Setup Menus in Admin Panel

  • LOGIN
  • No products in the cart.

Course Name: Hands-on Complete Penetration Testing and Ethical Hacking (Sub ENG)

Descriptions

Course Curriculum

Section 1: Introduction
Introduction 00:00:00
Section 2: Setting Up the Laboratory
Content of the Section 00:00:00
Virtual Platforms 00:00:00
Set Up Kali Linux from the VMware Image – Step 1 00:00:00
Set Up Kali Linux from the VMware Image – Step 2 00:00:00
Set Up Kali Linux from the VMware Image – Step 3 00:00:00
Set Up Kali Linux from the ISO File – Step 1 00:00:00
Set Up Kali Linux from the ISO File – Step 2 00:00:00
Set Up Kali Linux from the ISO File – Step 3 00:00:00
Set Up a Victim Metasploitable Linux 00:00:00
Set Up a Victim OWASP Broken Web Applications 00:00:00
Set Up a Victim Windows Systems 00:00:00
Check the network Be sure if VMs can see each other 00:00:00
Section 3: Introduction to Penetration Test
Content of the Section 00:00:00
Definition of Penetration Test 00:00:00
Penetration Test Types 00:00:00
Security Audits 00:00:00
Vulnerability Scan 00:00:00
Basic Terminologies 00:00:00
Penetration Test Approaches 00:00:00
Planning a Penetration Test 00:00:00
Penetration Test Phases 00:00:00
Legal Issues & Testing Standards 00:00:00
Section 4: Network Scan
Introduction to Network Scan 00:00:00
Network Scan Types 00:00:00
Passive Scan with Wireshark 00:00:00
Passive Scan with ARP Tables 00:00:00
Active Scan with Hping 00:00:00
Hping for Another Purpose DDoS 00:00:00
Section 5: Nmap for Active Network Scan
Introduction to Nmap 00:00:00
Ping Scan to Enumerate Network Hosts 00:00:00
TCP/IP (Networking) Basics on OSI Reference Model 00:00:00
TCP/IP Model on an Example 00:00:00
TCP & UDP Protocols Basics 00:00:00
Port Scan with Nmap – Introduction 00:00:00
SYN Scan 00:00:00
Nmap Port Scan Details 00:00:00
TCP Scan 00:00:00
UDP Scan 00:00:00
Version Detection 00:00:00
Operating System Detection 00:00:00
Input & Output Management in Nmap 00:00:00
Nmap Scripting Engine Introduction 00:00:00
Nmap Scripting Engine First Run 00:00:00
Nmap Scripting Engine Some More 00:00:00
Nmap Scripting Engine Some Handy Scripts 00:00:00
How to Bypass Security Measures in Nmap Scans 00:00:00
Timing of the Scans 00:00:00
Some Other Types of Scans XMAS, ACK, etc. 00:00:00
Idle (Stealth) Scan 00:00:00
Section 6: Vulnerability Scan
Introduction to Vulnerability Scan 00:00:00
Introduction to a Vulnerability Scanner Nessus 00:00:00
Nessus Download 00:00:00
Nessus Install & Setup 00:00:00
Nessus Creating a Custom Policy 00:00:00
Nessus First Scan 00:00:00
An Aggressive Scan 00:00:00
Results of an Aggressive Scan 00:00:00
Results of an Aggressive Scan with Windows Systems 00:00:00
Nessus Report Function 00:00:00
Section 7: Exploitation (Gaining Session)
Content of the Section 00:00:00
Exploitation Terminologies 00:00:00
Exploit Databases 00:00:00
Manual Exploitation 00:00:00
Exploitation Frameworks 00:00:00
Metasploit Framework (MSF) Introduction 00:00:00
Architecture of Metasploit Framework 00:00:00
Introduction to MSF Console 00:00:00
MSF Console Initialisation 00:00:00
MSF Console Search Function & Ranking of the Exploits 00:00:00
MSF Console Configure & Run an Exploit 00:00:00
Introduction to Meterpreter 00:00:00
Gaining a Meterpreter Session 00:00:00
Meterpreter Basics on Linux 00:00:00
Meterpreter Basics on Windows 00:00:00
Pass the Hash Hack Even There is No Vulnerability 00:00:00
Pass the Hash Preparation 00:00:00
Pass the Hash Gathering Some Hashes 00:00:00
Pass the Hash Try Other Assets 00:00:00
Section 8: And More Post-Exploitation
Introduction to Post-Exploitation 00:00:00
Persistence What is it 00:00:00
Persistence Module of Meterpreter 00:00:00
Removing a Persistence Backdoor 00:00:00
Persist on a Windows 8 Using Meterpreter’s Persistence Module 00:00:00
Next Generation Persistence Step 1 00:00:00
Next Generation Persistence Step 2 00:00:00
Meterpreter for Post-Exploitation 00:00:00
Meterpreter for Post-Exploitation Core Extension 00:00:00
Meterpreter for Post-Exploitation Core Extension – Session Commands 00:00:00
Meterpreter for Post-Exploitation Core Extension – Migrate Commands 00:00:00
Meterpreter for Post-Exploitation Core Extension – Channel Commands 00:00:00
Meterpreter for Post-Exploitation Stdapi Extension 00:00:00
Meterpreter for Post-Exploitation Stdapi Extension – File System Commands 00:00:00
Meterpreter for Post-Exploitation Stdapi Extension – System Commands 00:00:00
Meterpreter for Post-Exploitation Stdapi Extension – User Interface Commands 00:00:00
Meterpreter for Post-Exploitation Incognito Extension 00:00:00
Meterpreter for Post-Exploitation Mimikatz Extension 00:00:00
Post Modules of Metasploit Framework (MSF) 00:00:00
MSF Post Modules Gathering Modules 00:00:00
MSF Post Modules Managing Modules 00:00:00
Collecting Sensitive Data in Post-Exploitation Phase 00:00:00
Collecting Sensitive Data – Some Real World Examples 00:00:00
Section 9: Password Cracking
Introduction to Password Cracking 00:00:00
Password Hashes of Windows Systems 00:00:00
Password Hashes of Linux Systems 00:00:00
Classification of Password Cracking 00:00:00
Password Cracking Tools 00:00:00
Hydra to Crack a Web App’s Password 00:00:00
Introduction to Cain and Abel 00:00:00
Cain for Offline Cracking – Step 1 Importing Hash Files 00:00:00
Cain for Offline Cracking – Step 2 Gathering Hash Dumps 00:00:00
Cain for Offline Cracking – Step 3 Importing Hash Dumps into Cain 00:00:00
Cain for Offline Cracking – Step 4 A Dictionary Attack 00:00:00
Cain for Offline Cracking – Step 5 A Brute Force Attack 00:00:00
John the Ripper 00:00:00
Section 10: OSINT (Open Source Intelligent) & Information Gathering Over the Internet
Introduction to Information Gathering 00:00:00
Using Search Engines to Gather Information 00:00:00
Search Engine Tools SiteDigger and SearchDiggity 00:00:00
Shodan 00:00:00
Gathering Information About the People 00:00:00
Web Archives 00:00:00
FOCA – Fingerprinting Organisations with Collected Archives 00:00:00
Fingerprinting Tools The Harvester and Recon-NG 00:00:00
Maltego – Visual Link Analysis Tool 00:00:00
Section 11: Hacking Web Applications
Content of the Section 00:00:00
Terms and Standards – I 00:00:00
Terms and Standards – II 00:00:00
Intercepting HTTP Traffic with Burp Suite 00:00:00
Intercepting HTTPS Traffic with Burp Suite 00:00:00
Web Attacks Classification 00:00:00
An Automated Tool Zed Attack Proxy (ZAP) 00:00:00
ZAP Installation & Quick Scan 00:00:00
Using ZAP as a Personal Proxy Tool 00:00:00
Intercepting HTTPS Traffic with ZAP 00:00:00
ZAP An Advanced Scan – Scanning a Website that Requires to Login 00:00:00
Information Gathering and Configuration Flaws – I 00:00:00
Information Gathering and Configuration Flaws – II 00:00:00
Introduction to Input & Output Manipulation 00:00:00
What is Cross Site Scripting (XSS) & Reflected XSS 00:00:00
Stored XSS and DOM-Based XSS 00:00:00
BeEF – The Browser Exploitation Framework 00:00:00
SQL Injection – Part I 00:00:00
SQL Injection – Part II 00:00:00
SQL Injection – Part III 00:00:00
Authentication 00:00:00
Authentication Attacks 00:00:00
An Online Password Cracking Attack with Hydra 00:00:00
Authorization Flaws 00:00:00
Path Traversal Attack Demo 00:00:00
Session Management 00:00:00
Session Fixation Attack 00:00:00
Cross Site Request Forgery (CSRF) 00:00:00
Section 12: Social Engineering & Phishing Attacks
Introduction to Social Engineering 00:00:00
Social Engineering Terminologies – I 00:00:00
Social Engineering Terminologies – II 00:00:00
Creating Malware – Terminologies 00:00:00
MSF Venom – Part I 00:00:00
MSF Venom – Part II 00:00:00
Veil – Installation 00:00:00
Veil to Create Custom Payloads 00:00:00
TheFatRat – Installation 00:00:00
TheFatRat to Create Malware 00:00:00
TheFatRat – Overcoming a Problem 00:00:00
Embedding Malware in PDF Files 00:00:00
Embedding Malware in Word Documents 00:00:00
Embedding Malware in Firefox Add-ons 00:00:00
Empire Project – Installation 00:00:00
Empire in Action – Part I 00:00:00
Empire in Action – Part II 00:00:00
Exploiting Java Vulnerabilities 00:00:00
Social Engineering Toolkit (SET) for Phishing 00:00:00
Sending Fake Emails for Phishing 00:00:00
Voice Phishing Vishing 00:00:00
Section 13: Network Fundamentals
Content of the Section 00:00:00
What is Protocol 00:00:00
Reference Models 00:00:00
OSI Reference Model 00:00:00
OSI Reference Model vs. TCP/IP Reference Model 00:00:00
Demonstration of OSI Layers Using Wireshark 00:00:00
Data Link Layer (Layer 2) Standards & Protocols 00:00:00
Layer 2 Ethernet – Principles, Frames & Headers 00:00:00
Layer 2 ARP – Address Resolution Protocol 00:00:00
Layer 2 ARP Packet Analysis 00:00:00
Layer 2 VLANs (Virtual Local Area Networks) 00:00:00
Layer 2 WLANs (Wireless Local Area Networks) 00:00:00
Introduction to Network Layer (Layer 3) 00:00:00
Layer 3 IP (Internet Protocol) 00:00:00
Layer 3 IPv4 Addressing System 00:00:00
Layer 3 IPv4 Packet Header 00:00:00
Layer 3 IPv4 Subnetting – Classful Networks 00:00:00
Layer 3 IPv4 Subnetting – Subnet Mask 00:00:00
Layer 3 Understanding IPv4 Subnets 00:00:00
Layer 3 IPv4 Address Shortage 00:00:00
Layer 3 Private Networks 00:00:00
Layer 3 Private Networks – Demonstration 00:00:00
Layer 3 NAT (Network Address Translation) 00:00:00
Layer 3 IPv6, Packet Header & Addressing 00:00:00
Layer 3 DHCP – How the Mechanism Works 00:00:00
Layer 3 ICMP (Internet Control Message Protocol) 00:00:00
Layer 3 Traceroute 00:00:00
Introduction to Transport Layer (Layer 4) 00:00:00
Layer 4 TCP (Transmission Control Protocol) 00:00:00
Layer 4 TCP Header 00:00:00
Layer 4 UDP (User Datagram Protocol) 00:00:00
Introduction to Application Layer (Layer 5 to 7) 00:00:00
Layer 7 DNS (Domain Name System) 00:00:00
Layer 7 HTTP (Hyper Text Transfer Protocol) 00:00:00
Layer 7 HTTPS 00:00:00
Section 14: Network Layer & Layer-2 Attacks
Content of the Section 00:00:00
Let’s Create Our Network with GNS3 Download & Install 00:00:00
GNS3 Setting Up the First Project 00:00:00
GNS3 Environment 00:00:00
GNS3 Building the Network 00:00:00
GNS3 Attaching VMware VMs (Including Kali) to the Network 00:00:00
GNS3 Configuring Switch & Router (Cisco) and creating VLANs 00:00:00
Network Sniffing The “Man in the Middle” (MitM) 00:00:00
Network Sniffing Why Do We Sniff the Network 00:00:00
Network Sniffing TCP Dump 00:00:00
Network Sniffing Wireshark – Capturing the Traffic 00:00:00
Network Sniffing Wireshark – Following a Stream 00:00:00
Network Sniffing Wireshark – Summarising the Network 00:00:00
Active Network Devices Router, Switch, Hub 00:00:00
How Do We Expand the Sniffing Space 00:00:00
MAC Flood Switching 00:00:00
MAC Flood Using Macof 00:00:00
MAC Flood Countermeasures 00:00:00
ARP Spoof 00:00:00
ARP Cache Poisoning using Ettercap 00:00:00
DHCP Starvation & DHCP Spoofing 00:00:00
DHCP Mechanism 00:00:00
DHCP Starvation – Scenario 00:00:00
DHCP Starvation Demonstration with Yersinia 00:00:00
VLAN Hopping 00:00:00
VLAN Hopping Switch Spoofing 00:00:00
VLAN Hopping Double Tagging 00:00:00
Reconnaissance on Network Devices 00:00:00
Cracking the Passwords of the Services of Network Devices 00:00:00
Online SSH Password Cracking Using Hydra 00:00:00
Compromising SNMP What is SNMP 00:00:00
Compromising SNMP Finding Community Names Using NMAP Scripts 00:00:00
Compromising SNMP Write Access Check Using SNMP-Check Tool 00:00:00
Compromising SNMP Grabbing SNMP Configuration Using Metasploit 00:00:00
Weaknesses of the Network Devices 00:00:00
Password Creation Methods of Cisco Routers 00:00:00
Identity Management in the Network Devices 00:00:00
ACLs (Access Control Lists) in Cisco Switches & Routers 00:00:00
SNMP (Simple Network Management Protocol) Security 00:00:00
Online Learning Thailand.
X