Development
QLS
Business
Healthcare
Health & Fitness
Technology
Teaching
Lifestyle
Design
See the Curriculum Section for materials and enjoy learning with Imperial Academy.
Course Curriculum
| Course Introduction | |||
| Course Introduction | 00:02:00 | ||
| Preparation - Creating a Penetration Testing Lab | |||
| Lab Overview & Needed Software | 00:08:00 | ||
| Installing Kali 2019 As a Virtual Machine Using a Ready Image | 00:10:00 | ||
| Installing Kali 2019 As a Virtual Machine | 00:10:00 | ||
| Installing Metasploitable As a Virtual Machine | 00:04:00 | ||
| Preparation - Linux Basics | |||
| Basic Overview of Kali Linux | 00:05:00 | ||
| The Linux Terminal & Basic Linux Commands | 00:11:00 | ||
| Configuring Metasploitable & Lab Network Settings | 00:06:00 | ||
| Website Basics | |||
| What is a Website? | 00:04:00 | ||
| How To Hack a Website? | 00:04:00 | ||
| Information Gathering | |||
| Gathering Information Using Whois Lookup | 00:05:00 | ||
| Discovering Technologies Used On The Website | 00:06:00 | ||
| Gathering Comprehensive DNS Information | 00:10:00 | ||
| Discovering Websites On The Same Server | 00:04:00 | ||
| Discovering Subdomains | 00:05:00 | ||
| Discovering Sensitive Files | 00:07:00 | ||
| Analysing Discovered Files | 00:04:00 | ||
| Maltego – Discovering Servers, Domains & Files | 00:08:00 | ||
| Maltego – Discovering Websites, Hosting Provider & Emails | 00:05:00 | ||
| File Upload Vulnerabilities | |||
| What are they? And How To Discover & Exploit Basic File Upload Vulnerabilities | 00:07:00 | ||
| HTTP Requests – GET & POST | 00:04:00 | ||
| Intercepting HTTP Requests | 00:07:00 | ||
| Exploiting Advanced File Upload Vulnerabilities | 00:05:00 | ||
| Exploiting More Advanced File Upload Vulnerabilities | 00:04:00 | ||
| [Security] Fixing File Upload Vulnerabilities | 00:06:00 | ||
| Code Execution Vulnerabilities | |||
| What are they? & How To Discover & Exploit Basic Code Execution Vulnerabilities | 00:07:00 | ||
| Exploiting Advanced Code Execution Vulnerabilities | 00:06:00 | ||
| [Security] – Fixing Code Execution Vulnerabilities | 00:06:00 | ||
| Local File Inclusion Vulnerabilities (LFI) | |||
| What are they? And How To Discover & Exploit Them | 00:06:00 | ||
| Gaining Shell Access From LFI Vulnerabilities – Method 1 | 00:07:00 | ||
| Gaining Shell Access From LFI Vulnerabilities – Method 2 | 00:11:00 | ||
| Remote File Inclusion Vulnerabilities (RFI) | |||
| Remote File Inclusion Vulnerabilities – Configuring PHP Settings | 00:04:00 | ||
| Remote File Inclusion Vulnerabilities – Discovery & Exploitation | 00:06:00 | ||
| Exploiting Advanced Remote File Inclusion Vulnerabilities | 00:03:00 | ||
| [Security] Fixing File Inclusion Vulnerabilities | 00:06:00 | ||
| SQL Injection Vulnerabilities | |||
| What is SQL | 00:06:00 | ||
| Dangers of SQL Injections | 00:03:00 | ||
| SQL Injection Vulnerabilities - SQLi In Login Pages | |||
| Discovering SQL Injections In POST | 00:08:00 | ||
| Bypassing Logins Using SQL Injection Vulnerability | 00:05:00 | ||
| Bypassing More Secure Logins Using SQL Injections | 00:06:00 | ||
| [Security] Preventing SQL Injections In Login Pages | 00:08:00 | ||
| SQL Injection Vulnerabilities - Extracting Data From The Database | |||
| Discovering SQL Injections in GET | 00:07:00 | ||
| Reading Database Information | 00:05:00 | ||
| Finding Database Tables | 00:04:00 | ||
| Extracting Sensitive Data Such As Passwords | 00:04:00 | ||
| SQL Injection Vulnerabilities - Advanced Exploitation | |||
| Discovering & Exploiting Blind SQL Injections | 00:06:00 | ||
| Discovering a More Complicated SQL Injection | 00:07:00 | ||
| Extracting Data (passwords) By Exploiting a More Difficult SQL Injection | 00:05:00 | ||
| Bypassing Filters | 00:05:00 | ||
| Bypassing Security & Accessing All Records | 00:09:00 | ||
| [Security] Quick Fix To Prevent SQL Injections | 00:07:00 | ||
| Reading & Writing Files On The Server Using SQL Injection Vulnerability | 00:06:00 | ||
| Getting A Reverse Shell Access & Gaining Full Control Over The Target Web Server | 00:08:00 | ||
| Discovering SQL Injections & Extracting Data Using SQLmap | 00:07:00 | ||
| [Security] – The Right Way To Prevent SQL Injection | 00:05:00 | ||
| XSS Vulnerabilities | |||
| Introduction – What is XSS or Cross Site Scripting? | 00:03:00 | ||
| Discovering Basic Reflected XSS | 00:04:00 | ||
| Discovering Advanced Reflected XSS | 00:05:00 | ||
| Discovering An Even More Advanced Reflected XSS | 00:07:00 | ||
| Discovering Stored XSS | 00:03:00 | ||
| Discovering Advanced Stored XSS | 00:04:00 | ||
| XSS Vulnerabilities - Exploitation | |||
| Hooking Victims To BeEF Using Reflected XSS | 00:06:00 | ||
| Hooking Victims To BeEF Using Stored XSS | 00:04:00 | ||
| BeEF – Interacting With Hooked Victims | 00:04:00 | ||
| BeEF – Running Basic Commands On Victims | 00:04:00 | ||
| BeEF – Stealing Credentials/Passwords Using A Fake Login Prompt | 00:02:00 | ||
| Bonus – Installing Veil 3.1 | 00:06:00 | ||
| Bonus – Veil Overview & Payloads Basics | 00:07:00 | ||
| Bonus – Generating An Undetectable Backdoor Using Veil 3 | 00:10:00 | ||
| Bonus – Listening For Incoming Connections | 00:07:00 | ||
| Bonus – Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10 | 00:07:00 | ||
| BeEF – Gaining Full Control Over Windows Target | 00:04:00 | ||
| [Security] Fixing XSS Vulnerabilities | 00:07:00 | ||
| Insecure Session Management | |||
| Logging In As Admin Without a Password By Manipulating Cookies | 00:06:00 | ||
| Discovering Cross Site Request Forgery Vulnerabilities (CSRF) | 00:07:00 | ||
| Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File | 00:07:00 | ||
| Exploiting CSRF Vulnerabilities To Change Admin Password Using Link (Preview) | 00:06:00 | ||
| [Security] The Right Way To Prevent CSRF Vulnerabilities | 00:09:00 | ||
| Brute Force & Dictionary Attacks | |||
| What Are Brute Force & Dictionary Attacks? | 00:04:00 | ||
| Creating a Wordlist | 00:07:00 | ||
| Launching a Wordlist Attack & Guessing Login Password Using Hydra | 00:14:00 | ||
| Discovering Vulnerabilities Automatically Using Owasp ZAP | |||
| Scanning Target Website For Vulnerabilities | 00:04:00 | ||
| Analysing Scan Results | 00:04:00 | ||
| Post Exploitation | |||
| Post Exploitation Introduction | 00:04:00 | ||
| Interacting With The Reverse Shell Access Obtained In Previous Lectures | 00:07:00 | ||
| Escalating Reverse Shell Access To Weevely Shell | 00:08:00 | ||
| Weevely Basics – Accessing Other Websites, Running Shell Commands …etc | 00:07:00 | ||
| Bypassing Limited Privileges & Executing Shell Commands | 00:05:00 | ||
| Downloading Files From Target Webserver | 00:05:00 | ||
| Uploading Files To Target Webserver | 00:08:00 | ||
| Getting a Reverse Connection From Weevely | 00:08:00 | ||
| Accessing The Database | 00:09:00 | ||
Certificate of Achievement
Learners will get an certificate of achievement directly at their doorstep after successfully completing the course!
It should also be noted that international students must pay £10 for shipping cost.
CPD Accredited Certification
Upon successfully completing the course, you will be qualified for CPD Accredited Certificate. Certification is available –
- PDF Certificate £7.99
- Hard Copy Certificate £14.99
Recent Courses
