Autoplay
Autocomplete
Dark Mode
Speed
Previous Lecture
Complete and Continue
Practical Ethical Hacking - The Complete Course
Before We Begin
Special Thanks & Credits
Course Repo
PNPT Certification Path Progression (2:32)
Introduction
Course Introduction (2:57)
Course Discord (Important) (3:27)
FAQ - (Important) (1:00)
A Day in the Life of an Ethical Hacker (16:49)
Notekeeping
Part 1 - Effective Notekeeping (6:39)
Part 2 - Important Tools (5:20)
Networking Refresher
Introduction (1:11)
IP Addresses (13:06)
MAC Addresses (3:13)
TCP, UDP, and the Three-Way Handshake (5:12)
Common Ports and Protocols (6:09)
The OSI Model (5:30)
Subnetting Part 1 (26:59)
Subnetting Part 2 (4:13)
Setting Up Our Lab
Installing VMWare / VirtualBox (6:15)
Installing Kali Linux (6:29)
Configuring VirtualBox (3:16)
Introduction to Linux
Exploring Kali Linux (3:28)
Sudo Overview (5:12)
Navigating the File System (11:59)
Users and Privileges (9:23)
Common Network Commands (5:52)
Network Commands Update (1:55)
Installing and Updating Tools (9:07)
Installing gedit (1:39)
Viewing, Creating, and Editing Files (5:59)
Scripting with Bash (22:34)
Introduction to Python
Introduction (2:19)
Strings (7:28)
Math (5:54)
Variables and Methods (11:12)
Functions (10:54)
Boolean Expressions (4:29)
Relational and Boolean Operators (6:54)
Conditional Statements (8:55)
Lists (10:22)
Tuples (2:30)
Looping (4:58)
Importing Modules (6:02)
Advanced Strings (13:19)
Dictionaries (7:31)
Sockets (5:28)
Building a Port Scanner (19:06)
The Ethical Hacker Methodology
The Five Stages of Ethical Hacking (5:16)
Information Gathering (Reconnaissance)
Passive Reconnaissance Overview (7:32)
Identifying Our Target (3:33)
Discovering Email Addresses (15:48)
Gathering Breached Credentials with Breach-Parse (7:17)
Hunting Breached Credentials with DeHashed (11:55)
Hunting Subdomains Part 1 (5:31)
Hunting Subdomains Part 2 (4:48)
Identifying Website Technologies (7:06)
Information Gathering with Burp Suite (8:48)
Google Fu (5:31)
Utilizing Social Media (5:37)
Additional Learning (OSINT Fundamentals) (0:48)
Scanning & Enumeration
Installing Kioptrix (6:17)
Scanning with Nmap (19:46)
Enumerating HTTP and HTTPS Part 1 (15:01)
Enumerating HTTP and HTTPS Part 2 (15:08)
Enumerating SMB (14:19)
Enumerating SSH (4:09)
Researching Potential Vulnerabilities (14:49)
Our Notes So Far (3:06)
Vulnerability Scanning with Nessus
Scanning with Nessus Part 1 (10:34)
Scanning with Nessus Part 2 (6:09)
Exploitation Basics
Reverse Shells vs Bind Shells (7:00)
Staged vs Non-Staged Payloads (3:21)
Gaining Root with Metasploit (7:40)
Manual Exploitation (12:40)
Brute Force Attacks (7:49)
Credential Stuffing and Password Spraying (14:02)
Our Notes, Revisited (3:03)
New Capstone
Introduction (5:42)
Set Up - Blue (3:56)
Walkthrough - Blue (17:00)
Set Up - Academy (2:24)
Walkthrough - Academy (44:19)
Walkthrough - Dev (25:20)
Walkthrough - Butler (36:18)
Walkthrough - Blackpearl (23:30)
Introduction to Exploit Development (Buffer Overflows)
Required Installations (6:16)
Buffer Overflows Explained (4:08)
Spiking (10:11)
Fuzzing (6:09)
Finding the Offset (5:19)
Overwriting the EIP (3:24)
Finding Bad Characters (7:51)
Finding the Right Module (8:26)
Generating Shellcode and Gaining Root (5:56)
Exploit Development Using Python3 and Mona (13:39)
Active Directory Overview
Active Directory Overview (5:13)
Physical Active Directory Components (5:45)
Logical Active Directory Components (7:28)
Active Directory Lab Build
Lab Overview and Requirements (3:01)
Downloading Necessary ISOs (2:47)
Setting Up the Domain Controllers (13:39)
Setting Up the User Machines (7:52)
Setting Up Users, Groups, and Policies (15:46)
Joining Our Machines to the Domain (8:48)
Lab Build - (Cloud Alternative) (2:04)
Attacking Active Directory: Initial Attack Vectors
Introduction (3:55)
LLMNR Poisoning Overview (7:26)
Capturing NTLMv2 Hashes with Responder (4:46)
Password Cracking with Hashcat (11:31)
LLMNR Poisoning Defense (2:48)
SMB Relay Attacks Overview (5:23)
Quick Lab Update (0:58)
Discovering Hosts with SMB Signing Disabled (3:36)
SMB Relay Attack Demonstration Part 1 (4:54)
SMB Relay Attack Demonstration Part 2 (4:07)
SMB Relay Attack Defenses (2:33)
Gaining Shell Access (7:46)
IPv6 Attacks Overview (4:00)
Installing mitm6 (1:18)
Setting Up LDAPS (2:24)
IPv6 DNS Takeover via mitm6 (7:43)
IPv6 Attack Defenses (3:00)
Passback Attacks (5:16)
Other Attack Vectors and Strategies (8:43)
Attacking Active Directory: Post-Compromise Enumeration
Introduction (2:01)
PowerView Overview (2:13)
Domain Enumeration with PowerView (15:17)
Bloodhound Overview and Setup (3:32)
Grabbing Data with Invoke-Bloodhound (3:11)
Enumerating Domain Data with Bloodhound (7:34)
Attacking Active Directory: Post-Compromise Attacks
Introduction (1:03)
Pass the Hash / Password Overview (3:04)
Installing crackmapexec (0:38)
Pass the Password Attacks (7:07)
Dumping Hashes with secretsdump.py (3:11)
Cracking NTLM Hashes with Hashcat (3:06)
Pass the Hash Attacks (6:25)
Pass Attack Mitigations (2:42)
Token Impersonation Overview (3:48)
Token Impersonation with Incognito (7:03)
Token Impersonation Mitigation (2:43)
Kerberoasting Overview (5:11)
Kerberoasting Walkthrough (3:51)
Kerberoasting Mitigation (1:09)
GPP / cPassword Attacks Overview (3:22)
Abusing GPP: Part 1 (8:46)
Abusing GPP: Part 2 (4:12)
URL File Attacks (5:35)
PrintNightmare (CVE-2021-1675) Walkthrough (12:05)
Mimikatz Overview (5:36)
Credential Dumping with Mimikatz (9:20)
Golden Ticket Attacks (7:18)
Conclusion and Additional Resources (6:24)
Additional Active Directory Attacks
Abusing ZeroLogon (9:02)
Post Exploitation
Introduction (1:49)
File Transfers Review (2:32)
Maintaining Access Overview (3:32)
Pivoting Lab Setup (6:30)
Pivoting Walkthrough (6:07)
Cleaning Up (2:48)
Web Application Enumeration, Revisited
Introduction (1:49)
Installing Go (1:19)
Finding Subdomains with Assetfinder (7:43)
Finding Subdomains with Amass (5:27)
Finding Alive Domains with Httprobe (7:14)
Screenshotting Websites with GoWitness (4:10)
Automating the Enumeration Process (5:46)
Additional Resources (2:18)
Testing the Top 10 Web Application Vulnerabilities
Introduction (1:36)
The OWASP Top 10 and OWASP Testing Checklist (10:26)
Installing OWASP Juice Shop (6:48)
Installing Foxy Proxy (2:13)
Exploring Burp Suite (11:28)
Introducing the Score Board (2:50)
SQL Injection Attacks Overview (5:12)
SQL Injection Walkthrough (10:06)
SQL Injection Defenses (2:49)
Broken Authentication Overview and Defenses (5:43)
Testing for Broken Authentication (7:39)
Sensitive Data Exposure Overview and Defenses (4:53)
Testing for Sensitive Data Exposure (8:01)
XML External Entities (XXE) Overview (9:54)
XXE Attack and Defense (8:03)
Broken Access Control Overview (3:29)
Broken Access Control Walkthrough (4:28)
Security Misconfiguration Attacks and Defenses (4:58)
Cross-Site Scripting (XSS) Overview (10:33)
Reflected XSS Walkthrough (6:22)
Stored XSS Walkthrough (6:16)
Preventing XSS (3:48)
Insecure Deserialization (4:33)
Using Components with Known Vulnerabilities (4:38)
Insufficient Logging and Monitoring (3:12)
Wireless Penetration Testing
001_Wireless_Penetration_Testing_Overview (10:26)
002_WPA_PS2_Exploit_Walkthrough (13:12)
Legal Documents and Report Writing
001_Common_Legal_Documents (7:17)
002_Pentest_Report_Writing (11:16)
003_Reviewing_a_Real_Pentest_Report (19:34)
Career Advice
001_Career_Advice (11:10)
Scanning with Nessus Part 2
Lecture content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock