-
Intro 1
-
Course IntroductionLecture1.1
-
-
Preparation - Creating a Penetration Testing Lab 6
-
Lab OverviewLecture2.106 min
-
Initial PreparationLecture2.209 min
-
Installing Kali Linux as a VM on WindowsLecture2.309 min
-
Installing Kali Linux as a VM on Apple Mac OSLecture2.410 min
-
Installing Kali Linux as a VM on LinuxLecture2.511 min
-
Installing Metasploitable As a Virtual MachineLecture2.604 min
-
-
Preparation - Linux Basics 3
-
Basic Overview Of Kali LinuxLecture3.105 min
-
The Linux Terminal & Basic Linux CommandsLecture3.213 min
-
Configuring MetasploitableLecture3.304 min
-
-
Website Basics 2
-
What Is a Website?Lecture4.104 min
-
How To Hack a Website?Lecture4.205 min
-
-
Information Gathering 9
-
Gathering Information Using Whois LookupLecture5.105 min
-
Discovering Technologies Used On The WebsiteLecture5.206 min
-
Gathering Comprehensive DNS InformationLecture5.310 min
-
Discovering Websites On The Same ServerLecture5.404 min
-
Discovering SubdomainsLecture5.504 min
-
Discovering Sensitive FilesLecture5.607 min
-
Analyzing Discovered FilesLecture5.704 min
-
Maltego – Discovering Servers, Domains & FilesLecture5.808 min
-
Maltego – Discovering Websites, Hosting Provider & EmailsLecture5.9
-
-
File Upload Vulnerabilities 6
-
How To Discover & Exploit Basic File Upload Vulnerabilities to Hack WebsitesLecture6.107 min
-
GET & POST RequestsLecture6.2
-
Intercepting RequestsLecture6.308 min
-
Exploiting Advanced File Upload Vulnerabilities To Hack WebsitesLecture6.4
-
Exploiting More Advanced File Upload VulnerabilitiesLecture6.506 min
-
[Security] Fixing File Upload VulnerabilitiesLecture6.606 min
-
-
Code Execution Vulnerabilities 3
-
How To Discover & Exploit Basic Code Execution Vulnerabilities To Hack WebsitesLecture7.107 min
-
Exploiting Advanced Code Execution VulnerabilitiesLecture7.206 min
-
[Security] – Fixing Code Execution VulnerabilitiesLecture7.306 min
-
-
Local File Inclusion Vulnerabilities (LFI) 3
-
What are they? And How To Discover & Exploit ThemLecture8.106 min
-
Gaining Shell Access From LFI Vulnerabilities – Method 1Lecture8.2
-
Gaining Shell Access From LFI Vulnerabilities – Method 2Lecture8.310 min
-
-
Remote File Inclusion Vulnerabilities (RFI) 4
-
Remote File Inclusion Vulnerabilities – Configuring PHP SettingsLecture9.104 min
-
Remote File Inclusion Vulnerabilities – Discovery & ExploitationLecture9.206 min
-
Exploiting Advanced Remote File Inclusion Vulnerabilities To Hack WebsitesLecture9.303 min
-
[Security] Fixing File Inclusion VulnerabilitiesLecture9.406 min
-
-
SQL Injection Vulnerabilities 2
-
What is SQLLecture10.106 min
-
Dangers of SQL InjectionsLecture10.203 min
-
-
SQL Injection Vulnerabilities - SQLi In Login Pages 4
-
Discovering SQL Injections In POSTLecture11.108 min
-
Bypassing Logins Using SQL Injection VulnerabilityLecture11.205 min
-
Bypassing More Secure Logins Using SQL InjectionsLecture11.306 min
-
[Security] Preventing SQL Injections In Login PagesLecture11.408 min
-
-
SQL injection Vulnerabilities - Extracting Data From The Database 4
-
Discovering SQL Injections in GETLecture12.107 min
-
Reading Database InformationLecture12.205 min
-
Finding Database TablesLecture12.303 min
-
Extracting Sensitive Data Such As PasswordsLecture12.404 min
-
-
SQL injection Vulnerabilities - Advanced Exploitation 11
-
Discovering & Exploiting Blind SQL InjectionsLecture13.1
-
Discovering Complex SQL Injection VulnerabilitiesLecture13.207 min
-
Exploiting an advanced SQL Injection Vulnerability to Extract PasswordsLecture13.305 min
-
Bypassing FiltersLecture13.405 min
-
Bypassing Security & Accessing All RecordsLecture13.508 min
-
[Security] Quick Fix To Prevent SQL InjectionsLecture13.6
-
Reading & Writing Files On The Server Using SQL InjectionLecture13.706 min
-
Getting A Shell & Controlling The Target Server Using an SQL InjectionLecture13.808 min
-
Discovering SQL Injections & Extracting Data Using SQLmapLecture13.907 min
-
Getting a Direct SQL Shell using SQLmapLecture13.1003 min
-
[Security] – The Right Way To Prevent SQL Injection VulnerabilitiesLecture13.1105 min
-
-
XSS Vulnerabilities 6
-
Introduction – What is XSS or Cross Site Scripting?Lecture14.103 min
-
Discovering Basic Reflected XSSLecture14.204 min
-
Discovering Advanced Reflected XSSLecture14.304 min
-
Discovering An Even More Advanced Reflected XSSLecture14.407 min
-
Discovering Stored XSSLecture14.503 min
-
Discovering Advanced Stored XSSLecture14.603 min
-
-
XSS Vulnerabilities - Exploitation 14
-
Installing Windows As a Virtual MachineLecture15.1
-
Installing Windows as a Virtual Machine on Apple Silicon ComputersLecture15.2
-
Hooking Victims To BeEF Using Reflected XSSLecture15.306 min
-
Hooking Victims To BeEF Using Stored XSSLecture15.404 min
-
Interacting With Hooked VictimsLecture15.504 min
-
Running Basic Commands On VictimsLecture15.604 min
-
Stealing Credentials/Passwords Using A Fake Login PromptLecture15.702 min
-
Bonus – Installing Veil FrameworkLecture15.804 min
-
Bonus – Veil Overview & Payloads BasicsLecture15.907 min
-
Bonus – Generating An Undetectable Backdoor Using Veil 3Lecture15.1010 min
-
Bonus – Listening For Incoming ConnectionsLecture15.1107 min
-
Bonus – Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10Lecture15.1207 min
-
BeEF – Gaining Full Control Over Windows TargetLecture15.1304 min
-
[Security] Fixing XSS VulnerabilitiesLecture15.1407 min
-
-
Insecure Session Management 5
-
Logging In As Admin Without a Password By Manipulating CookiesLecture16.106 min
-
Discovering Cross Site Request Forgery Vulnerabilities (CSRF)Lecture16.207 min
-
Exploiting CSRF To Change Admin Password Using a HTML FileLecture16.307 min
-
Exploiting CSRF Vulnerabilities To Change Admin Password Using LinkLecture16.4
-
[Security] The Right Way To Prevent CSRF VulnerabilitiesLecture16.509 min
-
-
Brute Force & Dictionary Attacks 3
-
Introduction to Brute Force & Dictionary Attacks?Lecture17.104 min
-
Creating a WordlistLecture17.206 min
-
Guessing Login Password Using a Wordlist Attack With HydraLecture17.313 min
-
-
Discovering Vulnerabilities Automatically Using Owasp ZAP 2
-
Scanning Target Website For VulnerabilitiesLecture18.104 min
-
Analysing Scan ResultsLecture18.204 min
-
-
Post Exploitation 12
-
Post Exploitation IntroductionLecture19.1
-
Executing System Commands On Hacked Web ServersLecture19.207 min
-
Escalating Reverse Shell Access To Weevely ShellLecture19.308 min
-
Weevely Basics – Accessing Other Websites, Running Shell Commands …etcLecture19.406 min
-
Bypassing Limited Privileges & Executing Shell CommandsLecture19.5
-
Downloading Files From Target WebserverLecture19.605 min
-
Uploading Files To Target WebserverLecture19.708 min
-
Getting a Reverse Connection From WeevelyLecture19.808 min
-
Accessing The DatabaseLecture19.909 min
-
ConclusionLecture19.1005 min
-
Writing a Pentest ReportLecture19.1114 min
-
4 Ways to Secure Websites & AppsLecture19.1209 min
-
-
Bonus Section 1
-
Bonus Lecture – What’s Next?Lecture20.1
-
Maltego – Discovering Websites, Hosting Provider & Emails
In this lecture we will dive deeper into Maltego, you will learn how to discover more info about the target such as admin’s email, hosting company, servers and lay out this information nicely.
