Infrastructure & Network: Bug Bounty and Penetration Testing

Name: Infrastructure & Network: Bug Bounty and Penetration Testing
Rating: 4.4 (477 reviews)

Learn how to hack networks and web applications like black hat hackers, and learn how to secure them from these hackers.

Created byGabriel Avramescu

Last updated 1/2024

English

What you'll learn

Understand and perform the basic steps in order to performa penetration testing of an infrastructure or other computers in the network
Be able to gather information about your target
You will learn how to find open ports your target
You will learn how to find vulnerabilities in your target infrastructure
Exploit found vulnerabilities
Sniff and analyze network traffic
You will learn how to exploit Windows and Linux Systems
Understand and perform attacks using Metasploit
Understand cryptography
Understand the difference between backdoors, viruses and worms. Learn the basics of how to analyse them
Hack wireless networks
Understand the penetration testing process
As a network administrator you will learn how to secure your network

Course content

10 sections • 44 lectures • 6h 46m total length

Introduction1:13
In this video I will introduce myself and speak about the course content.
Introduction to Ethical Hacking. Footprinting and Reconnaissance24:55
The first step in any penetration testing is to gather as much information as possible about the target. In this vide I will go trough what information gathering is, different types and tools to perform that.
Join Our Online Classroom!0:54
Join our online classroom!
Demo - Information Gathering using Google Dorks and DNS Queris4:17
The most easy way to perform information gathering is to do it using search engines. This is a passive method.
Demo - Scanning and Enumeration8:08
In this video we will go trough active information gathering using different tools and techniques.
Do it yourself - Information Gathering Exercise18:00
As a homework, you will be challenged to perform information gathering in the lab we will provide.

Scanning and enumeration8:58
In this video we will go trough different types of scanning and enumeration techniques.
Vulnerabilties Identification8:28
In this vide we will talk about what a vulnerability is and how we can find them.
Demo - Installing Nessus Scanner3:31
Using a security scanner such as Nessus could be very helpful in finding security vulnerabilities. In this video you will learn how you can install it.
Demo - Use Nessus to Discover Vulnerabilities4:42
In this video you will learn how you can use Nessus in order to find security vulnerabilities.
Demo - Using Nikto to discover Web Vulnerabilities4:53
In this vide you will learn how to use Nikto open-source free software in order to find security vulnerabilities in web servers.
Demo - Using Paros for Vulnerability Discovery4:48
In this vide you will learn how to use Paros open-source free software in order to find security vulnerabilities in web applications.
Demo - Use Dirbuster to brute force sub-directories and filenames2:50
In this vide you will learn how to use Dirbuster open-source free software in order to find hidden content in web applications.
Do it yourself - Scanning and enumeration, Vulnerability Discovery Exercise8:00
Another challenge to find different security vulnerabilities that we are going to exploit in the next section of the course.

System hacking - vulnerability exploitation5:58
Once we have discovered some interesting vulnerabilities, we can go further and take advantage of them. So let's learn how to exploit them.
Passwords11:56
Knowing how to crack password is one of the most important steps in computer and website hacking. You will learn about different types of cracking passwords, hashes and so on.
Authentication6:55
In this video you will learn what Authentication is and why is so important when it comes to computer security.

Metasploit17:08
Maybe one of the most well-known tools and framework for hacking and exploitation is Metasploit. In this video you will learn what is it, about its modules and how to use it.
Demo - Exploiting FTP Server Vulnerability using Metasploit11:48
In this vide you are going to learn how to exploit a vulnerable FTP server using Metasploit in order to get remote access on the server that it runs on.
Demo - Post Exploitation Example1:06
Once you have access on a remote server, useful to maintain your access and gather more information about juicy stuff hosted on that server, such as passwords, documents, cookies, wi-fi passwords and so on.
Demo - Exploiting NFS Vulnerability and exporting SSH Keys to the Victim PC10:07
Samba, NFS, SMB - some of the most met services running on different systems, even if it is Mac, Linux or Windows. Learning how to find security loopholes and exploit them is essential. In this video you will learn how to do exactly this.
Demo - Eploiting Samba Service on Linux using Metasploit3:09
Get root using Metasploit never have been easier than in this video, using a Samba vulnerability.
Demo - Windows backdoor using Metasploit14:06
Create a backdoor for Windows - learn how in this video. Use social engineering techniques to deploy it.
Do it yourself - Vulnerability Exploitation using Metasploit Exercise24:00
Another challenge for you - further exploit using Metasploit.

Cryptography concepts4:56
Are you a geek? No, yes? Nevertheless, you need to know about cryptography. How can you become a hacker without knowing this?
Cryptographic Algorithms11:09
Some basic math is always good when it comes to Cryptographic Algorithms.
Cryptography and cryptanalysis tools. Cryptography attacks3:02
And now the time came to learn about cracking cryptography.
Demo - Hack SSH passwords using Medusa5:14
Brute Force SSH? No problem! Learn how in this video, using Medusa.
Hack the SSH Password using Hydra5:05
Learn how to use Hydra in order to brute force MySQL,. SSH, FTP, Telnet, Cisco and so on.
Hack Linux Passwords using John the Ripper3:29
Learn how to offline crack password hashes using John the Ripper.
Do it yourself - Passwords Protection Exercise15:00
This is another challenge for cracking passwords.

Introduction to Cross-Site Scripting and Beef-XSS8:27
Cross-Site-Scripting or XSS is a client-oriented attack used in many social engineering and not only attacks to harvest username and passwords, deploy backdoors, change websites' behavior of interface. In this video you will learn how it is.
XSS example - reflected10:29
Once you understood what a cross-site scripting is, let's move forward and see how we can exploit it in order to steal user's session and impersonate them. Some social engineering is always welcomed.
XSS example - stored6:59
Stored XSS and stealing credentials goes well hand in hand. In this video we are going to see how we can use this in our advantage.
Beef-XSS Demo16:12
Beef-XSS is a cross-site scripting exploitation framework. In this video you are going to learn how to use it.
Further information0:10
Time to say good bay, but my door is always open if you want to learn more.

Requirements

Basic IT skills
Basic knowledge of Linux and/or Windows
Understand basic computer networking

Description

In order to protect yourself from hackers, you must think as one.

In this course, you will start as a beginner with no previous knowledge about penetration testing or hacking.

You will learn hacking tools, methodologies and techniques. This is a both practical and theoretical step-by-step course.

This course is focused on the practical side of penetration testing without neglecting the theory behind each attack. Before jumping into penetration testing, you will first learn how to set up a lab and install needed software to practice penetration testing on your own machine.

Below are the main topics, both theoretical and practical, of this course:

Introduction to Ethical Hacking, Footprinting and Reconnaissance
- This section will teach you how to gather information about your target server, you will learn how to discover the DNS server used, open ports and services, un-published directories, sensitive files. This information is very important as it increases the chances of being able to successfully gain access to the target website.
Scanning Networks, Enumeration and Vulnerabilities and System Hacking
- In this section you will learn how to discover and exploit a large number of vulnerabilities, this section is divided into a number of sub-sections, each covering a specific vulnerability, firstly you will learn what is that vulnerability, then you will learn how to exploit this vulnerability.
Sniffing
- Learn how to capture encrypted and unencrypted data, passwords and such (HTTP, telnet, HTTPS, etc)
Metasploit
- Use This framework to exploit numerous vulnerabilities and crate backdoors
Trojans, Backdoors, Viruses and Worms
Cryptography
Penetration testing on Wireless Networks
Penetration Testing

NOTE: This course is created only for educational purposes and all the attacks are launched in an isolated lab environment.

Who this course is for:

Anyone who want to learn the ethical hacking and penetration testing process
Network and Security Engineers
IT students
Anyone who wants to start a career in it security field or as "ethical hacker"

Infrastructure & Network: Bug Bounty and Penetration Testing

What you'll learn

Explore related topics

Course content

Introduction to Ethical Hacking. Footprinting & Reconnaissance6 lectures • 57min

Scanning Networks, Enumeration and Discovering Vulnearbilities8 lectures • 46min

System Hacking and Vulnerability Exploitation3 lectures • 25min

Basics of Sniffing1 lecture • 15min

Metasploit7 lectures • 1hr 21min

Trojans, Backdoors, Viruses and Worms2 lectures • 14min

Cryptography7 lectures • 48min

Penetration Testing on Wireless Networks3 lectures • 33min

Penetration Testing Overview. Final words2 lectures • 44min

(Bonus) Attacking the users trough websites - XSS and Beef-XSS5 lectures • 42min

Requirements

Description

Who this course is for: