OffSec released the 2023 edition of Penetration Testing with Kali Linux (PEN-200). This new version, which incorporates the latest ethical hacking tools and techniques through real-world penetration testing simulations, offers many improvements and additions, including new Learning Modules and Learning Objectives to help learners focus on critical areas, new, progressive sets of machines (Challenge Labs) to assist learners in synthesizing materials; and private environments to create a superior learning experience.
Penetration Testing with Kali Linux 2023 subject areas
As a component of fulfilling the most recent PWK learning objectives, learners will acquire foundational comprehension of the penetration testing methodology, discern and classify risks, and carry out a guided penetration test. Four main subject areas have undergone substantial expansion, reflected in their new titles:
- Web Applications is being expanded into Introduction to Web Applications, Common Web Application Attacks, and SQL Injection
- Privilege Escalation is being expanded into Windows Privilege Escalation and Linux Privilege Escalation
- Port Redirection and Tunneling is being expanded into Port Redirection and SSH Tunneling and Tunneling through Deep Packet Inspection
- Active Directory is being expanded into Active Directory Introduction and Enumeration, Attacking Active Directory Authentication, and Lateral Movement in Active Directory
A new Module has been added on Note Taking and Report Writing for Penetration Testers, and new Capstone Exercises test learners on the content of each Module.
PEN-200’s new, progressive Challenge Labs are designed to expose learners to different vulnerabilities after getting comfortable with specific exploitation techniques. Each learner receives access to their own environment, and within that, learners then work on Challenge Labs designed to help them tackle particular pentesting problems.
“Modern cybersecurity education is essential in training professionals to stay ahead of malicious actors who are continuously looking for ways to breach systems, whether national-scale attacks such as government espionage, or corporate and personal hacks as we’ve seen with the latest ransomware,” said Ning Wang, CEO at OffSec. “OffSec’s Penetration Testing with Kali Linux course has been thoroughly updated to address modern threats and methods, allowing organizations to feel confident that their team members have received the best preparation possible.”
The following is a very high-level syllabus of what PEN-200 will look like after the update is complete:
- PWK: General Course Information
- Introduction to Cybersecurity
- Effective Learning Strategies
- Report Writing for Penetration Testers
- Information Gathering
- Vulnerability Scanning
- Introduction to Web Application Attacks
- Common Web Application Attacks
- SQL Injection Attacks
- Client-Side Attacks
- Locating Public Exploits
- Fixing Exploits
- Antivirus Evasion
- Password Attacks
- Windows Privilege Escalation
- Linux Privilege Escalation
- Port Redirection and SSH Tunneling
- Tunneling through Deep Packet Inspection
- The Metasploit Framework
- Active Directory Introduction and Enumeration
- Attacking Active Directory Authentication
- Lateral Movement in Active Directory
- Assembling the Pieces
- Try Harder: The Challenge Labs
More Kali Linux content to check out:
- 5 Kali Linux tools you should learn how to use
- 5 Kali Linux books you should read this year
- Kali Linux: What’s next for the popular pentesting distro?
- Kali Linux 2023.1 released – and so is Kali Purple!