1 00:00:00,420 --> 00:00:07,260 Before diving into various aspects of the Métis boy framework, I think it's better to talk about some 2 00:00:07,260 --> 00:00:10,590 absolute basics when conducting a penetration test. 3 00:00:11,220 --> 00:00:14,230 Actually, this is not a pure penetration testing course. 4 00:00:14,550 --> 00:00:21,420 This course will show the capabilities of the Métis boy framework while you are doing a penetration 5 00:00:21,420 --> 00:00:21,870 test. 6 00:00:22,800 --> 00:00:28,020 So that means I'm going to summarize the phases in the steps of a penetration test. 7 00:00:29,160 --> 00:00:34,590 So this section will cover more theoretical information, so for you beginners out there, there's a 8 00:00:34,590 --> 00:00:40,230 great point to start on the other side of things for the one who has a basic understanding of the penetration 9 00:00:40,230 --> 00:00:47,820 testing, they OK, I guess you can skip over to other chapters, but I don't recommend this because 10 00:00:47,820 --> 00:00:50,140 this section completes the course properly. 11 00:00:50,310 --> 00:00:52,170 And what did I tell you before? 12 00:00:52,440 --> 00:00:56,760 I'm going to do things a little differently, so you might get my unique take on it. 13 00:00:57,180 --> 00:01:00,180 I don't want to push you, though, so do what you choose. 14 00:01:00,750 --> 00:01:08,310 So in this section, you're going to learn and understand what penetration testing is all about and 15 00:01:08,490 --> 00:01:11,640 where the meds point framework actually fits in. 16 00:01:12,090 --> 00:01:13,050 Precisely. 17 00:01:14,180 --> 00:01:15,440 So in this short section. 18 00:01:16,420 --> 00:01:22,720 You have entered the world of penetration testing and one basic question immediately comes to mind, 19 00:01:23,330 --> 00:01:24,340 what is it? 20 00:01:25,750 --> 00:01:32,140 I'm sure that your answers to this question will be close, but they're going to be a slightly different. 21 00:01:33,060 --> 00:01:40,680 I obviously can't actually guess your answers, but I know your definitions won't be enough because 22 00:01:40,680 --> 00:01:44,410 there isn't an exact definition, right? 23 00:01:45,180 --> 00:01:49,650 All the books and all the courses expand the definition of penetration testing. 24 00:01:49,830 --> 00:01:53,670 And this effort, unfortunately, makes it harder to understand. 25 00:01:54,830 --> 00:02:01,090 So I've been doing penetration testing for years and years, too many to count without some help. 26 00:02:02,730 --> 00:02:10,890 To me, penetration testing is simply to find and exploit the weaknesses in a computer system by predefined 27 00:02:10,890 --> 00:02:14,310 rules in a specific scope. 28 00:02:15,700 --> 00:02:23,170 Compared to a vulnerability assessment on a penetration test, you not only discover the vulnerabilities 29 00:02:23,170 --> 00:02:30,820 that could be used by attackers, but also you need to exploit the vulnerabilities to assess what attackers 30 00:02:30,820 --> 00:02:33,940 might gain after a successful exploitation. 31 00:02:34,720 --> 00:02:38,800 So you will simulate an attacker as a penetration tester. 32 00:02:40,100 --> 00:02:47,030 Now, by this, you're going to figure out security weaknesses, find vulnerabilities and identify the 33 00:02:47,030 --> 00:02:48,920 security level of the systems. 34 00:02:49,900 --> 00:02:52,150 Who a little bit Mr. Robot style. 35 00:02:53,710 --> 00:03:01,060 The important point here is to exploit the identified vulnerabilities by concerning the consistency 36 00:03:01,060 --> 00:03:02,100 of the target system. 37 00:03:03,100 --> 00:03:09,640 So honestly, in a penetration test, you will focus on how to improve the security of your target from 38 00:03:09,640 --> 00:03:11,080 an attacker's perspective. 39 00:03:12,200 --> 00:03:18,500 Oh, and by the way, I implicitly explain why I choose the Métis Boyte framework.