Ending In:
$1,600
90% off
Courses
8
Lessons
417
Enrolled
364
Courses
8
Lessons
417
Enrolled
364
What's Included
Complete Ethical Hacking & Cyber Security Masterclass Course
$200 Value
PenTesting with OWASP ZAP: Mastery Course
$200 Value
All-in-One Hacking Guide: From Zero to Hero
$200 Value
WordPress Hacking & Hardening in Simple Steps
$200 Value
Learn Server Security with BitNinja
$200 Value
Web Penetration Tester: Jump Up a Level in Your Career
$200 Value
CompTIA PenTest+ (PT0-001) Ethical Hacking
$200 Value
CompTIA CySA+ Cybersecurity Analyst (CS0-001) Prep Course
$200 Value
Product Details
Access
Lifetime
Content
13.0 hours
Lessons
78
Complete Ethical Hacking & Cyber Security Masterclass Course
A Comprehensive Guide to the Newest Techniques of PenTest & Ethical Hacking
By Joe Parys | in Online Courses
In our complete ethical hacking masterclass course, you will learn from scratch how to master ethical hacking and cybersecurity. This course offers more than 13+ hours of content starting from a beginner and working your way up to some more advanced ethical hacking skills. The skills you learn in this course can help translate into the workplace and help you further your career as a cybersecurity and ethical hacking professional.
- Access 78 lectures & 13 hours of content 24/7
- Ethically hack a server using command injection vulnerability w/ Netcat
- Bypass antivirus by changing the malware binary
- Change the look of a page using HTML code injection
Joe Parys is a certified life coach, professional motivational speaker, entrepreneur, licensed psychology teacher, and basketball coach. His main areas of expertise are teaching, coaching, public speaking, personal development, personal transformation, the human mind, maximizing human potential, motivation and goal setting.
Important Details
- Length of time users can access this course: lifetime
- Access options: web & mobile streaming
- Certification of completion included
- Redemption deadline: redeem your code within 30 days of purchase
- Updates included
- Experience level required: beginner
Requirements
- Internet access required
Course Outline
- Your First Program
- Introduction & Setting Up Our Hacking Lab
- Learn Ethical Hacking Skills & Cyber Security Skills With Us Today! - 1:45
- Welcome To The Complete Ethical Hacking and Cyber Security Master Class - 0:19
- Virtual Box 6.0 Installation - 5:27
- Installing Kali Linux As Operating System For Hacking - 14:54
- Going Full Screen On Kali Linux! - 5:51
- Linux Basics
- Linux Environment - 6:53
- Terminal Commands - Part 1 - 11:13
- Terminal Commands - Part 2 - 8:48
- Configuring IP Address And Network Settings - 6:48
- Cat, Echo, Apt-get ... - 11:49
- Information Gathering & Footprinting
- Five Phases Of A Penetration Test - 7:04
- Active & Passive Footprinting Theory - 5:23
- Finding Target Emails With Harvester - 12:19
- Gathering Valuable Information With Dnsdumpster & OSINT - 8:38
- Network Scanning Terminology And Theory - 14:40
- Ping & Traceroute - 6:45
- Bettercap & Netdiscover - 6:13
- Evading Firewall & IDS & Honeypots Using Advance Scanning
- Performing Default Nmap Scan - 4:36
- What is IDS & IPS, Honeypot And Firewall? - 4:22
- Evading Firewall with Nmap - 11:01
- Bypassing IDS & IPS - 3:56
- Creating Decoys during scan with Fragmented Packets - 12:18
- Discovering Service Version on an Open Port - 16:55
- Vulnerability Analysis
- Searchsploit & Shodan - 16:49
- Gaining Access To a Network - WPA2/WPA Cracking
- Wireless Hacking Theory - 9:51
- Putting Our Wireless Card Into Monitor Mode - 4:36
- Sniffing Network Information In Monitor Mode - 7:15
- Deauthenticating Everyone On The Network And Capturing 4 Way Handshake - 5:49
- Cracking The Password Hash With Aircrack-ng - 9:44
- Cracking The Password Faster Using Hashcat - 15:39
- Gaining Access - Evil Twin Attack
- Creating Fake Access Point With Airgedon - 14:51
- Capturing Wireless Password With Fake Access Point - 7:48
- Man In The Middle - Steal Everyones Data
- Theory Of Arp Spoofing - 6:17
- MITMf Full Installation - 4:39
- Performing An ARP Spoof Attack - 9:08
- Redirecting To A Fake Captive Portal - 15:54
- Sniffing Passwords & Flipping Images On Targets Browser - 8:47
- Gaining Access To A Machine - System Hacking
- System Hacking Theory - 7:15
- Metasploit Framework Structure - 15:39
- Exploiting Windows With Eternalblue Attack - 12:42
- Running Doublepulsar Attack - 16:31
- Using Evasion Modules To Bypass Windows Defender - 7:31
- Using Msfvenom To Generate A Trojan & Windows 10 Hacking - 17:35
- Bypassing Antivirus Using Encoders And "Bad Bytes" - 10:55
- Changing Executable Binary With Hexeditor - 10:31
- Hack Any Machine Over Internet Using Port Forwarding - 9:40
- Coding Project 1: Reverse Shell In Python
- Creating Server & Payload - 18:44
- Converting Python File To Exe - 8:41
- Post Exploitation - Stealing Valuable Information
- Meterpreter Commands - Part 1 - 15:52
- Meterpreter Commands - Part 2 - 15:15
- Creating Persistence On Target PC & Registry Edit - 11:14
- Discovering Other Machines On A Target Network - 7:31
- Bypassing UAC & Gaining Privileges - 7:38
- Stealing Targets Chrome and WLAN Passwords After Exploit - 6:59
- Embedding A Backdoor Into An Image - 4:58
- Web Application Penetration Testing - Injections, Bruteforcers, Packet Sniffers
- OWASP Installation - Vulnerable Web Application - 7:22
- DIRB & Whatweb For Website Identification - 8:29
- Hydra - Bruteforcing Any Login Page - 13:16
- Burpsuite Introduction & Configuration - 11:53
- Command Injection & Target Exploitation - 13:41
- XSS Attack Theory - 5:20
- Finding XSS Vulnerability On A Webpage - 5:45
- Solving XSS Challenges On An Online Lab - 7:40
- HTML Character Encoding To Exploit an XSS Vulnerability - 6:34
- HTML Code Injection Vulnerability - 4:16
- What is SQL & SQL Injection Theory - 13:22
- Stealing Database Passwords With Advance Manual SQL Injection - 22:38
- Coding Project 2: Making Bruteforcer In Python
- Coding Login Form Bruteforcer Using Python - 15:53
- Creating Undetectable Malware Using C Language
- Describing What We Are Going To Code - 8:57
- Using Struct sockaddr_in To Setup Socket Object - 12:47
- Binding And Accepting Target Connection In a Server - 7:08
- Sending Command To Target To Execute - 17:30
- Starting With The Malware & Defining Bzero Function - 8:22
- Creating APIENTRY Function And Hiding Program Console - 12:45
- Executing Commands On Target System - 12:10
- First Test Of Our Malware - 12:20
- Making Our Malware Look Like An Error - 15:33
- Social Media Hacking - Diffrent Ways To Gain Access To Online Accounts
- Hacking Instagram - Way #1 - 6:14
Access
Lifetime
Content
6.0 hours
Lessons
23
PenTesting with OWASP ZAP: Mastery Course
Must-Have Tool Mastery for Hackers, PenTesters, Developers, Coders & Experienced Security Professionals
By Atul Tiwari | in Online Courses
The ZAP is a fine-grained tool that every penetration testers, hacker, developers must have in their arsenal and hence required a solid understanding and through training to perform security testing from its core. This course enables you to test web applications, automated testing, manual testing, fuzzing web applications, perform bug hunting and complete web assessment using ZAP.
- Access 23 lectures & 6 hours of content 24/7
- Uncover hidden bugs & vulnerabilities
- Know the hidden power of ZAP to assess web applications
- Use SQLmap, Nmap, Nikto & all tools in kali Linux w/ and in ZAP UI simultaneously
Atul Tiwari has more than 7 years of working experience in the information security field. He has trained more than 3,000 students in information security and penetration testing. With his expertise in web application penetration testing, Atul has performed penetration tests, security audits, and security analysis for private enterprise, governments, and security agencies to assist with cyber threats.
Important Details
- Length of time users can access this course: lifetime
- Access options: web & mobile streaming
- Certification of completion included
- Redemption deadline: redeem your code within 30 days of purchase
- Updates included
- Experience level required: all levels
Requirements
- Internet access required
Course Outline
- Intro About the ZAP
- Things to know about OWASP ZAP - 23:34
- ZAP course guide
- Configuration of ZAP
- Installing ZAP on multi platform - 18:44
- Six elements of the ZAP - Desktop UI - 12:15
- ZAP marketplace and add-ons - 9:10
- Configuration of ZAP - 31:46
- Scan policy manager - config - 24:49
- ZAP attack modes - 15:46
- Attacking the applications with ZAP
- Automated attack under 5 minutes - 17:56
- Spidering the target - 24:12
- Fuzzing targets in action - 23:30
- Active scanning attacks - 22:11
- Break points and Requestor - 15:21
- Setting breakpoints on GET request OWASP ZAP - 8:47
- Authentication & session management in ZAP - 25:23
- Forced browsing DIRs and Files using ZAP - 12:22
- ZAP Scripting attacks & Recording Zest Script, Python, JavaScript - 24:13
- Invoking applications into ZAP - 16:38
- Invoking Burp suite into ZAP - Best strategy - 9:24
- HUD mode - Heads-up display - 17:27
- ZAP API testing - 15:14
- Other useful tools add-ons inside zap - 29:02
- Generating Reports in multiple format - 6:55
Access
Lifetime
Content
11.0 hours
Lessons
89
All-in-One Hacking Guide: From Zero to Hero
Master Ethical Hacking Techniques & Methodologies Used in Penetration Systems
By Gabriel Avramescu | in Online Courses
To completely understand computer security, it's vital to step outside the fence and to think outside the box. Computer security is not just about firewalls, Intrusion Prevention Systems or anti-viruses. It's also about tricking people into doing whatever a hacker wishes, for their benefit. A secure system, network or infrastructure is also about informed people. That's what this course is all about. It will help you learn to master ethical hacking techniques and methodologies that are used in penetration systems. This course covers both theoretical and practical aspects and contains hands-on labs about hacking systems, networks, wireless, mobile and websites.
- Access 89 lectures & 11 hours of content 24/7
- Understand Ethical Hacking, Footprinting, & Reconnaissance
- Scan networks & enumerate and discover vulnerabilities
- Learn about system hacking & vulnerability exploitation
Gabriel Avramescu is a Senior Information Security Consultant and IT Trainer. He works on an Internet security team focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
Important Details
- Length of time users can access this course: lifetime
- Access options: web & mobile streaming
- Certification of completion included
- Redemption deadline: redeem your code within 30 days of purchase
- Updates included
- Experience level required: intermediate
Requirements
- Internet access required
Course Outline
- Introduction
- About the intructor - 0:30
- What to expect - 1:55
- Techniques and Terms - 3:53
- Join Our Online Classroom!
- Introduction to Ethical Hacking. Footprinting and Reconnaissance
- Introduction to Ethical Hacking. Footprinting and Reconnaissance - 24:55
- Demo - Information Gathering using Google Dorks and DNS Queris - 4:17
- Demo - Scanning and Enumeration - 8:58
- Do it yourself - Information Gathering Exercise
- Information Gathering
- Information Gathering using websites - part 1 - 12:59
- Information Gathering using websites - part 2 - 17:17
- Introduction to Maltego - 4:58
- Maltego Demo - 9:16
- Scanning Networks, Enumeration and Discovering Vulnerabilities
- Scanning and enumeration - 8:58
- Vulnerabilities Identification - 8:28
- Demo - Installing Nessus Scanner - 3:31
- Demo - Use Nessus to Discover Vulnerabilities - 4:42
- Demo - Using Nikto to discover Web Vulnerabilities - 4:42
- Demo - Using Paros for Vulnerability Discovery - 4:48
- Demo - Use Dirbuster to brute force sub-directories and filenames - 2:50
- Do it yourself - Scanning and enumeration, Vulnerability Discovery Exercise
- Social Engineering Toolkit (SET)
- About Social Engineering Toolkit - 1:50
- Use SET to get facebook credentials - 6:11
- System Hacking and Vulnerability Exploitation
- System hacking - vulnerability exploitation - 5:58
- Passwords - 11:56
- Authentication - 6:55
- Metasploit
- Metasploit Introduction - 17:08
- Demo - Exploiting FTP Server Vulnerability using Metasploit - 11:48
- Demo - Post Exploitation Example - 1:06
- Demo - Exploiting NFS Vulnerability and exporting SSH Keys to the Victim PC - 10:07
- Demo - Eploiting Samba Service on Linux using Metasploit - 3:09
- Do it yourself - Vulnerability Exploitation using Metasploit Exercise
- Social Engineering using Metasploit
- Backdoor for Windows - 14:06
- Android backdoor - 6:58
- Trojans, Backdoors, Viruses and Worms
- Trojans and Backdoors - 5:00
- Computer viruses and worms - 9:14
- Cryptography
- Cryptography concepts - 4:56
- Cryptographic Algorithms - 11:09
- Cryptography and cryptanalysis tools. Cryptographic attacks - 3:02
- Demo - Hack SSH passwords using Medusa - 5:14
- Hack the SSH Password using Hydra - 5:05
- Hack Linux Passwords using John the Ripper - 3:29
- Do it yourself - Passwords Protection Exercise
- Penetration Testing on Wireless Networks
- Penetration Testing on Wireless Networks - 6:56
- Do it yourself - WiFi Networks Security - practical approach
- Case Study – Windows Hosted Network Bug or Feature - 10:42
- Web Security
- Core Problems - Why Web Security - 7:33
- Web Technologies
- Preparing the Lab Environment - 8:31
- Sniffing. Attacking Authentication and Session Management - Session Hijacking
- Sniffing - 15:00
- Theoretical Overview of Attacking Authentication and Session Management
- Session Hijacking trough Man In The Middle Attack - 11:05
- Intercept and access traffic over HTTPS. Get Gmail and Facebook passwords. - 8:56
- Attacking the users trough websites - XSS and Beef-XSS
- XSS Basics - 8:27
- Reflected XSS - 10:29
- Stored XSS - 6:59
- Beef-XSS Basics - 16:12
- Access controls. Data stores and Client-side Controls
- Access controls. Data stores and Client-side Controls
- SQL injection - 9:09
- Exploiting SQLi using Sqlmap and Getting Remote Shell - 10:07
- Upload and Remote File Execution - 10:43
- Other vulnerabilities - web and mobile
- OWASP Top Ten Mobile Vulnerabilities - 13:22
- Penetration Testing Cheat Sheet - 18:59
- For Developers - Android Security Guidelines - 1:21
- Further research - Automatic and Manual Scanning for Vulnerabilities - 18:16
- Android Development Tools
- Android Studio - 11:21
- Android Debug Bridge - 6:23
- AVD Manager is missing? ADB Connection and Monitor in Android Studio 3.5 and newer
- Playing with Android Emulators - practice your social engineering
- Android emulator or Android Device? - 6:57
- Android Rooting - 5:43
- Setting up a proxy in Android - 10:25
- Installing CA Certificate - 5:41
- Android Vulnerable Application Setup - 3:43
- Virtual Machine Download
- Android Application Review. Reverse Engineering and App Analysis
- APK file Structure. AndroidManifest XML file - 7:01
- Reversing to get Source code of the Application - decompiling with dex2jar - 10:53
- Reversing and Re-compiling With APKTool - 10:55
- Static vs Dynamic Analysis - 5:58
- Static Analysis of Android Application using QARK - 13:05
- Dynamic Analysis of Android Application using Inspeckage and Xsposed - 15:36
- MobSF - Mobile-Security-Framework - 10:48
- Automated Security Assessments with Drozer - 8:45
- Intercept traffic using Wireshark - 5:22
- Intent Sniffing - 5:23
- Fuzzing using Burp - Password Brute-Force. Username enumeration - 11:58
- Bypass Certificate Pinning
- General Description - 4:10
- Automatic Bypass of SSL Pinning - 8:51
- Manual Bypass of SSL Pinning - 31:50
- Final Words
- Countermeasures for Social Engineering - 6:48
- Final words - 0:16
Access
Lifetime
Content
5.0 hours
Lessons
41
WordPress Hacking & Hardening in Simple Steps
Make Any WordPress Installation Significantly More Secure & Raise Awareness on Various Vulnerabilities
By Gabriel Avramescu | in Online Courses
Did you know that more than 73 million web sites in the world run on the WordPress publishing platform? This makes WordPress more popular than Microsoft SharePoint, Blogger, or Drupal. It also means that WordPress is a large target for hackers. When it comes to WordPress security, there are a lot of things you can do to lock down your site to prevent hackers and vulnerabilities from affecting your e-commerce site or blog. The strategies that you will learn in this course can help any WordPress installation become significantly more secure, and raise awareness of the types of vulnerabilities to defend against.
- Access 41 lectures & 5 hours of content 24/7
- Secure WordPress Websites
- Prevent spam & brute force attacks
- Secure HTTP headers & configure 2-factor authentication
- Block malicious IPs & attacks
Gabriel Avramescu is a Senior Information Security Consultant and IT Trainer. He works on an Internet security team focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
Important Details
- Length of time users can access this course: lifetime
- Access options: web & mobile streaming
- Certification of completion included
- Redemption deadline: redeem your code within 30 days of purchase
- Updates included
- Experience level required: beginner
Requirements
- Internet access required
Course Outline
- Introduction
- Let's meet - 0:54
- About me. And Course Outline - 13:49
- Lab Setup - 2:48
- Join Our Online Classroom!
- Overview of a Wordpress attack
- Scanning Wordpress for vulnerabilities - 10:26
- Exploit Vulnerable Wordpress Plugin - 9:18
- Upload a backdoor - 7:36
- Sending spam - 17:20
- Securing your WordPress - basics steps
- Backup your WordPress Instance - 6:46
- Restore from backup
- Update WordPress and Plugins - 4:00
- HTTPS introduction - 8:22
- Manually configuring HTTPS - generating certificates - 15:53
- Automatic configuration and free signed certificate - 7:47
- HTTP to HTTPS Redirect. Manual and using WordPress Plugins - 3:12
- Security Plugins - 4:00
- Wordfence Security Plugin and 2 Factor Authentication - 19:04
- Brute Force Demo - IP and User Block - 5:24
- Spam protection. Captcha on login and comments - 4:39
- HTTP Secure Hearders and TLS scan - free scan your website - 11:22
- HTTP Security Headers using plugins - demo - 3:44
- More Advanced Wordpress Security
- Finding the source of spam - 14:00
- Vulnerabilities and exploits - 9:14
- How to Change Your WordPress Login URL - 4:32
- SQL Injection and URL Hacking - 5:36
- Protect Sensitive Files - 3:24
- Default usernames - 3:33
- Disable XML-RPC - 2:07
- Hide your WordPress version - 4:21
- DDos Protection - 5:09
- Bonus - Learn more about web security
- Bonus Section - 0:30
- SQL Injection - 9:09
- Automatic Exploitation. of SQL Injection - 10:07
- Cross-Site Scripting Introduction. Attacking Users. - 8:27
- Reflected XSS - Session Hjacking - 10:29
- Stored XSS - 6:59
- Using XSS to grab cookies, Facebook username and passwords. Social Engineering - 16:12
- Upload and file execution - 10:43
- Cross-Site Request Forgery - 7:19
- Promo - further information
- Owasp Top 10 Vulnerabilities - Further Reading - 18:16
Access
Lifetime
Content
5.0 hours
Lessons
40
Learn Server Security with BitNinja
Enjoy Real-Time Protection, Automatic False Positive Handling & Threat Analysis
By Gabriel Avramescu | in Online Courses
Even if you are a penetration tester, security consultant, a Linux administrator or a developer, you should also have to know how to fix your security, how to protect actively, and reactively your Linux servers. To have an all in one product easily manageable, that would know the attacks and prevent them from being successful. This course is all about this. It is about protecting your server. You will witness different attacks and you will see a product like this in action. This product is called BitNinja and it is an All in one security for Linux Servers. So you can see the attacks but also you will see how to protect against them.
- Access 40 lectures & 5 hours of content 24/7
- Scan a website on WordPress & exploit its vulnerabilities
- Learn about proactive protection mechanisms such as IP Reputation, Port Honeypots, Web Honeypots, DoS Detection, and WAF Modules
- Understand reactive protection mechanisms such as Malware Detection, Outbound WAF, & see BitNinja-CLI capabilities
- Learn about troubleshooting & how to find a trouble maker IP
Gabriel Avramescu is a Senior Information Security Consultant and IT Trainer. He works on an Internet security team focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
Important Details
- Length of time users can access this course: lifetime
- Access options: web & mobile streaming
- Certification of completion included
- Redemption deadline: redeem your code within 30 days of purchase
- Updates included
- Experience level required: intermediate
Requirements
- Internet access required
Course Outline
- Introduction
- Promo Video - 2:00
- About me - 0:54
- Let's meet - 5:30
- Lab Setup - 1:46
- Lab Setup - Login Information and Download Links
- Join Our Online Classroom!
- Overview of a Wordpress attack
- Commands to be used in the next section
- Scanning for wordpress vulnerabilities - 10:26
- Exploiting a remote code execution vulnerability - 9:18
- Uploading a backdoor - 7:36
- Sending spam - 17:20
- Basics
- Registration and Installation - Useful Information
- Registration and installation - 8:51
- IP Reputations. IP lists - User vs Global lists. Greylisting, Blacklists, Whitelist - 16:57
- HTTP CAPTCHA - 8:35
- SMTP CAPTHCA - 4:27
- Commands used in SSLTerminating Lecture
- SslTerminating Module - 32:12
- SslTerminating Module - Adding Certs Manually - 5:00
- Proactive protection mechanisms
- Commands to be used in this section
- Port Honeypots - 7:57
- Web Honeypots - 10:11
- DoS Detection and Protection - 10:53
- Log Analysis - 3:17
- WAF - Web Application Firewall - 20:33
- Demo - Log Analysis and WAF - 8:29
- Reactive protection mechanisms
- Malware Detection - 6:57
- Outbound WAF - 2:04
- Demo - Malware Detection and Outbound WAF - 11:33
- Blacklist/Whitelist and Country level blacklist/whitelist - 11:35
- bitninja-cli - 7:42
- The "How To" Section
- How to find the source of an infection - 9:41
- How to find the source of spamming - 16:38
- How to find the source of outbound attacks - 10:56
- Security daily routine - 4:58
- Attack trend analysis - 4:55
- Troubleshooting
- CDN integrations - 4:23
- Finding a trouble-maker IP - 9:34
- Further Reading
- Web Security Core Issues - 7:33
Access
Lifetime
Content
2.0 hours
Lessons
28
Web Penetration Tester: Jump Up a Level in Your Career
Pinpoint Network Vulnerabilities in Order to Prevent Attacks by Hackers
By Gabriel Avramescu | in Online Courses
If you’re looking to build a career in security, there’s no better place to focus your efforts than penetration testing. By understanding the vulnerabilities and dangers presented by your network’s structure, you’ll learn how to remedy these gaps and save your company from major security breaches.
- Access 28 lectures & 2 hours of content 24/7
- Master ethical hacking techniques used in penetration systems
- Learn the basic methods for penetration testing of a web application
- Control remote servers
- Learn to gain information on potential targets
- Study various attack types: authentication, session management, access controls, data stores, etc.
Gabriel Avramescu is a Senior Information Security Consultant and IT Trainer. He works on an Internet security team focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
Important Details
- Length of time users can access this course: lifetime
- Access options: web & mobile streaming
- Certification of completion included
- Redemption deadline: redeem your code within 30 days of purchase
- Updates included
- Experience level required: beginner
Requirements
- Internet access required
Course Outline
- Why Web Security?
- Introduction - 1:14
- Core Problems - Why Web Security - 7:33
- Web Technologies
- Preparing the Lab Environment - 8:31
- Join Our Online Classroom!
- Mapping the Web Application. User and Password Brute-Forcing
- What Web Application Mapping Means
- Usernames and Passwords Brute-Forcing using Burp - 14:54
- Spider and Analyze a Website using Burp - 5:27
- Brute-frocing Web Resources using Dirb and Dirbuster - 10:38
- Attacking Authentication and Session Management - Session Hijacking
- Theoretical Overview of Attacking Authentication and Session Management
- Session Hijacking trough Man In The Middle Attack - 11:05
- Intercept and access traffic over HTTPS. Get Facebook or Gmail Passwords - 8:56
- Access controls. Data stores and Client-side Controls
- Theoretical Approach of Attacking Access Controls
- SQL injection - 9:09
- Exploiting SQLi using Sqlmap and Getting Remote Shell - 10:07
- Upload and Remote File Execution - 10:43
- Attacking the Server and Application Logic
- Attacking the server: OS Command injection, Path Traversal and Mail Injection
- Attacking Application Logic
- (XSS) Cross Site Scripting. Attacking the Users
- Cross Site Scripting Theory. Attacking Users
- Reflected XSS – Session Hijacking using Cross Site Scripting - 10:29
- Stored or Persistent Cross Site Scripting - 6:59
- Cross-site Request Forgery (CSRF) - 7:19
- Guideline for Discovering and Improving Application Security
- Guideline for Discovering and Improving Application Security
- Overview of a Wordpress attack
- Lab Setup - 2:48
- Overview of a Wordpress attack - 10:26
- Exploit Vulnerable Wordpress Plugin - 9:18
- Upload a backdoor - 7:36
- Sending spam - 17:20
Access
Lifetime
Content
10.0 hours
Lessons
67
CompTIA PenTest+ (PT0-001) Ethical Hacking
Master the Fastest-Growing Job Categories in the Cybersecurity Realm: Penetration Testing & Vulnerability Management
By Total Seminars | in Online Courses
Penetration testing and information security are one of the fastest-growing job categories according to the U.S. Bureau of Labor Statistics. Whether you're looking to pass the CompTIA PenTest+ certification exam, take your next step in the CompTIA Cybersecurity Pathway, or you're just looking to learn some awesome ethical hacking skills, you’re in the right place. This course focuses on how to be a pentester. A pen tester plans and scopes a pen test engagement with a client, finds vulnerabilities, exploits them to get into a network, then reports on those findings to the client.
- Access 67 lectures & 10 hours of content 24/7
- Use the tools you’ll need to scan networks, crack passwords, analyze & intercept traffic, discover code vulnerabilities, and compromise resources
- Recognize vulnerabilities within a system, run exploits, & suggest solutions to a client to remediate the weak points
- Work within a virtual environment to practice your pen-testing skills, including using Oracle VM manager, Kali Linux, Metasploitable, & DVWA
- Scope, plan, & execute a pen test engagement from start to finish
Total Seminars provides certification training services and training materials to thousands of schools, corporations, and government agencies including the United Nations, the FBI and all branches of the Department of Defense. Total Seminars produces the #1 selling CompTIA A+ and Network+ Certification books with over 1 million books in print.
Total Seminars has created a number of “Best-Selling” Udemy video courses by Mike Meyers and the Total Seminars team of Instructors. They also develop supplemental materials such as the TotalTester certification practice tests and TotalSims lab simulations to support your certification preparation. These are available on the Total Seminars web site.
Total Seminars has created a number of “Best-Selling” Udemy video courses by Mike Meyers and the Total Seminars team of Instructors. They also develop supplemental materials such as the TotalTester certification practice tests and TotalSims lab simulations to support your certification preparation. These are available on the Total Seminars web site.
Important Details
- Length of time users can access this course: lifetime
- Access options: web & mobile streaming
- Certification of completion included
- Redemption deadline: redeem your code within 30 days of purchase
- Updates included
- Experience level required: intermediate
Requirements
- Internet access required
Course Outline
- Introduction to PenTest+
- Welcome to CompTIA PenTest+ (PT0-001) Ethical Hacking - 8:40
- Chapter 1: Planning and Scoping
- Planning a Pen Test - 8:54
- Rules of Engagement - 10:41
- Resources and Budgets - 7:21
- Impact and Constraints - 5:17
- Support Resources - 13:26
- Legal Groundwork - 11:57
- Scope Considerations - 10:51
- Lab Environment Setup - 22:56
- Project Strategy and Risk - 9:24
- Scope Vulnerabilities - 13:32
- Compliance-Based Assessments - 5:25
- Chapter 2: Surveying the Target
- Scanning and Enumeration - 4:35
- Scanning and Enumeration Demo - 10:59
- Packet Investigation - 8:03
- Packet Inspection Demo - 6:02
- Application and Open-Source Resources - 11:52
- Vulnerability Scanning - 8:50
- Vulnebarility Scanning Demo - 16:31
- Target and Asset Considerations - 15:39
- Nmap Timing and Performance Options - 6:43
- Prioritization of Vulnerabilities - 9:17
- Common Attack Techniques - 12:17
- Credential Attacks - 14:41
- Weaknesses in Specialized Systems - 18:08
- Chapter 3: Selecting Your Attack Vector
- Remote Social Engineering - 6:50
- Spear Phishing Demo - 10:19
- In-Person Social Engineering - 12:00
- Network-Based Exploits - 7:19
- FTP Exploit Demo - 8:28
- Man-in-the Middle Exploits - 7:18
- Wireless Exploits - 13:29
- Application Exploits, Part 1 - 5:41
- SQL Injection Demo - 8:48
- Application Exploits, Part 2 - 8:14
- Application Exploits, Part 3 - 9:15
- Cross-Site Scripting Demo - 7:11
- Code Vulnerabilities - 16:48
- Local Host Vulnerabilities - 5:08
- Privilege Escalation (Linux) - 9:49
- Privilege Escalation (Windows) - 6:17
- Misc. Privilege Escalation - 8:07
- Misc. Local Host Vulnerabilities - 8:17
- Physical Security - 11:27
- Post-Exploitation Techniques - 11:23
- Persistence and Stealth - 10:55
- Chapter 4: Selecting Pen Testing Tools
- Nmap Scoping and Output Options - 21:15
- Pen Testing Toolbox - 6:59
- Using Kali Linux - 6:27
- Scanners and Credential Tools - 10:22
- Code Cracking Tools - 4:35
- Open-Source Research Tools - 6:36
- Wireless and Web Pen Testing Tools - 11:03
- Remote Access Tools - 6:28
- Analyzers and Mobile Pen Testing Tools - 2:43
- Other Pen Testing Tools - 4:39
- Using Scripting in Pen Testing - 12:46
- Bash Scripting Basics - 15:10
- Bash Scripting Techniques - 10:21
- PowerShell Scripts - 4:16
- Ruby Scripts - 6:43
- Python Scripts - 5:59
- Scripting Languages Comparison - 11:06
- Chapter 5: Reporting and Communication
- Writing Reports - 16:02
- Post-Report Activities - 5:36
- Mitigation Strategies - 5:13
- Communication - 9:54
Access
Lifetime
Content
7.0 hours
Lessons
51
CompTIA CySA+ Cybersecurity Analyst (CS0-001) Prep Course
Ace the High-Stakes Security Analyst Certification & Become a Well-Respected Professional in the Cybersecurity Field
By Total Seminars | in Online Courses
Properly trained IT security staff who can analyze, monitor and protect cybersecurity resources are in high demand. The U.S. Bureau of Labor Statistics (BLS) predicts that information security analysts will be the fastest-growing overall job category, with 37 percent overall growth between 2012 and 2022. And if you're aiming to stack your resumé with a recognized certification and earn big bucks as a security analyst, this course is for you. With 51 lectures, this class will teach you everything you need to know to respond to cybersecurity threats and attacks. It will make you an outstanding cybersecurity analyst and in the process, make sure you are ready to pass the CompTIA exam.
- Access 51 lectures & 7 hours of content 24/7
- Apply environmental reconnaissance techniques like OS fingerprinting, e-mail harvesting, & social media profiling using tools such as Nmap, Netstat, and Syslog
- Analyze the results of network reconnaissance, & recommend or implement countermeasures
- Secure a corporate environment by scanning for vulnerabilities
- Respond to cyber incidents w/ a forensics toolkit, maintain the chain of custody, & analyze incident severity
Total Seminars provides certification training services and training materials to thousands of schools, corporations, and government agencies including the United Nations, the FBI and all branches of the Department of Defense. Total Seminars produces the #1 selling CompTIA A+ and Network+ Certification books with over 1 million books in print.
Total Seminars has created a number of “Best-Selling” Udemy video courses by Mike Meyers and the Total Seminars team of Instructors. They also develop supplemental materials such as the TotalTester certification practice tests and TotalSims lab simulations to support your certification preparation. These are available on the Total Seminars web site.
Total Seminars has created a number of “Best-Selling” Udemy video courses by Mike Meyers and the Total Seminars team of Instructors. They also develop supplemental materials such as the TotalTester certification practice tests and TotalSims lab simulations to support your certification preparation. These are available on the Total Seminars web site.
Important Details
- Length of time users can access this course: lifetime
- Access options: web & mobile streaming
- Certification of completion included
- Redemption deadline: redeem your code within 30 days of purchase
- Updates included
- Experience level required: intermediate
Requirements
- Internet access required
Course Outline
- Introduction to CySA+
- Introduction - 1:50
- Conducting Reconnaissance
- Thinking Like the Enemy - 9:20
- Tools of the Trade - 7:35
- Analyzing Reconnaissance Results
- Recon Results: Part 1 - 13:06
- Recon Results: Part 2 - 4:52
- Data Output - 5:01
- Responding to Network-Based Threats
- Protecting Your Territory - 4:53
- Hardening Strategies - 12:42
- Securing a Corporate Environment
- Pen Testing - 5:42
- Training - 4:03
- Reverse Engineering - 7:42
- Risk Evaluation - 2:34
- Vulnerability Management
- Requirements Identification - 4:50
- Scanning - 5:49
- Configuring and Executing Scans - 7:47
- Reporting and Remediating - 9:24
- Analyzing Vulnerabilities Scan Results
- Common Vulnerabilities: Part 1 - 7:58
- Common Vulnerabilities: Part 2 - 7:50
- Incident Response
- Incident Response Process - 6:40
- IR Roles and Responsibilities - 7:43
- Preparation Phase
- IR Active Preparation - 9:45
- Threat Trends - 7:35
- Forensic Tools
- Digital Forensics - 9:37
- Seizure and Acquisitions - 4:56
- Forensics Acquisition Tools - 8:57
- Forensics Analysis: Part 1 - 4:29
- Forensics Analysis: Part 2 - 7:51
- Common Symptoms of Compromise
- Network Symptoms - 3:34
- Host Symptoms - 8:07
- Application Symptoms - 4:27
- Incident Recovery and Post-Incident Response Process
- Moving Forward: Part 1 - 13:06
- Moving Forward: Part 2 - 8:02
- Frameworks, Common Policies, Controls, and Procedures
- Frameworks - 13:06
- Policies - 7:31
- Controls & Procedures - 7:44
- Verifications - 6:16
- Identity and Access Management
- Context-Based Authentication - 6:20
- Identities - 15:17
- Managing Identities - 9:43
- Exploits - 8:12
- Defense Strategies
- Data Analytics - 9:48
- Defense in Depth - 14:14
- Software Development Life Cycle (SDLC)
- Secure Software Development - 7:47
- Best Coding Practices - 4:12
- Tools and Technologies
- Preventative Tools: Part 1 - 20:35
- Preventative Tools: Part 2 - 6:20
- Collective Tools - 8:57
- Vulnerability Scanning - 15:54
- Packet Capture - 11:40
- Connectivity Tools - 8:00
- Pen Testing Tools - 11:55
Terms
- Unredeemed licenses can be returned for store credit within 30 days of purchase. Once your license is redeemed, all sales are final.