IIRF Online > IT & Software > Network & Security > Ethical Hacking > Website Hacking / Penetration Testing
Website Hacking / Penetration Testing by Udemy
Hack websites and web applications like black hat hackers and secure them like experts.
Course Highlights
- 100+ Videos (10+ hours) to teach you website hacking from scratch.
- 50+ hands-on real-life website hacking examples - from simple to advanced.
- Discover, exploit and mitigate a number of dangerous web vulnerabilities.
- Hack cloud servers using these vulnerabilities.
- No prior knowledge in Linux, hacking or programming is required.
- Advanced post exploitation - pivoting, dump the database, privilege escalation, etc
- Bypass security & advanced exploitation of these vulnerabilities.
- Bypass security & filters.
- Create a hacking lab.
- Intercept requests using a proxy.
- Adopt SQL queries to discover and exploit SQL injections in secure pages.
- Gain full control over cloud servers using SQL injections.
- Discover & exploit blind SQL injections.
- Install Kali Linux - a penetration testing operating system.
- Learn linux commands and how to interact with the terminal.
- Learn linux basics.
- Understand how websites & web applications work.
- Understand how browsers communicate with websites.
- Gather sensitive information about websites.
- Discover servers, technologies & services used on target website.
- Discover emails & sensitive data associated with a specific website.
- Find all subdomains associated with a website.
- Discover unpublished directories & files associated with a target website.
- Find all websites hosted on the same server as the target website.
- Discover, exploit and fix file upload vulnerabilities.
- Exploit advanced file upload vulnerabilities & gain full control over the target website.
- Discover, exploit and fix code execution vulnerabilities.
- Exploit advanced code execution vulnerabilities & gain full control over the target website.
- Discover, exploit & fix local file inclusion vulnerabilities.
- Exploit local file inclusion vulnerabilities to to get a shell.
- Exploit advanced local file inclusion vulnerabilities & gain full control over the target website.
- Exploit advanced remote file inclusion vulnerabilities & gain full control over the target website.
- Discover, fix, and exploit SQL injection vulnerabilities.
- Bypass login forms and login as admin using SQL injections.
- Writing SQL queries to find databases, tables and sensitive data such as usernames ad passwords using SQL injections
- Bypass filtering, and login as admin without password using SQL injections.
- Bypass filtering and security measurements.
- Read / Write files to the server using SQL injections.
- Patch SQL injections quickly.
- The right way to write SQL queries to prevent SQL injections.
- Discover basic & advanced reflected XSS vulnerabilities.
- Discover basic & advanced stored XSS vulnerabilities.
- How to use BeEF framwork.
- Hook users to BeEF using reflected & XSS vulnerabilities.
- Steal credentials from hooked targets.
- Run javascript code on hooked targets.
- Create Windows backdoors.
- Hack computers using XSS vulnerabilities.
- Fix XSS vulnerabilities & protect yourself from them as a user.
- Brute force & wordlist attacks.
- Create a wordlist or a dictionary.
- Launch a wordlist attack and guess admin's password.
- Discover all of the above vulnerabilities automatically using a web proxy.
- Run system commands on the target webserver.
- Access the file system (navigate between directories, read/write files).
- Download, upload files to / from hacked servers.
- Bypass security measurements.
- Access all websites on the same webserver.
- Connect to the database and execute SQL queries or download the whole database to the local machine.
- Discover, exploit and mitigate CSRF vulnerabilities.
Skills you will learn!
Curriculum
1 Topic
Course Introduction
6 Topics
Lab Overview & Needed Software
Initial Preparation
Installing Kali Linux as a VM on Windows
Installing Kali Linux as a VM on Apple Computers (Intel & Apple Silicon)
Installing Kali Linux as a VM on Linux
Installing Metasploitable As a Virtual Machine
3 Topics
Basic Overview Of Kali Linux
The Linux Terminal & Basic Linux Commands
Configuring Metasploitable & Lab Network Settings
2 Topics
What is a Website?
How To Hack a Website ?
9 Topics
Gathering Information Using Whois Lookup
Discovering Technologies Used On The Website
Gathering Comprehensive DNS Information
Discovering Websites On The Same Server
Discovering Subdomains
Discovering Sensitive Files
Analysing Discovered Files
Maltego - Discovering Servers Domains & Files
Maltego - Discovering Websites Hosting Provider & Emails
6 Topics
How To Discover & Exploit Basic File Upload Vulnerabilities to Hack Websites
Intercepting Requests
Exploiting Advanced File Upload Vulnerabilities To Hack Websites
Exploiting More Advanced File Upload Vulnerabilities
[Security] Fixing File Upload Vulnerabilities
GET & POST Requests
3 Topics
How To Discover & Exploit Basic Code Execution Vulnerabilities To Hack Websites
Exploiting Advanced Code Execution Vulnerabilities
[Security] - Fixing Code Execution Vulnerabilities
3 Topics
What are they? And How To Discover & Exploit Them
Gaining Shell Access From LFI Vulnerabilities - Method 1
Gaining Shell Access From LFI Vulnerabilities - Method 2
4 Topics
Remote File Inclusion Vulnerabilities - Configuring PHP Settings
Remote File Inclusion Vulnerabilities - Discovery & Exploitation
Exploiting Advanced Remote File Inclusion Vulnerabilities To Hack Websites
[Security] Fixing File Inclusion Vulnerabilities
2 Topics
What is SQL?
Dangers of SQL Injections
4 Topics
Discovering SQL Injections In POST
Bypassing Logins Using SQL Injection Vulnerability
Bypassing More Secure Logins Using SQL Injections
[Security] Preventing SQL Injections In Login Pages
4 Topics
Discovering SQL Injections in GET
Reading Database Information
Finding Database Tables
Extracting Sensitive Data Such As Passwords
11 Topics
Discovering & Exploiting Blind SQL Injections
Discovering Complex SQL Injection Vulnerabilities
Exploiting an advanced SQL Injection Vulnerability to Extract Passwords
Bypassing Filters
Bypassing Security & Accessing All Records
[Security] Quick Fix To Prevent SQL Injections
Reading & Writing Files On The Server Using SQL Injections
Getting A Shell & Controlling The Target Server Using an SQL Injection
Discovering SQL Injections & Extracting Data Using SQLmap
Getting a Direct SQL Shell using SQLmap
[Security] - The Right Way To Prevent SQL Injection Vulnerabilites
6 Topics
Introduction - What is XSS or Cross Site Scripting?
Discovering Basic Reflected XSS
Discovering Advanced Reflected XSS
Discovering An Even More Advanced Reflected XSS
Discovering Stored XSS
Discovering Advanced Stored XSS
14 Topics
Installing Windows As a Virtual Machine
Installing Windows as a Virtual Machine on Apple Silicon Computers
Hooking Victims To BeEF Using Reflected XSS
Hooking Victims To BeEF Using Stored XSS
Interacting With Hooked Targets
Running Basic Commands On Victims
Stealing Credentials/Passwords Using A Fake Login Prompt
Bonus - Installing Veil Framework
Bonus - Veil Overview & Payloads Basics
Bonus - Generating An Undetectable Backdoor Using Veil 3
Bonus - Listening For Incoming Connections
Bonus - Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10
Gaining Full Control Over Windows Target
[Security] Fixing XSS Vulnerabilities
5 Topics
Logging In As Admin Without a Password By Manipulating Cookies
Discovering Cross Site Request Forgery Vulnerabilities (CSRF)
Exploiting CSRF To Change Admin Password Using a HTML File
Exploiting CSRF Vulnerabilities To Change Admin Password Using Link
[Security] The Right Way To Prevent CSRF Vulnerabilities
3 Topics
Introduction to Brute Force & Dictionary Attacks?
Creating a Wordlist
Guessing Login Password Using a Wordlist Attack With Hydra
2 Topics
Scanning Target Website For Vulnerabilities
Analysing Scan Results
12 Topics
Post Exploitation Introduction
Executing System Commands On Hacked Web Servers
Escalating Reverse Shell Access To Weevely Shell
Weevely Basics - Accessing Other Websites Running Shell Commands ...etc
Bypassing Limited Privileges & Executing Shell Commands
Downloading Files From Target Webserver
Uploading Files To Target Webserver
Getting a Reverse Connection From Weevely
Accessing The Database
Conclusion
Writing a Pentest Report
4 Ways to Secure Websites & Apps
1 Topic
Bonus Lecture - Discounts
Website Hacking / Penetration Testing
Related Ethical Hacking Courses
.webp)
Thank You!
Your review has been submitted successfully.