Course Overview
This course focuses on external penetration testing tactics and techniques designed to help you improve your pentest game. Students should take this course if they are interested in:
- Gaining a better understanding of the external pentest attack methodology and mindset
- Improving overall penetration testing skillset and client relations
- Crushing their next penetration testing job interview
Prerequisites & System Requirements
- Previous beginner pentest knowledge strongly preferred
- Prior basic security knowledge strongly preferred
- Desire to learn is required :)
External Pentest Playbook Course Objectives
What will I learn?
The following concepts will be taught in this course:
- Objectives of an External Pentest
- Important Documents and Procedures
- Scope Verification and Client Communication
- Attack Strategies
- Vulnerability Scanning
- Common OSINT and Information Gathering Techniques
- Attacking O365/OWA
- Attacking Login Portals
- Bypassing MFA and Escalating Access
- Report Writing
- Identifying Common Pentest Findings
- Client Debriefs, Retests, and Attestations
External Pentest Playbook Curriculum - 3.5 Hours
- Overview (0:52)
- Insufficient Authentication Controls (4:16)
- Weak Password Policy (4:17)
- Insufficient Patching (3:13)
- Default Credentials (3:37)
- Insufficient Encryption (3:06)
- Information Disclosure (4:02)
- Username Enumeration (2:37)
- Default Web Pages (1:47)
- Open Mail Relays (2:00)
- IKE Aggressive Mode (1:43)
- Unexpected Perimeter Services (1:39)
- Insufficient Traffic Blocking (2:14)
- Undetected Malicious Activity (1:55)
- Historical Account Compromises (1:46)
About the Instructor: Heath Adams
Hi everyone! My name is Heath Adams, but I also go by "The Cyber Mentor" on social media. I am the founder and CEO of TCM Security, an ethical hacking and cybersecurity consulting company. While I am an ethical hacker by trade, I love to teach! I have taught courses to over 170,000 students on multiple platforms, including Udemy, YouTube, Twitch, and INE.
I am currently OSCP, OSWP, eCPPTX, eWPT, CEH, Pentest+, CCNA, Linux+, Security+, Network+, and A+ certified.
I'm also a husband, animal dad, tinkerer, and military veteran. I hope you enjoy my courses.
Follow Heath on Social Media:
LinkedIn - https://linkedin.com/in/heathadams
Twitter - https://twitter.com/thecybermentor
YouTube - https://youtube.com/c/thecybermentor
Twitch - https://twitch.tv/thecybermentor
This course is included in our
All-Access Membership
starting at $29.99/month
Get full access to the External Pentest Playbook course and our full course catalog when you enroll in our All-Access Membership.
Courses Included in the All-Access Membership
Frequently Asked Questions
Can I get a refund if I'm unhappy with my purchase?
Yes. All courses come with a 24-hour money-back guarantee.
Will I receive a certificate of completion when I finish a course?
Yes. All courses come with a certificate of completion.
Do the courses count as Continuing Education Units (CEUs)?
Yes. Every certificate of completion comes with the total CEUs earned listed on the certificate.
What is the All-Access Pass?
As of July 1st, 2023 TCM Academy transitioned to a monthly subscription model, where you now receive full access to all of the courses on our platform for as long as your subscription remains active.
What if you already own courses on TCM Academy?
If you already own a course on our platform, you will continue to own that course forever. Previously owned courses will not be affected by this change.
I can see the course, but it won’t load or play. What should I do?
We use Cloudflare to protect our course platform and unfortunately, it does not play nice with VPNs. If you are experiencing issues, turn off your VPN and try again. If that does not solve the issue, please contact our support team at [email protected] and we will help you out.