Central InfoSec

Vulnerable Web Server Overview

Legal Concerns

Compliance

Penetration Testing Terminology

Penetration Testing

Penetration Testing Methodology Overview

Pen Test Methodology: Pre-Engagement Interactions

Pen Test Methodology: Intelligence Gathering

Pen Test Methodology: Threat Modeling

Pen Test Methodology: Vulnerability Analysis

Pen Test Methodology: Exploitation

Pen Test Methodology: Post Exploitation

Pen Test Methodology: Reporting

Tradecraft

Cryptography

Steganography

Password Security Overview

Password Attacks

Windows vs Unix Passwords

Password Attack Tools

Basic Rockyou Filtering

Advanced Rockyou Filtering

Password Attacks with Hydra

Cracking Hashes with John

7z Crack

Open Web Application Security Project (OWASP)

OWASP Web App Security Testing

Open-Source Intelligence (OSINT)

Scanning

Reconnaissance

Banner Grabbing

Nmap Overview

Nmap Host Discovery & DNS Resolution

Nmap Common Scan Options

Nmap Version Detection & Operating System Detection

Nmap Scanning Exclusions

Nmap Working with Input & Output Files

Nmap Scan Types

Nmap Cloaking & Spoofing Scans

Nmap Advanced Scanning Options

Nmap Scripting Engine for Scanning

Zenmap Overview

Nmap Vulnerability Scanning

Netcat

Metasploitable 2 Overview

Exploiting Metasploitable 2

vsFTPd Backdoor

Apache PHP-CGI Argument Injection RCE

UnrealIRCd Backdoor

Samba Command Injection

MySQL

Remote Execution Service

Rogue Shell Backdoor

Java RMI Server Insecure Configuration

DistCC Daemon Command Execution

Exploiting Metasploitable 2 Web Apps

Exploiting Apache Tomcat Manager

Intercepting Proxies

Burp Suite Overview

Burp Suite Installation

Burp Suite Usage

Burp Suite Key Components

Burp Suite Useful Features

Burp Suite Tricks & Hacks

Exploring Burp Suite

HTTP Overview

HTTP User-Agents Strings

HTTP Headers

HTTP Request Methods

HTTP Status Codes

HTTP State, Cookies, & Proxy

URLs & URIs

Hypertext Markup Language (HTML) & CSS

Programming & Coding (Python, JavaScript, PHP, PowerShell)

Common Web Files & Pages

Common Web Application Pen Test Tools (Dirb, DirBuster, Nikto, Wpscan, Sqlmap, Wfuzz, Aquatone, CeWL)

Useful Firefox Extensions

Common Web App Vulnerabilities

Congrats on Completing the Course!