Dive into the second part of a comprehensive ethical hacking video tutorial spanning over 7 hours. Learn advanced techniques including subdomain hunting, website technology identification, information gathering with Burp Suite, and effective use of Google and social media for reconnaissance. Master scanning with Nmap, enumerating various protocols, and researching vulnerabilities. Explore Nessus scanning, understand different types of shells and payloads, and gain hands-on experience with Metasploit and manual exploitation. Delve into brute force attacks, credential stuffing, and password spraying. Gain in-depth knowledge of buffer overflows, from explanation to practical exploitation. Apply your skills through multiple walkthroughs of vulnerable machines, including Blue, Academy, Dev, Butler, and Blackpearl. Enhance your ethical hacking proficiency with this extensive, practical guide.
Overview
Syllabus
- Introduction
- Hunting Subdomains Part 1
- Hunting Subdomains Part 2
- Identifying Website Technologies
- Gathering Information w/ Burp Suite
- Google Fu
- Utilizing Social Media
- Installing Kioptrix
- Scanning w/ Nmap
- Enumerating HTTP/HTTPS Part 1
- Enumerating HTTP/HTTPS Part 2
- Enumerating SMB
- Enumerating SSH
- Researching Potential Vulnerabilities
- Our Notes So Far
- Scanning w/ Nessus Part 1
- Scanning w/ Nessus Part 2
- Reverse Shells vs Bind Shells
- Staged vs Non-Staged Payloads
- Gaining Root w/ Metasploit
- Manual Exploitation
- Brute Force Attacks
- Credential Stuffing & Password Spraying
- Our Notes, Revisited
- Downloading Our Materials
- Buffer Overflows Explained
- Spiking
- Fuzzing
- Finding the Offset
- Overwriting the EIP
- Finding Bad Characters
- Finding the Right Module
- Generating Shellcode and Gaining Root
- Python3 and More
- Capstone Introduction
- Setting up Blue
- Blue Walkthrough
- Academy Setup
- Academy Walkthrough
- Dev Walkthrough
- Butler Walkthrough
- Blackpearl Walkthrough
- Conclusion
Taught by
The Cyber Mentor
