Course frontpage
Current Chapter
7. Web Applications
- 7.1 Intro
- 7.2 Local and Remote File Inclusion (LFI/RFI)
- 7.3 Remote Code Execution
- 7.4 Remote Command Execution
- 7.5 SQL Injection Basics
- 7.6 Web shells
- 7.7 File Upload Vulnerabilities
- 7.8 Cross-Site Scripting (XSS)
Chapters
1. Penetration testing basics
- 1.1 Intro
- 1.2 About Penetration testing
- 1.3 The Penetration process explained
- 1.4 Jobs and professional opportunities
2. Accessing the labs
- 2.1 Intro
- 2.2 Installing Kali Linux
- 2.3 VPN Access
- 2.4 Reset panel
- 2.5 Rules & Restrictions
- 2.6 Legal
- 2.7 Certificate of Completion
- 2.8 Where to start from here?
3. Information Gathering
- 3.1 Intro
- 3.2 Passive information gathering
- 3.3 Active information gathering
4. Vulnerability Assessment
- 4.1 Intro
- 4.2 Metasploitable 2 enumeration information & vulnerabilities
- 4.3 Vulnerability & Exploit databases
- 4.4 Nmap scripts
- 4.5 Vulnerability Scanning with OpenVAS
5. Exploitation
- 5.1 Intro
- 5.2 How to work with exploits and where to find them
- 5.3 Compiling Linux kernel exploits
- 5.4 Compiling Windows exploits on Linux
- 5.5 Transferring exploits
- 5.6 Exploiting vulnerabilities in practice
6. Privilege Escalation
- 6.1 Intro
- 6.2 Privilege Escalation on Linux
- 6.3 Privilege Escalation on Windows
7. Web Applications
- 7.1 Intro
- 7.2 Local and Remote File Inclusion (LFI/RFI)
- 7.3 Remote Code Execution
- 7.4 Remote Command Execution
- 7.5 SQL Injection Basics
- 7.6 Web shells
- 7.7 File Upload Vulnerabilities
- 7.8 Cross-Site Scripting (XSS)
8. Password Attacks
- 8.1 Intro
- 8.2 Generating password lists
- 8.3 Windows passwords and hashes
- 8.4 Cracking hashes with John
- 8.5 Web application passwords
9. Networking & Shells
- 9.1 Intro
- 9.2 Reverse Shells
- 9.3 Bind Shells
- 9.4 Upgrading Netcat shells
11. Attacking Management Interfaces
- 11.1 Intro
- 11.2 Attacking BMC & IPMI
Pentesting in practice
- Intro