eJPT
  • đź‘‹Welcome
  • Tools
    • đź”­Escaneo y EnumeraciĂłn
  • SECTION 1: Assessment Methodologies
    • Assessment Methodologies: Information Gathering
      • IntroducciĂłn a la RecopilaciĂłn de InformaciĂłn
        • Start Quiz
      • Passive Information Gathering
      • Active Information Gathering
    • Assessment Methodologies: Footprinting & Scanning
      • Introduction
      • Networking Primer
      • Host Discovery
      • Port Scanning
      • Evasion, Scan Performance & Output
      • Page
      • Challenges
    • Assessment Methodologies: Enumeration
      • Overview
      • SMB Lesson
      • FTP Lesson
      • SSH Lesson
      • HTTP Lesson
      • SQL Lesson
    • Assessment Methodologies: Vulnerability Assessment
      • Vulnerability Assessment
      • Course Labs
  • SECTION 2: Host & Networking Auditing
    • Assessment Methodologies: Auditing Fundamentals
      • Assessment Methodologies
      • Practice
  • SECTION 3: Host & Network Penetration Testing
    • Host & Network Penetration Testing: System/Host Based Attacks
      • Introduction to Attacks
      • Windows Vulnerabilities
      • Exploiting Windows Vulnerabilities
      • Windows Privilege Escalation
      • Windows File System Vulnerabilities
      • Windows Credential Dumping
      • Linux Vulnerabilities
      • Exploiting Linux Vulnerabilities
      • Linux Privilege Escalation
      • Linux Credential Dumping
      • Conclusion
    • Host & Network Penetration Testing: Network-Based Attacks
      • Network-Based Attacks
    • Host & Network Penetration Testing: The Metasploit Framework (MSF)
      • Metasploit
        • Metasploit Fundamentals
      • Information Gathering & Enumeration
        • Nmap
        • Enumeration
      • Vulnerability Scanning
        • MSF
        • Nessus
        • Web Apps
      • Client-Side Attacks
        • Payloads
        • Automating
      • Exploitation
        • Windows Exploitation
        • Linux Exploitation
        • Post Exploitation Fundamentals
        • Windows Post Exploitation
        • Linux Post Exploitation
      • Armitage
        • Metasploit GUIs
    • Host & Network Penetration Testing: Exploitation
      • Introduction To Exploitation
      • Vulnerability Scanning Overview
      • Exploits
        • Searching For Exploits
        • Fixing Exploits
      • Shells
      • Frameworks
      • Windows
      • Linux
      • Obfuscation
    • Host & Network Penetration Testing: Post-Exploitation
      • Introduction
      • Windows Enumeration
      • Linux Enumeration
      • Transferring Files
      • Shells
      • Escalation
        • Windows Privilege Escalation
        • Linux Privilege Escalation
      • Persistence
        • Windows Persistence
        • Linux Persistence
      • Dumping & Cracking
        • Windows Password Hashes
        • Linux Password Hashes
      • Pivoting Lesson
      • Clearing
  • Host & Network Penetration Testing: Social Engineering
    • Social Engineering
  • SECTION 4: Web Application Penetration Testing
    • Introduction to the Web & HTTP Protocol
      • Web Applications
      • HTTP Protocol
        • HTTP/S Protocol Fundamentals
        • Website Crawling & Spidering
Powered by GitBook
On this page
  • Course Topic Overview
  • Prerequisites
  • Learning Objectives:
  • Conclusion

Host & Network Penetration Testing: Social Engineering

Course Topic Overview

  • Introduction To Social Engineering

  • Social Engineering Techniques

  • Phishing & Spear phishing

  • Pretexting

  • Phishing With Gophish

Prerequisites

  • Familiarity with Cybersecurity terms and concepts.

  • Basic familiarity with the web and the HTTP protocol.

Learning Objectives:

Comprenderá a fondo qué es la ingeniería social y cómo la utilizan los atacantes para obtener acceso inicial.

Comprenderá varias técnicas de ingeniería social, cómo funcionan y cuándo se utilizan.

Comprenderá a fondo qué son los ataques de phishing y spear phishing, cómo funcionan y cuándo se utilizan.

Comprenderá qué es el pretexto y el papel que desempeña en una campaña de ingeniería social exitosa.

Tendrá la capacidad de planificar y orquestar una campaña de phishing y configurar la infraestructura necesaria para facilitar la campaña.

Podrá planificar, configurar y orquestar una campaña de phishing con un marco de phishing de código abierto como Gophish.

Conclusion

Se decriben dos tecnicas fundamentales, como funciona los actores de ATP, como utilizar la psicologia humana, en el momento de interactuar con las personas para obtener informacion

PreviousClearingNextSocial Engineering

Last updated 7 months ago