- Introduction to Penetration Testing
- Security Assessments
- Vulnerability Assessment
- Limitations of Vulnerability Assessment
- Penetration Testing
- Why Penetration Testing?
- What Should be Tested?
- What Makes a Good Penetration Test?
- ROI on Penetration Testing
- Testing Points
- Testing Locations
- Types of Penetration Testing
- External Penetration Testing
- Internal Security Assessment
- Black-box Penetration Testing
- Grey-box Penetration Testing
- White-box Penetration Testing
- Announced / Unannounced Testing
- Automated Testing
- Manual Testing
- Common Penetration Testing Techniques
- Using DNS Domain Name and IP Address Information
- Enumerating Information about Hosts on Publicly-Available Networks
- Phases of Penetration Testing
- Pre-Attack Phase
- Attack Phase
- Activity: Perimeter Testing
- Enumerating Devices
- Activity: Acquiring Target
- Activity: Escalating Privileges
- Activity: Execute, Implant, and Retract
- Post-Attack Phase and Activities
- Penetration Testing Deliverable Templates
- Penetration Testing Methodology
- Application Security Assessment
- Web Application Testing - I
- Web Application Testing - II
- Web Application Testing - III
- Network Security Assessment
- Wireless/Remote Access Assessment
- Telephony Security Assessment
- Social Engineering
- Testing Network-Filtering Devices
- Denial of Service Emulation
- Outsourcing Penetration Testing Services
- Terms of Engagement
- Project Scope
- Pentest Service Level Agreements
- Penetration Testing Consultants
- Evaluating Different Types of Pentest Tools
- Application Security Assessment Tool
- Network Security Assessment Tool
- Angry IP scanner
- GFI LANguard
- Wireless/Remote Access Assessment Tool
- Telephony Security Assessment Tool
- Testing Network-Filtering Device Tool