• Home
  • Hacking & Security
    • Network Hacking
    • Web Hacking
    • Social Engineering
    • Kali Linux
    Submit An Article
  • Courses
    • All Courses
    • Course Bundles
    • FAQ

    Popular Courses

    Network Hacking Continued – Intermediate to Advanced

    Network Hacking Continued – Intermediate to Advanced
  • Shop
  • Services
    Penetration Testing
    Consulting
    Code Review
    One on one Training
    Online Courses
    VPN
  • Blog

      • Cart

        0
    Got a question?
    [email protected]
    RegisterLogin
    zSecurityzSecurity
    • Home
    • Hacking & Security
      • Network Hacking
      • Web Hacking
      • Social Engineering
      • Kali Linux
      Submit An Article
    • Courses
      • All Courses
      • Course Bundles
      • FAQ

      Popular Courses

      Network Hacking Continued – Intermediate to Advanced

      Network Hacking Continued – Intermediate to Advanced
    • Shop
    • Services
      Penetration Testing
      Consulting
      Code Review
      One on one Training
      Online Courses
      VPN
    • Blog

        • Cart

          0
      • Home
      • All courses
      • Ethical Hacking
      • Website Hacking / Penetration Testing & Bug Bounty Hunting
      CoursesEthical HackingWebsite Hacking / Penetration Testing & Bug Bounty Hunting

      • Intro 1

        • Lecture1.1
          Course Introduction 02 min

      • Preparation - Creating a Penetration Testing Lab 4

        • Lecture2.1
          Lab Overview & Needed Software 08 min
        • Lecture2.2
          Installing Kali 2020 As a Virtual Machine 11 min
        • Lecture2.3
          Installing Metasploitable As a Virtual Machine 04 min
        • Lecture2.4
          Installing Windows As a Virtual Machine 03 min

      • Preparation - Linux Basics 3

        • Lecture3.1
          Basic Overview Of Kali Linux 05 min
        • Lecture3.2
          The Linux Terminal & Basic Linux Commands 09 min
        • Lecture3.3
          Configuring Metasploitable & Lab Network Settings 05 min

      • Website Basics 2

        • Lecture4.1
          What Is a Website? 04 min
        • Lecture4.2
          How To Hack a Website? 05 min

      • Information Gathering 9

        • Lecture5.1
          Gathering Information Using Whois Lookup 05 min
        • Lecture5.2
          Discovering Technologies Used On The Website 06 min
        • Lecture5.3
          Gathering Comprehensive DNS Information 10 min
        • Lecture5.4
          Discovering Websites On The Same Server 04 min
        • Lecture5.5
          Discovering Subdomains 05 min
        • Lecture5.6
          Discovering Sensitive Files 07 min
        • Lecture5.7
          Analyzing Discovered Files 04 min
        • Lecture5.8
          Maltego – Discovering Servers, Domains & Files 08 min
        • Lecture5.9
          Maltego – Discovering Websites, Hosting Provider & Emails 05 min

      • File Upload Vulnerabilities 6

        • Lecture6.1
          How To Discover & Exploit Basic File Upload Vulnerabilities to Hack Websites 07 min
        • Lecture6.2
          HTTP Requests – GET & POST 04 min
        • Lecture6.3
          Intercepting HTTP Requests 07 min
        • Lecture6.4
          Exploiting Advanced File Upload Vulnerabilities To Hack Websites 04 min
        • Lecture6.5
          Exploiting More Advanced File Upload Vulnerabilities 04 min
        • Lecture6.6
          [Security] Fixing File Upload Vulnerabilities 06 min

      • Code Execution Vulnerabilities 3

        • Lecture7.1
          How To Discover & Exploit Basic Code Execution Vulnerabilities To Hack Websites 07 min
        • Lecture7.2
          Exploiting Advanced Code Execution Vulnerabilities 06 min
        • Lecture7.3
          [Security] – Fixing Code Execution Vulnerabilities 06 min

      • Local File Inclusion Vulnerabilities (LFI) 3

        • Lecture8.1
          What are they? And How To Discover & Exploit Them 06 min
        • Lecture8.2
          Gaining Shell Access From LFI Vulnerabilities – Method 1 07 min
        • Lecture8.3
          Gaining Shell Access From LFI Vulnerabilities – Method 2 10 min

      • Remote File Inclusion Vulnerabilities (RFI) 4

        • Lecture9.1
          Remote File Inclusion Vulnerabilities – Configuring PHP Settings 04 min
        • Lecture9.2
          Remote File Inclusion Vulnerabilities – Discovery & Exploitation 06 min
        • Lecture9.3
          Exploiting Advanced Remote File Inclusion Vulnerabilities To Hack Websites 03 min
        • Lecture9.4
          [Security] Fixing File Inclusion Vulnerabilities 06 min

      • SQL Injection Vulnerabilities 2

        • Lecture10.1
          What is SQL 06 min
        • Lecture10.2
          Dangers of SQL Injections 03 min

      • SQL Injection Vulnerabilities - SQLi In Login Pages 4

        • Lecture11.1
          Discovering SQL Injections In POST 08 min
        • Lecture11.2
          Bypassing Logins Using SQL Injection Vulnerability 05 min
        • Lecture11.3
          Bypassing More Secure Logins Using SQL Injections 06 min
        • Lecture11.4
          [Security] Preventing SQL Injections In Login Pages 08 min

      • SQL injection Vulnerabilities - Extracting Data From The Database 4

        • Lecture12.1
          Discovering SQL Injections in GET 07 min
        • Lecture12.2
          Reading Database Information 05 min
        • Lecture12.3
          Finding Database Tables 03 min
        • Lecture12.4
          Extracting Sensitive Data Such As Passwords 04 min

      • SQL injection Vulnerabilities - Advanced Exploitation 11

        • Lecture13.1
          Discovering & Exploiting Blind SQL Injections 06 min
        • Lecture13.2
          Discovering Complex SQL Injection Vulnerabilities 07 min
        • Lecture13.3
          Exploiting an advanced SQL Injection Vulnerability to Extract Passwords 05 min
        • Lecture13.4
          Bypassing Filters 05 min
        • Lecture13.5
          Bypassing Security & Accessing All Records 08 min
        • Lecture13.6
          [Security] Quick Fix To Prevent SQL Injections 07 min
        • Lecture13.7
          Reading & Writing Files On The Server Using SQL Injection 06 min
        • Lecture13.8
          Getting A Shell & Controlling The Target Server Using an SQL Injection 08 min
        • Lecture13.9
          Discovering SQL Injections & Extracting Data Using SQLmap 07 min
        • Lecture13.10
          Getting a Direct SQL Shell using SQLmap 03 min
        • Lecture13.11
          [Security] – The Right Way To Prevent SQL Injection Vulnerabilities 05 min

      • XSS Vulnerabilities 6

        • Lecture14.1
          Introduction – What is XSS or Cross Site Scripting? 03 min
        • Lecture14.2
          Discovering Basic Reflected XSS 04 min
        • Lecture14.3
          Discovering Advanced Reflected XSS 04 min
        • Lecture14.4
          Discovering An Even More Advanced Reflected XSS 07 min
        • Lecture14.5
          Discovering Stored XSS 03 min
        • Lecture14.6
          Discovering Advanced Stored XSS 03 min

      • XSS Vulnerabilities - Exploitation 12

        • Lecture15.1
          Hooking Victims To BeEF Using Reflected XSS 06 min
        • Lecture15.2
          Hooking Victims To BeEF Using Stored XSS 04 min
        • Lecture15.3
          Interacting With Hooked Victims 04 min
        • Lecture15.4
          Running Basic Commands On Victims 04 min
        • Lecture15.5
          Stealing Credentials/Passwords Using A Fake Login Prompt 02 min
        • Lecture15.6
          Bonus – Installing Veil Framework 06 min
        • Lecture15.7
          Bonus – Veil Overview & Payloads Basics 07 min
        • Lecture15.8
          Bonus – Generating An Undetectable Backdoor Using Veil 3 10 min
        • Lecture15.9
          Bonus – Listening For Incoming Connections 07 min
        • Lecture15.10
          Bonus – Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10 07 min
        • Lecture15.11
          BeEF – Gaining Full Control Over Windows Target 04 min
        • Lecture15.12
          [Security] Fixing XSS Vulnerabilities 07 min

      • Insecure Session Management 5

        • Lecture16.1
          Logging In As Admin Without a Password By Manipulating Cookies 06 min
        • Lecture16.2
          Discovering Cross Site Request Forgery Vulnerabilities (CSRF) 07 min
        • Lecture16.3
          Exploiting CSRF To Change Admin Password Using a HTML File 07 min
        • Lecture16.4
          Exploiting CSRF Vulnerabilities To Change Admin Password Using Link 06 min
        • Lecture16.5
          [Security] The Right Way To Prevent CSRF Vulnerabilities 09 min

      • Brute Force & Dictionary Attacks 3

        • Lecture17.1
          Introduction to Brute Force & Dictionary Attacks? 04 min
        • Lecture17.2
          Creating a Wordlist 06 min
        • Lecture17.3
          Guessing Login Password Using a Wordlist Attack With Hydra 13 min

      • Discovering Vulnerabilities Automatically Using Owasp ZAP 2

        • Lecture18.1
          Scanning Target Website For Vulnerabilities 04 min
        • Lecture18.2
          Analysing Scan Results 04 min

      • Post Exploitation 9

        • Lecture19.1
          Post Exploitation Introduction 04 min
        • Lecture19.2
          Executing System Commands On Hacked Web Servers 07 min
        • Lecture19.3
          Escalating Reverse Shell Access To Weevely Shell 08 min
        • Lecture19.4
          Weevely Basics – Accessing Other Websites, Running Shell Commands …etc 06 min
        • Lecture19.5
          Bypassing Limited Privileges & Executing Shell Commands 05 min
        • Lecture19.6
          Downloading Files From Target Webserver 05 min
        • Lecture19.7
          Uploading Files To Target Webserver 08 min
        • Lecture19.8
          Getting a Reverse Connection From Weevely 08 min
        • Lecture19.9
          Accessing The Database 09 min

        Post Exploitation Introduction

        https://zsecurity.org/wp-content/uploads/2017/11/post-exploitaion-intro.mp4

         

        In this lecture we will talk about what you will learn in this section and show you where we will start from.

         

        Resources:

        Post-Exploitation.pdf

        Prev Analysing Scan Results
        Next Executing System Commands On Hacked Web Servers

        Company

        • About Us
        • Contact

        Support

        • FAQ
        • Forums

        Copyright © 2020 zSecurity Ltd. All rights reserved.

        • Privacy
        • Terms

        Contribute

        Share your knowledge with the world

        SUBMIT AN ARTICLE

        Login with your site account

        Lost your password?

        Not a member yet? Register now

        Register a new account

        Are you a member? Login now

        We reduced the prices of our courses to $29 in an effort to help you come out of this lockdown period with something useful! Go to Courses Dismiss
        Privacy & Cookies Policy

        Privacy Overview

        This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
        Necessary Always Enabled

        Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

        Non-necessary

        Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.