pwk.hide01.ir
Open in
urlscan Pro
185.165.116.26
Public Scan
URL:
http://pwk.hide01.ir/
Submission: On June 16 via manual from AE — Scanned from DE
Submission: On June 16 via manual from AE — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
TABLE OF CONTENTS
* Copyright
* Getting Comfortable
with Kali Linux
* Booting Up Kali Linux
* The Kali Menu
* Kali Documentation
* Finding Your Way Around Kali
* – The Linux Filesystem
* – Basic Linux Commands
* – Finding Files in Kali Linux
* Managing Kali Linux Services
* – SSH Service
* – HTTP Service
* Searching, Installing, and Removing Tools
* – apt update
* – apt upgrade
* – apt-cache search and apt show
* – apt install
* – apt remove --purge
* – dpkg
* Wrapping Up
* Command Line Fun
* The Bash Environment
* – Environment Variables
* – Tab Completion
* – Bash History Tricks
* Piping and Redirection
* – Redirecting to a New File
* – Redirecting to an Existing File
* – Redirecting from a File
* – Redirecting STDERR
* – Piping
* Text Searching and Manipulation
* – grep
* – sed
* – cut
* – awk
* – Practical Example
* Editing Files from the Command Line
* – nano
* – vi
* Comparing Files
* – comm
* – diff
* – vimdiff
* Managing Processes
* – Backgrounding Processes (bg)
* – Jobs Control: jobs and fg
* – Process Control: ps and kill
* File and Command Monitoring
* – tail
* – watch
* Downloading Files
* – wget
* – curl
* – axel
* Customizing the Bash Environment
* – Bash History Customization
* – Alias
* – Persistent Bash Customization
* Wrapping Up
* Practical Tools
* Netcat
* – Connecting to a TCP/UDP Port
* – Listening on a TCP/UDP Port
* – Transferring Files with Netcat
* – Remote Administration with Netcat
* Socat
* – Socat File Transfers
* – Socat Reverse Shells
* – Socat Encrypted Bind Shells
* PowerShell and Powercat
* – PowerShell File Transfers
* – PowerShell Reverse Shells
* – PowerShell Bind Shells
* – Powercat
* – Powercat File Transfers
* – Powercat Reverse Shells
* – Powercat Bind Shells
* – Powercat Stand-Alone Payloads
* Wireshark
* – Wireshark Basics
* – Launching Wireshark
* – Capture Filters
* – Display Filters
* – Following TCP Streams
* Tcpdump
* – Filtering Traffic
* – Advanced Header Filtering
* Bash Scripting
* Intro to Bash Scripting
* Variables
* – Arguments
* – Reading User Input
* If, Else, Elif Statements
* Boolean Logical Operations
* Loops
* – For Loops
* – While Loops
* Functions
* Practical Examples
* – Practical Bash Usage – Example 1
* – Practical Bash Usage – Example 2
* – Practical Bash Usage – Example 3
* Passive Information Gathering
* Website Recon
* Whois Enumeration
* Google Hacking
* Netcraft
* Recon-ng
* Open-Source Code
* Shodan
* Security Headers Scanner
* SSL Server Test
* Pastebin
* User Information Gathering
* – Email Harvesting
* – Password Dumps
* Social Media Tools
* – Site-Specific Tools
* Stack Overflow
* Information Gathering Frameworks
* – OSINT Framework
* – Maltego
* Wrapping Up
* Active Information Gathering
* DNS Enumeration
* – Interacting with a DNS Server
* – Automating Lookups
* – Forward Lookup Brute Force
* – Reverse Lookup Brute Force
* – DNS Zone Transfers
* – Relevant Tools in Kali Linux
* Port Scanning
* – TCP / UDP Scanning
* – Port Scanning with Nmap
* – Masscan
* SMB Enumeration
* – Scanning for the NetBIOS Service
* – Nmap SMB NSE Scripts
* NFS Enumeration
* – Scanning for NFS shares
* – Nmap NFS NSE Scripts
* SMTP Enumeration
* SNMP Enumeration
* – The SNMP MIB Tree
* – Scanning for SNMP
* – Windows SNMP Enumeration Example
* Wrapping Up
* Vulnerability Scanning
* Vulnerability Scanning Overview and Considerations
* – How Vulnerability Scanners Work
* Vulnerability Scanning with Nessus
* – Installing Nessus
* – Defining Targets
* – Configuring Scan Definitions
* – Unauthenticated Scanning With Nessus
* – Authenticated Scanning With Nessus
* – Scanning with Individual Nessus Plugins
* Vulnerability Scanning with Nmap
* Wrapping Up
* Web Application Attacks
* Web Application Assessment Methodology
* Web Application Enumeration
* – Inspecting URLs
* – Inspecting Page Content
* – Viewing Response Headers
* – Inspecting Sitemaps
* – Locating Administration Consoles
* Web Application Assessment Tools
* – DIRB
* – Burp Suite
* – Nikto
* Exploiting Web-based Vulnerabilities
* Exploiting Admin Consoles
* – Burp Suite Intruder
* Cross-Site Scripting (XSS)
* – Identifying XSS Vulnerabilities
* – Basic XSS
* – Content Injection
* – Stealing Cookies and Session Information
* Directory Traversal Vulnerabilities
* – Identifying and Exploiting Directory Traversals
* File Inclusion Vulnerabilities
* – Identifying File Inclusion Vulnerabilities
* – Exploiting Local File Inclusion (LFI)
* – Contaminating Log Files
* – LFI Code Execution
* – Remote File Inclusion (RFI)
* – Expanding Your Repertoire
* – PHP Wrappers
* SQL Injection
* – Basic SQL Syntax
* – Identifying SQL Injection Vulnerabilities
* – Authentication Bypass
* – Enumerating the Database
* – Column Number Enumeration
* – Understanding the Layout of the Output
* – Extracting Data from the Database
* – From SQL Injection to Code Execution
* – Automating SQL Injection
* Wrapping Up
* Introduction to Buffer Overflows
* Introduction to the x86 Architecture
* – Program Memory
* – CPU Registers
* Buffer Overflow Walkthrough
* – Sample Vulnerable Code
* – Introducing the Immunity Debugger
* – Navigating Code
* – Overflowing the Buffer
* Windows Buffer Overflows
* Discovering the Vulnerability
* – Fuzzing the HTTP Protocol
* Win32 Buffer Overflow Exploitation
* – Replicating the Crash
* – Controlling EIP
* – Locating Space for Our Shellcode
* – Checking for Bad Characters
* – Redirecting the Execution Flow
* – Finding a Return Address
* – Generating Shellcode with Metasploit
* – Getting a Shell
* – Improving the Exploit
* Wrapping Up
* Linux Buffer Overflows
* About DEP, ASLR, and Canaries
* Replicating the Crash
* Controlling EIP
* Locating Space for Our Shellcode
* Checking for Bad Characters
* Finding a Return Address
* Getting a Shell
* Wrapping Up
* Client-Side Attacks
* Know Your Target
* – Passive Client Information Gathering
* – Active Client Information Gathering
* – Social Engineering and Client-Side Attacks
* – Client Fingerprinting
* Leveraging HTML Applications
* – Exploring HTML Applications
* – HTA Attack in Action
* Exploiting Microsoft Office
* – Microsoft Word Macro
* – Object Linking and Embedding
* – Evading Protected View
* Wrapping Up
* Locating Public Exploits
* A Word of Caution
* Searching for Exploits
* – Online Exploit Resources
* – Offline Exploit Resources
* Putting It All Together
* Wrapping Up
* Fixing Exploits
* Fixing Memory Corruption Exploits
* – Examining the Exploit
* – Cross-Compiling The Exploit Code
* – Changing the Socket Information
* – Changing the Return Address
* – Changing the Payload
* – Changing the Overflow Buffer
* Fixing Web Exploits
* – Considerations and Overview
* – Selecting the Vulnerability
* – Changing Connectivity Information
* – Troubleshooting the 'index out of range' Error
* Wrapping Up
* File Transfers
* Considerations and Preparations
* – Dangers of Transferring Attack Tools
* – Installing Pure-FTPd
* – The Non-Interactive Shell
* Transferring Files with Windows Hosts
* – Non-Interactive FTP Download
* – Windows Downloads Using Scripting Languages
* – Windows Downloads with exe2hex and PowerShell
* – Windows Uploads Using Windows Scripting Languages
* – Uploading Files with TFTP
* Wrapping Up
* Antivirus Evasion
* What is Antivirus Software
* Methods of Detecting Malicious Code
* – Detection Methods
* Bypassing Antivirus Detection
* – On-Disk Evasion
* – In-Memory Evasion
* – AV Evasion: Practical Example
* Wrapping Up
* Privilege Escalation
* Information Gathering
* – Manual Enumeration
* – Automated Enumeration
* Windows Privilege Escalation Examples
* – Understanding Windows Privileges and Integrity Levels
* – Introduction to User Account Control (UAC)
* – User Account Control Bypass: Case Study
* – Insecure File Permissions: Serviio Case Study
* – Leveraging Unquoted Service Paths
* – Windows Kernel Vulnerabilities: USBPcap Case Study
* Linux Privilege Escalation Examples
* – Understanding Linux Privileges
* – Insecure File Permissions: Cron Case Study
* – Insecure File Permissions: /etc/passwd Case Study
* – Linux Kernel Vulnerabilities: Case Study
* Wrapping Up
* Password Attacks
* Wordlists
* – Standard Wordlists
* Brute Force Wordlists
* Common Network Service Attack Methods
* – HTTP htaccess Attack with Medusa
* – Remote Desktop Protocol Attack with Crowbar
* – SSH Attack with THC-Hydra
* – HTTP POST Attack with THC-Hydra
* Leveraging Password Hashes
* – Retrieving Password Hashes
* – Passing the Hash in Windows
* – Password Cracking
* Wrapping Up
* Port Redirection and Tunneling
* Port Forwarding
* – RINETD
* SSH Tunneling
* – SSH Local Port Forwarding
* – SSH Remote Port Forwarding
* – SSH Dynamic Port Forwarding
* PLINK.exe
* NETSH
* HTTPTunnel-ing Through Deep Packet Inspection
* Wrapping Up
* Active Directory Attacks
* Active Directory Theory
* Active Directory Enumeration
* – Traditional Approach
* – A Modern Approach
* – Resolving Nested Groups
* – Currently Logged on Users
* – Enumeration Through Service Principal Names
* Active Directory Authentication
* – NTLM Authentication
* – Kerberos Authentication
* – Cached Credential Storage and Retrieval
* – Service Account Attacks
* – Low and Slow Password Guessing
* Active Directory Lateral Movement
* – Pass the Hash
* – Overpass the Hash
* – Pass the Ticket
* – Distributed Component Object Model
* Active Directory Persistence
* – Golden Tickets
* – Domain Controller Synchronization
* Wrapping Up
* The Metasploit Framework
* Metasploit User Interfaces and Setup
* – Getting Familiar with MSF Syntax
* – Metasploit Database Access
* – Auxiliary Modules
* Exploit Modules
* Metasploit Payloads
* – Staged vs Non-Staged Payloads
* – Meterpreter Payloads
* – Experimenting with Meterpreter
* – Executable Payloads
* – Metasploit Exploit Multi Handler
* – Client-Side Attacks
* – Advanced Features and Transports
* Building Our Own MSF Module
* Post-Exploitation with Metasploit
* – Core Post-Exploitation Features
* – Migrating Processes
* – Post-Exploitation Modules
* – Pivoting with the Metasploit Framework
* Metasploit Automation
* Wrapping Up
* PowerShell Empire
* Installation, Setup, and Usage
* – PowerShell Empire Syntax
* – Listeners and Stagers
* – The Empire Agent
* PowerShell Modules
* – Situational Awareness
* – Credentials and Privilege Escalation
* – Lateral Movement
* Switching Between Empire and Metasploit
* Wrapping Up
* Assembling the Pieces: Penetration Test Breakdown
* Public Network Enumeration
* Targeting the Web Application
* – Web Application Enumeration
* – SQL Injection Exploitation
* – Cracking the Password
* – Enumerating the Admin Interface
* – Obtaining a Shell
* – Post-Exploitation Enumeration
* – Creating a Stable Pivot Point
* Targeting the Database
* – Enumeration
* – Attempting to Exploit the Database
* Deeper Enumeration of the Web Application Server
* – More Thorough Post Exploitation
* – Privilege Escalation
* – Searching for DB Credentials
* Targeting the Database Again
* – Exploitation
* – Post-Exploitation Enumeration
* – Creating a Stable Reverse Tunnel
* Targeting Poultry
* – Enumeration
* – Exploitation (Or Just Logging In)
* – Post-Exploitation Enumeration
* – Unquoted Search Path Exploitation
* – Post-Exploitation Enumeration
* Internal Network Enumeration
* – Reviewing the Results
* Targeting the Jenkins Server
* – Application Enumeration
* – Exploiting Jenkins
* – Post Exploitation Enumeration
* – Privilege Escalation
* – Post Exploitation Enumeration
* Targeting the Domain Controller
* – Exploiting the Domain Controller
* Wrapping Up
Menu
RedBlueHit Hide01
Restart Rewind 10 secs Pause Play Forward 10 secs Next Video
% buffered 00:00
00:00
00:12
Unmute Mute
Disable captions Enable captions Exit fullscreen Enter fullscreen
You must use a modern browser that supports the HTML5 video element.
× مطالب پیشنهادی
Dark Mode
RIP OFFENSHIT-SECURITY ⚰️
Continuous Play
بدون نیاز به کرک بازی مورد علاقهتون رو بازی کنید!
ادامه مطلب
مطالب پیشنهادی
دانلود بازیهای آنلاین مخصوص کامپیوتر به صورت رایگان
دانلود بازیهای آنلاین مخصوص کامپیوتر به صورت رایگان
این روزا که خونهای با دوستات آنلاین بازی کن!
این روزا که خونهای با دوستات آنلاین بازی کن!
جشنواره من و آفتاب خانومی تا ۵۰٪تخفیف
جشنواره من و آفتاب خانومی تا ۵۰٪تخفیف
توی آکادمی یاسان فرزندت از کودکی برنامه نویسی/کدنویسی یاد میگیره!
توی آکادمی یاسان فرزندت از کودکی برنامه نویسی/کدنویسی یاد میگیره!
نگران آینده فرزندتان نباشید.این دوره رایگان 7 روزه را ثبت نام کنید
نگران آینده فرزندتان نباشید.این دوره رایگان 7 روزه را ثبت نام کنید
دانلود بهترین بازی های روز دنیا با ترافیک نیم بها
دانلود بهترین بازی های روز دنیا با ترافیک نیم بها
قسطی مو بکارید!!! (مشاوره رایگان)
قسطی مو بکارید!!! (مشاوره رایگان)
بازی که نمیتونی چشم ازش برداری!
بازی که نمیتونی چشم ازش برداری!
تو این هوای آفتابی ضدافتاب یادت نره(خرید تا ۵۰٪تخفیف از خانومی)
تو این هوای آفتابی ضدافتاب یادت نره(خرید تا ۵۰٪تخفیف از خانومی)
اگر از چاقی رنج میبری این محصول شگفت انگیز را ازدست نده!(مشاوره رایگان بگیر)
اگر از چاقی رنج میبری این محصول شگفت انگیز را ازدست نده!(مشاوره رایگان بگیر)