Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Ethical hacking guide A-Z
00x00 Syllabus
Syllabus
Getting Help
Answering your questions (1:53)
00x01 Introduction
Introduction
Intro Video (7:18)
What is "Ethical" hacking"?
How to engage a target?
How to engage a target? (3:53)
@Ch1R0n1n: What it means to be an Ethical Hacker.pdf
@Ch1R0n1n: What it means to be an Ethical Hacker.pptx
@Ch1R0n1n: What is an Ethical Hacker? (13:28)
QUIZ: How ethical are you?
Assignment: Describe the deliverables of a pentest in your own words
Assignment: Let's fuzz hackxpert.com
00x02- Networking and Web application basics
Web fundamentals Video (7:30)
Web fundamentals
Assignment: Web
Transferring files (3:08)
Downloading files
Fundamentals - Fuzzing.mp4 (2:49)
Fuzzing
Assignment: Let's fuzz hackxpert.com
Networking fundamentals
Assignment: Networking
Quiz: 00x02 Fundamentals
Realistic assignment: Fuzz our pentesting assignment
SOLUTION: Realistic assignment: Fuzz our pentesting assignment
00x03 - Tools
Linux CLI (2:33)
Netcat (5:08)
Netcat In depth Article
OWASP Zap Is Awesome_ First Impressions.mp4 (14:42)
00x03 OWASP ZAP
Assignment: Using OWASP ZAP
Quiz: 00x03 tools
00x03 Active recon
DNS in depth
DNS (7:11)
Quiz:00x03 DNS
Assignment: 00x03 DNS
00x04 Passive information gathering
Passive information gathering
Passive information gathering (3:03)
Quiz: 00x04 Passive information gathering
00x05 Getting a foothold
Getting a foothold (3:47)
@Ch1R0n1n: Directory Busting Walkthrough.mp4 (17:38)
@Ch1R0n1n: Directory Busting.ppt
@TheXSSRat: Directory_brute_forcing.pdf
@Ch1R0n1n: Working with Exploits.mp4 (12:18)
@Ch1R0n1n: Working with Exploits.ppt
SMB enum
@Ch1R0n1n: SMB Enumeration.mp4 (21:35)
@Ch1R0n1n: SMB Enumeration.ppt
FTP Enumeration.MP4 (23:31)
FTP Enumeration
FTP Enumeration.ppt
SNMP enum
NFS enum
Telnet enum
SSH enum
Enumeration cheat sheet
Getting a foothold- The puzzle pieces fall in place - Video (12:29)
Getting a foothold- The puzzle pieces fall in place
Quiz: 0x05 Enum
Assignment: - Foothold
Assignment: - Foothold - Solutions
00x006 Privilege escalation
Linux priv-esc (33:16)
Linux priv esc PPTX
Linux priv esc Article
Linux priv esc Ex 1 MP4 (12:04)
Linux priv esc Ex 2 MP4 (20:52)
Quiz: Privilege escalation [Linux]
Windows Priv Esc MP4 (66:43)
Windows_Privilege_Escalation.pdf
Windows priv esc Article
Assignment: 00x06 Reading the doctor's hidden files
Assignment: Linux priv esc
00x07 Vulnerability scanning
Vulnerability scanning (7:20)
Nmap NSE (5:56)
OpenVas (11:27)
Vulnerability scanning 02 (28:58)
00x08 Buffer overflows
Buffer overflows Walkthrough (44:01)
Buffer Overflows PPTX
00x09 Burp Suite (Large section)
Intro (0:35)
Dashboard + live and passive scans (16:33)
Burp Suite Dashboard.pdf
03 Target tab.mp4 (4:48)
Target tab
Proxy tab (10:11)
Burp suite Proxy .pdf
05 Intruder.mp4 (9:58)
Intruder
06 Repeater.mp4 (5:00)
Repeater
07 Sequencer.mp4 (3:46)
Sequencer
08 Decoder.mp4 (2:57)
Decoder
09 comparer.mp4 (1:48)
Comparer
10 Market place (Plugins) + more.mp4 (2:53)
Burp Suite Extender
Burp collaborator
Burp Authorize
Burp Match and replace
Burp Suite Content discovery
Burp suite Top 5 Professional extensions
Testing mobile applications with burp suite
Burp suite How to use burp to look for SQLi
Quiz : Burpsuite
Exercises
ASSIGNMENT: Get to know burp suite community edition
00x09 ASSIGNMENT - SOLUTION: Let's engage with burp suite free
00x10-00 Introduction to JWT hacking
JWT tokens - What are they and how can we hack them.mp4 (3:45)
Lab: JWT hacking
00x10-01 Open redirects
Open redirects: what are they and what is the impact?
Open redirects (2:37)
Labs: Open redirects
Quiz: Open Redirects
00x10-02 CSRF
What Exactly Is CSRF And How Does It Look Like In PHP? (7:25)
Powerpoint: CSRF
bug-bounty-beginner-methodology_-csrf (9:40)
How Uncle Rat Hunts For CSRF During Bug Bounties (10:04)
CSRF - Full text.pdf
Quiz: CSRF
Labs: CSRF
00x10-03 Broken Acces Control
Broken-access-control_-what-is-it-and-how-do-you-test-for-it. (11:02)
BAC.png
BAC.pdf
BAC : Quiz
Lab: BAC
Solutions lab:BAC
00x10-04 IDOR
IDOR Exp (15:57)
IDOR - Slides.pdf
idors_-what-are-they-and-how-do-you-look-for-them (11:45)
don-t-test-for-idor-s-manually-autorize-is-so-much-faster (6:25)
5-ways-to-test-for-idor-demonstrated (9:51)
did-you-know-you-can-chain-idors (5:47)
Quiz: IDOR
Labs IDOR
00x10-05 Business Logic Laws
business-logic-vulnerabilities (5:16)
business-logic-flaws_-you-should-probably-look-into-this (15:55)
Business_logic_flaws - full text.pdf
Business logic flaws - Powerpoint
Business_logic_vulnerabilities.pdf
full-business-logic-flaws (21:28)
Labs Logic errors
Quiz : Business Logic
00x10-6 XXE
XXE-Full text PDF
Intro (2:51)
what-is-xxe (5:25)
finding-attack-vectors (6:12)
exploiting (5:04)
wafs-and-filters (2:01)
XML_eXternal_Entities.pdf
Tools-and-prevention (5:12)
XXE : Quiz
00x10-07 Template Injection
CSTI.pdf
SSTI
The crazy world of SSTi.pdf
CSTI.pptx
Client Side Template Injection (3:04)
Server Side Template Injection (10:57)
00x10-08 XSS
ultimate-xss-guide (27:45)
XSS - Ultimate beginner guide.pdf
WAF_evasion_techniques.pdf
Testing for reflected XSS.pdf
Testing for stored XSS.pdf
DOM_XSS_.pdf
advanced-xss-techniques (17:28)
XSS - Advanced techniques.pdf
waf-bypass-techniques (21:14)
Labs: XSS
00x10-09 Insecure deserilisation
Insecure deserilisation (3:29)
Insecure deserilisation: Not as hard as you think
OWASP TOP 10: Insecure deserilisation
00x10-10 Captcha bypass
Captcha bypass
CAPTCHA bypasses (2:48)
00x10 Labs: Captcha bypass
00x10-11 SSRF
uncle-rats-ultimate-ssrf-guide-for-bug-bounties (8:43)
blind-ssrf_-what-is-it_-impact_-how-to-exploit-it (4:20)
SSRF-Slides.pdf
SSRF.pdf
Quiz: SSRF
00x10 Command Injection
os-command-injection (5:32)
Command_injection - Slides.pdf
how-do-i-test-for-blind-command-injection (4:20)
uncle-rats-ultimate-guide-to-finding-os-command-injection (6:18)
00x10 SQLi
0-intro (2:11)
1-what-are-sqli (2:59)
2-detecting-sqli (5:13)
3-types-of-sqli (10:26)
4-boolean-based-sqli (6:47)
5-sqlmap (3:19)
6-references-amp-exercises (3:50)
Slides.pdf
1-portswigger-simple-login-bypass (2:59)
2-union-based-sqli-to-rce (9:00)
3-mssql-injection-to-rce (7:47)
4-waf-bypasses (1:57)
5-sqli-waf-bypass (17:02)
6-sqli-xss-and-xxe-all-in-one-payload (20:39)
00x10-11 (Admin) login pages
admin login panel bypass (3:46)
00x10/11 (Admin) login pages
Assignment: 00x10/11 (Admin) login pages - Labs
00x11-1 Broad scope web application methodology - General methodology
Broad_scope_methodology_-_Manual.pdf
manual-recon (14:30)
0 Subdomain Enum.pptx
2-processing-subdomains (4:18)
2 Checking the list.pptx
automatic-recon (16:08)
Automatic subdomain enum.pptx
00x11-2 Broad scope web application methodology - Manual Hacking
Subdomain flyover.pptx
subdomain-flyover (6:08)
exploiting-open-ports (6:08)
Exploiting open ports.pptx
00x11-3 Broad scope web application methodology - Vulnerability scanning
A vulnerability scanning.pptx
B Chaining it all together.pptx
our-attack-strategy (10:04)
vulnerability-scanning (11:01)
00x11-4 Broad scope web application methodology - Practical Methodology
Creating_our_list_of_su20creating20our20list20of20subdomains.pdf
Processing_Our_List_Of_S20processing20our20list20of20subdomain.pdf
Subdomain_flyov20subdomain20flyover.pdf
Exploiting_open_p20exploiting20open20ports.pdf
Vulnerability_scanni20vulnerability20scanning.pdf
Vulnerability_testing_stra20vulnerability20testing20strategy.pdf
00x11-5 Broad scope web application methodology - Extra's
Analyzing_javascript_files.pdf
What_the_ffuf_.pdf
Nuclei template cheat sheet
vulnerability scanning
Nuclei scanning
Running_your_scripts_on_a_VPS.pdf
Broad Scope Methodology.png
Directory_brute_forcing.pdf
quickly-identify-a-target-from-a-list-of-thousands-of-dns-records-multi-domain-r (3:18)
exploit-db-examples (3:15)
List_of_to20list20of20tools.pdf
you-are-probably-doing-directory-brute-forcing-wrong-here-s-why (5:43)
Quiz: Creating nuclei templates
00x12 API Testing
Postman - Theory (17:06)
API hacking with postman Part 1 - getting the basics down (20:57)
API hacking with postman Part 2 - importing the API description (3:33)
API hacking with postman Part 3 Pre-request scripts, tests and console (11:01)
API hacking with postman Part 4 - Getting dirty with data sources (8:03)
REST-API_goat_project.pdf
postman lab - Tiredful API.pdf
API Broken Access Control Through Replacing HTTP Method (5:14)
API hacking by Chaining postman into burp suite (8:15)
00x12 OWASP API top 10
API0 2019 What is an API?
API1 2019 Broken Object Level Authorization
API2 2019 Broken User Authentication
API3 2019 Excessive Data Exposure
API4 2019 Lack of rate limiting
API5 2019 Broken Function Level Authorization
API6 2019 Mass Assignment
API7 2019 Security Misconfiguration
API8 2019 Injection
API9 2019 Improper Assets Management
API top 10 - 0 through 3 (28:57)
OWASP API TOP 10 - 4 to 7 (31:47)
API8-2019 Injection (9:41)
API9-2019 improper asset management (7:16)
OWASP API top 10 - 10 insufficient logging and monitoring (1:31)
00x13 Mobile hacking
OWASP M1.2016 improper platform usage (5:24)
OWASP M2.2016 - insecure data storage (1:28)
OWASP M3.2016 Insecure communication (2:07)
OWASP M4.2016 Insecure authentication (3:38)
OWASP M5 Insufficient cryptography (2:22)
OWASP M6. Insecure authorization (3:07)
OWASP M7. bad code quality (5:35)
OWASP M8. Code tampering (2:36)
OWASP M9 Reverse engineering (2:33)
OWASP M10. Extranous functionality (1:56)
00x13 Mobile hacking - Setting up Android Lab
installation-chapter-1 (3:09)
installation-chapter-2 (1:44)
installation-chapter-3 (7:09)
installation-chapter-4 (3:16)
Mobile android lab setup.pptx
00x16 Password attacks
Password Cracking (24:46)
Password Cracking.pptx
Tools List.TXT.docx
Extras
Automation (8:01)
Pentesting checklist
NDA example (You get this from the client)
Assignment example
Test plan example
Test report example
French Translation
Ethical hacking guide A-Z_FR_V1.1_Chap_1.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_2.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_3.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_4.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_5.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_6.docx
Teach online with
uncle-rats-ultimate-guide-to-finding-os-command-injection
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock