دانلود Udemy Complete Penetration Testing and Ethical hacking Bootcamp

پیش نیازها:

• هر رایانه ای (MAC / Windows / Linux) کار خواهد کرد
• مبانی فناوری رایانه
• هیچ برنامه ای مورد نیاز نیست
• Virtual Box - رایگان
• هیچ پیش نیازی برای این دوره وجود ندارد

این دوره برای چه کسی است؟

• افرادی که به دنبال کسب درآمد از طریق BUG BOUNTIES هستند
• دانشجویانی که به دنبال گسترش دانش خود در زمینه امنیت فناوری اطلاعات هستند
• تبدیل به یک تستر نفوذ پر درآمد شوید
• توسعه وب سایت های امن و محصولات ایمن

در این دوره با موارد زیر آشنا خواهید شد:

Must have basics for a Penetration Tester

Introduction to the course

What is pentesting and why it is important

Average earnings of pentesters

White hat, black box and vulnerabilities

Proxy, virtual box and OS

Grabbing the tools

Installation and configuration of lab for pentesting

Installation of Virtual Box

Installation of attacker - Kali

windows Update - Installation for windows users

Tour to Virtual Box and installing advance settings

Tools required for labs

Installing Metasploitable on Virtual Box

Windows XP installation in Virtual Box

Tour to our attacker machine

Tour to Pentesting tools and updating the machine

UPDATE - optional linux section. Just basics yet important part of all linux

Bash shell and navigation in linux

Files and files permission in linux

Case study, directories and files with VIM and NANO

Manipulation of file data

Grep, piping and sudo in linux

Gathering information to perform pentesting

Up and running with TOR and dark net

Anonymity using proxychains

Changing your MAC for tests

DNSEnum Information Gathering

Zone Transfer Vulnerability


Dumping information with dig

DnsTracer and quick look to wireshark

Is Dimitry still a good option

Finding emails, subdomain and generating reports

Assignment and recon-ng

Learning about Nmap, Nikto, OpenVas and report genrating

Tweaking our labs for future labs

Nmap study and assignments to evaluate

Solution to assignment and port scans

Taking advantage of known Vulnerability and metasploit

Scanning with Nikto

OpenVas Installation and configuration

Generating and analyzing pentesting reports

Performing a Penetration Testing on a client

Getting NDA signed, permissions and scope of testing

Information gathering about client machine

Attacking the machine with msfconsole

Exploiting another vulnerability

Sniffing the traffic with wireshark and get the password

Nmap scripting engine and distcc

Web Application Penetration Testing

Getting started with Web Application Pentesting

Installing test bed for web application pentesting

Installing Vega, firefox addons and Brute force attacks

Exploring the command injection Vulnerability

Reflected and Stored XSS ie Cross Site scripting

DOM based XSS and learning resource

Google Reward Program that gives 7500 dollars for XSS

Cross site request forgery Vulnerability

Reference to further 6 hour free sql injection course, shells and defacing

Automation of Web Application pentesting

Web application Pentesting automation with Vega

Automation of SQL Injection Attack with SQLMAP

Automation with OWASP-ZAP

Scanning Wordpress sites for Vulnerabilities

Paid options for Automation of Web App Pentesting

Wep App Pentesting Challenge

A pentesting challenge that will help in getting Bug Bounties

Hint for solving the challenge

Getting started with metasploit Framework

Introduction to metasploit and it's architecture

Msfconsole and Exploits type

Setting up msf database and meterpreter

Armitage and meterpreter

Social Engineering toolkit and Client side exploits

Wireless Pentesting

Before we even get started into wireless pentesting

Understanding our wireless card

Cracking WEP and WPA 2 with fern

Airmon-ng with wireshark and airodump-ng in action

EvilTwin with Airbase-ng and deauth attack with aireplay-ng

Thanks for taking the course and future updates

Thanks and other free resources to learn

UPDATE - Password attacks

Basics of Password attacks and Crunch password generators

Cracking linux password with john