Ultimate Ethical Hacking and Penetration Testing (UEH)

• Installing Kali Linux as Virtual Machine
• NAT , Bridged Explained !

• Types of Hackers
• Vulnerability,Exploits,Payloads
• Red Blue Teaming
• Privileges and Escalation
• Denial of Service Attack
• Buffer Overflow Attack
• Viruses,Worms,Ransomwares etc

• Basic Commands
• Some more Commands
• File Permissions
• Special Permissions - SUID,SGID,Sticky bits
• Linux File Structure
• User Management
• etc passwd explained
• etc shadow explained
• Environment Variables
• Software Management
• Cron Jobs
• Service Management
• Zipping,Tar Balls and Compression

• Number Systems
• Decimal to Binary
• Binary to Decimal
• Hexadecimal to Binary
• Binary to Hexadecimal
• Decimal to Hexadecimal
• Hexadecimal to Decimal
• Bitwise Operations

• What is Network and its Advantages
• IP Address and Classes Explained
• Mac Address Explained
• Network Devices
• Types of Topologies
• Types of Networks
• OSI and TCP/IP Models
• TCP 3 way Handshake Explained
• TCP and UDP
• Ports and some well known ports
• ARP Explained
• DNS Explained
• SNMP Explained
• DHCP Explained
• FTP Explained
• HTTP Explained
• Telnet Explained
• SSH Explained
• VLANS Explained
• Ping , Traceroute Tutorial
• Subnet Mask
• Wireshark Tutorial

• What is Cryptography ? and its need
• Terminology
• Character Encodings - ASCII , ANSI , Unicode
• Base 64 Encoding
• Substitution Ciphers - Ceasar, Vignere
• Transposition Ciphers - Column,Rail Fence
• RSA Algorithm
• Solving Simple RSA CTF Challenge
• A look at dcode fr website

• HTML Basics
• CSS Basics
• JavaScript Basics
• URL Explained
• HTTP Requests
• HTTP Responses
• Proxy Explained
• URL Encoding
• Robots.txt Explained
• Cookies and Sessions Explained
• Same Origin Policy Explained

• Installation
• Visual Studio Code Setup
• Variables
• Operators
• Strings
• User Input
• Lists
• Tuples
• Loops
• Dictionaries
• File I/O
• Functions
• Object Oriented Programming
• Pip Installer
• Sockets Introduction
• Debugging
• Modules
• Exception Handling

• Git Theory
• Basic Git Commands - clone,add,commit,push

• Cherrytree + Git

• Netcat - Shells , File Transfer & Pivoting

• Introduction
• Haveibeenpwned
• theharvester
• Shodan
• Google Dorks
• Pastebin
• Exiftool
• builtwith

• Host command
• nslookup and dig
• DNS Recon and DNS Enum
• Amass Tutorial
• Nmap Tutorial
• Nmap NSE Scripts
• Nikto Scanner
• gobuster
• Dirbuster and dirb
• Installing Metasploitable
• SMB Enumeration

• Introduction
• Setting up the Database
• Modules Explained
• MSF Venom Basics
• Encoders
• MSF Console Basics
• Port Scanning
• SMB Enumeration
• Using Exploit to pwn the shell
• Meterpreter & Multi Handler
• Post Exploitation Modules
• Dont skip this video

• Installation
• FoxyProxy
• Manual Spidering
• Intruder
• Repeater
• Decoder

• Installing MySQL
• SQL Basics
• Manual SQL Injection
• ERROR Based SQL Injection
• UNION Based SQL Injection
• Dumping Entire Database
• Blind SQL Injection - Condition Based
• Blind SQL Injection - Condition Errors
• Blind SQL Injection - Time Delay Injection
• SQLmap Tutorial
• Command Injection
• XSS Basics
• Reflected & Stored XSS
• XSS Bypassing Filters
• Cookie Stealing with XSS
• Broken Authentication
• File Upload Vulnerability
• Sensitive Data Exposure
• XML External Entity Attacks
• Local File Inclusion
• LFI to Remote Code Execution
• XSS Challenge
• IDOR Tutorial
• Security Misconfiguration
• Insecure Deserialization
• Known Vulnerabilities
• Cross Site Request Forgery
• Open Redirection
• HTML Injection
• Installing Wordpress
• Wordpress Enumeration
• Wordpress xmlrpc
• Wpscan xmlrpc
• Metasploit xmlrpc
• Bruteforcing Wordpress Users

• Wordpress Shell Upload
• Installing Vyatta Router VM
• Setting up the Services
• SNMP Enumeration with Nmap
• BruteForcing SNMP Strings
• BruteForcing with Hydra,Medusa
• SNMP Post Exploitation
• SSH Enumeration
• BruteForcing SSH Login
• BruteForcing Web Logins using Hydra
• wget curl Tutorial
• Linux File Transfers
• Firewall Basics
• Reverse Http Payload
• Iptables Tutorial
• Bypassing Firewall
• Eternal Blue Exploit
• Upgrading to tty shells
• Searchsploit
• Manual Exploitation
• Windows File Transfers
• Searching in Windows
• Dumping Password Hashes
• Creating wordlists
• Pivoting with Metasploit
• Identifying Hashes
• OpenSSL Tutorial
• Johntheripper Tutorial
• Mimikatz Tutorial
• SSH Tunneling , SOCKS and Pivoting
• Pivoting Entire Network with Chisel
• Windows File Transfers Updated

• Listing Root Permissions
• Editing etc passwd file
• Editing sudoers file
• Systemctl - SUID Binary
• find command
• Vim command
• cp command
• PATH Variable Manipulation
• CRON Jobs
• Kernel Exploits
• Linpeas , LinSmartEnum scripts
• Readable SSH Key
• LD_PRELOAD Injection
• LXD Containers
• LD_LIBRARY_PATH Injection
• SUID SGID Binaries
• Looting Passwords
• NFS No Root Squashing
• Python Module Injection

• Basic Enumeration
• WMI Queries
• AlwaysInstallElevated
• Searching for Credentials
• at command & Sticky Keys
• Metasploit Modules
• Windows Registry
• Insecure Service Executables
• Weak Registry Permissions
• Insecure Service Permissions
• Kernel Exploits
• Unquoted Service Paths
• Powershell UAC Bypass
• WinPEAS Script

• Banner Grabber
• Port Scanner
• Client - Server
• Creating Bind Shell
• Creating Reverse Shell
• Directory BruteForcer
• Email Bomber
• Keylogger + Emailer

• Lab Setup

• What is Assembly Language ?
• Is it worth Learning Assembly Language in 2020 ?
• Compilation Process
• History
• CPU Registers
• Basic Instructions
• Sections
• Instruction Pointer
• Little and Big Endian byte orders
• System Calls
• Hello World Program
• Debugging with GDB
• Data Types
• Stack - PUSH , POP
• Arithmetic Operations
• Multiplication & Division
• Logical Operations
• Control Flow
• Loops

• Introduction to Fuzzing
• Simple Python Fuzzer
• Boofuzz Framework
• Fuzzing FTP Server

• Immunity Debugger Basics
• Python Pattern Generator
• Generating Pattern with Metasploit
• Determining Available Buffer size
• Introduction to Mona
• Finding EIP,ESP Offsets
• Determining Bad Characters with Mona
• Finding jmp addresses with Mona
• Finding jmp addresses with Immunity
• Generating Shellcode using MSFVenom
• PWNing the Shell
• Introduction to EggHunters
• POP POP RET
• Short Jumping around

• SEH Theory
• Exploiting SEH Overflows

• What is Shellcoding ?
• Hello World Shellcode
• Shellcode Extraction
• Execve Shellcode
• Bind Shell
• Reverse Shell
• Testing Shellcode
• XOR Encoder using Python
• XOR Decoder Shellcode
• NOT Encoder
• NOT Decoder

• Introduction
• Execution Policy
• Get-Help and Get-Command
• Get-Alias and New-Alias
• Formatting
• Object Oriented
• Variables and Data Types
• User Input
• Command Line Arguments
• Operators
• Environment Variables
• Loops
• Arrays

• Installing Windows Server
• Configuring Windows Server
• Adding Computers to the Domain

• History
• Objects,Organizational Units
• Active Directory,Domain,Domain Controller
• Trees,Trusts and Forests
• Global Catalog
• FSMO Roles
• Groups
• AD Certificate Services

• LLMNR NBT-NS Explained
• LLMNR Poisoning with Responder
• Cracking NTLMv2 Hashes with Hashcat
• ARP Poisoning
• DNS Spoofing
• SSL Strip
• PAC Tampering
• LDAP Domain Dump
• BruteForcing with CrackMapExec
• Post Exploitation with CrackMapExec

• Promo
• Sockets and Multithreading
• Flask Basics
• Web Interface and Linking to Sockets
• BiDirectional File Transfer
• Multithreaded Keylogger

• Creating a Linux DEB Package Backdoor
• Office VBA Macros
• VBA Stomping
• Automating VBA Stomping with EvilClippy

Manual LDAP Enumeration

• Basics of AppLocker
• Bypassing File Hash Rules

• Cracking into HacktheBox
• HackTheBox - CRONOS
• HackTheBox - IRKED
• HackTheBox - FALAFEL
• HackTheBox - KOTARAK
• HackTheBox - MIRAI
• HackTheBox - GRANNY
• HackTheBox - POISON
• HackTheBox - LAME
• HackTheBox - LEGACY
• HackTheBox - DEVEL
• HackTheBox - BLOCKY
• HackTheBox - BASTARD
• HackTheBox - ARCTIC
• HackTheBox - SENSE