About This Course
Course Curriculum
-
Course Introduction00:02:00
-
Lab Overview & Needed Software00:08:00
-
Installing Kali 2019 As a Virtual Machine Using a Ready Image00:10:00
-
Installing Kali 2019 As a Virtual Machine00:10:00
-
Installing Metasploitable As a Virtual Machine00:04:00
-
Basic Overview of Kali Linux00:05:00
-
The Linux Terminal & Basic Linux Commands00:11:00
-
Configuring Metasploitable & Lab Network Settings00:06:00
-
What is a Website?00:04:00
-
How To Hack a Website?00:04:00
-
Gathering Information Using Whois Lookup00:05:00
-
Discovering Technologies Used On The Website00:06:00
-
Gathering Comprehensive DNS Information00:10:00
-
Discovering Websites On The Same Server00:04:00
-
Discovering Subdomains00:05:00
-
Discovering Sensitive Files00:07:00
-
Analysing Discovered Files00:04:00
-
Maltego – Discovering Servers, Domains & Files00:08:00
-
Maltego – Discovering Websites, Hosting Provider & Emails00:05:00
-
What are they? And How To Discover & Exploit Basic File Upload Vulnerabilities00:07:00
-
HTTP Requests – GET & POST00:04:00
-
Intercepting HTTP Requests00:07:00
-
Exploiting Advanced File Upload Vulnerabilities00:05:00
-
Exploiting More Advanced File Upload Vulnerabilities00:04:00
-
[Security] Fixing File Upload Vulnerabilities00:06:00
-
What are they? & How To Discover & Exploit Basic Code Execution Vulnerabilities00:07:00
-
Exploiting Advanced Code Execution Vulnerabilities00:06:00
-
[Security] – Fixing Code Execution Vulnerabilities00:06:00
-
What are they? And How To Discover & Exploit Them00:06:00
-
Gaining Shell Access From LFI Vulnerabilities – Method 100:07:00
-
Gaining Shell Access From LFI Vulnerabilities – Method 200:11:00
-
Remote File Inclusion Vulnerabilities – Configuring PHP Settings00:04:00
-
Remote File Inclusion Vulnerabilities – Discovery & Exploitation00:06:00
-
Exploiting Advanced Remote File Inclusion Vulnerabilities00:03:00
-
[Security] Fixing File Inclusion Vulnerabilities00:06:00
-
What is SQL00:06:00
-
Dangers of SQL Injections00:03:00
-
Discovering SQL Injections In POST00:08:00
-
Bypassing Logins Using SQL Injection Vulnerability00:05:00
-
Bypassing More Secure Logins Using SQL Injections00:06:00
-
[Security] Preventing SQL Injections In Login Pages00:08:00
-
Discovering SQL Injections in GET00:07:00
-
Reading Database Information00:05:00
-
Finding Database Tables00:04:00
-
Extracting Sensitive Data Such As Passwords00:04:00
-
Discovering & Exploiting Blind SQL Injections00:06:00
-
Discovering a More Complicated SQL Injection00:07:00
-
Extracting Data (passwords) By Exploiting a More Difficult SQL Injection00:05:00
-
Bypassing Filters00:05:00
-
Bypassing Security & Accessing All Records00:09:00
-
[Security] Quick Fix To Prevent SQL Injections00:07:00
-
Reading & Writing Files On The Server Using SQL Injection Vulnerability00:06:00
-
Getting A Reverse Shell Access & Gaining Full Control Over The Target Web Server00:08:00
-
Discovering SQL Injections & Extracting Data Using SQLmap00:07:00
-
[Security] – The Right Way To Prevent SQL Injection00:05:00
-
Introduction – What is XSS or Cross Site Scripting?00:03:00
-
Discovering Basic Reflected XSS00:04:00
-
Discovering Advanced Reflected XSS00:05:00
-
Discovering An Even More Advanced Reflected XSS00:07:00
-
Discovering Stored XSS00:03:00
-
Discovering Advanced Stored XSS00:04:00
-
Hooking Victims To BeEF Using Reflected XSS00:06:00
-
Hooking Victims To BeEF Using Stored XSS00:04:00
-
BeEF – Interacting With Hooked Victims00:04:00
-
BeEF – Running Basic Commands On Victims00:04:00
-
BeEF – Stealing Credentials/Passwords Using A Fake Login Prompt00:02:00
-
Bonus – Installing Veil 3.100:06:00
-
Bonus – Veil Overview & Payloads Basics00:07:00
-
Bonus – Generating An Undetectable Backdoor Using Veil 300:10:00
-
Bonus – Listening For Incoming Connections00:07:00
-
Bonus – Using A Basic Delivery Method To Test The Backdoor & Hack Windows 1000:07:00
-
BeEF – Gaining Full Control Over Windows Target00:04:00
-
[Security] Fixing XSS Vulnerabilities00:07:00
-
Logging In As Admin Without a Password By Manipulating Cookies00:06:00
-
Discovering Cross Site Request Forgery Vulnerabilities (CSRF)00:07:00
-
Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File00:07:00
-
Exploiting CSRF Vulnerabilities To Change Admin Password Using Link (Preview)00:06:00
-
[Security] The Right Way To Prevent CSRF Vulnerabilities00:09:00
-
What Are Brute Force & Dictionary Attacks?00:04:00
-
Creating a Wordlist00:07:00
-
Launching a Wordlist Attack & Guessing Login Password Using Hydra00:14:00
-
Scanning Target Website For Vulnerabilities00:04:00
-
Analysing Scan Results00:04:00
-
Post Exploitation Introduction00:04:00
-
Interacting With The Reverse Shell Access Obtained In Previous Lectures00:07:00
-
Escalating Reverse Shell Access To Weevely Shell00:08:00
-
Weevely Basics – Accessing Other Websites, Running Shell Commands …etc00:07:00
-
Bypassing Limited Privileges & Executing Shell Commands00:05:00
-
Downloading Files From Target Webserver00:05:00
-
Uploading Files To Target Webserver00:08:00
-
Getting a Reverse Connection From Weevely00:08:00
-
Accessing The Database00:09:00