Video Description

In the Exploit Development module of Advanced Penetration testing, you will learn how to write your own code for memory corruption exploits. The module covers the following primary topics: - A program in memory - Stack frame function - New compilers - Python - Executing unintended code - Network-based exploits - Creating a cyclic pattern - Verifying offsets - Creating shell code - Fuzzing - Public exploits - Turning a 3Com exploit into a Metasploit module - Structured exception handler over-write

Course Modules

Advanced Penetration Testing

Module 1 - Linux

00:49
Linux (part 1)
13:48
Linux (part 2) Kali Linux Commands
13:10
Linux (part 3) - Directories, myfile and Nano
14:40
Linux (part 4) chmod, manipulation and packages
15:40
Linux (part 5) IP Addressing and netcat
05:26
Linux (part 6) Copy Commands and crontab

Module 2 - Programming

00:51
Programming (part 1) Fundamentals for Pen Testers
10:02
Programming (part 2) Bash Scripting and If/Then Command
09:26
Programming (part 3) Network Pings
13:16
Programming (part 4) Python for Port Scanning
11:10
Programming (part 5) Python Import Command

Module 3 - Metasploit

00:59
Metasploit (part 1) Introduction
14:47
Metasploit (part 2) Fundamentals
24:17
Metasploit (part 3) Operation
05:27
Metasploit (part 4) Auxiliary Module
09:40
Metasploit (part 5) msfcli
14:40
Metasploit (part 6) msfvenom

Module 4 - Information Gathering

00:47
Information Gathering Intro (part 1)
15:03
Information Gathering (part 2) Domain Name Services
17:58
Information Gathering (part 3) Targeting Email and Maltego
06:00
Information Gathering (part 4) recon-ng and google operators
29:53
Information Gathering (part 5) NMAP and PortScanning

Module 5 - Vulnerability Discovery/Scanning

00:27
Vulnerability Scanning Intro (part 1)
17:03
Vulnerability Scanning (part 2) Nessus
11:33
Vulnerability Scanning (part 3) Nmap Scripting Engine
09:31
Vulnerability Scanning (part 4) Metasploit
14:19
Vulnerability Scanning (part 5) WebApp, XAMPP, WEBDAV, nikto
08:00
Vulnerability Scanning (part 6) Directory Transversals

Module 6 - Traffic Capture

00:43
Traffic Capture Introduction (part 1)
07:52
Traffic Capture (part 2) Analyzing Network Protocol with Wireshark
11:54
Traffic Capture (part 3) Address Resolution Protocol ARP
05:11
Traffic Capture (part 4) DNS
11:12
Traffic Capture (part 5) ettercap
09:37
Traffic Capture (part 6) SSL Stripping

Module 7 - Exploitation

16:34
Exploitation (part 1) Direct Exploitation
14:26
Exploitation (part 2) SQL Commands
06:49
Exploitation (part 3) Directory Traversal
06:30
Exploitation (part 4) Open Source Vulnerability
06:18
Exploitation (part 5) Using Backdoor to Access an FTP Server
06:07
Exploitation (part 6) Attaching to an IP Address

Module 8 - Passwords

12:11
Passwords (part 1) Password Attacks
05:28
Passwords (part 2) Online Password Cracking
12:25
Passwords (part 3) Offline Password Attacks
17:28
Passwords (part 4) Using oclhashcat

Module 9 - Advanced Exploitation

00:42
Advanced Exploitation (part 1) Introduction
11:09
Advanced Exploitation (part 2) Client Side Attacks
06:59
Advanced Exploitation (part 3) Exploiting Java
23:08
Advanced Exploitation (part 4) Social Engineering
18:56
Advanced Exploitation (part 5) Bypassing Antivirus Software

Module 10 - Post Exploitation

20:36
Post Exploitation (part 1) File Transfer without and Interactive Shell
17:16
Post Exploitation (part 2) Exploit Development
08:24
Post Exploitation (part 3) Pivoting
13:13
Post Exploitation (part 4) Setting Up a Domain Controller

Module 11 - WebApps

01:03
WebApp Introduction (part 1) Web App Testing
11:41
WebApp (part 2) Vulnerable Web Applications
14:31
WebApp (part 3) SQL Injection
07:19
WebApp (part 4) File Inclusion
08:22
WebApp (part 5) Cross Site Scripting XSS

Module 12 - Exploit Development

00:52
Exploit Development Introduction (part 1)
10:42
Exploit Development (part 2) A Program in Memory
05:55
Exploit Development (part 3) Stack Frame for Function
19:35
Exploit Development (part 4) GNU Compilers
08:21
Exploit Development (part 5) Python
14:10
Exploit Development (part 6) Executing Unintended Code
15:13
Exploit Development (part 7) Network Based Exploits and Debuggers
17:02
Exploit Development (part 8) Creating a Cyclic Pattern
17:22
Exploit Development (part 9) Verifying Offsets
16:25
Exploit Development (part 10) Creating Shell Code in Kali Linux
17:43
Exploit Development (part 11) Fuzzing
12:51
Exploit Development (part 12) Public Exploits and Perl
16:17
Exploit Development (part 13) Turning a 3Com Exploit into a Metasploit Module
34:02
Exploit Development (part 14) Structured Exception Handler Over-Write

Module 13 - Smartphone Pentest Framework

01:09
SPF Introduction (part 1)
03:58
SPF (part 2) Attach to Smartphone Based Apps
08:22
SPF (part 3) Turning an Android App into a SPF Agent
08:57
SPF (part 4) Functionality for Agents
14:23
SPF (part 5) Pentesting Mobile Devices

Instructed By

Instructor Profile Image
Georgia Weidman
Instructor