- Home
- Course
- IT & Software
- Website Hacking From Scratch
See the Curriculum Section for materials and enjoy learning with Imperial Academy.
Course Curriculum
Course Introduction | |||
Course Introduction | 00:02:00 | ||
Preparation - Creating a Penetration Testing Lab | |||
Lab Overview & Needed Software | 00:08:00 | ||
Installing Kali 2019 As a Virtual Machine Using a Ready Image | 00:10:00 | ||
Installing Kali 2019 As a Virtual Machine | 00:10:00 | ||
Installing Metasploitable As a Virtual Machine | 00:04:00 | ||
Preparation - Linux Basics | |||
Basic Overview of Kali Linux | 00:05:00 | ||
The Linux Terminal & Basic Linux Commands | 00:11:00 | ||
Configuring Metasploitable & Lab Network Settings | 00:06:00 | ||
Website Basics | |||
What is a Website? | 00:04:00 | ||
How To Hack a Website? | 00:04:00 | ||
Information Gathering | |||
Gathering Information Using Whois Lookup | 00:05:00 | ||
Discovering Technologies Used On The Website | 00:06:00 | ||
Gathering Comprehensive DNS Information | 00:10:00 | ||
Discovering Websites On The Same Server | 00:04:00 | ||
Discovering Subdomains | 00:05:00 | ||
Discovering Sensitive Files | 00:07:00 | ||
Analysing Discovered Files | 00:04:00 | ||
Maltego – Discovering Servers, Domains & Files | 00:08:00 | ||
Maltego – Discovering Websites, Hosting Provider & Emails | 00:05:00 | ||
File Upload Vulnerabilities | |||
What are they? And How To Discover & Exploit Basic File Upload Vulnerabilities | 00:07:00 | ||
HTTP Requests – GET & POST | 00:04:00 | ||
Intercepting HTTP Requests | 00:07:00 | ||
Exploiting Advanced File Upload Vulnerabilities | 00:05:00 | ||
Exploiting More Advanced File Upload Vulnerabilities | 00:04:00 | ||
[Security] Fixing File Upload Vulnerabilities | 00:06:00 | ||
Code Execution Vulnerabilities | |||
What are they? & How To Discover & Exploit Basic Code Execution Vulnerabilities | 00:07:00 | ||
Exploiting Advanced Code Execution Vulnerabilities | 00:06:00 | ||
[Security] – Fixing Code Execution Vulnerabilities | 00:06:00 | ||
Local File Inclusion Vulnerabilities (LFI) | |||
What are they? And How To Discover & Exploit Them | 00:06:00 | ||
Gaining Shell Access From LFI Vulnerabilities – Method 1 | 00:07:00 | ||
Gaining Shell Access From LFI Vulnerabilities – Method 2 | 00:11:00 | ||
Remote File Inclusion Vulnerabilities (RFI) | |||
Remote File Inclusion Vulnerabilities – Configuring PHP Settings | 00:04:00 | ||
Remote File Inclusion Vulnerabilities – Discovery & Exploitation | 00:06:00 | ||
Exploiting Advanced Remote File Inclusion Vulnerabilities | 00:03:00 | ||
[Security] Fixing File Inclusion Vulnerabilities | 00:06:00 | ||
SQL Injection Vulnerabilities | |||
What is SQL | 00:06:00 | ||
Dangers of SQL Injections | 00:03:00 | ||
SQL Injection Vulnerabilities - SQLi In Login Pages | |||
Discovering SQL Injections In POST | 00:08:00 | ||
Bypassing Logins Using SQL Injection Vulnerability | 00:05:00 | ||
Bypassing More Secure Logins Using SQL Injections | 00:06:00 | ||
[Security] Preventing SQL Injections In Login Pages | 00:08:00 | ||
SQL Injection Vulnerabilities - Extracting Data From The Database | |||
Discovering SQL Injections in GET | 00:07:00 | ||
Reading Database Information | 00:05:00 | ||
Finding Database Tables | 00:04:00 | ||
Extracting Sensitive Data Such As Passwords | 00:04:00 | ||
SQL Injection Vulnerabilities - Advanced Exploitation | |||
Discovering & Exploiting Blind SQL Injections | 00:06:00 | ||
Discovering a More Complicated SQL Injection | 00:07:00 | ||
Extracting Data (passwords) By Exploiting a More Difficult SQL Injection | 00:05:00 | ||
Bypassing Filters | 00:05:00 | ||
Bypassing Security & Accessing All Records | 00:09:00 | ||
[Security] Quick Fix To Prevent SQL Injections | 00:07:00 | ||
Reading & Writing Files On The Server Using SQL Injection Vulnerability | 00:06:00 | ||
Getting A Reverse Shell Access & Gaining Full Control Over The Target Web Server | 00:08:00 | ||
Discovering SQL Injections & Extracting Data Using SQLmap | 00:07:00 | ||
[Security] – The Right Way To Prevent SQL Injection | 00:05:00 | ||
XSS Vulnerabilities | |||
Introduction – What is XSS or Cross Site Scripting? | 00:03:00 | ||
Discovering Basic Reflected XSS | 00:04:00 | ||
Discovering Advanced Reflected XSS | 00:05:00 | ||
Discovering An Even More Advanced Reflected XSS | 00:07:00 | ||
Discovering Stored XSS | 00:03:00 | ||
Discovering Advanced Stored XSS | 00:04:00 | ||
XSS Vulnerabilities - Exploitation | |||
Hooking Victims To BeEF Using Reflected XSS | 00:06:00 | ||
Hooking Victims To BeEF Using Stored XSS | 00:04:00 | ||
BeEF – Interacting With Hooked Victims | 00:04:00 | ||
BeEF – Running Basic Commands On Victims | 00:04:00 | ||
BeEF – Stealing Credentials/Passwords Using A Fake Login Prompt | 00:02:00 | ||
Bonus – Installing Veil 3.1 | 00:06:00 | ||
Bonus – Veil Overview & Payloads Basics | 00:07:00 | ||
Bonus – Generating An Undetectable Backdoor Using Veil 3 | 00:10:00 | ||
Bonus – Listening For Incoming Connections | 00:07:00 | ||
Bonus – Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10 | 00:07:00 | ||
BeEF – Gaining Full Control Over Windows Target | 00:04:00 | ||
[Security] Fixing XSS Vulnerabilities | 00:07:00 | ||
Insecure Session Management | |||
Logging In As Admin Without a Password By Manipulating Cookies | 00:06:00 | ||
Discovering Cross Site Request Forgery Vulnerabilities (CSRF) | 00:07:00 | ||
Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File | 00:07:00 | ||
Exploiting CSRF Vulnerabilities To Change Admin Password Using Link (Preview) | 00:06:00 | ||
[Security] The Right Way To Prevent CSRF Vulnerabilities | 00:09:00 | ||
Brute Force & Dictionary Attacks | |||
What Are Brute Force & Dictionary Attacks? | 00:04:00 | ||
Creating a Wordlist | 00:07:00 | ||
Launching a Wordlist Attack & Guessing Login Password Using Hydra | 00:14:00 | ||
Discovering Vulnerabilities Automatically Using Owasp ZAP | |||
Scanning Target Website For Vulnerabilities | 00:04:00 | ||
Analysing Scan Results | 00:04:00 | ||
Post Exploitation | |||
Post Exploitation Introduction | 00:04:00 | ||
Interacting With The Reverse Shell Access Obtained In Previous Lectures | 00:07:00 | ||
Escalating Reverse Shell Access To Weevely Shell | 00:08:00 | ||
Weevely Basics – Accessing Other Websites, Running Shell Commands …etc | 00:07:00 | ||
Bypassing Limited Privileges & Executing Shell Commands | 00:05:00 | ||
Downloading Files From Target Webserver | 00:05:00 | ||
Uploading Files To Target Webserver | 00:08:00 | ||
Getting a Reverse Connection From Weevely | 00:08:00 | ||
Accessing The Database | 00:09:00 |
Certificate of Achievement
Learners will get an certificate of achievement directly at their doorstep after successfully completing the course!
It should also be noted that international students must pay £10 for shipping cost.
CPD Accredited Certification
Upon successfully completing the course, you will be qualified for CPD Accredited Certificate. Certification is available –
- PDF Certificate £7.99
- Hard Copy Certificate £14.99
Related Courses
Course Info
- IT & Software
- PRIVATE
- 1 year
- Intermediate
- Number of Units92
- Number of Quizzes0
- 9 hours, 17 minutes
Recent Courses
LangChain in Action: Develop LLM-Powered Applications
Overview Educational accomplishments and income are closely correlated. Education and skill with endorsed certificates from credible and renowned authorities typically …
- IT & Software
- Technology
LangChain on Azure – Building Scalable LLM Applications
Overview Educational accomplishments and income are closely correlated. Education and skill with endorsed certificates from credible and renowned authorities typically …
- IT & Software
- Technology