Curriculum
-
Intro
-
Preparation - Creating a Penetration Testing Lab
-
Preparation - Linux Basics
-
Website Basics
-
Information Gathering
- Gathering Information Using Whois Lookup
- Discovering Technologies Used On The Website
- Gathering Comprehensive DNS Information
- Discovering Websites On The Same Server
- Discovering Subdomains
- Discovering Sensitive Files
- Analyzing Discovered Files
- Maltego – Discovering Servers, Domains & Files
- Maltego – Discovering Websites, Hosting Provider & Emails
-
File Upload Vulnerabilities
-
Code Execution Vulnerabilities
-
Local File Inclusion Vulnerabilities (LFI)
-
Remote File Inclusion Vulnerabilities (RFI)
-
SQL Injection Vulnerabilities
-
SQL Injection Vulnerabilities - SQLi In Login Pages
-
SQL injection Vulnerabilities - Extracting Data From The Database
-
SQL injection Vulnerabilities - Advanced Exploitation
- Discovering & Exploiting Blind SQL Injections
- Discovering Complex SQL Injection Vulnerabilities
- Exploiting an advanced SQL Injection Vulnerability to Extract Passwords
- Bypassing Filters
- Bypassing Security & Accessing All Records
- [Security] Quick Fix To Prevent SQL Injections
- Reading & Writing Files On The Server Using SQL Injection
- Getting A Shell & Controlling The Target Server Using an SQL Injection
- Discovering SQL Injections & Extracting Data Using SQLmap
- Getting a Direct SQL Shell using SQLmap
- [Security] – The Right Way To Prevent SQL Injection Vulnerabilities
-
XSS Vulnerabilities
-
XSS Vulnerabilities - Exploitation
- Installing Windows As a Virtual Machine
- Installing Windows as a Virtual Machine on Apple Silicon Computers
- Hooking Victims To BeEF Using Reflected XSS
- Hooking Victims To BeEF Using Stored XSS
- Interacting With Hooked Targets
- Running Basic Commands On Victims
- Stealing Credentials/Passwords Using A Fake Login Prompt
- Bonus – Installing Veil Framework
- Bonus – Veil Overview & Payloads Basics
- Bonus – Generating An Undetectable Backdoor Using Veil 3
- Bonus – Listening For Incoming Connections
- Bonus – Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10
- Gaining Full Control Over Windows Target
- [Security] Fixing XSS Vulnerabilities
-
Insecure Session Management
- Logging In As Admin Without a Password By Manipulating Cookies
- Discovering Cross Site Request Forgery Vulnerabilities (CSRF)
- Exploiting CSRF To Change Admin Password Using a HTML File
- Exploiting CSRF Vulnerabilities To Change Admin Password Using Link
- [Security] The Right Way To Prevent CSRF Vulnerabilities
-
Brute Force & Dictionary Attacks
-
Discovering Vulnerabilities Automatically Using Owasp ZAP
-
Post Exploitation
- Post Exploitation Introduction
- Executing System Commands On Hacked Web Servers
- Escalating Reverse Shell Access To Weevely Shell
- Weevely Basics – Accessing Other Websites, Running Shell Commands …etc
- Bypassing Limited Privileges & Executing Shell Commands
- Downloading Files From Target Webserver
- Uploading Files To Target Webserver
- Getting a Reverse Connection From Weevely
- Accessing The Database
- Conclusion
- Writing a Pentest Report
- 4 Ways to Secure Websites & Apps
-
Bonus Section
-
Dustin Foster
Great easy to follow along with Zaid. Very informative but not so much that you get overwhelmed. I feel many teachers will throw so much at a student that they feel as if they can’t do it and quit. Zaid is excellent for beginners & for anyone just needing to refresh’s on a topic. Highly recommend worth every penny. -
Ulises Violante
Zaid is a great teacher, and the course is very well thought. Despite the fact I have more than 20 years working on IT, I´ve learned many things with Zaid and sometimes is really amazing how easy it could hack a website.