Curriculum
18 Sections
93 Lessons
52 Weeks
Expand all sections
Collapse all sections
1. Preparation Creating a Penetration Testing Lab
4
1.1
Lab Overview and Needed Software
3 Minutes
1.2
Installing Kali 2018 As a Virtual Machine Using a Ready Image
8 Minutes
1.3
Installing Metasploitable As a Virtual Machine
4 Minutes
1.4
Installing Windows As a Virtual Machine
3 Minutes
2. Preparation - Linux Basics
3
2.1
Basic Overview of Kali Linux
4 Minutes
2.2
The Linux Terminal and Basic LInux command
9 Minutes
2.3
Configuring Metasploitable and Lab Network Settings
5 Minutes
3. Website Basics
2
3.1
What is a Website?
4 Minutes
3.2
How to Hack a Website ?
5 Minutes
4. Information Gathering
9
4.1
Gathering information Using Whois Lookup
4 Minutes
4.2
Discovering Technologies Used on the website
6 Minutes
4.3
Gathering Comprehensive DNS Information
3 Minutes
4.4
Discovering Websites On The Same Server
5 Minutes
4.5
Discovering Subdomains
5 Minutes
4.6
Discovering Sensitive Files
7 Minutes
4.7
Analyzing Discovered Files
4 Minutes
4.8
Maltego Discovering Servers, Domains and Files
7 Minutes
4.9
Maltego – Discovering Websites, Hosting Provider & Emails
4 Minutes
5. File Upload Vulnerabilities
6
5.1
What are they? How to discover and Exploit Basic File Upload Vulnerabilities
6 Minutes
5.2
HTTP Requests GET and POST
4 Minutes
5.3
Intercepting HTTP Requests
6 Minutes
5.4
Exploiting Advanced File Upload Vulnerabilities
4 Minutes
5.5
Exploiting More Advanced File upload Vulnerabilities
4 Minutes
5.6
[Security] Fixing File Upload Vulnerabilities
6 Minutes
6. Code Execution Vulnerabilities
3
6.1
What are they? & How To Discover & Exploit Basic Code Execution Vulnerabilities
7 Minutes
6.2
Exploiting Advanced Code Execution Vulnerabilities
6 Minutes
6.3
[Security] – Fixing Code Execution Vulnerabilities
5 Minutes
7. Local File Inclusion Vulnerabilities (LFI)
3
7.1
What are they? And How To Discover & Exploit Them
5 Minutes
7.2
Gaining Shell Access From LFI Vulnerabilities – Method 1
7 Minutes
7.3
Gaining Shell Access From LFI Vulnerabilities – Method 2
10 Minutes
8. Remote File Inclusion Vulnerabilities (RFI)
4
8.1
Remote File Inclusion Vulnerabilities – Configuring PHP Settings
3 Minutes
8.2
Remote File Inclusion Vulnerabilities – Discovery & Exploitation
2 Minutes
8.3
Exploiting Advanced Remote File Inclusion Vulnerabilities
5 Minutes
8.4
[Security] Fixing File Inclusion Vulnerabilities
5 Minutes
9. SQL Injection Vulnerabilities
2
9.1
What is SQL?
2 Minutes
9.2
Dangers of SQL Injections
5 Minutes
10. SQL Injection Vulnerabilities - SQLi In Login Pages
4
10.1
Discovering SQL Injections In POST
7 Minutes
10.2
Bypassing Logins Using SQL Injection Vulnerability
4 Minutes
10.3
Bypassing More Secure Logins Using SQL Injections
7 Minutes
10.4
[Security] Preventing SQL Injections In Login Pages
6 Minutes
11. SQL injection Vulnerabilities - Extracting Data From The Database
4
11.1
Discovering SQL Injections in GET
7 Minutes
11.2
Reading Database Information
5 Minutes
11.3
Finding Database Tables
3 Minutes
11.4
Extracting Sensitive Data Such As Passwords
4 Minutes
12. SQL injection Vulnerabilities - Advanced Exploitation
11
12.1
Discovering & Exploiting Blind SQL Injections
5 Minutes
12.2
Discovering a More Complicated SQL Injection
7 Minutes
12.3
Extracting Data (passwords) By Exploiting a More Difficult SQL Injection
4 Minutes
12.4
Bypassing Filters
4 Minutes
12.5
Bypassing Security & Accessing All Records
7 Minutes
12.6
[Security] Quick Fix To Prevent SQL Injections
7 Minutes
12.7
Reading & Writing Files On The Server Using SQL Injection Vulnerability
6 Minutes
12.8
Getting A Reverse Shell Access & Gaining Full Control Over The Target Web Server
5 Minutes
12.9
Discovering SQL Injections & Extracting Data Using SQLmap
6 Minutes
12.10
Getting a Direct SQL Shell using SQLmap
4 Minutes
12.11
[Security] – The Right Way To Prevent SQL Injection
2 Minutes
13. XSS Vulnerabilities
7
13.1
Introduction – What is XSS or Cross Site Scripting?
3 Minutes
13.2
Discovering Basic Reflected XSS
3 Minutes
13.3
Discovering Advanced Reflected XSS
4 Minutes
13.4
Discovering An Even More Advanced Reflected XSS
7 Minutes
13.5
Discovering Stored XSS
2 Minutes
13.6
Discovering Advanced Stored XSS
3 Minutes
13.7
Discovering Dom Based XSS
6 Minutes
14. XSS Vulnerabilities - Exploitation
12
14.1
Hooking Victims To BeEF Using Reflected XSS
5 Minutes
14.2
Hooking Victims To BeEF Using Stored XSS
4 Minutes
14.3
BeEF – Interacting With Hooked Victims
3 Minutes
14.4
BeEF – Running Basic Commands On Victims
4 Minutes
14.5
BeEF – Stealing Credentials/Passwords Using A Fake Login Prompt
2 Minutes
14.6
Bonus – Installing Veil 3
7 Minutes
14.7
Bonus – Veil Overview & Payloads Basics
7 Minutes
14.8
Bonus – Generating An Undetectable Backdoor Using Veil 3
9 Minutes
14.9
Bonus – Listening For Incoming Connections
7 Minutes
14.10
Bonus – Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10
7 Minutes
14.11
BeEF – Gaining Full Control Over Windows Target
3 Minutes
14.12
[Security] Fixing XSS Vulnerabilities
7 Minutes
15. Insecure Session Management
5
15.1
Logging In As Admin Without a Password By Manipulating Cookies
6 Minutes
15.2
Discovering Cross Site Request Forgery Vulnerabilities (CSRF)
6 Minutes
15.3
Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File
7 Minutes
15.4
Exploiting CSRF Vulnerabilities To Change Admin Password Using Link
5 Minutes
15.5
[Security] The Right Way To Prevent CSRF Vulnerabilities
9 Minutes
16. Brute Force & Dictionary Attacks
3
16.1
What Are Brute Force & Dictionary Attacks?
3 Minutes
16.2
Creating a Wordlist
6 Minutes
16.3
Launching a Wordlist Attack & Guessing Login Password Using Hydra
13 Minutes
17. Discovering Vulnerabilities Automatically Using Owasp ZAP
2
17.1
Scanning Target Website For Vulnerabilities
4 Minutes
17.2
Analysing Scan Results
4 Minutes
18. Post Exploitation
9
18.1
Post Exploitation Introduction
3 Minutes
18.2
Interacting With The Reverse Shell Access Obtained In Previous Lectures
6 Minutes
18.3
Escalating Reverse Shell Access To Weevely Shell
7 Minutes
18.4
Weevely Basics – Accessing Other Websites, Running Shell Commands …etc
4 Minutes
18.5
Bypassing Limited Privileges & Executing Shell Commands
4 Minutes
18.6
Downloading Files From Target Webserver
4 Minutes
18.7
Uploading Files To Target Webserver
7 Minutes
18.8
Getting a Reverse Connection From Weevely
7 Minutes
18.9
Accessing The Database
8 Minutes
Learn Website Hacking Penetration Testing From Scratch
Search
This content is protected, please
login
and enroll in the course to view this content!
Login with your site account
Lost your password?
Remember Me
Not a member yet?
Register now
Register a new account
Are you a member?
Login now
Modal title
Main Content