09:24
  • 35
    Network scanning techniques

    References and Sources:


  • Online Port Scanners

  • http://www.t1shopper.com/tools/port-scan/
  • http://nmap-online.com
  • http://www.hashemian.com/tools/port-scanner.php
  • Nmap: http://nmap.org/
  • Scanning Types: http://nmap.org/book/man-port-scanning- techniques.html
  • Scanning Performance: http://nmap.org/book/man- performance.html
  • Version Scanning: http://nmap.org/book/vscan-technique.html
  • OS Fingerprinting: http://nmap.org/book/osdetect.html#osdetect-intro
  • 47:35
  • 36
    Vulnerability Identification and Assessment techniques

    References and Sources:

  • NSE Script Repository: http://nmap.org/nsedoc/index.html
  • NSE Guide: http://nmap.org/book/nse.html
  • NSE Usage: http://nmap.org/book/nse-usage.html#nse-categories

  • Nexpose: http://www.rapid7.com/products/vulnerability-management.jsp

    Nessus: http://www.tenable.com/products/nessus

    Ncircle: http://www.ncircle.com/index.php?s=products_ip360

    31:22
  • 37
    Practical Evasion and avoidance Techniques

    References and Sources:

  • Nmap Evasion Guide: http://nmap.org/book/man-bypass- firewalls-ids.html
  • Loose Source Routing Discussion: http://www.synacklabs.net/OOB/LSR.html
  • LSRTunnel: http://www.synacklabs.net/projects/lsrtunnel/
  • LSRScan: http://www.synacklabs.net/projects/lsrscan/
  • 19:37
  • SECTION 4:
    Network Attacking Techniques
  • 38
    Password cracking, MITM, Sniffing SSL and RDP Attacks

    References and Sources:

  • Man in the Middle:
  • https://www.owasp.org/index.php/Man-in-the-middle_attack• http://it.toolbox.com/wiki/index.php/Man-in-the-Middle_Attack
  • http://www.schneier.com/blog/archives/2008/07/maninthemiddle_1.html

  • ARP Poisoning Attack:
  • http://www.watchguard.com/infocenter/editorial/135324.asp • http://www.osischool.com/protocol/arp/arp-spoofing•
  • http://news.hitb.org/content/guide-arp-spoofing
  • Tools:
  • Cain & Abel:

    http://www.oxid.it/cain.htmlDsniff: http://www.monkey.org/~dugsong/dsniff/

    Ettercap:

    http://ettercap.sourceforge.net/Karmetasploit:

    https://community.rapid7.com/docs/DOC-1284

    SSLStrip:

    http://www.thoughtcrime.org/software/sslstrip/

    49:21
  • SECTION 5:
    Windows and Linux Attacking Techniques
  • 39
    Windows Security Overview for Penetration Testers

    Refrences and Sources:

    Inside Windows UAC: http://technet.microsoft.com/en- us/magazine/2007.06.uac.aspx

    Windows Wikipedia Entry: http://en.wikipedia.org/wiki/Microsoft_Windows

    Windows NT Wikipedia Entry: http://en.wikipedia.org/wiki/Windows_NT

    Windows 2000 Wikipedia Entry: http://en.wikipedia.org/wiki/Windows_2000

    34:54
  • 40
    Linux Security Overview for Penetration Testers
    20:20
  • 41
    Attacking and Hacking Windows
    58:32
  • 42
    Attacking and Hacking Linux
    16:37
  • SECTION 6:
    Windows and Linux Post-Exploitation Techniques
  • 43
    Windows post exploitation techniques

    References and Sources:

    http://commandwindows.com http://www.computerhope.com/batch.htm http://www.robvanderwoude.com/

    http://www.microsoft.com/resources/documentation/windo ws/xp/all/proddocs/en-us/batch.mspx?mfr=true

    http://www.room362.com/blog/2011/9/6/post-exploitation- command-lists.html

    01:04:51
  • 44
    Linux post exploitation techniques
    23:51
  • 45
    Data mining techniques
    03:03
  • SECTION 7:
    Web Exploitation Techniques
  • 46
    Web Application Primer

    References and Sources:

  • http://www.w3schools.com/
  • https://www.owasp.org/index.php/Category: OWASP_Top_Ten_Project
  • 28:33
  • 47
    Web Application Scanning and Mapping
    20:34
  • 48
    Exploiting SQL Injection to Full System Access (MYSQL)
    01:02:02
    Preview
  • 49
    Exploiting SQL Injection to Full System Access (MSSQL)
    28:20
  • 50
    Exploiting Blind SQL Injection to Full System Access (MYSQL)
    13:50
  • 51
    Exploiting Blind SQL Injection to Full System Access (MSSQL)
    48:58
  • 52
    Exploiting RFI, Local File include, File Uploads and RCE
    35:06
  • 53
    Exploiting XSS ( Reflected and Stored ) and CSRF to Full System Access
    01:01:13
  • SECTION 8:
    Windows Exploit Development
  • 54
    Using Immunity Debugger and Metasploit to develop a windows exploit

    Special Thanks to Dino Dai Zovi and Saumil Shah

    References and Sources:

    • http://www.slideshare.net/saumilshah/operat ing-systems-a-primer
    • http://www.slideshare.net/saumilshah/how- functions-work-7776073
    • http://www.slideshare.net/saumilshah/introd uction-to-debuggers
    • http://cryptocity.squarespace.com/files/exploi tation/2011/memory_corruption_101.pdf
    02:05:59
  • SECTION 9:
    The end but it is not the end :)
  • 55
    The end
    04:19
  • Preview This Course For Free!

    REVIEWS

    • 145
    • 35
    • 7
    • 8
    • 15
    AVERAGE RATING
    NUMBER OF RATINGS
    210
    SEE ALL 210 REVIEWS