This week for Hacker Bootcamp we got our hands dirty with the final labs of the course material, including Null Session Attacks, Password Cracking and of course Metasploit! The students are finally able to utilize their skills to exploit vulnerabilities using Metasploit, and will be finishing up their studies of the Penetration Testing Student course materials.
We also had the opportunity to talk with the venerable @Don. Don discussed the various methods of continuing to learn penetration testing through platforms like TryHackMe, HackTheBox, OverTheWire and many other websites. Don also discussed the next steps in the INE platform if the students would like to continue down the training to the PTP, WAPT, or even the blue side of the house. We also discussed the salary expectations for Cybersecurity Professionals and I think this gave the students a great, accurate picture of the current demand for cybersecurity talent.
Next week, the students will be taking a de-load week to relax before taking the eJPT exam. During the week they will be working on making a cheat sheet of commands and notes for the exam. The eJPT is an open-book/open-note test, but it is always handy to have the commands on hand during the exam so you don’t need to look in the course materials. In addition, the students will have the opportunity to test their hand at the Black Box labs at the end of the Penetration Testing student course, these labs are definitely high-level compared to the exam, but on the other hand they show you the vast amount there still is to learn in the world of penetration testing!
I will report back to you all on the success of the students vs. the eJPT exam, and I look forward to closing out this internship opportunity with a bang! For now, check out the course materials from this week if you are following along.
Read/Watch the Following Sections in “Penetration Testing Basics”:
- System Attacks
- Here we will get our hands dirty with some exploitation, password cracking, and some basics about different types of shells.
Complete the following lab activities:
- Bruteforce/Password Cracking
- Null Sessions
- ARP Poisoning