Module:1 (Information Gathering: Port Scanning)..........................21- Nmap................................................................2
Introduction.................................................................2Getting Practical............................................................3
2- Netdiscover.........................................................63- Netcat..............................................................84- Masscan.............................................................8
Module:2 (File Transfer Techniques).....................................10Why...................................................................101- FTP................................................................112- TFTP...............................................................123- Netcat.............................................................134- SMB................................................................155- RDP................................................................15
Module:3 (The Metasploit Framework).....................................161- Structure..........................................................162- Information Gathering..............................................173- Vulnerability Scanning.............................................204- Payloads...........................................................215- Exploitation.......................................................226- Meterpreter........................................................23
Functionalities :...........................................................23Module:4 (MITM: Sniffing and Interception)..............................25
1- Wireshark..........................................................252- Ettercap...........................................................30
Information Gathering :.....................................................30Exploitation :..............................................................32
Module:5 (Client Side Attacks)..........................................341- Information Gathering..............................................34
BeEF Framework..............................................................342- Exploitation.......................................................37
Using Public Exploits.......................................................37Metasploit's browser/autopwn................................................37
Module:6 (Privileges Escalation, Persistence & Pivoting)................39Privileges Escalation.................................................391- Unquoted Service Paths.............................................392- Vulnerable Services................................................413- AlwaysInstallElevated..............................................42Persistence...........................................................431- Meterpreter........................................................432- Regular shell......................................................45Pivoting..............................................................461- Static Port Redirection............................................462- Dynamic Port Redirection...........................................48
Module:7 (Password Cracking)............................................53Password Cracking.....................................................531- Online.............................................................532- Dictionary Based (Using Hashcat)...................................53
Module:8 (Web Application Hacking)......................................551- SQL Injection......................................................55
Error based.................................................................55Union based.................................................................56Blind injection.............................................................60
2- Cross-Site Scripting (XSS).........................................62Reflected...................................................................62Detection...................................................................63Exploitation (Stealing the Session ID)......................................64
1
Stored (Persistent).........................................................65Detection...................................................................65Exploitation................................................................66
3- Cross-Site Request Forgery (CSRF)..................................67Detection & Exploitation....................................................67
Module:9 (Buffer Overflows).............................................701- Direct EIP overwrite...............................................702- SEH Bypass.........................................................803- Egg Hunter.........................................................88
Module:10 (Working With Public Exploits)................................921- Bad Return Address.................................................922- Payload Replacement................................................95
Module:11 (Antivirus Evasion & File Backdooring Techniques).............971- Metasploit.........................................................972- Hex...............................................................1003- Assembly Encryption...............................................115
Module:12 (Hacking Embedded Devices)...................................1231- Firmware Extraction and Inspection................................1232- Vulnerability & Exploitation......................................1233- Backdooring.......................................................123
Module:13 (WIFI Cracking)..............................................1241- WEP...............................................................1242- WPA...............................................................1243- WPS...............................................................1244- MAC filtering.....................................................1245- Hidden SSID.......................................................124
2