Skip to content

Latest commit

 

History

History
45 lines (42 loc) · 3.44 KB

File metadata and controls

45 lines (42 loc) · 3.44 KB

Lab Index — CompTIA PenTest+ PT0-003

Each lab cites the exam objective(s) it maps to so you can revise by domain or by topic.

# Lab Maps to objective
1 Scoping a Pentest: SoW, NDA and RoE 1.1
2 Threat Modeling with STRIDE and DREAD 1.3
3 Mapping a Pentest to MITRE ATT&CK 1.3
4 Risk Scoring with CVSS, CWE and EPSS 1.5, 4.1
5 Writing a Penetration Test Report 1.2, 1.4, 1.5
6 Passive OSINT with theHarvester and Recon-ng 2.1, 2.4
7 WHOIS, DNS Recon and Zone Walking 2.1, 2.2, 2.4
8 Subdomain Enumeration with Amass and Subfinder 2.2, 2.4
9 Shodan, Censys and Certificate Transparency 2.1, 2.4
10 Network Scanning with Nmap 2.1, 2.2, 2.4
11 Service Enumeration with Nmap NSE 2.2, 2.4, 4.2
12 Traffic Capture and Analysis with Wireshark and tcpdump 2.1, 2.2, 4.2
13 Web Enumeration: Gobuster, Wfuzz, WhatWeb 2.2, 4.5
14 Recon Scripting with Bash and Python 2.3, 3.2, 4.10
15 Vulnerability Scanning with Greenbone/OpenVAS 3.1, 3.2
16 Web Vulnerability Scanning with Nikto and ZAP 3.1, 4.5
17 Container Image Scanning with Trivy and Grype 3.1
18 Secrets Scanning with TruffleHog 2.2, 3.1
19 Validating Findings and Public Exploit Selection 3.2, 4.1
20 Exploitation with Metasploit Framework 4.1, 4.2
21 Bind and Reverse Shells with Netcat and Socat 4.1, 4.2, 4.4
22 LLMNR/NBT-NS Poisoning and SMB Relay with Responder 4.2, 4.3
23 Online Password Attacks with Hydra and Medusa 4.3
24 Offline Hash Cracking with hashcat and John 4.3
25 Linux Privilege Escalation with LinPEAS 4.4
26 Windows Privilege Escalation and Kerberoasting 4.3, 4.4
27 SQL Injection with sqlmap 4.5
28 XSS, CSRF and SSRF with Burp Suite 4.5
29 File Inclusion, Directory Traversal and Web Shells 4.5, 5.1
30 Cloud Attacks: S3 and IAM with Pacu and ScoutSuite 4.6
31 Wireless Attacks: WPA Cracking with Aircrack-ng 4.7
32 Social Engineering with GoPhish and SET 4.8
33 Establishing Persistence (cron, systemd, web shell) 5.1
34 Lateral Movement with CrackMapExec and Impacket 5.2
35 Pivoting with sshuttle, Chisel and Proxychains 5.2
36 Data Exfiltration over DNS, ICMP and HTTPS 5.3
37 Cleanup, Restoration and Artifact Preservation 5.4

See tools.md for installation requirements per lab.