The Course

  • Follow-along Video Walkthroughs

  • Virtual Machines, Websites & Exploits all supplied

  • 100+ Lecture Videos, No prior-knowledge required

Topics

  • Resources For You

    Six Virtual Machines have been built for you to hack as part of this course

  • Website Hacking

    SQL Injection, Cross-Site Scripting, File Inclusions, Command Injection & more

  • Vulnerability Scanning

    Web application & Infrastructure Vulnerability Scanning

  • Nmap

    The infamous network mapper: NMap

  • Metasploit

    Exploitation, Scanning, Meterpreter, MSFVenom & more

  • Password Cracking

    Windows & Linux Password Cracking

  • Buffer Overflow

    End to end stack-based buffer overflow walk through, from fuzzing to exploitation

  • Privilege Escalation

    Common Windows & Linux Privilege Escalation Techniques

  • & More

    Detailed course outline listed below

Pricing

Course Outline

  • 01
    Welcome
    Show Content
  • 02
    Resources / Virtual Machines Setup
    Show Content
    • Resources/Virtual Machines Download Link
    • 2 - Rescources Virtual Machines Setup
  • 03
    Background
    Show Content
    • 3 - Welcome Introduction
    • 4 - Fog of Law
    • 5 - What Is Penetration Testing
  • 04
    Bash, The Terminal & Scripting
    Show Content
  • 05
    Netcat
    Show Content
    • 11 - Netcat Introduction
    • 12 - Netcat Demo
  • 06
    Nmap
    Show Content
    • 13 - Nmap Introduction
    • 14 - Scanning with Nmap
  • 07
    Passive Reconnaissance
    Show Content
    • 15 - Passive Reconnaissance Email Enumeration
    • 16 - Passive Reconnaissance WHOIS Fingerprinting
    • 17 - Passive Reconnaissance Google Hacking
  • 08
    Active Reconnaissance
    Show Content
    • 18 - Active Reconnaissance DNS Enumeration
    • 19 - Active Reconnaissance Metadata
    • 20 - Active Reconnaissance Dirbuster
    • 21 - Active Reconnaissance Public Passwords
  • 09
    Security Vulnerabilities
    Show Content
    • 22 - Security Vulnerabilities
    • 23 - Vulnerabilities Heartbleed
    • 24 - Vulnerabilities Dirty COW 1
    • 25 - Vulnerabilities Dirty Cow 2
    • 26 - Vulnerabilities Shellshock
  • 10
    Vulnerability Scanning
    Show Content
    • 27 - Vulnerability Scanning Introduction
    • 28 - dirb
    • 29 - nikto
    • 30 - Arachni
    • 31 - WordPress Scanner
    • 32 - Nessus
  • 11
    Metasploit, Meterpreter & MSFVenom
    Show Content
    • 33 - Metasploit Introduction
    • 34 - Auxiliary Modules
    • 35 - Exploitation Modules
    • 36 - Meterpreter
    • 37 - Meterpreter POST Modules
    • 38 - Metasploit EternalBlue MS17010 Demo
    • 39 - Msfvenom
    • 40 - Msfvenom and Word Docs
    • 41 - Meterpreter Persistence
  • 12
    World Wide Web Overview
    Show Content
    • 42 - Web Crash Course Introduction
    • 43 - Web URI
    • 44 - Web HTTP
    • 45 - Web HTTP Security
    • 46 - HTML
    • 47 - HTML Char Referencing
    • 48 - HTML Forms
    • 49 - HTML States Cookies
  • 13
    SQL Injection
    Show Content
    • 50 - SQL Injection Introduction
    • 51 - My First SQLi
    • 52 - Out of the box SQLi
    • 53 - Other SQLi Attacks
    • 54 - SQLi Summary
    • 55 - SQLi Mitigations
    • 56 - Automating SQLi with SQLmap
  • 14
    Burpsuite
    Show Content
    • 57 - Burpsuite Introduction
  • 15
    XSS (Cross-Site Scripting)
    Show Content
    • 58 - XSS Cross-Site Scripting Introduction
    • 59 - What is XSS
    • 60 - Reflected XSS
    • 61 - Stored XSS and DOM
    • 62 - XSS Basic Demo
    • 63 - Session Hijacking
    • 64 - Session Fixation
    • 65 - XSS Practical Putting the attack in XSS
  • 16
    More Web Attacks
    Show Content
    • 66 - Local File Inclusion
    • 67 - Remote File Inclusion
    • 68 - HTML Injection
    • 69 - Taking HTML Injection Further
    • 70 - OS Command Injection
    • 71 - Automating OS Command Injection with Commix
    • 72 - Cross-Site Request Forgery
    • 73 - Direct Object Reference
  • 17
    Buffer Overflow
    Show Content
    • 74 - Buffer Overflow Introduction
    • 75 - Immunity Debugger
    • 76 - EIP Register
    • 77 - EIP Hunting
    • 78 - Controlling the EIP
    • 79 - ESP Register
    • 80 - Shellcode Sizing
    • 81 - Another road to ESP
    • 82 - The Mona Script
    • 83 - Mona Modules
    • 84 - Breakpoint Confirmation
    • 85 - Shellcode Generation
    • 86 - BOF Exploitation
  • 18
    Denial of Service
    Show Content
    • 87 - Denial of Service Introduction
    • 88 - Slowloris Rudy
    • 89 - Slow Read SYN Flood Nuke
    • 90 - ICMP Flood Shrew Phlashing LOIC
  • 19
    Password Cracking
    Show Content
    • 91 - Password Cracking Introduction
    • 92 - Hashes and Salts
    • 93 - Windows Hashes
    • 94 - Linux Hashes
    • 95 - Rainbowtable Dictionary Hybrid Attacks
    • 96 - Introduction to John-the-Ripper
    • 97 - Introducing Hashcat
    • 98 - Hashcat Rules
  • 20
    Bruteforcing
    Show Content
    • 99 - Bruteforcing with Hydra
  • 21
    Phishing
    Show Content
    • 100 - Phishing Introduction
    • 101 - Spear Phishing
    • 102 - Greed Phishing
    • 103 - Curiosity Phishing
    • 104 - Urgency Phishing
    • 105 - Authority Phishing
  • 22
    Linux Privilege Escalation
    Show Content
    • 106 - Linux Privilege Escalation Introduction
    • 107 - Restrictive Shell Breakout
    • 108 - Further Restrictive Shell Escaping
    • 109 - Enumeration
    • 110 - Kernel Exploitation
    • 111 - Root Process
    • 112 - Mining creds
    • 113 - Cronjob
    • 114 - Suid Exploitation
    • 115 - Linux Privilege Escalation Summary
  • 23
    Windows Privilege Escalation
    Show Content
    • 116 - Windows Privilege Escalation Introduction
    • 117 - Kernel Exploitation
    • 118 - Windows Services Introduction
    • 119 - Modifying Windows Services
    • 120 - Abusing FIle Permissions
    • 121 - Unquoted Service Paths
    • 122 - Registry Keys
    • 123 - Registry Passwords
    • 124 - Elevated Install
    • 125 - Mining Credentials
    • 126 - Windows Privilege Escalation Summary
  • 24
    Beyond This Course
    Show Content
    • 127 - Where To From Here