Penetration Testing with BackTrack 3.0 - An introduction

PWB v3.0 – Offensive Security Online Training at its Best

BackTrack Linux

PWB v.3.0

Excitement is mounting as the debut of  Penetration Testing with BackTrack (PWB) v3.0 comes closer. We received MANY emails asking us for more information about the new versions of the Videos and Labs. I’ll try to sum up the changes in this blog post. So, what’s *really* new?

Online Labs

Possibly the biggest change in the course. The PWB labs have been completely restructured and have tripled in size. A much more realistic corporate environment has been simulated with four separate vulnerable subnets. Modern OS’s and vulnerability vectors have been added, while still maintaining the basic lab structure from PWB v2.0. We’ve added many “Client simulating” features in the network to make the network come “alive”.Client Side attacks, Cross Site Scripting, uber Tunneling tricks, are all now a necessity in order to get to your goals. If you thought Bob was bad, wait till you meet Niky, Jeff, Joe, Carrie, Kevin, Nina and Sean. Penetration Testing has NEVER been so fun.

Reporting

In PWB v3.0 we introduce a new format for the student documentation and reporting process. Students connect to our labs as “local attackers” and must compromise victim servers on all the different department networks. The final report (as well as the OSCP challenge report) will now be presented as an official penetration test report. A template for this report is provided together with the course materials.

Courseware

The PWB videos were re-recorded from scratch, now featuring BackTrack 4. The videos are over 8:30 hours long, with several new modules introduced, and several old ones removed.

What was added (partial list):

  • Services – Setting up a FTP server
  • Information Gathering – Maltego
  • Google Hacking – New examples
  • SNMP, SMB information gathering modules refreshed
  • Port Scanning – NMAP NSE, PBNJ
  • Buffer Overflows  – New introduction to Buffer overflows (win32)
  • Buffer Overflows  – New Linux Buffer Overflow module
  • File Transfers – Modules refreshed, new method added.
  • Client Side Attacks – Modules updated with new vulnerabilities
  • SSH Tunneling – Module *greatly* enhanced, pretty funky stuff.
  • Password Attacks – Module refreshed, NTLM, rainbowtable and GPU cracking.
  • Web Application Attacks – Whole new module covering XSS, LFI/RFI, SQLi in both PHP/MySQL and MSSQL environments.

What was removed:

  • Outdated commands / tools related to BackTrack 3
  • Port Scanning – Unicornscan (remains in lab guide)
  • Buffer Overflows – Wingate Example (replaced)
  • Metasploit – Kernel Payloads
  • Metaspoit – db_autopwn
  • Client Side Attacks – MS06-001 (oudated, replaced)
  • Password attacks – Physical access attacks (remains in lab guide)
  • Core Impact Module – (remains in lab guide)

We are honestly excited about this new release, and are eagerly waiting to hear the renewed sounds of torment from our students. What more could we ask for?

Also, a new sample demo of the PWB video has been uploaded on the Offsec website.

Previous Post
Pentesting With BackTrack v.3.0
Next Post
Penetration Testing With BackTrack v.3.0 Alive!

Related Posts

Menu
X Close

 

Certified Pentesting
Professional

OSCP
course starting at
$800 USD

Take Penetration Testing with Kali Linux to gain invaluable penetration testing skills and earn your OSCP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCP

Certified Pentesting
Expert

OSCE
course starting at
$1200 USD

Take Cracking the Perimeter to take your penetration testing skills to expert levels and earn your OSCE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCE

 

Certified Pentesting
Web Expert

OSWE
course starting at
$1400 USD

Take Advanced Web Attacks and Exploitation, to deep dive into web apps to earn your OSWE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWE

Certified Pentesting
Wireless Professional

OSWP
course starting at
$450 USD

Take Offensive Security Wireless Attacks to acquire knowledge about Wi-Fi attacks and earn your OSWP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWP

Certified Exploitation
Expert

OSEE
course starting at
See
Live Schedule

Take Advanced Windows Exploitation to develop exploits for Windows systems and earn your OSEE.

  • Live training course
  • Includes certification exam fee
  • Maximum instructor interaction
  • Highly challenging
  • Become an OSEE