Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Ethical Hacking & Penetration Testing with Metasploit
Welcome to Ethical Hacking and White Hat Hackers World
Do You Have Any Idea About "Penetration Testing"? (2:13)
Let's Learn Penetration Test Types (0:28)
Security Audits (4:41)
Vulnerability Scan (2:45)
Basic Terminologies (3:07)
Penetration Test Approaches (2:44)
Planning a Penetration Test (4:23)
Penetration Test Phases (7:00)
Legal Issues & Testing Standards (4:18)
Create Lab VirtualBOX
Download and Install VirtualBOX (2:02)
Download and Install Kali Linux -VirtualBox (7:36)
Download and Install Kali Linux Image File (2:40)
Download and add Metasploitable Image File (2:40)
OWASP Image File-2 Download and Add VirtualBOX (4:21)
Why We Still Use Windows 7
Windows 7 Download For Mac Users
Windows 7 Add VirtualBox (1:47)
Create Nat Network and Connections Test with VirtualBox (7:32)
Create Lab VmWare
VmWare Download and Install (1:49)
Kali Linux Install VMWare (5:39)
Kali Image File Add VmWare (2:02)
Metasploitable Add VmWare (2:15)
Owasp Add VmWare (2:12)
Win7 add VmWare (1:59)
Create Nat Network and Connections Test with VmWare (6:12)
Basic Networking
Content (1:07)
What is “Protocol” (5:36)
Reference Models (0:24)
OSI Reference Model (13:43)
OSI vs TCP/IP (2:32)
Demonstration using Wireshark (7:59)
Standards & Protocols (3:50)
Ethernet: Principles, Frame & Headers (4:06)
ARP ( Address Resolution Protocol ) : Mechanism, ARP Tables, ARP Packets (6:10)
ARP Hand-On Practices (3:14)
VLANs – Virtual Local Area Networks (4:03)
WLANs – Wireless Local Area Networks (7:01)
Introduction to Network Layer (1:37)
Internet Protocol - IP (2:49)
IPv4 Adressing System (1:56)
IPv4 Packet Header (2:56)
IPv4 Subnetting: Classful Networks (2:35)
IPv4 Subnetting: Subnet Mask (2:59)
IPv4 Subnetting: Understanding (3:09)
IPv4 Shortage (1:41)
Private Networks (3:59)
Private Networks - Demonstration (3:01)
NAT – Network Address Translation (4:30)
IPv6, Packet Header & Addressing (8:30)
DHCP - How the Mechanism Works (9:23)
ICMP – Internet Control Message Protocol (2:02)
Traceroute (9:50)
Introduction to Transport Layer (2:40)
TCP – Transmission Control Protocol (6:59)
TCP Header (2:27)
UDP – User Datagram Protocol (3:56)
Introduction to Application Layer (0:55)
DNS – Domain Name System (5:56)
HTTP ( Hyper Text Transfer Protocol ) (3:09)
HTTPS (1:56)
Reconnaissance
Introduction (5:24)
Using Search Engines & Google Hacking to Gather Information (3:36)
Search Engine Tools: SiteDigger and SearchDiggity (3:59)
Shodan (2:49)
Gathering Information About the People (2:52)
Web Archives (1:53)
FOCA Fingerprinting Organisations with Collected Archives (7:41)
The Harvester & Recon-NG (3:22)
Maltego - Visual Link Analysis Tool (4:38)
Network Scan & Network Attacks
Passive Scan - ARP Tables (6:20)
Passive Scan - Wireshark (6:36)
Wireshark: Following Stream (2:40)
Wireshark: Summarise Network (6:19)
Active Scan (8:30)
MitM: Listening to the traffic (1:45)
Sniffing (1:03)
TCPDump (5:23)
Router, Switch, Hub (4:44)
How to Expand Sniffing Space? (5:13)
MAC Flood: Switching (3:55)
MAC Flood: Using Macof Tool (7:09)
MacFlood - Countermeasures (1:13)
ARP Spoof (3:40)
ARP Cache Poisoning using Ettercap (10:35)
DHCP Starvation & DHCP Spoofing (3:36)
DHCP Mechanism (6:15)
DHCP Starvation - Scenario (3:59)
DHCP Starvation Demonstration with Yersinia (8:33)
VLAN Hopping (2:04)
VLAN Hopping: Switch Spoofing (1:39)
VLAN Hopping: Double Tagging (3:17)
Nmap
What is Nmap? (3:44)
What is Subnet? (4:15)
Interpretation of Nmap Results (2:04)
Scanning Specific IPs or Specific Targets With Nmap (1:57)
Nmap IP List Creation (4:07)
Nmap Random Scan and Exclude Ips (4:17)
Print the Nmap Results to the File (6:23)
What is Port? Nmap Port Scan (3:34)
Scanning Top 20, Top 100 Ports With Nmap (4:43)
Scanning Specific Ports With Nmap (6:00)
Nmap Syn Scanning (3:20)
Nmap TCP Scan (2:46)
Namp UDP Scan (4:12)
Nmap ACK Scan (1:53)
Nmap Fin-Xmas-Null Scan (3:26)
Nmap Fast Scan (1:12)
Nmap Open Ports Scan (1:23)
Nmap No PORT Scan (2:15)
Nmap PING and noPING Scan (3:19)
Nmap Verbose Command (2:14)
Nmap With Service and Version Detection (3:52)
Nmap Operating System Detection (2:30)
Nmap Timing Templates (3:36)
Bypass of IPS & IDS Systems With Nmap (10:57)
Nmap Script Engine (NSE) (10:59)
Nmap Script Engine Example - 1 (2:53)
Nmap Script Engine Example - 2 (0:58)
Writing an NSE Script (9:52)
Vulnerability Scan
Introduction to Vulnerability Scan (9:19)
Introduction to Nessus (1:57)
Downloading Nessus (1:46)
Installing Nessus (3:44)
Creating Policy (5:39)
Scanning (7:06)
Reporting (2:20)
Lab Exercise - 2 (2:47)
An Aggressive Scan with Nessus: Start (4:23)
An Aggressive Scan with Nessus: Results (7:17)
An Aggressive Scan with Nessus: Results with Windows Targets (2:45)
Exploitation
Exploitation Terminologies (6:13)
Exploit Databases (1:56)
Manual Exploitation (5:39)
Exploitation Frameworks (3:36)
Evolution of Metasploit (4:18)
Metasploit Filesystem and Libraries (4:31)
The Architecture of MSF (1:43)
Auxiliary Modules (4:36)
Payload Modules (6:00)
Exploit Modules (3:33)
Encoder Modules (2:35)
Post Modules (3:24)
Metasploit Editions (4:02)
Metasploit Community (3:08)
Metasploit Interfaces (4:50)
Armitage (3:16)
MSFconsole (4:53)
MSFConsole Basic Commands 1 (6:44)
MSFConsole Basic Commands 2 (7:59)
MSFConsole Basic Commands 3 (3:32)
Using Databases in MSF 1 (5:42)
Using Databases in MSF 2 (3:14)
More on Exploits in MSF (3:14)
What is Enumeration? (2:03)
Nmap Integration and Port Scanning (6:17)
SMB and Samba Enumeration (5:40)
MySQL Enumeration (3:40)
FTP Enumeration (4:15)
SSH Enumeration (2:30)
HTTP Enumeration (6:02)
SNMP Enumeration (3:43)
MTP Enumeration (3:49)
Using Shodan with MSF (4:58)
Post-Exploitation
Metasploit as Exploitation Tool (1:52)
Distributed Ruby Remote Code Execution (drb_remote_codeexec) (3:14)
PHP CGI Argument Injection (php_cgi_arg_injection) (3:08)
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption (3:55)
Java JMX Server Insecure Configuration Java Code Execution (java_jmx_server) (3:03)
Elastic Search Dynamic Script Arbitrary Java Execution (script_mvel_rce) (3:11)
Sun/Oracle GlassFish Server Authenticated Code Execution (glassfish_deployer) (5:38)
Jenkins-CI Script-Console Java Execution (jenkins_script_console) (5:42)
WinRM Script Exec Remote Code Execution (winrm_script_exec) (4:00)
HTTP Writable Path PUT/DELETE File Access (http_put) (5:00)
Exploiting Poorly Configured MySQL Service (3:08)
Axis2 / SAP Business Objects Authenticated Code Execution via SOAP (4:44)
Using Allports Payload (6:17)
Using Resource Files (6:39)
Post-Exploitation Meterpreter (2:18)
Meterpreter (3:00)
Basic Meterpreter Commands 1 (6:10)
Basic Meterpreter Commands 2 (3:33)
Basic Meterpreter Commands 3 (4:46)
Post-Exploitation (3:28)
What is “Persistence” (1:28)
Meterpreter’s Persistence module (8:55)
Removing the Backdoor (5:00)
Running Meterpreter’s Persistence Module on Windows 8 (2:56)
Next Generation Persistence: Step 1 (4:40)
Next Generation Persistence: Step 2 (4:32)
Meterpreter for Post - Exploitation (1:37)
Meterpreter Core Commands (1:45)
Meterpreter Core Extension - Session Command (2:31)
Meterpreter Core Extension - Migrate Command (3:34)
Meterpreter Core Extension - Channel Command (2:43)
Meterpreter Stdapi Extension (1:05)
Meterpreter Stdapi Extension - File System Commands (5:19)
Meterpreter Stdapi Extension - System Commands (4:13)
Meterpreter Stdapi Extension - User Interface & Webcam Commands (4:08)
Meterpreter Incognito Extension (3:26)
Meterpreter Mimikatz Extension (3:53)
Metasploit Post-Exploitation Modules (2:01)
Gathering Modules (1:21)
Managing Modules (6:51)
Enabling Remote Desktop (5:22)
Searching for Critical Information (5:48)
Packet Sniffing (6:22)
Pivoting (10:02)
Port Forwarding (7:45)
Meterpreter Scripts (4:25)
Meterpreter Python / Powershell Extension (8:06)
Maintaining Access (1:58)
Interacting with the Registry (6:37)
Keylogging (7:04)
Antivirus Evasion and Cleaning (2:46)
MSFvenom (7:06)
MSFVenom (4:12)
MSFVenom Using Encoders Using Custom Executable Template (5:31)
Using Custom Payload Generators (8:33)
Cleaning Events and Security Management Logs (3:35)
Deceiving File System Using Timestomp (6:06)
Creating Malicious Files
Creating Malware and Terminologies (3:36)
MSFvenom Part 1 (14:08)
MSFvenom Part 2 (2:25)
Veil Installation (2:36)
Veil in Action (5:12)
TheFatRat Installation (4:19)
TheFatRat in Action (11:07)
TheFatRat: Overcoming a Problem (0:46)
Embedding Malware in PDF (4:04)
Embedding Malware in WORD (9:21)
Embedding Malware in Firefox Add-on (7:02)
Empire Installation (4:07)
Empire in Action Part 1 (8:12)
Empire in Action Part 2 (4:23)
Exploiting Java Vulnerabilities (2:24)
Social Engineering Toolkit (6:33)
Sending Fake Emails - Phishing (1:11)
Vishing - Voice Phishing (3:03)
Password Cracking
Pass the Hash: Hack Even There is No Vulnerability (4:00)
Pass the Hash: Preparation (3:50)
Pass the Hash: Gathering Some Hashes (2:15)
Pass the Hash: Try Other Assets (10:25)
Collecting Sensitive Data in Post-Exploitation Phase (6:52)
Collecting Sensitive Data - Some Real World Examples (1:40)
Introduction to Password Cracking (3:06)
Password Hashes of Windows Systems (3:30)
Password Hashes of Linux Systems (2:33)
Classification of Password Cracking (2:12)
Password Cracking Tools (0:08)
Hydra to Crack a Web App's Password (10:01)
Introduction to Cain and Abel (1:01)
Cain for Offline Cracking - Step 1: Importing Hash Files (2:39)
Cain for Offline Cracking - Step 2: Gathering Hash Dumps (4:40)
Cain for Offline Cracking - Step 3: Importing Hash Dumps into Cain (4:31)
Cain for Offline Cracking - Step 4: A Dictionary Attack (4:19)
Cain for Offline Cracking - Step 5: A Brute Force Attack (3:32)
John the Ripper (7:28)
Web Hacking
Current Issues of Web Security (8:52)
Principles of Testing (5:28)
Types of Security Testing (9:43)
Guidelines for Application Security (5:57)
Laws and Ethic (2:52)
Requirements and Overview of Lab (3:54)
Installing VMware Workstation Player (7:32)
Installing Vulnerable Virtual Machine: BeeBox (8:03)
Connectivity and Snapshots (7:17)
Modern Technology Stack (3:05)
Client-Server Architecture (3:54)
Running a Web Application (2:17)
Core Technologies: Web Browsers (9:47)
Core Technologies: URL (3:05)
Core Technologies: HTML (4:37)
Core Technologies: CSS (2:18)
Core Technologies: DOM (4:07)
Core Technologies: JavaScript (3:26)
Core Technologies: HTTP (16:43)
Core Technologies: HTTPS and Digital Certificates (6:33)
Core Technologies: Session State and Cookies (3:34)
Video_271 (2:33)
Video_272 (7:53)
Video_273 (9:37)
Video_274 (3:11)
Video_275 (3:31)
Video_276 (4:19)
Video_277 (6:07)
Detect Applications on The Same Service (1:09)
Ports and Services on The Web Server (8:44)
Review Technology/Architecture Information (4:36)
Extracting Directory Structure: Crawling (8:16)
Minimum Information Principle (2:55)
Using Search Engines: Google Hacking (6:10)
Definition (2:37)
Creating a Password List: Crunch (7:31)
Differece Between HTTP and HTTPS Traffic: Wireshark (3:43)
Attacking Insecure Login Mechanisms (9:12)
Attacking Insecure Logout Mechanisms (4:50)
Attacking Improper Password Recovery Mechanisms (5:50)
Attacking Insecure CAPTCHA Implementations (8:39)
Path Traversal: Directory (6:43)
Path Traversal: File (5:41)
Introduction to File Inclusion Vulnerabilities (6:23)
Local File Inclusion Vulnerabilities (6:11)
Remote File Inclusion Vulnerabilities (5:51)
Http Only Cookies (7:15)
Secure Cookies (3:48)
Session ID Related Issues (1:57)
Session Fixation (5:37)
Introduction Cross-Site Request Forgery (7:08)
Stealing and Bypassing AntiCSRF Tokens (7:59)
Definition (3:02)
Reflected Cross-Site Scripting Attacks (9:42)
Reflected Cross-Site Scripting over JSON (6:24)
Stored Cross-Site Scripting Attacks (9:56)
DOM Based Cross-Site Scripting Attacks (10:04)
Inband SQL Injection over a Search Form (14:24)
Inband SQL Injection over a Select Form (8:22)
Error-Based SQL Injection over a Login Form
SQL Injection over Insert Statement (7:07)
Boolean Based Blind SQL Injection (6:53)
Time Based Blind SQL Injection (5:34)
Detecting and Exploiting SQL Injection with SQLmap (11:30)
Detecting and Exploiting Error Based SQL Injection with SQLmap (5:10)
Detecting and Exploiting Boolean and Time Based Blind SQL Injection with SQLmap (8:02)
Command Injection Introduction (5:35)
Automate Command Injection Attacks: Commix (5:43)
XML/XPATH Injection (14:07)
SMTP Mail Header Injection (6:51)
PHP Code Injection (6:00)
Heartbleed Attack (6:29)
Attacking HTML5 Insecure Local Storage (4:58)
Druppal SQL Injection: Drupageddon (CVE-2014-3704) (7:49)
SQLite Manager: File Inclusion (CVE-2007-1232) (4:52)
SQLite Manager: PHP Remote Code Injection (2:55)
SQLite Manager: XSS (CVE-2012-5105) (6:44)
Bypassing Cross Origin Resource Sharing (9:04)
XML External Entity Attack (8:02)
Attacking Unrestricted File Upload Mechanisms (7:05)
Server-Side Request Forgery (6:35)
Attacking Insecure Logout Mechanisms
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock