927 Courses

This course focuses on Kali Linux and Nmap, which every network administrator needs to know. You will also learn the best practices to scan your networks for weaknesses and learn some excellent techniques to defend the security threats.

If you are looking to expand your knowledge in Man in the Middle attacks, then this is the right course for you. Starting from setting up your Kali Linux lab environment and communication between devices to the basics of MITM attacks, this course covers it all. A course that focuses on both the practical and theoretical aspects.

Information on the risks and practical advice to address them TSC's eBooks, whitepapers, and reports cover some of the most important risks in information and cyber security — risks that constantly challenge information and cyber security professionals who work tirelessly to reduce them across their organisations and home users alike.

Register on the The Complete Ethical Hacking Course today and build the experience, skills and knowledge you need to enhance your professional development and work towards your dream job. Study this course through online learning and take the first steps towards a long-term career. The course consists of a number of easy to digest, in-depth modules, designed to provide you with a detailed, expert level of knowledge. Learn through a mixture of instructional video lessons and online study materials. Receive online tutor support as you study the course, to ensure you are supported every step of the way. Get an e-certificate as proof of your course completion. The The Complete Ethical Hacking Course is incredibly great value and allows you to study at your own pace. Access the course modules from any internet-enabled device, including computers, tablet, and smartphones. The course is designed to increase your employability and equip you with everything you need to be a success. Enrol on the now and start learning instantly! What You Get With The The Complete Ethical Hacking Course Receive a e-certificate upon successful completion of the course Get taught by experienced, professional instructors Study at a time and pace that suits your learning style Get instant feedback on assessments 24/7 help and advice via email or live chat Get full tutor support on weekdays (Monday to Friday) Course Design The course is delivered through our online learning platform, accessible through any internet-connected device. There are no formal deadlines or teaching schedules, meaning you are free to study the course at your own pace. You are taught through a combination of Video lessons Online study materials Certification Upon successful completion of the course, you will be able to obtain your course completion e-certificate free of cost. Print copy by post is also available at an additional cost of £9.99 and PDF Certificate at £4.99. Who Is This Course For: The course is ideal for those who already work in this sector or are an aspiring professional. This course is designed to enhance your expertise and boost your CV. Learn key skills and gain a professional qualification to prove your newly-acquired knowledge. Requirements: The online training is open to all students and has no formal entry requirements. To study the The Complete Ethical Hacking Course, all your need is a passion for learning, a good understanding of English, numeracy, and IT skills. You must also be over the age of 16.  Course Content Introduction to Ethical Hacking What is an Ethical Hacker 00:07:00 Terminology Crash Course pt. 1 00:09:00 Terminology Crash Course pt. 2 00:14:00 Terminology Crash Course pt. 3 00:08:00 Legal Considerations 00:11:00 Reconnaissance - Surveying the Attack Surface Surveying the Attack Surface 00:10:00 Recon Types 00:08:00 Passive Recon Part 1 00:07:00 Passive Recon Part 2 00:10:00 Active Recon 00:15:00 Recon Walkthrough Tools Summary 00:14:00 Maltego Demo 00:07:00 FOCA Demo 00:05:00 DEMO - Harvester 00:02:00 Scanning and Enumeration - Getting Down to Business Scanning & enumeration 00:08:00 Identifying Active Hosts pt. 1 00:10:00 Identifying Active Hosts pt. 2 00:13:00 Identifying Active Services 00:18:00 OS and Services Fingerprinting 00:15:00 Network Mapping 00:10:00 Final Thoughts 00:05:00 DEMO - Nmap Syntax pt. 1 00:14:00 DEMO - Nmap Syntax pt. 2 00:16:00 DEMO - Nmap Hosts Discovery 00:12:00 DEMO - Nmap Service Discovery 00:17:00 DEMO - Nmap Scripts 00:11:00 DEMO - Masscan 00:11:00 Network Presence Network Insecurity 00:04:00 Sniffing and Spoofing 00:13:00 Sniffing Tools 00:09:00 Spoofing, Crypto and Wifi 00:15:00 DEMO - tcpdump 00:11:00 DEMO - Wireshark 00:11:00 DEMO - Ettercap 00:13:00 DEMO - Burp Suite 00:15:00 DEMO - Scapy 00:10:00 Attacking Security Overview pt. 1: Windows Architecture 00:18:00 Security Overview pt. 2: Credentials Security 00:16:00 Security Overview pt. 3: Memory Corruption and Exploitation 00:16:00 Windows Hacking Basics 00:20:00 Local Access and Privilege Escalation 00:20:00 Dumping Hashes and Cracking Passwords 00:18:00 Linux Attacking Basics pt. 1 00:13:00 Linux Attacking Basics pt. 2 00:14:00 References 00:08:00 DEMO - Windows MSF Exploit pt. 1 00:13:00 DEMO - Windows MSF Exploit pt. 2 00:15:00 DEMO - Post Exploitation Activities 00:13:00 DEMO - Mimikatz 00:07:00 DEMO - Hashcat 00:08:00 DEMO - Konboot 00:13:00 DEMO - Post Exploitation Windows CMD 00:14:00 DEMO - Post Exploitation Windows Powershell 00:13:00 DEMO - Attacking Linux targets pt. 1aa 00:10:00 DEMO - Attacking Linux targets pt. 1 00:13:00 Web Hacking Introduction to Web Hacking 00:03:00 Web Security Architecture Overview pt. 1 00:17:00 Web Security Architecture Overview pt. 2 00:12:00 Attacking the Web Server pt. 1 00:10:00 Attacking the Web Server pt. 2 00:11:00 Attacking the Platform pt. 1 00:19:00 Attacking the Platform pt. 2 00:08:00 Attacking the Technology pt. 1 00:21:00 Attacking the Technology pt. 2 00:17:00 OWASP Top 10 pt. 1 00:09:00 OWASP Top 10 pt. 2 00:21:00 Attacking the Business Logic pt. 1 00:11:00 Attacking the Business Logic pt. 2 00:15:00 Tools and Methodology 00:20:00 References 00:05:00 DEMO - OWASP Mutillidae 00:09:00 SQLI 00:07:00 SQL Map Intro 00:08:00 SQL Map 00:25:00 DEMO - Burpsuite 00:37:00 DEMO - Burpsuite XSS Hunter 00:16:00 DEMO - mitmproxy 00:10:00 DEMO - Skipfish pt.1 00:05:00 DEMO - Skipfish pt.2 00:05:00 Social Engineering - Hacking Humans Social Engineering Basics 00:15:00 Social Engineering Methods 00:16:00 Tools and Techniques pt. 1 00:15:00 Tools and Techniques pt. 2 00:12:00 Tools and Techniques pt. 3 00:09:00 Physical Security Considerations 00:13:00 Final Thoughts99 00:11:00 DEMO - Credential harvesting 00:02:00 DEMO - Website cloning 00:06:00 DEMO - Automating an attack 00:03:00 DEMO - Anti-virus evasion pt. 1 00:08:00 DEMO - Anti-virus evasion pt. 2 00:12:00 Frequently Asked Questions Are there any prerequisites for taking the course? There are no specific prerequisites for this course, nor are there any formal entry requirements. All you need is an internet connection, a good understanding of English and a passion for learning for this course. Can I access the course at any time, or is there a set schedule? You have the flexibility to access the course at any time that suits your schedule. Our courses are self-paced, allowing you to study at your own pace and convenience. How long will I have access to the course? For this course, you will have access to the course materials for 1 year only. This means you can review the content as often as you like within the year, even after you've completed the course. However, if you buy Lifetime Access for the course, you will be able to access the course for a lifetime. Is there a certificate of completion provided after completing the course? Yes, upon successfully completing the course, you will receive a certificate of completion. This certificate can be a valuable addition to your professional portfolio and can be shared on your various social networks. Can I switch courses or get a refund if I'm not satisfied with the course? We want you to have a positive learning experience. If you're not satisfied with the course, you can request a course transfer or refund within 14 days of the initial purchase. How do I track my progress in the course? Our platform provides tracking tools and progress indicators for each course. You can monitor your progress, completed lessons, and assessments through your learner dashboard for the course. What if I have technical issues or difficulties with the course? If you encounter technical issues or content-related difficulties with the course, our support team is available to assist you. You can reach out to them for prompt resolution.

IT Security is one of the most sought-after subjects due to the constant development of new technologies and the increasing number of cyber threats. Gain essential IT security knowledge and skills, to help protect your digital life. Description This e-learning course is designed to give all employees of a firm an understanding of Information Security and how it operates in the workplace. The course is important for GDPR understanding. Training Duration This course may take up to 2 hours to be completed. However, actual study time differs as each learner uses their own training pace. Training Method The course is offered fully online using a self-paced approach. The learning units consist of reading material. Learners may start, stop and resume their training at any time. At the end of each session, participants take a Quiz to complete their learning unit and earn a Certificate of Completion upon completion of all units. Accreditation and CPD Recognition This programme has been developed by the London Governance and Compliance Academy (LGCA), a UK-recognised training institution. The syllabus is verified by external subject matter experts and can be accredited by regulators and other bodies for 2 CPD Units that approve education in information security. Eligibility criteria and CPD Units are verified directly by your association, regulator or other bodies which you hold membership. Registration and Access To register to this course, click on the Get this course button to pay online and receive your access instantly. If you are purchasing this course on behalf of others, please be advised that you will need to create or use their personal profile before finalising your payment. If you wish to receive an invoice instead of paying online, please contact us at info@lgca.uk. Access to the course is valid for 365 days.

Register on the Computer Networks Security today and build the experience, skills and knowledge you need to enhance your expert development and work towards your dream job. Study this course through online learning and take the first steps towards a long-term career. The course consists of a number of easy to digest, in-depth modules, designed to provide you with a detailed, expert level of knowledge. Learn through a mixture of instructional video lessons and online study materials. Receive online tutor support as you study the course, to ensure you are supported every step of the way. Get a digital certificate as a proof of your course completion. The Computer Networks Security course is incredibly great value and allows you to study at your own pace. Access the course modules from any internet-enabled device, including computers, tablet, and smartphones. The course is designed to increase your employability and equip you with everything you need to be a success. Enrol on the now and start learning instantly! What You Get With The Computer Networks Security course Receive a e-certificate upon successful completion of the course Get taught by experienced, expert instructors Study at a time and pace that suits your learning style Get instant feedback on assessments 24/7 help and advice via email or live chat Get full tutor support on weekdays (Monday to Friday) Course Design The course is delivered through our online learning platform, accessible through any internet-connected device. There are no formal deadlines or teaching schedules, meaning you are free to study the course at your own pace. You are taught through a combination of Video lessons Online study materials Certificate of Achievement Endorsed Certificate of Achievement from the Quality Licence Scheme Once the course has been completed and the assessment has been passed, all students are entitled to receive an endorsed certificate. This will provide proof that you have completed your training objectives, and each endorsed certificate can be ordered and delivered to your address for only £99.00. Please note that overseas students may be charged an additional £10 for postage. CPD Certificate of Achievement from Janets Upon successful completion of the course, you will be able to obtain your course completion e-certificate free of cost. Print copy by post is also available at an additional cost of £9.99 and PDF Certificate at £4.99. Endorsement This course and/or training programme has been endorsed by the Quality Licence Scheme for its high-quality, non-regulated provision and training programmes. This course and/or training programme is not regulated by Ofqual and is not an accredited qualification. Your training provider will be able to advise you on any further recognition, for example progression routes into further and/or higher education. For further information please visit the Learner FAQs on the Quality Licence Scheme website. Method of Assessment In order to ensure the Quality Licensing scheme endorsed and CPD acknowledged certificate, learners need to score at least 60% pass marks on the assessment process. After submitting assignments, our expert tutors will evaluate the assignments and give feedback based on the performance. After passing the assessment, one can apply for a certificate. Who Is This Course For The course is ideal for those who already work in this sector or are an aspiring expert . This course is designed to enhance your expertise and boost your CV. Learn key skills and gain a expert lesson to prove your newly-acquired knowledge. Requirements The online training is open to all students and has no formal entry requirements. To study the Computer Networks Security  course, all your need is a passion for learning, a good understanding of English, numeracy, and IT skills. You must also be over the age of 16. Course Content Introduction Introduction 1122 00:10:00 Section 01: An Introduction to Computer Networks 1.1 Computer Network 00:11:00 1.2 Computer Network Topologies 00:11:00 1.3 Categories of Computer Network 00:10:00 1.4 Computer Network Devices 00:11:00 1.5 Transmission Media 00:09:00 Section 02: ISO/OSI Model 2.1 ISO/OSI Model 00:10:00 2.2 Application, Presentation, and Session Layers 00:12:00 2.3 Transport and Network Layers 00:11:00 2.4 Data Link and Physical Layers 00:09:00 2.5 ISO/OSI Model in Action 00:10:00 Section 03: TCP/IP Protocols 3.1 Introduction to Computer Networks Protocols 00:11:00 3.2 IP Protocol 00:13:00 3.3 TCP and UDP Protocols 00:12:00 3.4 Application Protocols 00:12:00 3.5 TCP/IP Characteristics and Tools 00:11:00 Section 04: Wireless Networks 4.1 Wireless Networks Benefits 00:09:00 4.2 Types of Wireless Networks 00:12:00 4.3 Wireless Networks Protocol (Wi-Fi) 00:07:00 4.4 Wireless Networks Devices 00:10:00 4.5 Wireless Networks Drawbacks 00:09:00 Section 05: Network Security 5.1 Security Goals 00:09:00 5.2 Securing the Network Design 00:10:00 5.3 TCP/IP Security and Tools 00:12:00 5.4 Port Scanning and Tools 00:12:00 5.5 Sniffing and Tools 00:10:00 Section 06: Firewalls and Honeypots 6.1 Reasons to Use Firewall 00:13:00 6.2 Firewalls Rules 00:11:00 6.3 Firewalls Filtering 00:09:00 6.4 Honeypots 00:07:00 6.5 Bypassing Firewalls 00:08:00 Section 07: Intrusion Detection and Prevention System 7.1 Intrusion Detection System: IDS 00:11:00 7.2 Network IDS: NIDS 00:06:00 7.3 NIDS Challenges 00:09:00 7.4 Snort as NIDS 00:08:00 7.5 Intrusion Prevention Systems: IPS 00:07:00 Section 08: Wireless Network Security 8.1 Wired Equivalent Privacy WEP Attacking 00:11:00 8.2 WPA and AES Protocols 00:09:00 8.3 Wireless Security Misconceptions 00:09:00 8.4 Wireless Attacks and Mitigation 00:09:00 8.5 Secure Network Design with Wireless 00:09:00 Section 09: Physical Security and Incident Handling 9.1 Physical Security Objectives 00:11:00 9.2 Physical Threats and Mitigation 00:11:00 9.3 Defense in Depth (DiD) 00:07:00 9.4 Incident 00:06:00 9.5 Incident Handling 00:14:00 Section 10: Network Security: Conclusion 10.1 Confidentiality, Integrity, and Availability (CIA) 00:06:00 10.2 Assets, Threats, and Vulnerabilities 00:04:00 10.3 Risks and Network Intrusion 00:06:00 10.4 Common Attacks 00:09:00 10.5 Security Recommendations 00:06:00 Assignment Assignment - Computer Networks Security 2 weeks, 1 day Order Your Certificate Order your Certificate QLS 00:00:00 Frequently Asked Questions Are there any prerequisites for taking the course? There are no specific prerequisites for this course, nor are there any formal entry requirements. All you need is an internet connection, a good understanding of English and a passion for learning for this course. Can I access the course at any time, or is there a set schedule? You have the flexibility to access the course at any time that suits your schedule. Our courses are self-paced, allowing you to study at your own pace and convenience. How long will I have access to the course? For this course, you will have access to the course materials for 1 year only. This means you can review the content as often as you like within the year, even after you've completed the course. However, if you buy Lifetime Access for the course, you will be able to access the course for a lifetime. Is there a certificate of completion provided after completing the course? Yes, upon successfully completing the course, you will receive a certificate of completion. This certificate can be a valuable addition to your professional portfolio and can be shared on your various social networks. Can I switch courses or get a refund if I'm not satisfied with the course? We want you to have a positive learning experience. If you're not satisfied with the course, you can request a course transfer or refund within 14 days of the initial purchase. How do I track my progress in the course? Our platform provides tracking tools and progress indicators for each course. You can monitor your progress, completed lessons, and assessments through your learner dashboard for the course. What if I have technical issues or difficulties with the course? If you encounter technical issues or content-related difficulties with the course, our support team is available to assist you. You can reach out to them for prompt resolution.

Gain the skills and credentials to kickstart a successful career and learn from the experts with this step-by-step

Land Your Dream Job! Get Personalised Career Support & Expert Tips, Craft Your CV, Explore Top Jobs & Ace Interviews!

Information on the risks and practical advice to address them TSC's eBooks, whitepapers, and reports cover some of the most important risks in information and cyber security — risks that constantly challenge information and cyber security professionals who work tirelessly to reduce them across their organisations and home users alike.

Want to know how to hack a website and fix vulnerabilities in computer systems and networks? Are you a web administrator or developer who wants to secure your website? This Learn Website Hacking From Scratch is ideal for those who have little or no knowledge of website hacking, and want an introductory guide to this topic. In this website hacking and penetration testing course for beginners, you'll start with learning the basics of how to exploit and mitigate websites and web applications, moving on to more advanced techniques, where topics covered include bypassing security, accessing databases, SQL injection and cross-site scripting (XSS). You'll also familiarise with the Linux operating system and BeEf web browser attacking framework. On course completion, you'll have the practical skills and knowledge to exploit networks like an attacker. Enrol in this Learn Website Hacking From Scratch today and start hacking systems like the experts! What you'll learn Install hacking lab & needed software (works on Windows, OS X and Linux). Discover, exploit and mitigate a number of dangerous vulnerabilities. Use advanced techniques to discover and exploit these vulnerabilities. Bypass security measurements and escalate privileges. Intercept requests using a proxy. Hack all websites on same server. Bypass filters and client-side security Adopt SQL queries to discover and exploit SQL injections in secure pages Gain full control over target server using SQL injections Discover & exploit blind SQL injections Install Kali Linux - a penetration testing operating system Install windows & vulnerable operating systems as virtual machines for testing Learn linux commands and how to interact with the terminal Learn linux basics Understand how websites & web applications work Understand how browsers communicate with websites Gather sensitive information about websites Discover servers, technologies and services used on target website Discover emails and sensitive data associated with a specific website Find all subdomains associated with a website Discover unpublished directories and files associated with a target website Find all websites hosted on the same server as the target website Discover, exploit and fix file upload vulnerabilities Exploit advanced file upload vulnerabilities & gain full control over the target website Discover, exploit and fix code execution vulnerabilities Exploit advanced code execution vulnerabilities & gain full control over the target website Discover, exploit & fix local file inclusion vulnerabilities Exploit advanced local file inclusion vulnerabilities & gain full control over the target website Exploit advanced remote file inclusion vulnerabilities & gain full control over the target website Discover, fix, and exploit SQL injection vulnerabilities Bypass login forms and login as admin using SQL injections Writing SQL queries to find databases, tables and sensitive data such as usernames ad passwords using SQL injections Bypass filtering, and login as admin without password using SQL injections Bypass filtering and security measurements Read / Write files to the server using SQL injections Patch SQL injections quickly Learn the right way to write SQL queries to prevent SQL injections Discover basic & advanced reflected XSS vulnerabilities Discover basic & advanced stored XSS vulnerabilities Discover DOM-based XSS vulnerabilities How to use BeEF framwork Hook victims to BeEF using reflected, stored and DOM based XSS vulnerabilities Steal credentials from hooked victims Run javascript code on hooked victims Create an undetectable backdoor Hack into hooked computers and gain full control over them Fix XSS vulnerabilities & protect yourself from them as a user What do we mean by brute force & wordlist attacks Create a wordlist or a dictionary Launch a wordlist attack and guess admin's password Discover all of the above vulnerabilities automatically using a web proxy Run system commands on the target webserver Access the file system (navigate between directories, read/write files) Download, upload files Bypass security measurements Access all websites on the same webserver Connect to the database and execute SQL queries or download the whole database to the local machine Requirements Basic IT Skills No Linux, programming or hacking knowledge required. Computer with a minimum of 4GB ram/memory Operating System: Windows / OS X / Linux Who this course is for: Anybody who is interested in learning website & web application hacking / penetration testing Anybody who wants to learn how hackers hack websites Anybody who wants to learn how to secure websites & web applications from hacker Web developers so they can create secure web application & secure their existing ones Web admins so they can secure their websites Course Introduction Course Introduction FREE 00:02:00 Preparation - Creating a Penetration Testing Lab Lab Overview & Needed Software 00:08:00 Installing Kali 2019 As a Virtual Machine Using a Ready Image 00:10:00 Installing Kali 2019 As a Virtual Machine 00:10:00 Installing Metasploitable As a Virtual Machine 00:04:00 Preparation - Linux Basics Basic Overview of Kali Linux 00:05:00 The Linux Terminal & Basic Linux Commands 00:11:00 Configuring Metasploitable & Lab Network Settings 00:06:00 Website Basics What is a Website? 00:04:00 How To Hack a Website? 00:04:00 Information Gathering Gathering Information Using Whois Lookup 00:05:00 Discovering Technologies Used On The Website 00:06:00 Gathering Comprehensive DNS Information 00:10:00 Discovering Websites On The Same Server 00:04:00 Discovering Subdomains 00:05:00 Discovering Sensitive Files 00:07:00 Analysing Discovered Files 00:04:00 Maltego - Discovering Servers, Domains & Files 00:08:00 Maltego - Discovering Websites, Hosting Provider & Emails 00:05:00 File Upload Vulnerabilities What are they? And How To Discover & Exploit Basic File Upload Vulnerabilities 00:07:00 HTTP Requests - GET & POST 00:04:00 Intercepting HTTP Requests 00:07:00 Exploiting Advanced File Upload Vulnerabilities 00:05:00 Exploiting More Advanced File Upload Vulnerabilities 00:04:00 [Security] Fixing File Upload Vulnerabilities 00:06:00 Code Execution Vulnerabilities What are they? & How To Discover & Exploit Basic Code Execution Vulnerabilities 00:07:00 Exploiting Advanced Code Execution Vulnerabilities 00:06:00 [Security] - Fixing Code Execution Vulnerabilities 00:06:00 Local File Inclusion Vulnerabilities (LFI) What are they? And How To Discover & Exploit Them 00:06:00 Gaining Shell Access From LFI Vulnerabilities - Method 1 00:07:00 Gaining Shell Access From LFI Vulnerabilities - Method 2 00:11:00 Remote File Inclusion Vulnerabilities (RFI) Remote File Inclusion Vulnerabilities - Configuring PHP Settings 00:04:00 Remote File Inclusion Vulnerabilities - Discovery & Exploitation 00:06:00 Exploiting Advanced Remote File Inclusion Vulnerabilities 00:03:00 [Security] Fixing File Inclusion Vulnerabilities 00:06:00 SQL Injection Vulnerabilities What is SQL 00:06:00 Dangers of SQL Injections 00:03:00 SQL Injection Vulnerabilities - SQLi In Login Pages Discovering SQL Injections In POST 00:08:00 Bypassing Logins Using SQL Injection Vulnerability 00:05:00 Bypassing More Secure Logins Using SQL Injections 00:06:00 [Security] Preventing SQL Injections In Login Pages 00:08:00 SQL Injection Vulnerabilities - Extracting Data From The Database Discovering SQL Injections in GET 00:07:00 Reading Database Information 00:05:00 Finding Database Tables 00:04:00 Extracting Sensitive Data Such As Passwords 00:04:00 SQL Injection Vulnerabilities - Advanced Exploitation Discovering & Exploiting Blind SQL Injections 00:06:00 Discovering a More Complicated SQL Injection 00:07:00 Extracting Data (passwords) By Exploiting a More Difficult SQL Injection 00:05:00 Bypassing Filters 00:05:00 Bypassing Security & Accessing All Records 00:09:00 [Security] Quick Fix To Prevent SQL Injections 00:07:00 Reading & Writing Files On The Server Using SQL Injection Vulnerability 00:06:00 Getting A Reverse Shell Access & Gaining Full Control Over The Target Web Server 00:08:00 Discovering SQL Injections & Extracting Data Using SQLmap 00:07:00 [Security] - The Right Way To Prevent SQL Injection 00:05:00 XSS Vulnerabilities Introduction - What is XSS or Cross Site Scripting? 00:03:00 Discovering Basic Reflected XSS 00:04:00 Discovering Advanced Reflected XSS 00:05:00 Discovering An Even More Advanced Reflected XSS 00:07:00 Discovering Stored XSS 00:03:00 Discovering Advanced Stored XSS 00:04:00 XSS Vulnerabilities - Exploitation Hooking Victims To BeEF Using Reflected XSS 00:06:00 Hooking Victims To BeEF Using Stored XSS 00:04:00 BeEF - Interacting With Hooked Victims 00:04:00 BeEF - Running Basic Commands On Victims 00:04:00 BeEF - Stealing Credentials/Passwords Using A Fake Login Prompt 00:02:00 Bonus - Installing Veil 3.1 00:06:00 Bonus - Veil Overview & Payloads Basics 00:07:00 Bonus - Generating An Undetectable Backdoor Using Veil 3 00:10:00 Bonus - Listening For Incoming Connections 00:07:00 Bonus - Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10 00:07:00 BeEF - Gaining Full Control Over Windows Target 00:04:00 [Security] Fixing XSS Vulnerabilities 00:07:00 Insecure Session Management Logging In As Admin Without a Password By Manipulating Cookies 00:06:00 Discovering Cross Site Request Forgery Vulnerabilities (CSRF) 00:07:00 Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File 00:07:00 Exploiting CSRF Vulnerabilities To Change Admin Password Using Link (Preview) 00:06:00 [Security] The Right Way To Prevent CSRF Vulnerabilities 00:09:00 Brute Force & Dictionary Attacks What Are Brute Force & Dictionary Attacks? 00:04:00 Creating a Wordlist 00:07:00 Launching a Wordlist Attack & Guessing Login Password Using Hydra 00:14:00 Discovering Vulnerabilities Automatically Using Owasp ZAP Scanning Target Website For Vulnerabilities 00:04:00 Analysing Scan Results 00:04:00 Post Exploitation Post Exploitation Introduction 00:04:00 Interacting With The Reverse Shell Access Obtained In Previous Lectures 00:07:00 Escalating Reverse Shell Access To Weevely Shell 00:08:00 Weevely Basics - Accessing Other Websites, Running Shell Commands ...etc 00:07:00 Bypassing Limited Privileges & Executing Shell Commands 00:05:00 Downloading Files From Target Webserver 00:05:00 Uploading Files To Target Webserver 00:08:00 Getting a Reverse Connection From Weevely 00:08:00 Accessing The Database 00:09:00 Resources Resources - Learn Website Hacking From Scratch 00:00:00