacks Exploits

Post-Exploitation File Transfer Techniques

Objective 3.4 · Attacks Exploits

Persistence Mechanisms: Scheduled Tasks, Registry

Objective 3.4 · Attacks Exploits

RDP Exploitation and BlueKeep

Objective 3.1 · Attacks Exploits

Web Shells and Maintaining Access

Objective 3.2 · Attacks Exploits

XXE Injection Attacks

Objective 3.2 · Attacks Exploits

Insecure Deserialization Attacks

Objective 3.2 · Attacks Exploits

JWT Token Attacks

Objective 3.2 · Attacks Exploits

OAuth 2.0 and SSO Attacks

Objective 3.2 · Attacks Exploits

VLAN Hopping and Network Pivoting

Objective 3.1 · Attacks Exploits

DNS Poisoning and Spoofing

Objective 3.1 · Attacks Exploits

WPA3 and Modern Wireless Attacks

Objective 3.5 · Attacks Exploits

Bluetooth and BLE Attack Surface

Objective 3.5 · Attacks Exploits

Evil Twin and Rogue AP Attacks

Objective 3.5 · Attacks Exploits

AWS Pentesting: IAM Escalation, S3 Exposure

Objective 3.5 · Attacks Exploits

Azure Pentesting Techniques

Objective 3.5 · Attacks Exploits

Container Escape Techniques

Objective 3.5 · Attacks Exploits

NTLM Relay Attacks and Responder

Objective 3.4 · Attacks Exploits

Active Directory ACL Abuse

Objective 3.4 · Attacks Exploits

AS-REP Roasting vs Kerberoasting

Objective 3.4 · Attacks Exploits

IoT and SCADA/ICS Pentesting Concepts

Objective 3.5 · Attacks Exploits

Pentesting AI and ML Systems

Objective 3.5 · Attacks Exploits

Pass-the-Hash and Pass-the-Ticket Attacks

Objective 3.4 · Attacks Exploits

Subdomain Takeover in Pentesting

Objective 3.2 · Attacks Exploits

ARP Spoofing and MITM Attacks

Objective 3.1 · Attacks Exploits