-
Intro 1
-
Course IntroductionLecture1.1
-
-
Preparation - Creating a Penetration Testing Lab 6
-
Lab OverviewLecture2.106 min
-
Initial PreparationLecture2.209 min
-
Installing Kali Linux as a VM on WindowsLecture2.309 min
-
Installing Kali Linux as a VM on Apple Mac OSLecture2.410 min
-
Installing Kali Linux as a VM on LinuxLecture2.511 min
-
Installing Metasploitable As a Virtual MachineLecture2.604 min
-
-
Preparation - Linux Basics 3
-
Basic Overview Of Kali LinuxLecture3.105 min
-
The Linux Terminal & Basic Linux CommandsLecture3.213 min
-
Configuring MetasploitableLecture3.304 min
-
-
Website Basics 2
-
What Is a Website?Lecture4.104 min
-
How To Hack a Website?Lecture4.205 min
-
-
Information Gathering 9
-
Gathering Information Using Whois LookupLecture5.105 min
-
Discovering Technologies Used On The WebsiteLecture5.206 min
-
Gathering Comprehensive DNS InformationLecture5.310 min
-
Discovering Websites On The Same ServerLecture5.404 min
-
Discovering SubdomainsLecture5.504 min
-
Discovering Sensitive FilesLecture5.607 min
-
Analyzing Discovered FilesLecture5.704 min
-
Maltego – Discovering Servers, Domains & FilesLecture5.808 min
-
Maltego – Discovering Websites, Hosting Provider & EmailsLecture5.9
-
-
File Upload Vulnerabilities 6
-
How To Discover & Exploit Basic File Upload Vulnerabilities to Hack WebsitesLecture6.107 min
-
GET & POST RequestsLecture6.2
-
Intercepting RequestsLecture6.308 min
-
Exploiting Advanced File Upload Vulnerabilities To Hack WebsitesLecture6.4
-
Exploiting More Advanced File Upload VulnerabilitiesLecture6.506 min
-
[Security] Fixing File Upload VulnerabilitiesLecture6.606 min
-
-
Code Execution Vulnerabilities 3
-
How To Discover & Exploit Basic Code Execution Vulnerabilities To Hack WebsitesLecture7.107 min
-
Exploiting Advanced Code Execution VulnerabilitiesLecture7.206 min
-
[Security] – Fixing Code Execution VulnerabilitiesLecture7.306 min
-
-
Local File Inclusion Vulnerabilities (LFI) 3
-
What are they? And How To Discover & Exploit ThemLecture8.106 min
-
Gaining Shell Access From LFI Vulnerabilities – Method 1Lecture8.2
-
Gaining Shell Access From LFI Vulnerabilities – Method 2Lecture8.310 min
-
-
Remote File Inclusion Vulnerabilities (RFI) 4
-
Remote File Inclusion Vulnerabilities – Configuring PHP SettingsLecture9.104 min
-
Remote File Inclusion Vulnerabilities – Discovery & ExploitationLecture9.206 min
-
Exploiting Advanced Remote File Inclusion Vulnerabilities To Hack WebsitesLecture9.303 min
-
[Security] Fixing File Inclusion VulnerabilitiesLecture9.406 min
-
-
SQL Injection Vulnerabilities 2
-
What is SQLLecture10.106 min
-
Dangers of SQL InjectionsLecture10.203 min
-
-
SQL Injection Vulnerabilities - SQLi In Login Pages 4
-
Discovering SQL Injections In POSTLecture11.108 min
-
Bypassing Logins Using SQL Injection VulnerabilityLecture11.205 min
-
Bypassing More Secure Logins Using SQL InjectionsLecture11.306 min
-
[Security] Preventing SQL Injections In Login PagesLecture11.408 min
-
-
SQL injection Vulnerabilities - Extracting Data From The Database 4
-
Discovering SQL Injections in GETLecture12.107 min
-
Reading Database InformationLecture12.205 min
-
Finding Database TablesLecture12.303 min
-
Extracting Sensitive Data Such As PasswordsLecture12.404 min
-
-
SQL injection Vulnerabilities - Advanced Exploitation 11
-
Discovering & Exploiting Blind SQL InjectionsLecture13.1
-
Discovering Complex SQL Injection VulnerabilitiesLecture13.207 min
-
Exploiting an advanced SQL Injection Vulnerability to Extract PasswordsLecture13.305 min
-
Bypassing FiltersLecture13.405 min
-
Bypassing Security & Accessing All RecordsLecture13.508 min
-
[Security] Quick Fix To Prevent SQL InjectionsLecture13.6
-
Reading & Writing Files On The Server Using SQL InjectionLecture13.706 min
-
Getting A Shell & Controlling The Target Server Using an SQL InjectionLecture13.808 min
-
Discovering SQL Injections & Extracting Data Using SQLmapLecture13.907 min
-
Getting a Direct SQL Shell using SQLmapLecture13.1003 min
-
[Security] – The Right Way To Prevent SQL Injection VulnerabilitiesLecture13.1105 min
-
-
XSS Vulnerabilities 6
-
Introduction – What is XSS or Cross Site Scripting?Lecture14.103 min
-
Discovering Basic Reflected XSSLecture14.204 min
-
Discovering Advanced Reflected XSSLecture14.304 min
-
Discovering An Even More Advanced Reflected XSSLecture14.407 min
-
Discovering Stored XSSLecture14.503 min
-
Discovering Advanced Stored XSSLecture14.603 min
-
-
XSS Vulnerabilities - Exploitation 14
-
Installing Windows As a Virtual MachineLecture15.1
-
Installing Windows as a Virtual Machine on Apple Silicon ComputersLecture15.2
-
Hooking Victims To BeEF Using Reflected XSSLecture15.306 min
-
Hooking Victims To BeEF Using Stored XSSLecture15.404 min
-
Interacting With Hooked VictimsLecture15.504 min
-
Running Basic Commands On VictimsLecture15.604 min
-
Stealing Credentials/Passwords Using A Fake Login PromptLecture15.702 min
-
Bonus – Installing Veil FrameworkLecture15.804 min
-
Bonus – Veil Overview & Payloads BasicsLecture15.907 min
-
Bonus – Generating An Undetectable Backdoor Using Veil 3Lecture15.1010 min
-
Bonus – Listening For Incoming ConnectionsLecture15.1107 min
-
Bonus – Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10Lecture15.1207 min
-
BeEF – Gaining Full Control Over Windows TargetLecture15.1304 min
-
[Security] Fixing XSS VulnerabilitiesLecture15.1407 min
-
-
Insecure Session Management 5
-
Logging In As Admin Without a Password By Manipulating CookiesLecture16.106 min
-
Discovering Cross Site Request Forgery Vulnerabilities (CSRF)Lecture16.207 min
-
Exploiting CSRF To Change Admin Password Using a HTML FileLecture16.307 min
-
Exploiting CSRF Vulnerabilities To Change Admin Password Using LinkLecture16.4
-
[Security] The Right Way To Prevent CSRF VulnerabilitiesLecture16.509 min
-
-
Brute Force & Dictionary Attacks 3
-
Introduction to Brute Force & Dictionary Attacks?Lecture17.104 min
-
Creating a WordlistLecture17.206 min
-
Guessing Login Password Using a Wordlist Attack With HydraLecture17.313 min
-
-
Discovering Vulnerabilities Automatically Using Owasp ZAP 2
-
Scanning Target Website For VulnerabilitiesLecture18.104 min
-
Analysing Scan ResultsLecture18.204 min
-
-
Post Exploitation 12
-
Post Exploitation IntroductionLecture19.1
-
Executing System Commands On Hacked Web ServersLecture19.207 min
-
Escalating Reverse Shell Access To Weevely ShellLecture19.308 min
-
Weevely Basics – Accessing Other Websites, Running Shell Commands …etcLecture19.406 min
-
Bypassing Limited Privileges & Executing Shell CommandsLecture19.5
-
Downloading Files From Target WebserverLecture19.605 min
-
Uploading Files To Target WebserverLecture19.708 min
-
Getting a Reverse Connection From WeevelyLecture19.808 min
-
Accessing The DatabaseLecture19.909 min
-
ConclusionLecture19.1005 min
-
Writing a Pentest ReportLecture19.1114 min
-
4 Ways to Secure Websites & AppsLecture19.1209 min
-
-
Bonus Section 1
-
Bonus Lecture – What’s Next?Lecture20.1
-
Exploiting Advanced File Upload Vulnerabilities To Hack Websites
Now that we know how to intercept HTTP requests, in this lecture you will learn how to exploit a more secure file upload vulnerability and gain full control over the target web server.
