Keyword - Pentest Training

Pentest Training

Learn Penetration Testing Discover the world of penetration testing. Learn how to infiltrate networks and successfully penetrate systems and applications. …

more

Preface

Dear participants, Welcome to our online “Pentest Training” course. Before you start stretching your fingers and rolling up your sleeves, …

more

Introduction

Specialists in IT security are in demand like never before. Threats from online attackers are increasing in particular. To protect …

more

Legal Framework

Before our journey as penetration testers can begin, we need a goal in mind. After all, a long-distance runner doesn’t …

more

Austria

Several elements of an offence may be used for the prosecution of cybercrime in Austria. As it relates to penetration …

more

Germany

The legal situation in Germany is similar to Austrian case law. A law was passed in May 2007 against “arranging …

more

Hacking vs. Penetration Testing

The legal framework yields the following insight: hacking is different from penetration testing. As we have already touched upon indirectly …

more

Classification

Hackers are unpredictable. Under normal circumstances, their identity or the number of attackers who are targeting a given company remain …

more

Meaningfulness of Penetration Tests

Now that we know how to classify a penetration test, the question remains how meaningful a simulation of such an …

more

Penetration Testing Standards

It is normal for the quality of a product to differ from service provider to service provider. Naturally, this also …

more

The Hacking Guide

Taking a look back, we learned about non-technical but essential aspects of penetration testing in the last chapters. In a …

more

Hacking I: Scanning networks

In some cases, we need to identify the network ranges of a company ourselves for penetration testing. In the case …

more

Tool introduction: nmap

To identify accessible servers in a network range, nmap can perform a ping sweep using the ICMP protocol. In this …

more

Tool introduction: masscan

When performing a port scan against an IT infrastructure, we must assume that services can be accessed via any IP …

more

Tool introduction: netcat

Now that we are able to identify open ports and accessible services on a target system, we can also communicate …

more

Tool introduction: dig

The domain name can provide important information about the job of a target system: As humans have a hard time …

more

Particularities of IPv6 networks

In this day and age, networks can no longer be scanned only on IPv4 networks. Many companies are gradually migrating …

more

Hacking II: Password attacks

In review, scanning networks is the foundation of any attack, as this allows us to discover our attack surface. But …

more

Online password attacks

Network services usually authenticate their users by means of a user name and associated password. If we know of the …

more

Offline password attacks

Unlike online password attacks, the hashes of the user passwords are available for offline password attacks. A cryptographic hash function …

more

Hacking III: Web application attacks

User authentication by password is often implemented in web applications. Individual users may be assigned different roles. As a payment …

more

Broken Access Control

In 2021, vulnerabilities in authorization scheme were ranked as the top risk in web applications by the OWASP Top 10 …

more

SQL Injections (SQLi)

According to the OWASP TOP 10, injections are among the three most common vulnerabilities in web applications. This also includes …

more

Cross-Site Scripting (XSS)

In addition to SQL injection, injection attacks also include cross-site scripting. Due to the lack of input validation, cross-site scripting …

more

Hacking IV: Privilege Escalation

We have successfully mastered our first step as an attacker: executing commands on our target system. But in most cases, …

more

Information Gathering

The phase of collecting information is an important part in our process. We are especially looking for information concerning the …

more

Local Root Exploits

So-called local root exploits often exist especially for older operating systems, which exploit vulnerabilities in the kernel when expanding privileges, …

more

File Transfer

After we have “built“ an exploit locally on our attacking machine, we still have to transfer it to the target …

more

Hacking V: Tunnelling Techniques

We deliberately also kept an eye out for network information during privilege escalation, because IT infrastructure is often split into …

more

Hacking VI: Vulnerability scanner and penetration testing frameworks

It goes without saying that many processes in a penetration test can and should be automated. We can write scripts, …

more

Demonstration of a Penetration Test

So far, we have looked at the technical processes of an attacker as individual pieces of the puzzle, which still …

more

Phase 1: Identification of the network areas

Oblivius Education Inc. is a fictitious startup company that develops mobile applications for creating cheat sheets. The cheat sheet for …

more

Phase 2: Identification of the accessible servers and services

To identify the accessible IT systems within the network range, a ping scan was performed with nmap, which found two …

more

Phase 3: Identifying vulnerabilities

In addition to targeted DNS queries, further vulnerabilities were searched for based on the name server’s version number. The software …

more

Phase 4: Exploitation of Vulnerabilities

The previously SQL injection revealed not only the database version, but it was also possible to extract any database content. …

more

Risk Assessment of Identified Vulnerabilities

For an attacker, intruding into IT systems can be very thrilling. However, we should never lose sight of our real …

more

Common Vulnerability Scoring System (CVSS)

As is common with estimates, risk is assessed differently depending on the perception and experience of the pentester - even …

more

Risk Response Strategies

As a pentester, it would be a mistake to assume that all vulnerabilities will be fixed on the client's side. …

more

Structure of Documentation and Reporting

Looking back at the beginning of our journey as a penetration tester, let’s remember that our client asked us to …

more

Insider stories: Tales from Dubius Payment Ltd.

The hacker group “Black Shadow“... Up until recently, the ’Black Shadow’ hacker group was known for credit card fraud, which …

more

binsec academy GmbH - Online IT Security Training with Practical Focus

binsec academy GmbH is provider of online IT security training, offering practical, lab-based courses for professionals. The academy provides hands-on training in areas such as penetration testing and secure software development. Participants gain practical experience through realistic lab environments, including simulations of company networks and applications. Courses are available in multiple programming languages and align with standards like OWASP Top 10 and PCI DSS. Upon successful completion, participants receive certifications such as the Binsec Academy Certified Pentest Professional (BACPP) and Binsec Academy Certified Secure Coding Professional (BACSCP), demonstrating their ability to identify and remediate security vulnerabilities.

Goto binsec acadmy GmbH

binsec GmbH – Experts in Penetration Testing

binsec GmbH is a German IT security company focused on professional penetration testing. With over 10 years of experience, the team conducts in-depth penetration tests on networks, web applications, APIs, and mobile apps. Certified experts systematically identify and document security vulnerabilities to support organizations in improving their security and meeting compliance requirements.

Goto binsec GmbH

Contact

binsec GmbH
Solmsstraße 41
60486 Frankfurt am Main
Germany

Legal notice

Director: Patrick Sauer
Authorized Officer: Dominik Sauer, Florian Zavatzki
Registration: Frankfurt am Main, HRB97277
Turnover Tax Identification No.: DE290966808