Gaining access to a system and network is one of the most critical phases during a penetration test. This phase tests both the penetration tester's skill set and the security controls of the target system and network. The penetration tester must always think about all the possible ways in which they can break into the target by exploiting various security flaws.

Without gaining access to a corporate network, you will not be able to perform any sort of network penetration and exfiltrate data. The purpose of a penetration test is to simulate real-world attacks that a real hacker with malicious intent would perform. This means gaining unauthorized entry to a corporate network and compromising systems.

As an upcoming cybersecurity professional/penetration tester, you will learn how to compromise wireless networks, exploit the Linux and Windows operating systems, take advantage of remote access services, and retrieve user account credentials to gain access to a system and network. Additionally, you'll learn about various countermeasures for securing a wireless network from cyber threats.

In this chapter, we will be covering the following topics:

• Gaining access
• Wired Equivalent Privacy (WEP) cracking
• Wi-Fi Protected Access (WPA) cracking
• Securing your wireless network
• Configuring wireless security settings
• Exploiting vulnerable perimeter systems
• Penetration testing Citrix and Remote Desktop Protocol (RDP)-based remote access systems
• PWN boxes and other tools
• Bypassing Network Access Control (NAC)