PJPT Studies 8/16/24

As I continue my journey towards earning the Practical Junior Penetration Tester (PJPT) certification, today was particularly productive. I delved into a range of topics that are fundamental to both pentesting and cybersecurity as a whole. Here’s a breakdown of what I learned and how it all connects.

Strengthening Python Fundamentals

Understanding Python is a key asset in the toolkit of any cybersecurity professional, especially those focused on offensive security. I spent a good part of the day revisiting Python concepts. The flexibility and power of Python make it an essential language for automation, scripting, and even complex tasks like exploiting vulnerabilities or conducting detailed data analysis. Built out a simple port scanner that was a fun little project.

Reconnaissance: Information Gathering

After getting my head around Python, I moved on to the critical phase of reconnaissance, or information gathering. This step is often the foundation of any successful penetration test. The goal is to collect as much information about your target as possible, which will later be used to identify vulnerabilities.

  • Identifying Targets: The first step was understanding how to identify your target—be it an organization, individual, or system. This involves researching the target’s digital footprint and identifying key assets.
  • Discovering Email Addresses: Next, I learned about techniques to discover email addresses associated with the target company. This can be crucial for phishing campaigns or credential stuffing attacks during a pentest. Very generic info here.
  • Gathering and Hunting Breached Credentials: I also explored methods for gathering breached credentials using open-source intelligence (OSINT). Breached credentials, especially those found in past data leaks, can offer a way into the target’s systems if they haven’t been updated.

Subdomain Enumeration and Technology Identification

Another critical skill I worked on was subdomain enumeration. Using tools like Sublist3r and crt.sh, I was able to discover subdomains associated with the target. Subdomains often house lesser-known services that could be more vulnerable to attack.

To complement this, I used tools like Wappalyzer and WhatWeb to identify the technologies used by a target’s website. This step is crucial because understanding the technologies in play (e.g., CMS, server software, frameworks) allows for more targeted vulnerability scanning and exploitation.

Burp Suite and Google Fu: Essential Tools

Finally to end the day, I practiced using Burp Suite—a powerful tool for web vulnerability scanning and exploitation. Understanding how to efficiently navigate and utilize Burp Suite is vital for any pentester, as it can uncover a wide range of web application vulnerabilities.

I also honed my skills in what’s often called “Google Fu”—the art of using advanced search techniques to find information. This can be incredibly useful when looking for obscure data or bypassing certain restrictions.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top