Hands-on Penetration Testing Labs 4.0
What you'll learn
- Penetration Testing
- Kali Linux
- Directory Traversal
- SQL Injection
- Remote/Local Exploitation
- Remote/Local System Enumeration
- Privilege Escalation
- Nmap
- Metasploit
- Dirb
Requirements
- Basic knowledge of Linux
- VirtualBox
- Modern laptop or PC (8 GB RAM at least)
- Tested on Windows 10, although other OS's will likely work fine
- Passion for cyber security
Description
Welcome everyone, and thanks for choosing to participate in my Kali Linux Hands-on Penetration Testing Labs 4.0 course. If you've taken my previous courses with similar names, you already know what's in store. I'll be providing a bunch of vulnerable Virtual Machines which we'll be hacking with Kali Linux using VirutalBox. At the time of this recording, all of the technology is cutting edge, and real-world relevant. Just to give you an idea of what to expect, we'll be focusing very little on theory, and putting a high emphasis on practical hands-on application of offensive security skills.
For example, we're going to be utilizing some of the industry standard penetration testing tools such as nmap, Metasploit, dirb, netcat, Burp suite, and a bunch of custom exploits. We'll be focusing on automated and manual enumeration and exploitation, which is a key essential when training to be a subject matter expert in our field. Some of the attack techniques we'll be covering are remote web application and service exploitation, privilege escalation, directory traversal, SQL injection, local file inclusion, and much more. If you're not quite sure what some or any of these words mean, don't worry, you'll see soon enough their effectiveness in action.
Each lecture has a set of resources which are included as a text file. In order to access it, simply click on the Resources drop down box for the particular lecture, and download the text file. This includes all commands which are utilized in that specific lecture, as well as URLs which I deem useful.
I really hope that you enjoy my course, and encourage you to reach out to me via the Udemy messaging system either in the Q&A section or direct message if you have any specific technical questions or simply want career advice.
Who this course is for:
- Cyber security aspirants
- Penetration testers
- Security analysts
- IT Professionals
- IT Students
Course content
- Preview02:19
- Preview02:58
- 02:01Download and Config Vulnerable Attack Target VMs
- Preview25:33
- 30:12Matrix 3 Enumeration and Exploitation
- 15:28Broken Gallery Enumeration and Exploitation
- 19:58DumbUser (Windows 10) Enumeration and Exploitation
- 23:01Symfonos 1 Enumeration and Exploitation
- 18:41Symfonos 2 Enumeration and Exploitation
- Preview12:31
- 24:17Symfonos 4 Enumeration and Exploitation
- 14:10Symfonos 5 Enumeration and Exploitation
- 17:36digialworld.local JOY Enumeration and Exploitation
- 21:10digitalworld.local Torment Enumeration and Exploitation
Instructor
Summary: Jesse Kurrus is a cybersecurity expert with a breadth and depth of knowledge, professional experience, and top of the line credentials directly related to his field of expertise. He has provided quality training for thousands of students online, has mentored them one-on-one, and has coached many to acquire jobs in the cyber field. Professional strengths include security analysis, intrusion detection, ethical hacking, penetration testing, training, and technical writing. Jesse has a true passion for cybersecurity and information technology, and an insatiable ambition to further his knowledge and professional skill set.
Specialties: Intrusion Detection / Network Security Monitoring (Security Onion, Snort, Bro, and Suricata); SIEM Technology (Elasticsearch, Logstash, Kibana (ELK), ArcSight, and Splunk); PCAP analysis (Tcpdump, Wireshark, NetworkMiner, NetWitness/Security Analytics); Penetration Testing (Kali Linux, BurpSuite, Nikto, Nmap, Metasploit, etc.)
Current Degrees/Certifications: M.S. in Information Technology with Information Assurance Specialization / B.S. in Computer Networks and Security / Network+, A+, Security+, Linux+, Certified Ethical Hacker v8 (CEH), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), eLearnSecurity Web application Penetration Tester (eWPT)