Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Certified Web Penetration Tester
1.INTRODUCTION
Introduction (2:13)
2.SETUP PENETRATION TESTING LAB
1.Lab Overview_Software Needed (3:25)
2.The-Lab
3.Installing Kali 2018 On A Virtual Machine (8:31)
4. Installing Metasploitable As a Virtual Machine (4:10)
5.Installing Windows As a Virtual Machine (3:21)
3.LINUX BASICS
1.Basic Overview Of Kali Linux (5:10)
2.The Linux Terminal_Basic Linux Commands (11:21)
3.Configuring Metasploitable_Lab Network Settings (5:37)
4.WEBSITE BASICS
1.What is a Website (4:13)
2.Intro-what-is-a-website
3.How To Hack a Website (5:31)
5.INFORMATION GATHERING
1.Gathering Information Using Whois Lookup (4:41)
2.Discovering Technologies Used On The Website (6:03)
3.Gathering Comprehensive DNS Information (5:57)
4.Discovering Websites On The Same Server (3:43)
5.Discovering Subdomains (5:05)
6.Discovering Sensitive Files (7:25)
7.Analysing Discovered Files (7:25)
8.Maltego - Discovering Servers_Domains_Files (7:42)
9.Maltego - Discovering Websites_ Hosting Provider _ Emails (4:49)
6.FILE UPLOAD VULNERABILITIES
1.What are they And How To Discover _ Exploit Basic File Upload Vulnerabilities (6:43)
2.HTTP Requests - GET_POST (4:13)
3.Intercepting HTTP Requests (6:44)
4.Exploiting Advanced File Upload Vulnerabilities (4:37)
5.Exploiting More Advanced File Upload Vulnerabilities (4:22)
6.Security Fixing File Upload Vulnerabilities (6:21)
7.CODE EXECUTION VULNERABILITIES
1.What are they and How To Discover _ Exploit Basic Code Execution Vulnerabilities (7:25)
2.Exploiting Advanced Code Execution Vulnerabilities (6:06)
3.Fixing Code Execution Vulnerabilities (5:47)
8.LOCAL FILE INCLUSION VULNERABILITIES
1.What are they And How To Discover _ Exploit Them (5:49)
2.Gaining Shell Access From LFI Vulnerabilities - Method 1 (7:10)
3.Gaining Shell Access From LFI Vulnerabilities - Method 2 (10:37)
9.REMOTE FILE INCLUSION VULNERABILITIES
1.Remote File Inclusion Vulnerabilities - Configuring PHP Settings (3:45)
2.Remote File Inclusion Vulnerabilities - Discovery_Exploitation (5:44)
3.Exploiting Advanced Remote File Inclusion Vulnerabilities (2:49)
4.Fixing File Inclusion Vulnerabilities (5:54)
10.SQL INJECTION VULNERABILITIES
2.Dangers of SQL Injections (2:53)
1.What is SQL (5:48)
11.SQL INJECTION VULNERABILITIES - SQLI IN LOGIN PAGES
1.Discovering SQL Injections In POST (2:53)
2.Bypassing Logins Using SQL Injection Vulnerability (4:48)
3.Bypassing More Secure Logins Using SQL Injections (4:48)
4.Preventing SQL Injections In Login Pages (7:43)
12.SQL INJECTION VULNERABILITIES - EXTRACTING DATA FROM THE DATABASE
1.Discovering SQL Injections in GET (7:01)
2.Reading Database Information (5:26)
3.Finding Database Tables (3:33)
4.Extracting Sensitive Data Such As Passwords (4:29)
13.SQL INJECTION VULNERABILITIES - ADVANCED EXPLOITATION
1.Discovering_Exploiting Blind SQL Injections (5:53)
2.Discovering a More Complicated SQL Injection (7:21)
3.Extracting Data _passwords_ By Exploiting a More Difficult SQL Injection (4:47)
4.Bypassing Filters (4:48)
5.Quick Fix To Prevent SQL Injections (6:43)
6. Reading_Writing Files On The Server Using SQL Injection Vulnerability (5:57)
7.Getting A Reverse Shell Access _Gaining Full Control Over The Target Web Server (8:26)
8.Discovering SQL Injections _ Extracting Data Using SQLmap (6:47)
9.Getting a Direct SQL Shell using SQLmap (2:57)
10.The Right Way To Prevent SQL Injection (4:58)
14.XSS VULNERABILITIES
1.Introduction - What is XSS or Cross Site Scripting (3:09)
2.Discovering Advanced Reflected XSS (4:34)
3.Discovering An Even More Advanced Reflected XSS (7:04)
4.Discovering Stored XSS (2:56)
5.Discovering Advanced Stored XSS (3:36)
15.XSS VULNERABILITIES - EXPLOITATION
1.Hooking Victims To BeEF Using Reflected XSS (5:41)
2.Hooking Victims To BeEF Using Stored XSS (4:09)
3.BeEF - Interacting With Hooked Victims (4:09)
4.BeEF - Running Basic Commands On Victims (4:24)
5.BeEF - Stealing Credentials_Passwords Using A Fake Login Prompt (2:17)
6.Bonus - Installing Veil 3.1 (6:20)
7.Bonus - Veil Overview _Payloads Basics (7:20)
8.Bonus - Generating An Undetectable Backdoor Using Veil 3 (9:44)
9.Bonus - Listening For Incoming Connections (7:18)
10.Bonus - Using A Basic Delivery Method To Test The Backdoor_Hack Windows 10 (7:12)
11.BeEF - Gaining Full Control Over Windows Target (3:39)
12.Fixing XSS Vulnerabilities (7:17)
16.INSECURE SESSION MANAGEMENT
1.Logging In As Admin Without a Password By Manipulating Cookies (6:05)
2.Discovering Cross Site Request Forgery Vulnerabilities_CSRF (6:46)
3.Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File (7:00)
4.Exploiting CSRF Vulnerabilities To Change Admin Password Using Link (5:40)
5.The Right Way To Prevent CSRF Vulnerabilities (5:40)
17.BRUTE FORCE & DICTIONARY ATTACKS
1.What Are Brute Force_Dictionary Attacks (3:44)
2.Creating a Wordlist (6:35)
3.Launching a Wordlist Attack_Guessing Login Password Using Hydra (13:32)
19.POST EXPLOITATION
1.Post Exploitation Introduction (3:58)
2.Interacting With The Reverse Shell Access Obtained In Previous Lectures (6:59)
3.Escalating Reverse Shell Access To Weevely Shell (7:52)
4.Weevely Basics - Accessing Other Websites_Running Shell Commands (6:32)
5.Bypassing Limited Privileges _ Executing Shell Commands (4:53)
6.Downloading Files From Target Webserver (4:39)
7.Uploading Files To Target Webserver (7:52)
8.Getting a Reverse Connection From Weevely (7:46)
9.Accessing The Database (8:53)
10.Discovering Basic Reflected XSS (3:46)
Teach online with
6.Downloading Files From Target Webserver
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock