Central InfoSec

Metasploit 201 Overview

Metasploit 201 Lab Setup

Common Exploitation Techniques

vsFTPd Backdoor

ProFTPD Weak Passwords

Apache PHP CGI RCE

UnrealIRCd Backdoor

Samba Command Injection

MySQL

Remote Execution Service

Rogue Shell Backdoor

Java RMI Server

DistCC Daemon Command Execution

Exploiting Web Apps

Exploiting Apache Tomcat Manager

Key Takeaways

Password Hacking & Hash Cracking 101 Overview

Password Security

Password Attacks

Password Spraying

Windows vs Unix Passwords

Password Attack Tools

Identifying Password Hashes

RockYou Password List

Basic RockYou Filtering

Advanced RockYou Filtering

RockYou String Length Filtering

Installing SecLists for Fuzzing & Password Attacks

Wordlists for Fuzzing, Username Harvesting, & Password Spraying

Generating Password Lists with CeWL

Username Harvesting with Hyrda

Password Attacks with Hydra

Wfuzz

Ffuf

Username Harvesting with Ffuf

Password Attacks with Ffuf

Hard Coded Passwords

Passwords in History Files

Sniffing Cleartext Passwords

Password Reuse

Brute Forcing Passwords with Nmap

Password Spraying O365 & OWA

LLMNR, NBT-NS, & mDNS Poisoning

Password Spraying the Domain with Metasploit

Password Spraying the Domain with CrackMapExec & NetExec

Attacking GPP (Group Policy Preferences) Credentials

Dumping Local SAM Hashes

Exploiting LM & Cleartext Passwords in Memory with Mimikatz

Dumping & Cracking Domain Cached Credentials (DCC) MSCash MSCache

Dumping Credentials with Mimikatz, PowerShell, Meterpreter, NetExec, & CrackMapExec

Dumping NTDS.dit without Credentials

Dumping NTDS.dit with Credentials

Golden Ticket Attacks with Mimikatz & Metasploit

Cracking Password Hashes with John

Cracking SSH Key Passwords

7z Crack

Key Takeaways

Social Engineering & Phishing 101 Overview

Introduction to Social Engineering

Introduction to Phishing

Social Engineering Techniques

Other Social Engineering Techniques

Security Awareness Training

Recognizing Phishing Emails

Compliance Requirements

Defending Against Phishing Emails

Creating Phishing Campaigns

Domain Registration

Web Hosting

Phishing Infrastructure

Tips for Building Effective Phishing Infrastructure

Cloning Websites & Landing Pages

Email Server Setup

Crafting Phishing Emails

Bypassing Email Filters

Reporting & Metrics

Psychological Triggers Exploited in Social Engineering

Tips to Enhance Phishing Success

Phishing Frameworks

GoPhish

Penetration Testing & Social Engineering

Remote vs Physical Social Engineering

Physical Penetration Testing

Performing a Physical Pen Test

USB Drops

Tailgating

Mitigating Social Engineering & Phishing Risks

Improving Your Security

Key Takeaways

Example Attack - Phishing for Credentials & Bypassing 2FA

Example Phishing Email

Example Login Page

Building a Phishing Scenario

Creating a Spear Phishing Email

Creating a Login Page to Capture Passwords

Post-Login Exploit

Cloning a Website

Add Vishing to Your Phishing Campaign

Getting Creative with Phishing & Vishing Engagements

Advanced Phishing Techniques

Credential Harvesting Demo

Wi-Fi Hacking 101 Overview

Wireless Technology & Antennas

Wi-Fi Antennas

Directional Antennas

Semi Directional Antennas

Omni Directional Antennas

Types of Wireless Networks

Wardriving

Wi-Fi Regulations & Safety

Wi-Fi Hacking & Penetration Testing

Automated Hacking with Nmap & Wifite

Securing Your Wireless Network

DHCP vs Static IPs & MAC Addresses

SSID & Broadcasting Power

WEP vs WPA vs WPA2 TKIP vs AES

WEP & WPA

WPA2, WPA3, & Recommended Settings

Key Takeaways

Lock Picking 101 Overview

Introduction to Lock Picking

Lock Picking Laws

Types of Locks

Keyways

Components of a Lock

Parts of a Key

How a Lock Works

Theory Behind Lock Picking

Lock Picking Tools

Tension Wrenches

Lock Picks

Lock Raking Tools

Lock Bypassing Tools

Lock Decoding Tools

Bump Keys

Lock Picking Sets vs Choosing Individual Tools & Picks

Lock Picking Tool Brands

How to Pick a Lock

How to Rake a Lock

How to Bump a Lock

15 Tips for Lock Picking

Lock Picking Demos

Safety Cabinet Drawer Locks

Bypassing Handcuffs

Picking Handcuffs

30mm Security Padlock

40mm Security Padlock

50mm Security Padlock

Master Lock 140D

Master Lock 178D Combination Padlock

Master Lock 175D Combination Padlock

Brinks 161-30051 Combination Padlock

Speed Picking

30mm Security Lock Bypass

40mm Security Lock Bypass

30mm & 40mm Security Lock Bypass

Master Lock 140D Bypass

Master Lock 140D Zip Tie

Master Lock 140D Comb

Brinks 161-40001 Picking

Brinks 161-40001 City Rake

Brinks 161-40001 Bogota Rake

30mm Security Lock Bogota Rake

Brinks 161-50001 City Rake

Brinks 161-30051 Decoding

Picking 6 Pins with a Paperclip

Master Lock 178D Cutaway Bypass

Master Lock 178D Bypass

Master Lock 175D Bypass

Transparent Handcuff Picking

Picking Handcuffs with a Paperclip

Bypassing Handcuffs with a Paperclip

Recommended Lock Picking Tools

James Bond Credit Card Lock Pick Set

Southord MPXS-08 Lock Pick Set

Peterson Lock Pick Set

Key Takeaways

Altoids Tin EDC Survival Kit Overview

Altoids Tin EDC Introduction

Altoids Tin EDC Survival Kit

Key Takeaways

Mobile Application Hacking & Penetration Testing 101 Overview

Mobile Lab Environment

Download APK Files

Kali Linux Mobile Setup

Android Mobile OS Virtual Machine Download

Creating an Android Mobile OS Virtual Machine

Android Mobile OS Setup

OWASP Mobile Top 10

Vulnerable Mobile Applications

Mobile Testing Toolsets

Android Debug Bridge (adb)

Jad-x

Permissions, Activities, Broadcast Receivers, & Content Providers

Exploiting InsecureBankv2

Bypassing the Login Screen

Exploiting Backup Functionalities

Exploiting Broadcast Receivers

Exploiting Content Providers

Exploiting Keyboard Cache

Exploiting HTTP Logins

Exploiting Pasteboard

Exploiting Developer Backdoors

Exploiting Insecure Logging

Exploiting Weak Cryptography

Exploiting DIVA

Exploiting Insecure Logging

Exploiting Hardcoded Vendor Keys

Exploiting Insecure Data Storage (XML)

Exploiting Insecure Data Storage (SQL)

Exploiting Insecure Data Storage (Temp Files)

Exploiting Insecure Data Storage (SD Card)

Exploiting SQL Injections

Exploiting Local File Inclusions

Exploiting API Credentials

Bypassing API Access Controls

Bypassing Access Controls

Exploiting Hardcoded Passwords

Exploiting Input Validation Issues

Introduction to Drozer

Exploiting InsecureBankv2 with Drozer

Attacking Activities

Bypassing Login Screens

Attacking Services, Intents, & Broadcasts

Attacking Providers

Exploitation with Metasploit Meterpreter

Key Takeaways

AI & LLM Hacking 101 Overview

Introduction to AI & LLMs in Cybersecurity

AI & LLM Threats & Vulnerabilities

Mitigating AI & LLM Security Risks

AI & LLM Penetration Testing Fundamentals

Preparing for an AI & LLM Pen Test

Executing Penetration Tests on AI & LLMs

Ethical Hacking & Responsible Disclosure

AI & LLM Attack Examples

OWASP LLM Security Verification Standard

OWASP Top 10 for LLM Apps

Prompt Injection

Insecure Output Handling

Training Data Poisoning

Model Denial of Service

Supply Chain Vulnerabilities

Sensitive Information Disclosure

Insecure Plugin Design

Excessive Agency

Overreliance

Model Theft

AI & LLM Pen Test Checklist

Other Prompt Hacking Techniques & Attacks

AI & LLM Pen Test Tools

PyRIT Python Risk Identification Tool for generative AI

AI & LLMs for Cybersecurity

AI & LLM Bug Bounty Platform

AI & LLM CTF Challenges

Key Takeaways

Pen Test Report Writing 101 Overview

Introduction to Penetration Testing Reports

Importance & Impact of Penetration Testing Reports

Report Structure

Executive Summary

Testing Summary

Attack Summary

Findings & Recommendations

Details of Findings

Appendices

Effective Note Taking

Level Up Your Screenshots

Reviewing Reports

Best Practices for Pen Test Reporting

How to Write Effective Pen Test Reports

Effective Communication & Collaboration

Automated Pen Test Reporting Tools

PenTestReporting.com

Publicly Available Pen Test Reports

Key Takeaways

Cybersecurity Career Advice 101 Overview

Introduction to Cybersecurity

Understanding Cybersecurity Fundamentals

Areas of Cybersecurity

Cybersecurity Teams

Red vs Blue vs Purple

Cybersecurity Roles

Cybersecurity Career Paths

5 Year Cybersecurity Career Roadmap

Tips for Starting a Career in Cyber Security

Entering the Cybersecurity Field

Building a Strong Foundation

Developing Technical Skills

Enhancing Soft Skills

Gaining Practical Experience

Transitioning to a Career in Cybersecurity

5 Tips for Career Changers

Crafting a Standout Resume & Cover Letter

20 Resume Tips

Resume Formats

10 Resume Formatting Tips

Resume Templates

Job Market Trends

10 Key Skills to Stand Out in the Job Market

Finding a Job

Navigating the Job Search Process

Job Search Websites

5 Tips for Job Search Websites

Salary Calculator

10 Interviewing Tips

Non-Technical Interview Questions

Technical Interview Questions

10 Tips for Negotiating Your Cybersecurity Job Offer

Securing Your First Cybersecurity Job

10 Essential Cybersecurity Skills

Advancing Your Career

Cybersecurity Trends

How to Improve Your Cybersecurity Skills

Building a Professional LinkedIn Profile

15 Tips for Your LinkedIn Profile

Networking on LinkedIn

Conclusion & Next Steps

Key Takeaways

Closing Remarks