The CompTIA PenTest+ exam certifies your abilities as a penetration tester who can identify and exploit system vulnerabilities on the behalf of clients. This course prepares you for the third domain: Attacks and Exploits. Instructor Michael Solomon, PhD, discusses social engineering, which can happen remotely or in person, and network-based exploits that compromise SMB, SMTP, FTP, and other connections. He explores man-in-the-middle attacks like ARP spoofing, which steal network packets as they're passed back and forth, and shows how to use tools such as Aircrack-ng and Wireshark to sniff and grab packets over wireless connections. He also covers app exploits, and provide a demo of SQL injection to help you understand how pen testers execute this kind of attack.