Pentest Professional V2018
Description
The Penty Professional v2018 course from Solyd, is the most complete Pentest and Ethical Hacking course in existence. It takes the student from Zero to Professional with 100% practical classes. It offers a solid foundation in computing, networking, Linux and programming so that the student can practice Pentest naturally, using and writing their own tools and exploits. We will go through several areas of hacking, going through all phases of a real Pentest using realistic environments and laboratories and at the end of the course a certification will be made in a real corporate environment with several servers to be attacked. It has a learning system step by step, which in a light and intuitive way takes the student to easy learning, without the need for knowledge prerequisites. This training serves as preparation and goes far beyond the knowledge passed in the most respected international certifications such as CEH and OSCP.
What will you get?
Module 1 - Introduction to the course Course Presentation Introduction to Information Security Hacking Areas Introduction to Pentest Pentest phases Certifications, professions and the labor market Cyber Crime Legislation Module 2 - Preparing the environment Installing Kali Linux Ubuntu Bash for Windows 10 Module 3 - Introduction to Linux and Computing Introduction to Computing How a computer works How Computer Programs Work How an operating system works Why will we use Linux? Introduction to Linux Linux distributions Getting to know the terminal Browsing folders and files Directory structure Main commands Permissions and users Joining commands, input and output Installing packages and upgrading Linux Graphical interfaces Introduction to shellscript Module 4 - Introduction to Computer Programming Introduction to Python Introduction to Python for Pentests Environment Configuration IDEs and Editors Variables and data types Data entry and exit Data structures Conditional structures Loop structures Functions Classes and Objects Module 5 - Introduction to Computer Networks Introduction to networks and Internet How the Internet Works Network Protocols and Layers Network and Port Services (DNS, E-mail, Web Server, Database, FTP, SSH, Telnet, etc.) Network Devices (Routers and Switches) Understanding NAT and ports Netcat - Swiss Army Knife Direct connection vs Reverse connection Module 6 - Working with Networks and Sockets Manipulation of Python libraries Introduction to Sockets Exception handling TCP client UDP client Servers Creating a server-client structure Creating a mini server-client chat Making file transfers over Sockets Module 7 - Discovery and Analysis of Networks and Services 1 Footprint Fingerprint Whois DNS Reverse DNS Google Hacking Shodan Module 8 - Network and Service Discovery and Analysis 2 TCP protocol, flags and connection states Networks, Services and Applications Introduction to Portscanners and Portswappers Network discovery with Nmap Port scanning and capturing banners with Netcat Capturing banners with Python Sockets Developing a Portscan in Python Developing a Portswap in Python High-speed ICMP network discovery Developing a high-speed ICMP Scan Module 9 - Web vulnerabilities 1 Introduction to the HTTP and HTTPS protocol Understanding the HTTP header Web Servers Cookies, Local storage and sessions Mastering the web browser - administrative tools Web requests with Postman Web requests with Netcat Python web requests Handling cookies and sessions with Python Intercepting HTTP traffic with Burpsuite Intercepting HTTPS traffic with Burpsuite Module 10 - Web vulnerabilities 2 Introduction to web vulnerabilities Various types of web vulnerabilities Getting to know OWASP Site recognition WAF detection Google Hacking and Dorks Finding sensitive files and folders Developing search tool for sensitive files and folders WebCrawlers Developing a Webcrawler with Python Python regular expressions Developing email search bot Module 11 - Web vulnerabilities 3 Introduction to SQL Injection Types of SQL Injection SQL Injection detection SQL Injection Manual SQL Injection with SQLMAP and Havij Developing a scan for SQL Injection detection Exploring SQL Injection Web Shell upload Winning a reverse shell Bypass Cloudlfare and WAF SQL Injection via Post SQL Injection via Headers and Cookies Refining attacks and target Advanced SQLMap Command Injection Cross Site Scripting (XSS) Local File Inclusion (LFI) Remote File Inclusion (RFI) Module 12 - Web Vulnerabilities 4 Vulnerability Scanning Arachni Acunetix from Zero to Professional WPscan JoomlaVS Using known exploits Module 13 - Encryption, passwords and brute-forcing Introduction to Cryptography What is a hash? Key encryption algorithms Cryptography vs Encoding Hash Identifier Hash Decrypt Wordlists Hashcat Brute-force HTTP with Hydra Brute-force FTP, SSH, TELNET PGP Keys Developing an HTTP password brute-force Module 14 - Discovery and Analysis of Networks and Services 3 Service vs. Application Vulnerabilities Nessus OpenVAS Module 15 - Exploits and Metasploit Introduction to Exploits Different types of Exploits Searching and Identifying Exploits Knowing the Heartbleed Bug Exploring Heartbleed Bug Introduction to Metasploit Introduction to Reverse Shell and Shellcode Invading Windows XP with Metasploit Generating shellcodes with Msvenom Invading Windows 7/8/10 with Metasploit Windows post exploration Exploring Eternalbuel (Wannacry 2.0) Exploring FTP Exploring Telnet Exploring Tomcat with WAR files Installing modules Module 16 - Malware, shellcode and obfuscation 1 Introduction to Malware Types of Malware History of Computer Viruses How anti-virus works Introduction to malware obfuscation Reverse shell with netcat Trojan Horse Hidden files and extensions Obfuscation by basic binding
