- Intro 1
- Course IntroductionLecture1.1
- Preparation - Creating a Penetration Testing Lab 6
- Lab OverviewLecture2.106 min
- Initial PreparationLecture2.209 min
- Installing Kali Linux as a VM on WindowsLecture2.309 min
- Installing Kali Linux as a VM on Apple Mac OSLecture2.410 min
- Installing Kali Linux as a VM on LinuxLecture2.511 min
- Installing Metasploitable As a Virtual MachineLecture2.604 min
- Preparation - Linux Basics 3
- Basic Overview Of Kali LinuxLecture3.105 min
- The Linux Terminal & Basic Linux CommandsLecture3.213 min
- Configuring MetasploitableLecture3.304 min
- Website Basics 2
- What Is a Website?Lecture4.104 min
- How To Hack a Website?Lecture4.205 min
- Information Gathering 9
- Gathering Information Using Whois LookupLecture5.105 min
- Discovering Technologies Used On The WebsiteLecture5.206 min
- Gathering Comprehensive DNS InformationLecture5.310 min
- Discovering Websites On The Same ServerLecture5.404 min
- Discovering SubdomainsLecture5.504 min
- Discovering Sensitive FilesLecture5.607 min
- Analyzing Discovered FilesLecture5.704 min
- Maltego – Discovering Servers, Domains & FilesLecture5.808 min
- Maltego – Discovering Websites, Hosting Provider & EmailsLecture5.9
- File Upload Vulnerabilities 6
- How To Discover & Exploit Basic File Upload Vulnerabilities to Hack WebsitesLecture6.107 min
- GET & POST RequestsLecture6.2
- Intercepting RequestsLecture6.308 min
- Exploiting Advanced File Upload Vulnerabilities To Hack WebsitesLecture6.4
- Exploiting More Advanced File Upload VulnerabilitiesLecture6.506 min
- [Security] Fixing File Upload VulnerabilitiesLecture6.606 min
- Code Execution Vulnerabilities 3
- How To Discover & Exploit Basic Code Execution Vulnerabilities To Hack WebsitesLecture7.107 min
- Exploiting Advanced Code Execution VulnerabilitiesLecture7.206 min
- [Security] – Fixing Code Execution VulnerabilitiesLecture7.306 min
- Local File Inclusion Vulnerabilities (LFI) 3
- What are they? And How To Discover & Exploit ThemLecture8.106 min
- Gaining Shell Access From LFI Vulnerabilities – Method 1Lecture8.2
- Gaining Shell Access From LFI Vulnerabilities – Method 2Lecture8.310 min
- Remote File Inclusion Vulnerabilities (RFI) 4
- Remote File Inclusion Vulnerabilities – Configuring PHP SettingsLecture9.104 min
- Remote File Inclusion Vulnerabilities – Discovery & ExploitationLecture9.206 min
- Exploiting Advanced Remote File Inclusion Vulnerabilities To Hack WebsitesLecture9.303 min
- [Security] Fixing File Inclusion VulnerabilitiesLecture9.406 min
- SQL Injection Vulnerabilities 2
- What is SQLLecture10.106 min
- Dangers of SQL InjectionsLecture10.203 min
- SQL Injection Vulnerabilities - SQLi In Login Pages 4
- Discovering SQL Injections In POSTLecture11.108 min
- Bypassing Logins Using SQL Injection VulnerabilityLecture11.205 min
- Bypassing More Secure Logins Using SQL InjectionsLecture11.306 min
- [Security] Preventing SQL Injections In Login PagesLecture11.408 min
- SQL injection Vulnerabilities - Extracting Data From The Database 4
- Discovering SQL Injections in GETLecture12.107 min
- Reading Database InformationLecture12.205 min
- Finding Database TablesLecture12.303 min
- Extracting Sensitive Data Such As PasswordsLecture12.404 min
- SQL injection Vulnerabilities - Advanced Exploitation 11
- Discovering & Exploiting Blind SQL InjectionsLecture13.1
- Discovering Complex SQL Injection VulnerabilitiesLecture13.207 min
- Exploiting an advanced SQL Injection Vulnerability to Extract PasswordsLecture13.305 min
- Bypassing FiltersLecture13.405 min
- Bypassing Security & Accessing All RecordsLecture13.508 min
- [Security] Quick Fix To Prevent SQL InjectionsLecture13.6
- Reading & Writing Files On The Server Using SQL InjectionLecture13.706 min
- Getting A Shell & Controlling The Target Server Using an SQL InjectionLecture13.808 min
- Discovering SQL Injections & Extracting Data Using SQLmapLecture13.907 min
- Getting a Direct SQL Shell using SQLmapLecture13.1003 min
- [Security] – The Right Way To Prevent SQL Injection VulnerabilitiesLecture13.1105 min
- XSS Vulnerabilities 6
- Introduction – What is XSS or Cross Site Scripting?Lecture14.103 min
- Discovering Basic Reflected XSSLecture14.204 min
- Discovering Advanced Reflected XSSLecture14.304 min
- Discovering An Even More Advanced Reflected XSSLecture14.407 min
- Discovering Stored XSSLecture14.503 min
- Discovering Advanced Stored XSSLecture14.603 min
- XSS Vulnerabilities - Exploitation 12
- Hooking Victims To BeEF Using Reflected XSSLecture15.106 min
- Hooking Victims To BeEF Using Stored XSSLecture15.204 min
- Interacting With Hooked VictimsLecture15.304 min
- Running Basic Commands On VictimsLecture15.404 min
- Stealing Credentials/Passwords Using A Fake Login PromptLecture15.502 min
- Bonus – Installing Veil FrameworkLecture15.604 min
- Bonus – Veil Overview & Payloads BasicsLecture15.707 min
- Bonus – Generating An Undetectable Backdoor Using Veil 3Lecture15.810 min
- Bonus – Listening For Incoming ConnectionsLecture15.907 min
- Bonus – Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10Lecture15.1007 min
- BeEF – Gaining Full Control Over Windows TargetLecture15.1104 min
- [Security] Fixing XSS VulnerabilitiesLecture15.1207 min
- Insecure Session Management 5
- Logging In As Admin Without a Password By Manipulating CookiesLecture16.106 min
- Discovering Cross Site Request Forgery Vulnerabilities (CSRF)Lecture16.207 min
- Exploiting CSRF To Change Admin Password Using a HTML FileLecture16.307 min
- Exploiting CSRF Vulnerabilities To Change Admin Password Using LinkLecture16.4
- [Security] The Right Way To Prevent CSRF VulnerabilitiesLecture16.509 min
- Brute Force & Dictionary Attacks 3
- Introduction to Brute Force & Dictionary Attacks?Lecture17.104 min
- Creating a WordlistLecture17.206 min
- Guessing Login Password Using a Wordlist Attack With HydraLecture17.313 min
- Discovering Vulnerabilities Automatically Using Owasp ZAP 2
- Scanning Target Website For VulnerabilitiesLecture18.104 min
- Analysing Scan ResultsLecture18.204 min
- Post Exploitation 12
- Post Exploitation IntroductionLecture19.1
- Executing System Commands On Hacked Web ServersLecture19.207 min
- Escalating Reverse Shell Access To Weevely ShellLecture19.308 min
- Weevely Basics – Accessing Other Websites, Running Shell Commands …etcLecture19.406 min
- Bypassing Limited Privileges & Executing Shell CommandsLecture19.5
- Downloading Files From Target WebserverLecture19.605 min
- Uploading Files To Target WebserverLecture19.708 min
- Getting a Reverse Connection From WeevelyLecture19.808 min
- Accessing The DatabaseLecture19.909 min
- ConclusionLecture19.1005 min
- Writing a Pentest ReportLecture19.1114 min
- 4 Ways to Secure Websites & AppsLecture19.1209 min
- Bonus Section 1
- Bonus Lecture – What’s Next?Lecture20.1
Exploiting Advanced File Upload Vulnerabilities To Hack Websites
Now that we know how to intercept HTTP requests, in this lecture you will learn how to exploit a more secure file upload vulnerability and gain full control over the target web server.
