This course was created with the
course builder. Create your online course today.
Start now
Create your course
with
Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Applied Ethical Hacking and Rules of Engagement
Crash Course: Linux Basics
Virtual Environment (10:55)
Kali Linux Installation & Environment (19:00)
Power Up Your Linux Shell: TERMINATOR-ZSH-TMUX (17:41)
Linux Basics & Commands (24:54)
Docker on Linux (17:12)
Get Your Hands Dirty
Important note
Disclaimer
VSCode IDE For Your Scripts! (9:30)
Intro to Ethical Hacking Basic Concepts and Terminologies (15:30)
Vulnerable Labs #1: dvwa, bwapp, webgoat, juiceshop, metasploitable2 (19:09)
Read Me!
Vulnerable Labs #2: metasploitable3 (10:19)
Capture The Flags(CTF): HTB and others (17:01)
Ethical Hacking 1: Understand Attack Vectors
Understanding Attack Vectors (12:51)
Ethical Hacking 2: Information Gathering & Enumeration
Initial Reconnaissance with OSINT Framework (17:29)
Scanning with ZENMAP (13:07)
Scanning with NMAP in Command Line & in Python (25:28)
Scanning with Metasploit AUX & CENSYS (14:44)
Metasploitable Environment Preparation (8:32)
Enum with NMAP Part 1 (20:29)
Enum with NMAP Part 2 (14:15)
Enum with Metasploit and other tools (16:22)
Ethical Hacking 3: Vulnerability Scanning & Analysis
Introduction to Vulnerability Scanning and Analysis (13:35)
Setting up OpenVAS-GVM (9:31)
Vulnerability Assessment with OpenVAS-GVM (16:01)
Vulnerability Analysis in Action (27:23)
Second Opinion Vulnerability Scanning with NMAP NSE Scripts (21:30)
Third Opinion Vulnerability Scanning with Metasploit (12:07)
Ethical Hacking 4: Exploitation, Post Exploitation and Password Attacks
Initial Presentation (18:18)
Metasploitable2 - Part 1 (13:14)
Metasploitable2 - Part 2 (11:49)
Metasploitable2 - Part 3 (18:30)
Metasploitable2 - Part 4 (13:22)
Metasploitable3 Ubuntu - Part 1 (15:42)
Metasploitable3 Ubuntu - Part 2 (17:02)
Metasploitable3 Ubuntu - Part 3 (17:10)
Metasploitable3 Ubuntu - Part 4 (15:50)
Metasploitable3 Win2k8 - Part 1 (19:23)
Metasploitable3 Win2k8 - Part 2 (17:12)
Metasploitable3 Win2k8 - Part 3 (16:08)
Password Hash Crack - Part 1 (16:18)
Password Hash Crack - Part 2 (13:19)
Ethical Hacking 5: Network Attacks (Wired & Wireless)
Man in the Middle Attacks (Sniffing & Spoofing) - Part 1 (24:06)
Man in the Middle Attacks (Sniffing & Spoofing) - Part 2 (20:59)
Wireless Attacks - Part 1 (9:39)
Wireless Attacks - Part 2 (12:34)
Ethical Hacking 6: Social Engineering Attacks
Social Engineering Concepts - Part 1 (10:10)
Social Engineering Concepts - Part 2 (11:25)
Gophish Framework - Reaching the Target - Part 1 (17:05)
Gophish Framework - Reaching the Target - Part 2 (13:13)
Social Engineering Client Side Attacks - Part 1 (11:31)
Social Engineering Client Side Attacks - Part 2 (10:52)
Ethical Hacking 7: Web App Pentesting (OWASP-TOP 10)
Web App Pentesting Concepts - Part 1 (17:50)
Web App Pentesting Concepts - Part 2 (12:49)
Web App Pentesting Concepts - Part 3 (15:48)
Web App Pentesting Concepts - Part 4 (11:29)
Burp Suite Basics - Part 1 (19:49)
Burp Suite Basics - Part 2 (16:55)
Damn Vulnerable Web Application Lab - Part 1 (15:40)
Damn Vulnerable Web Application Lab - Part 2 (20:41)
Damn Vulnerable Web Application Lab - Part 3 (23:51)
Damn Vulnerable Web Application Lab - Part 4 (20:36)
Damn Vulnerable Web Application Lab - Part 5 (10:32)
OWASP Webgoat Lab - Part 1 (9:56)
OWASP Webgoat Lab - Part 2 (14:22)
OWASP Mutillidae II Lab - Part 1 (23:09)
OWASP Mutillidae II Lab - Part 2 (21:48)
Metasploitable 3 Vulnerable Web App (9:07)
bWAPP - Buggy Web Application Lab (13:43)
PortSwigger - Online Vulnerable Web Apps - Part 1 (16:15)
PortSwigger - Online Vulnerable Web Apps - Part 2 (12:38)
Crash Course: Python Scripting (incl. 2x Mini Projects)
Basics 1: Installation & Config , Basic Operations, Binary Operations (17:18)
Basics 2: Loop Statements, Flow Control and Modules (17:34)
Basics 3: Data Types and Functions (18:39)
Classes and Objects, Mini Project I: Writing a Port Scanner (21:06)
Mini Project II: Writing a Malware Command & Control (C&C) Server/Client (18:41)
Practical Pentest with CTFs (Let's Capture The Flags)
Intro to Hack the Box (HTB) CTF (7:38)
Easy 1 - BLUE (Enumeration, Exploitation, Hash Dump and Impacket Framework) (20:07)
Easy 2 - DEVEL (Indirect Web Shell Upload, Local Exploit Suggester, Priv. Esc.) (14:40)
Easy 3 - NETMON (PRTG Exploit with Python, Creds Discovery & Guessing) - Part 1 (18:45)
Easy 3 - NETMON (PRTG Manual Exploit with Nishang Reverse Shells) - Part 2 (16:06)
Medium 1 - POPCORN (Dirbuster Enum, Upload Abuse, Nix PAM, DirtyCow Exploit) (21:43)
Medium 2 - BLUNDER (Gobuster, Bludit CMS exploits) - Part 1 (18:23)
Medium 2 - BLUNDER (Hashcat, LinPEAS Priv Esc., sudo Exploit) - Part 2 (16:32)
Medium 2 - BLUNDER (CSRF/Anti-Bruteforce Bypass with Python Scripting) - Part 3 (16:21)
Medium 3 - SNIPER (SMB Enum, LFI RFI, Gain Rev Shell) - Part 1 (17:18)
Medium 3 - SNIPER (RFI RCE, Local Enum, Priv Esc, CHM Weaponization) - Part 2 (19:16)
Medium 3 - SNIPER (CrackMapExec, Impacket, Cookie Poisoning) - Part 3 (19:16)
Medium 4 - MANGO (Recon, NoSQL MongoDB Injection) - Part 1 (18:40)
Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 2 (16:03)
Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 3 (20:43)
Medium 4 - MANGO (LinPEAS, GTFOBins Priv. Esc. Attack Vectors) - Part 4 (13:15)
Hard 1 - CONTROL (Manual SQL Injection, SQLmap) - Part 1 (19:18)
Hard 1 - CONTROL (Read & Write Webshells with SQLMap, winPEAS) - Part 2 (20:08)
Hard 1 - CONTROL (Windows Priv. Esc Abusing SDDL Perms, Service Exec) - Part 3 (20:16)
Security Standards and Methodologies
MITRE ATT&CK and Cyber Kill Chain (11:12)
OWASP TOP 10, ASVS, MASVS, PTES, ISSAF and OSSTMM (10:36)
Cobalt Strike: Operations & Development
Introduction to Red Teaming - Part 1 (19:12)
Introduction to Red Teaming - Part 2 (20:03)
Red Teaming Operations - Part 1 (18:46)
Red Teaming Operations - Part 2 (21:50)
Red Teaming Infrastructure - Part 1 (16:15)
Red Teaming Infrastructure - Part 2 (12:01)
Red Teaming Infrastructure - Part 3 (11:15)
Red Teaming Command and Control (C&C) - Part 1 (18:54)
Red Teaming Command and Control (C&C) - Part 2 (18:43)
Red Teaming Command and Control (C&C) - Part 3 (18:06)
Red Teaming Command and Control (C&C) - Part 4 (17:57)
Red Teaming Command and Control (C&C) - Part 5 (22:17)
Red Teaming Weaponization (DDE & Micro Attacks) - Part 1 (16:12)
Red Teaming Weaponization (HTA Attack, Droppers, File Format Exploits) - Part 2 (10:44)
Red Teaming Initial Access Attack Scenarios (12:53)
Red Teaming Post Exploit (Proc Injection & Bypass UAC, Token Tampering) - Part 1 (16:10)
Red Teaming Post Exploit (Keylogger, Screen Spy, Cobalt Strike Ops) - Part 2 (15:59)
Red Teaming Post Exploit (Pivoting, Session Passing, RDP Tunnel) - Part 3 (12:25)
Active Directory Attacks in Depth
Active Directory Attacks Concepts - Part 1 (19:17)
Active Directory Attacks Concepts - Part 2 (16:42)
Active Directory Attacks Concepts - Part 3 (18:08)
Active Directory Setup on Metasploitable VM (18:35)
Vulnerable AD Lab Preparation (17:16)
AD Enumeration, Credentials Replay Attacks, Over-PTH, Secretsdump and Evil-WinRM (17:35)
AS-REP Roast, Hashcat, Pass The Ticket Attacks (21:37)
Golden Tickets, Kerberoasting against User SPNs and Mimikatz Attacks (19:39)
MITRE ATT&CK Framework
Introduction to MITRE ATT&CK - Part 1 (13:31)
Introduction to MITRE ATT&CK - Part 2 (12:23)
Reconnaissance (8:40)
Resource Development (6:29)
Initial Access (11:35)
Execution (5:43)
Persistence (9:35)
Privilege Escalation (6:50)
Defense Evasion (14:50)
Credential Access (8:03)
Discovery (7:57)
Lateral Movement (4:07)
Collection (5:17)
Command and Control (7:15)
Exfiltration (4:09)
Impact (7:09)
Introduction to Defensive Security
SIEM vs. SOC (5:55)
How SIEM works (4:25)
What are SIEM Use-Cases and Common Mistakes? (8:24)
Threat Intelligence & OSSIM Open Threat Exchange (OTX) P1 (9:00)
Threat Intelligence & OSSIM Open Threat Exchange (OTX) P2 (5:43)
SIEM vs. SOAR vs. UEBA (4:12)
How secure is secure enough? (3:55)
Defense-in-Depth Architecture Part 1 (6:38)
Defense-in-Depth Architecture Part 2 (6:00)
Setting Up Our SIEM with Elastic-Stack & Wazuh Manager
Installation Note
Architecture, Installation & Configuring Wazuh Manager Server (11:06)
Installation & Configuring Elasticsearch (12:36)
Installation & Configuring FileBeat & Kibana (15:10)
Integrating Endpoints in Elastic-Stack & Wazuh Manager
Integrating Windows Endpoint in Wazuh Manager (4:53)
Automated Roll-out of Wazuh Agent on a Network of Windows Workstations (16:40)
Integrating Linux Endpoint in Wazuh Manager (3:58)
Integrating Fortigate Firewall in Wazuh Manager using Syslog (13:02)
Changing Password of the Read-Only Admin Account (7:32)
Index Life-Cycle Management (ILM) in Elasticsearch & Wazuh Manager
Wazuh Index State Management (ISM) & Storage Productivity (14:28)
Applying Wazuh Capabilities for Security Monitoring
File Integrity Monitoring (FIM): Alert when Critical Files Touched (11:21)
Linux System Calls Monitoring: Alert when Auditctl Rules are met (7:05)
Continuous Enterprise Vulnerability Monitoring (11:51)
CIS Hardening Monitoring with Wazuh SCA (Less is More Principle) (9:20)
Windows Defender in Wazuh: Centrally Monitor Malware & Actions across Endpoints (6:18)
Use Sysinternals Sysmon with Wazuh: The Swiss Army Knife for Windows Monitoring (9:34)
Programming Rulesets (Decoders & Rules) in Wazuh
Programming Decoders and Rules in Wazuh Part 1 (17:41)
Programming Decoders and Rules in Wazuh Part 2 (18:19)
Practical Attacks & Threat Hunting IoC Use-Cases with Wazuh
Run & Detect SSH & RDP Brute Force Attack - Parrot OS & Windows Endpoint (7:45)
Run & Detect Shellshock Attack - Linux Endpoint (5:22)
Run & Detect MSHTA Session initiation Attack (6:35)
Run & Detect Spawn Session and Process Injection (4:49)
Run & Detect Priv Esc, Lateral Mov. & Exec using PSExec WMIC (Windows Endpoint) (6:24)
Run & Detect Mimikatz & Pass The Hash Attacks (4:21)
Run & Detect Log Tampering IoC (Someone is deleting his traces) (4:34)
Impact
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock