This course was created with the
course builder. Create your online course today.
Start now
Create your course
with
Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Certified Web Penetration Tester
1.INTRODUCTION
Introduction (2:13)
2.SETUP PENETRATION TESTING LAB
1.Lab Overview_Software Needed (3:25)
2.The-Lab
3.Installing Kali 2018 On A Virtual Machine (8:31)
4. Installing Metasploitable As a Virtual Machine (4:10)
5.Installing Windows As a Virtual Machine (3:21)
3.LINUX BASICS
1.Basic Overview Of Kali Linux (5:10)
2.The Linux Terminal_Basic Linux Commands (11:21)
3.Configuring Metasploitable_Lab Network Settings (5:37)
4.WEBSITE BASICS
1.What is a Website (4:13)
2.Intro-what-is-a-website
3.How To Hack a Website (5:31)
5.INFORMATION GATHERING
1.Gathering Information Using Whois Lookup (4:41)
2.Discovering Technologies Used On The Website (6:03)
3.Gathering Comprehensive DNS Information (5:57)
4.Discovering Websites On The Same Server (3:43)
5.Discovering Subdomains (5:05)
6.Discovering Sensitive Files (7:25)
7.Analysing Discovered Files (7:25)
8.Maltego - Discovering Servers_Domains_Files (7:42)
9.Maltego - Discovering Websites_ Hosting Provider _ Emails (4:49)
6.FILE UPLOAD VULNERABILITIES
1.What are they And How To Discover _ Exploit Basic File Upload Vulnerabilities (6:43)
2.HTTP Requests - GET_POST (4:13)
3.Intercepting HTTP Requests (6:44)
4.Exploiting Advanced File Upload Vulnerabilities (4:37)
5.Exploiting More Advanced File Upload Vulnerabilities (4:22)
6.Security Fixing File Upload Vulnerabilities (6:21)
7.CODE EXECUTION VULNERABILITIES
1.What are they and How To Discover _ Exploit Basic Code Execution Vulnerabilities (7:25)
2.Exploiting Advanced Code Execution Vulnerabilities (6:06)
3.Fixing Code Execution Vulnerabilities (5:47)
8.LOCAL FILE INCLUSION VULNERABILITIES
1.What are they And How To Discover _ Exploit Them (5:49)
2.Gaining Shell Access From LFI Vulnerabilities - Method 1 (7:10)
3.Gaining Shell Access From LFI Vulnerabilities - Method 2 (10:37)
9.REMOTE FILE INCLUSION VULNERABILITIES
1.Remote File Inclusion Vulnerabilities - Configuring PHP Settings (3:45)
2.Remote File Inclusion Vulnerabilities - Discovery_Exploitation (5:44)
3.Exploiting Advanced Remote File Inclusion Vulnerabilities (2:49)
4.Fixing File Inclusion Vulnerabilities (5:54)
10.SQL INJECTION VULNERABILITIES
2.Dangers of SQL Injections (2:53)
1.What is SQL (5:48)
11.SQL INJECTION VULNERABILITIES - SQLI IN LOGIN PAGES
1.Discovering SQL Injections In POST (2:53)
2.Bypassing Logins Using SQL Injection Vulnerability (4:48)
3.Bypassing More Secure Logins Using SQL Injections (4:48)
4.Preventing SQL Injections In Login Pages (7:43)
12.SQL INJECTION VULNERABILITIES - EXTRACTING DATA FROM THE DATABASE
1.Discovering SQL Injections in GET (7:01)
2.Reading Database Information (5:26)
3.Finding Database Tables (3:33)
4.Extracting Sensitive Data Such As Passwords (4:29)
13.SQL INJECTION VULNERABILITIES - ADVANCED EXPLOITATION
1.Discovering_Exploiting Blind SQL Injections (5:53)
2.Discovering a More Complicated SQL Injection (7:21)
3.Extracting Data _passwords_ By Exploiting a More Difficult SQL Injection (4:47)
4.Bypassing Filters (4:48)
5.Quick Fix To Prevent SQL Injections (6:43)
6. Reading_Writing Files On The Server Using SQL Injection Vulnerability (5:57)
7.Getting A Reverse Shell Access _Gaining Full Control Over The Target Web Server (8:26)
8.Discovering SQL Injections _ Extracting Data Using SQLmap (6:47)
9.Getting a Direct SQL Shell using SQLmap (2:57)
10.The Right Way To Prevent SQL Injection (4:58)
14.XSS VULNERABILITIES
1.Introduction - What is XSS or Cross Site Scripting (3:09)
2.Discovering Advanced Reflected XSS (4:34)
3.Discovering An Even More Advanced Reflected XSS (7:04)
4.Discovering Stored XSS (2:56)
5.Discovering Advanced Stored XSS (3:36)
15.XSS VULNERABILITIES - EXPLOITATION
1.Hooking Victims To BeEF Using Reflected XSS (5:41)
2.Hooking Victims To BeEF Using Stored XSS (4:09)
3.BeEF - Interacting With Hooked Victims (4:09)
4.BeEF - Running Basic Commands On Victims (4:24)
5.BeEF - Stealing Credentials_Passwords Using A Fake Login Prompt (2:17)
6.Bonus - Installing Veil 3.1 (6:20)
7.Bonus - Veil Overview _Payloads Basics (7:20)
8.Bonus - Generating An Undetectable Backdoor Using Veil 3 (9:44)
9.Bonus - Listening For Incoming Connections (7:18)
10.Bonus - Using A Basic Delivery Method To Test The Backdoor_Hack Windows 10 (7:12)
11.BeEF - Gaining Full Control Over Windows Target (3:39)
12.Fixing XSS Vulnerabilities (7:17)
16.INSECURE SESSION MANAGEMENT
1.Logging In As Admin Without a Password By Manipulating Cookies (6:05)
2.Discovering Cross Site Request Forgery Vulnerabilities_CSRF (6:46)
3.Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File (7:00)
4.Exploiting CSRF Vulnerabilities To Change Admin Password Using Link (5:40)
5.The Right Way To Prevent CSRF Vulnerabilities (5:40)
17.BRUTE FORCE & DICTIONARY ATTACKS
1.What Are Brute Force_Dictionary Attacks (3:44)
2.Creating a Wordlist (6:35)
3.Launching a Wordlist Attack_Guessing Login Password Using Hydra (13:32)
19.POST EXPLOITATION
1.Post Exploitation Introduction (3:58)
2.Interacting With The Reverse Shell Access Obtained In Previous Lectures (6:59)
3.Escalating Reverse Shell Access To Weevely Shell (7:52)
4.Weevely Basics - Accessing Other Websites_Running Shell Commands (6:32)
5.Bypassing Limited Privileges _ Executing Shell Commands (4:53)
6.Downloading Files From Target Webserver (4:39)
7.Uploading Files To Target Webserver (7:52)
8.Getting a Reverse Connection From Weevely (7:46)
9.Accessing The Database (8:53)
10.Discovering Basic Reflected XSS (3:46)
3.Launching a Wordlist Attack_Guessing Login Password Using Hydra
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock