Hands-on Penetration Testing Labs 1.0
- 4.5 hours on-demand video
- 17 downloadable resources
- Full lifetime access
- Access on mobile and TV
- Certificate of Completion
Get your team access to 4,000+ top Udemy courses anytime, anywhere.Try Udemy for Business
- Enumerate/scan systems with Netdiscover, Nmap, Dirb, Nikto, etc.
- Perform remote exploitation of systems
- Escalate local privileges to root level
- Utilize a variety of industry standard penetration testing tools within the Kali Linux distro
- Build buffer overflows manually
- Basic Linux knowledge
- Basic networking knowledge
- Kali Linux
- Desktop or Laptop with a minimum of 2GB RAM (8GB+ preferable)
- Windows 7 or 10 host OS preferred (tested)
NOTE: This is independent from my other course, Hands-on Pentration Labs 1.0 - they both have original content and you're not required to buy one or the other by itself.
Looking for Powerpoint slides and lectures that will put you to sleep? Keep moving, because this course is not for you.
This course consists of 100% hands-on technical labs, utilizing industry standard open source technology to hack a variety of intentionally vulnerable operating systems. All of the resources to build the labs are free. Detailed instructions on how to set up the labs are included within this course (VMware Player, Kali Linux, Kioptrix, etc.). Moreover, I've set up a Google drive for you to conveniently download all vulnerable VMs. To make the most out of this course, it is recommended that you actually perform the activities within the labs rather than just watch the videos.
The main points that will be covered in this course is enumeration, remote exploitation, buffer overflows, and privilege escalation. These labs will show you how to interpret results from tools such as Nmap, Dirb, and enum4linux, and use them effectively to compromise vulnerable systems. Please note that these labs contain spoilers, and it is a good idea to attempt to compromise the vulnerable systems on your own prior to getting the answers from the walk through that's provided.
- Cybersecurity Students
- Cybersecurity Professionals
- New Penetration Testers
- CEH Candidates
- OSCP Candidates
- Pentest+ Candidates
This lecture will cover a brief introduction for what's to be expected during the Hands-on Penetration Testing Labs 1.0 course.
Due to popular demand in my previous pentesting courses, I'm going to provide a technical explanation of many but not all of the commands and tools we'll be utilizing within this course. Also, in the resources attached to this lecture, I have a bunch of URLs that contain additional comprehensive information related to what we're about to cover. If there's anything you're confused about or need further information on that you cannot find out on your own with research, please feel free to contact me via the Q&A system or direct messaging.
If you're already well versed in basic to intermediate Linux commands, you should be okay with skipping this lecture. Otherwise, stay tuned for the new information or refresher depending on your skill level.
This lecture will show you how and where to download and configure the latest version of Kali Linux, 2020, which is tailor made for my Udemy course Hands-on Penetration Testing Labs 4.0. It's also being made available for all other courses, as the newest version has some slight differences which may make an impact.
In this quick video I'm going to show you where you can download the majority of vulnerable VMs that are going to be utilized within this course. I've hosted them all on a Google drive, and the link will be provided to you via a text document that's attached to this lecture.
This video will cover the enumeration and exploitation of Kioptrix 1, which is an intentionally vulnerable Linux VM that I've acquired from VulnHub. This is one of the first VMs I've ever exploited on my journey towards learning OSCP. It is quite dated, so there are compatibility issues when trying to use it on VirtualBox or VMware if you don't know how to change the settings properly.
Luckily for you, I've taken the initiative to figure out how to get them converted to VirtualBox and have tested them during the creation of this course. I've also exported Kioptrix 1-5 as OVA files, which you can download from my Google drive and double click to import to VirtualBox Manager. Obtaining these Kioptrix VMs and getting them to run should be easy and straight forward for you.
This video is going to show you how to enumerate and exploit Kioptrix 2, an intentionally vulnerable Linux VM that comes from VulnHub. I've got it working on VirtualBox and exported this and all other Kioptrix boxes to OVA files which I've conveniently hosted for you on a Google drive. Download it, double click the OVA file, click import, make sure the network is configured to host-only, and let's get to work.
Tr0ll 1 is an intentionally vulnerable VM that is said to have been inspired by the constant trolling of the OSCP labs. The goal as with all of our other intentionally vulnerable VMs is to gain root access to the system. This was a really fun challenge for me, and was excellent to help prepare for the relentless trolling of the OSCP and similar CTF challenges.
This video will cover the exploitation of Windows 7 with Kali Linux, using an Eternalblue Python standalone exploit. To follow along with this tutorial, you'll need Security Onion, Windows 7 Enterprise 32-bit, and Kali Linux VM's set up to communicate with one another with host-only interfaces. After the exploitation, analysis will be conducted within Security Onion on the Snort alerts and associated rules, and PCAP to identify the network evidence of the successful compromise. These are real-world skills that are crucial for cybersecurity analysts.
This video will cover the exploitation of Ubuntu Server 12.04 using a Heartbleed Metasploit auxiliary module. To follow along with this tutorial, you'll need Security Onion, Ubuntu Server 12.04, and Kali Linux VM's set up to communicate with one another with host-only interfaces. After the exploitation, analysis will be conducted within Security Onion on the Snort alerts and associated rules, and PCAP to identify the network evidence of the successful compromise. These are real-world skills that are crucial for cybersecurity analysts.