From the course: Performing a Technical Security Audit and Assessment
Join today to access over 25,300 courses taught by industry experts.
Penetration testing tool demo
From the course: Performing a Technical Security Audit and Assessment
Penetration testing tool demo
- [Instructor] To demonstrate penetration testing, I'll use Kali Linux and the Legion tool. Legion can conduct port and service discovery on target systems. I've already run Legion against a Metasploitable system and the discovered services and ports are displayed in the services tab. I'll scroll through the services to see if anything catches my attention. I see MySQL, a database server, running on port 3306. Databases can contain interesting information, so let's examine this one. When I right click on that port, I see options to explore the service further, including open with MySQL client as root. When I click on that option, Legion will open a terminal window and prompt for a password. I'll check to see if it has a blank password by hitting Enter. I'm now at a MySQL prompt showing that I have successfully connected to the database server as root. Obviously, this would be a significant finding during a security assessment. I'll run the show databases command to see what I can…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Baseline skill sets for target vulnerability validation49s
-
(Locked)
Crack passwords1m 53s
-
Password cracking tool demo3m 23s
-
(Locked)
Challenge: Install and run a password cracker1m 3s
-
(Locked)
Solution: Install and run a password cracker2m 27s
-
(Locked)
Conduct penetration tests3m 3s
-
(Locked)
Penetration testing tool demo2m 46s
-
(Locked)
Conduct social engineering1m 15s
-
(Locked)
-
-
-
-