Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Learn Website Hacking / Penetration Testing From Scratch
Section: 0
1. Course Introduction (2:13)
Section: 1 - Preparation - Creating a Penetration Testing Lab
2. Lab Overview & Needed Software (3:25)
3. Installing Kali 2018 As a Virtual Machine Using a Ready Image (8:31)
4. Installing Metasploitable As a Virtual Machine (4:10)
5. Installing Windows As a Virtual Machine (3:21)
Section: 2 - Preparation - Linux Basics
6. Basic Overview Of Kali Linux (4:37)
7. The Linux Terminal & Basic Linux Commands (9:06)
8. Configuring Metasploitable & Lab Network Settings (5:37)
Section: 3 - Website Basics
9. What is a Website? (4:13)
10. How To Hack a Website? (5:31)
Section: 4 - Information Gathering
11. Gathering Information Using Whois Lookup (4:41)
12. Discovering Technologies Used On The Website (6:03)
13. Gathering Comprehensive DNS Information (5:57)
14. Discovering Websites On The Same Server (3:43)
15. Discovering Subdomains (5:05)
16. Discovering Sensitive Files (7:25)
17. Analysing Discovered Files (4:17)
18. Maltego - Discovering Servers, Domains & Files (7:42)
19. Maltego - Discovering Websites, Hosting Provider & Emails (4:49)
Section: 5 - File Upload Vulnerabilities
20. What are they? And How To Discover & Exploit Basic File Upload Vulnerabilities (6:43)
21. HTTP Requests - GET & POST (4:13)
22. Intercepting HTTP Requests (6:44)
23. Exploiting Advanced File Upload Vulnerabilities (4:37)
24. Exploiting More Advanced File Upload Vulnerabilities (4:22)
25. [Security] Fixing File Upload Vulnerabilities (6:21)
Section: 6 - Code Execution Vulnerabilities
26. What are they? & How To Discover & Exploit Basic Code Execution Vulnerabilities (7:25)
27. Exploiting Advanced Code Execution Vulnerabilities (6:06)
28. [Security] - Fixing Code Execution Vulnerabilities (5:47)
Section: 7 - Local File Inclusion Vulnerabilities (LFI)
29. What are they? And How To Discover & Exploit Them (5:49)
30. Gaining Shell Access From LFI Vulnerabilities - Method 1 (7:10)
31. Gaining Shell Access From LFI Vulnerabilities - Method 2 (10:37)
Section: 8 - Remote File Inclusion Vulnerabilities (RFI)
32. Remote File Inclusion Vulnerabilities - Configuring PHP Settings (3:45)
33. Remote File Inclusion Vulnerabilities - Discovery & Exploitation (5:44)
34. Exploiting Advanced Remote File Inclusion Vulnerabilities (2:49)
35. [Security] Fixing File Inclusion Vulnerabilities (5:54)
Section: 9 - SQL Injection Vulnerabilities
37. Dangers of SQL Injections (5:48)
36. What is SQL (2:53)
Section: 10 - SQL Injection Vulnerabilities - SQLi In Login Pages
38. Discovering SQL Injections In POST (7:56)
39. Bypassing Logins Using SQL Injection Vulnerability (4:48)
40. Bypassing More Secure Logins Using SQL Injections (6:24)
41. [Security] Preventing SQL Injections In Login Pages (7:43)
Section: 11 - SQL injection Vulnerabilities - Extracting Data From The Database
42. Discovering SQL Injections in GET
43. Reading Database Information
44. Finding Database Tables
45. Extracting Sensitive Data Such As Passwords
Section: 12 - SQL injection Vulnerabilities - Advanced Exploitation
46. Discovering & Exploiting Blind SQL Injections (5:53)
47. Discovering a More Complicated SQL Injection (7:21)
48. Extracting Data (passwords) By Exploiting a More Difficult SQL Injection (4:47)
49. Bypassing Filters (7:19)
50. Bypassing Security & Accessing All Records (4:48)
51. [Security] Quick Fix To Prevent SQL Injections (6:43)
52. Reading & Writing Files On The Server Using SQL Injection Vulnerability (5:57)
53. Getting A Reverse Shell Access & Gaining Full Control Over The Target Web Server (8:26)
54. Discovering SQL Injections & Extracting Data Using SQLmap (6:47)
55. Getting a Direct SQL Shell using SQLmap (2:57)
56. [Security] - The Right Way To Prevent SQL Injection (4:58)
Section: 13 - XSS Vulnerabilities
57. Introduction - What is XSS or Cross Site Scripting? (3:09)
58. Discovering Basic Reflected XSS (3:46)
59. Discovering Advanced Reflected XSS (4:34)
60. Discovering An Even More Advanced Reflected XSS (7:04)
61. Discovering Stored XSS (2:56)
62. Discovering Advanced Stored XSS (3:36)
63. Discovering Dom Based XSS (6:33)
Section: 14 - XSS Vulnerabilities - Exploitation
64. Hooking Victims To BeEF Using Reflected XSS (5:41)
65. Hooking Victims To BeEF Using Stored XSS (4:09)
66. BeEF - Interacting With Hooked Victims (3:56)
67. BeEF - Running Basic Commands On Victims (4:24)
68. BeEF - Stealing Credentials/Passwords Using A Fake Login Prompt (2:17)
69. Bonus - Installing Veil 3 (7:49)
70. Bonus - Veil Overview & Payloads Basics (7:20)
71. Bonus - Generating An Undetectable Backdoor Using Veil 3 (9:44)
72. Bonus - Listening For Incoming Connections (7:18)
73. Bonus - Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10 (7:12)
74. BeEF - Gaining Full Control Over Windows Target (3:39)
75. [Security] Fixing XSS Vulnerabilities (7:17)
Section: 15 - Insecure Session Management
76. Logging In As Admin Without a Password By Manipulating Cookies (6:05)
77. Discovering Cross Site Request Forgery Vulnerabilities (CSRF) (6:46)
78. Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File (7:00)
79. Exploiting CSRF Vulnerabilities To Change Admin Password Using Link (5:40)
80. [Security] The Right Way To Prevent CSRF Vulnerabilities (9:19)
Section: 16 - Brute Force & Dictionary Attacks
81. What Are Brute Force & Dictionary Attacks? (3:44)
82. Creating a Wordlist (6:35)
83. Launching a Wordlist Attack & Guessing Login Password Using Hydra (13:32)
Section: 17 - Discovering Vulnerabilities Automatically Using Owasp ZAP
84. Scanning Target Website For Vulnerabilities (4:19)
85. Analysing Scan Results (4:11)
Section: 18 - Post Exploitation
86. Post Exploitation Introduction (3:58)
87. Interacting With The Reverse Shell Access Obtained In Previous Lectures (6:59)
88. Escalating Reverse Shell Access To Weevely Shell (7:52)
89. Weevely Basics - Accessing Other Websites, Running Shell Commands ...etc (6:31)
90. Bypassing Limited Privileges & Executing Shell Commands (4:53)
91. Downloading Files From Target Webserver (4:39)
92. Uploading Files To Target Webserver (7:52)
93. Getting a Reverse Connection From Weevely (7:46)
94. Accessing The Database (8:53)
44. Finding Database Tables
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock