5063CEM: Practical Pen Testing

In this module we will look at the Penetration testing process, with a focus on the infrastructure.

We will look at the pen-test process, and how we can evaluate the vulnerabilities we find. We will also look at the security of server side technologies, and how we can exploit these technologies to gain access to infrastructure.

We will also have some cross over with the 5067CEM Web Security module. As a common entry-point to our systems is the web application, seeing how the web exploits we discuss in the Web security module, fit into the pen test process gives us a complete picture.

Module Essentials

• Module Guide
• Assessment
• Teaching and Learning
• Course Materials Guide

The Aula

The main reference point for the course is Aula. While the GitHub pages docs give us a nice way to structure content, it's a workaround.

Whatever you think of Aula itself, the collaborative part is actually a good idea. Each week there will be discussion points in the materials. Using the feed to discuss your views on these points will help you think around the subject.

Being Nice

People are entitled to their own point of view, use the feed for constructive feedback and discussion.

Module Team

• Dr. Dan Goldsmith. aa9863@coventry.ac.uk

I am a general computer scientist, and have interests in Coding, IoT and embedded systems (or really anything computer.based except UX). When it comes to Hacking, I am firmly on the Red Team, and love breaking into systems or taking code apart to see how it works, taking part in (or writing stuff for) CTF events, binary mangling and just learning about the cool ways we can misuse software.

If you have any questions, you can:

• Email Me: aa9863@coventry.ac.uk
• Ping me On Teams
• Note: While you can use Aula for DM. The messaging part is a little big Janky, so don't expect a rapid response.