Execute network, authentication, host-based, web application, cloud-based, and AI attacks using appropriate tools and techniques (35% of exam).
The largest domain covering comprehensive attack techniques. Network attacks include VLAN hopping, on-path attacks, and service exploitation. Authentication attacks cover brute-force attacks, pass-the-hash, and credential stuffing. Host-based attacks encompass privilege escalation, process injection, and credential dumping. Web application attacks include SQL injection, cross-site scripting (XSS), and directory traversal. Cloud-based attacks cover container escapes, metadata service attacks, and IAM misconfiguration exploitation. Also includes AI attacks such as prompt injection and model manipulation against artificial intelligence systems.
5 minutes
5 Questions
In the context of the CompTIA PenTest+ certification, understanding the distinction and relationship between attacks and exploits is fundamental to the vulnerability assessment and penetration testing lifecycle. An **exploit** is a specific piece of software, a chunk of data, or a sequence of commands that leverages a vulnerability—a weakness in a system, application, or process—to cause unintended behavior. This often results in gaining unauthorized access, establishing remote command execution (RCE), or achieving privilege escalation. PenTesters heavily rely on automation frameworks like Metasploit or databases like Exploit-DB to find payloads that target specific CVEs (Common Vulnerabilities and Exposures).
An **attack** is the broader, strategic action taken to compromise a system, which may or may not involve a technical exploit. Attacks are categorized across several domains within the PenTest+ curriculum. **Network attacks** involve manipulating traffic protocols, such as ARP poisoning, Man-in-the-Middle (MitM) assaults, or Denial of Service (DoS). **Web application attacks** focus on input validation failures, with SQL Injection (SQLi) and Cross-Site Scripting (XSS) being prevalent examples from the OWASP Top 10. **Wireless attacks** target Wi-Fi vulnerabilities via de-authentication packets, IV attacks, or Evil Twin access points.
Crucially, PenTest+ also emphasizes non-technical vectors like **Social Engineering** (phishing, vishing) and **Physical attacks** (piggybacking, lock picking), highlighting that the 'human element' is often the weakest link. The exploitation phase is the critical moment where the tester bypasses security controls. Unlike malicious hacking, a PenTester performs these actions strictly within a defined scope and Rules of Engagement (RoE). Following a successful exploit, the tester moves to post-exploitation activities—such as **pivoting** (moving laterally through the network) and establishing **persistence**—to demonstrate the potential business impact to the organization.In the context of the CompTIA PenTest+ certification, understanding the distinction and relationship between attacks and exploits is fundamental to the vulnerability assessment and penetration testing lifecycle. An **exploit** is a specific piece of software, a chunk of data, or a sequence of comma…