A penetration tester who only knows how to use tools written by others is limited to old techniques. Knowledge of a programming language will make you much more powerful. Python is the favorite choice for penetration testers because it combines simplicity and ease of use with advanced features.This course will commence by showing you how to get the Target and Attacker virtual machines running and properly networked together. You will learn how to connect to a server, and how to automate login requests. This will let you break into services by guessing PINs, and exploit blind vulnerabilities by observing time delays. You will also get your hands dirty and learn how to write custom scanning tools, so that you can send unusual patterns of packets to find and exploit hidden services. Next, you will learn how Web pages are delivered, and how to write your own tools to break into vulnerable websites. Some "blind" services don't return any useful information to guide attackers, but can still be exploited by measuring the time they take to respond. You will also be walked through an in depth understanding of the exact series of network packets required to connect to servers, you can perform many attacks that block traffic or misdirect it through the attacker's system. Using the Scapy library, you can then quickly make network tools, including clients and servers. This is the best way to learn exactly how networking works. Now that you understand normal networking, you can perform attacks that trick networks into sending data to the wrong destination, or refusing service to clients. Towards the end of the course, you will also learn to use these tools to make defenses that distract and confuse attackers, or that detect suspicious network activity.
About the author
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEFCON, HOPE, B-Sides SF, B-Sides LV, BayThreat, LayerOne, Toorcon, and many other schools and conferences. Credentials: PhD, CISSP, DEF CON Black-Badge Co-Winner
The aim of this video is to develop a strong foundation by learning how to equip your system with Python
The aim of this video is to get familiar with Ports and undertake processes like banner-grabbing and error handling.
The aim of this video is to implement scanning and find a hidden service.
The aim of this video is to know the importance of Port knocking
The aim of this video is to implement HTTP POST in Python in order to login into a server.
The aim of this video is to understand the Brute Force attacks and how they can be utilized.
The aim of this video is to gain a better understanding about Brute Force attacks.
The aim of this video is to take a look at setting up Kali Linux Virtual Machine in order to use Scapy.
The aim of this video is to understand the process of sending and receiving UDP packets by various means.
The aim of this video is to gain an in-depth understanding of the TCP handshake, time out, and completing the handshake by sending SYN using Scapy.
The aim of this video is to further explore TCP handshake and how to insert it into a script using Scapy’s interpreter. We also take a look at using HTTP GET to fetch web pages as well as displaying received replies.
The aim of this video is to explore sending data and take a look at the winners page.
The aim of this video is to explain about TTL and how hops work. The challenge is to send data to server with TTL = 1 and view the winners page.
The aim of this video is to prepare a second Kali Linux Virtual machine. We discuss how ARP requests and replies work. Finally, we perform ARP poisoning to redirect traffic on a Local Area Network.
The aim of this video is to understand how Router Advertisement works and creating one in Scapy.
The aim of this video is to review TCP handshake and understand how to send SYN flood in Scapy.
The aim of this video is to understand how to setup two Kali Linux machines and have an apache server to attack. We further understand how HTTP GET works. Finally, we modify the script to create a Slowloris attack.
The aim of this video is to discuss the SMBloris attack, which is a Denial of Service attack. We also view the challenge as well as the winner’s page.
The Land attack challenge and winners.
The aim of this video is to understand Port scanning with Zenmap and discuss the Yesman honeypot.
The aim of this video is to take a look at the network setup consisting of attacker and target machines. We also understand how to make a ping in Scapy and how to detect promiscuous mode.
The aim of this video is to discuss the normal ARP process. We understand how ARP fields are named in Scapy and design scripts to print messages when it detects suspicious ARPs
The aim of this video is to gain an understanding Privacy and DNS. We also take a look at DNS monitoring in Scapy.
The aim of this video is to take a look at IPv4 Router Advertisement attack and its challenge to detect RA.
The aim of this video is to understand Land attack and the challenge is to detect Land attack.
Packt has been committed to developer learning since 2004. A lot has changed in software since then - but Packt has remained responsive to these changes, continuing to look forward at the trends and tools defining the way we work and live. And how to put them to work.
With an extensive library of content - more than 4000 books and video courses -Packt's mission is to help developers stay relevant in a rapidly changing world. From new web frameworks and programming languages, to cutting edge data analytics, and DevOps, Packt takes software professionals in every field to what's important to them now.
From skills that will help you to develop and future proof your career to immediate solutions to every day tech challenges, Packt is a go-to resource to make you a better, smarter developer.
Packt Udemy courses continue this tradition, bringing you comprehensive yet concise video courses straight from the experts.