黑客艺术（视频集）

The Art of Hacking (Video Collection)

您还未登录,请点击这里登录

上一讲： 003. 1.2 Introducing Wireless Standards and Technologies

下一讲： 005. 1.4 Understanding Bluetooth

视频列表

Enterprise Penetration Testing and Continuous Monitoring (The Art of Hacking Series) by Omar Santos
001. Introduction
Hacking Web Applications (The Art of Hacking Series) Security Penetration Testing for Today's DevOps and Cloud Environments
001. Introduction
Lesson 1 Overview of Ethical Hacking and Penetration Testing
001. Learning objectives
002. 1.1 Introducing Ethical Hacking and Pen Testing
003. 1.2 Getting Started with Ethical Hacking and Pen Testing
004. 1.3 Understanding the Legal Aspects of Penetration Testing
005. 1.4 Exploring Penetration Testing Methodologies
006. 1.5 Exploring Penetration Testing and other Cyber Security Certifications
007. 1.6 Building Your Own Lab Overview
008. 1.7 Building Your Own Lab VIRL and Operating System Software
009. 1.8 Understanding Vulnerabilities, Threats, and Exploits
010. 1.9 Understanding the Current Threat Landscape
Lesson 1 Introducing Wireless
001. Learning objectives
002. 1.1 Introducing Wireless Hacking
003. 1.2 Introducing Wireless Standards and Technologies
004. 1.3 Understanding the 802.11 Standard
005. 1.4 Understanding Bluetooth
006. 1.5 Understanding NFC
007. 1.6 Understanding 802.1x and Wireless Authentication Mechanisms
Lesson 1 Introduction to Web Application Penetration Testing
001. Learning objectives
002. 1.1 Understanding Ethical Hacking and Penetration Testing
003. 1.2 Surveying Web Application Penetration Testing Methodologies
004. 1.3 Understanding the Need for Web Application Penetration Testing
005. 1.4 Exploring How Web Applications Have Evolved Over Time
006. 1.5 Exploring What Programming Languages You Should Know
Lesson 1 Introduction to Enterprise Penetration Testing and Continuous Monitoring
001. Learning objectives
002. 1.1 Introducing Red Teams and Enterprise Hacking
003. 1.2 Understanding Enterprise Wide Penetration Testing
004. 1.3 Understanding the Difference Between Red and Blue Teams
005. 1.4 Exploring How to Plan and Fund a Red Team
006. 1.5 Surveying Operational Processes and Policies for the Red Team
007. 1.6 Understanding How to Create and Hire the Red Team
008. 1.7 Understanding Red Team Collaboration
Lesson 2 External and Internal Reconnaissance
001. Learning objectives
002. 2.1 Understanding the Red Team Environment
003. 2.2 Understanding Passive Recon
004. 2.3 Understanding Active Recon
Lesson 2 Kali Linux
001. Learning objectives
002. 2.1 Installing Kali
003. 2.2 Examining Kali Modules and Architecture
004. 2.3 Managing Kali Services
Lesson 2 Overview of Web Applications for Security Professionals
001. Learning objectives
002. 2.1 Understanding the Web Application Protocols
003. 2.2 Exploring the HTTP Request and Response
004. 2.3 Surveying Session Management and Cookies
005. 2.4 Introducing DevOps
006. 2.5 Exploring Cloud Services
007. 2.6 Exploring Web Application Frameworks
008. 2.7 Surveying Docker Containers
009. 2.8 Introducing Kubernetes
Lesson 2 Wireless Client Attacks
001. Learning objectives
002. 2.1 Understanding Wireless Client Attacks and Their Motives
003. 2.2 Learning Packet Injection Attacks
004. 2.3 Eavesdropping and Manipulating Unencrypted Wi-Fi Communications
005. 2.4 Attacking Publicly Secure Packet Forwarding (PSPF)
006. 2.5 Attacking the Preferred Network List (PNL)
Lesson 3 Build Your Own Web Application Lab
001. Learning objectives
002. 3.1 Exploring Kali Linux
003. 3.2 Introducing Vulnerable Applications
004. 3.3 Surveying DVWA
005. 3.4 Surveying WebGoat
006. 3.5 Surveying Hackazon
007. 3.6 Exploring the Web Security Dojo
008. 3.7 Understanding Web Application Proxies
009. 3.8 Understanding Cyber Ranges and Capture the Flag Events
Lesson 3 Building Your Lab and Attack Hardware
001. Learning objectives
002. 3.1 Understanding Wireless Antennas
003. 3.2 Surveying Wi-Fi Devices Like the Pinneaple
004. 3.3 Building Your Own Lab
Lesson 3 Enterprise Social Engineering
001. Learning objectives
002. 3.1 Surveying Social Engineering Methodologies
003. 3.2 Understanding How to Target Employees
004. 3.3 Exploiting Social Engineering Tools
Lesson 3 Passive Reconnaissance
001. Learning objectives
002. 3.1 Understanding Passive Reconnaissance
003. 3.2 Exploring Passive Reconnaissance Methodologies Discovering Host and Port Information
004. 3.3 Exploring Passive Reconnaissance Methodologies Searching for Files
005. 3.4 Exploring Passive Reconnaissance Methodologies Searching for Names, Passwords, and Sensitive Information
006. 3.5 Surveying Essential Tools for Passive Reconnaissance SpiderFoot, theHarvester, and Discover
007. 3.6 Surveying Essential Tools for Passive Reconnaissance Recon-ng
Lesson 4 Active Reconnaissance
001. Learning objectives
002. 4.1 Understanding Active Reconnaissance
003. 4.2 Exploring Active Reconnaissance Methodologies from an Ethical Hacker Perspective
004. 4.3 Surveying Essential Tools for Active Reconnaissance Port Scanning and Web Service Review
005. 4.4 Surveying Essential Tools for Active Reconnaissance Network and Web Vulnerability Scanners
Lesson 4 Aircrack-ng
001. Learning objectives
002. 4.1 Introducing the Aircrack-ng Suite
003. 4.2 Introducing Airmon-ng
004. 4.3 Understanding Airodump-ng
005. 4.4 Introducing Aireplay-ng
006. 4.5 Introducing Airdecap-ng
007. 4.6 Introducing Airserv-ng
008. 4.7 Introducing Airtun-ng
Lesson 4 Network and Vulnerability Scanning
001. Learning objectives
002. 4.1 Exploring Network and Vulnerability Scanning Methodologies
003. 4.2 Understanding the Operational Impact of Enterprise-wide Scanning
004. 4.3 Understanding Scanning Tools
005. 4.4 Exploring How to Automate Scans
006. 4.5 Using Shodan and Its API
007. 4.6 Exploring Vulnerability Scanners
008. 4.7 Understanding Binary and Source Code Scanners
009. 4.8 Understanding How to Perform Continuous Monitoring
Lesson 4 Reconnaissance and Profiling Web Applications
001. Learning objectives
002. 4.1 Understanding Passive vs. Active Reconnaissance
003. 4.2 Using Search Engines and Public Information
004. 4.3 Exploring Shodan, Maltego, Recon-NG, SpiderFoot, and TheHarvester
005. 4.4 Exploring CMS and Framework Identification
006. 4.5 Surveying Web Crawlers and Directory Brute Force
007. 4.6 Understanding How Web Application Scanners Work
008. 4.7 Introducing Nikto
009. 4.8 Introducing the Burp Suite
010. 4.9 Introducing OWASP Zed Application Proxy (ZAP)
011. 4.10 Introducing OpenVAS
Lesson 5 Authentication and Session Management Vulnerabilities
001. Learning objectives
002. 5.1 Understanding Authentication Schemes in Web Applications and Related Vulnerabilities
003. 5.2 Exploring Session Management Mechanisms and Related Vulnerabilities
Lesson 5 Cracking WEP
001. Learning objectives
002. 5.1 Understanding WEP Fundamentals
003. 5.2 Learning How to Crack WEP
Lesson 5 Hacking Web Applications
001. Learning objectives
002. 5.1 Understanding Web Applications
003. 5.2 Understanding Web Architectures
004. 5.3 Uncovering Web Vulnerabilities
005. 5.4 Testing Web Applications Methodology
006. 5.5 Testing Web Applications Reconnaissance
007. 5.6 Testing Web Applications Mapping
008. 5.7 Testing Web Applications Vulnerability Discovery
009. 5.8 Understanding the Exploitation of Web Applications
010. 5.9 Surveying Defenses to Mitigate Web Application Hacking
Lesson 5 Web App Testing
001. Learning objectives
002. 5.1 Exploring How to Target Hosts
003. 5.2 Exploring Web App Testing Essential Tools
004. 5.3 Understanding Enterprise Application Continuous Testing
Lesson 6 Exploiting Injection-Based Vulnerabilities
001. Learning objectives
002. 6.1 Understanding Command Injection
003. 6.2 Exploiting Command Injection Vulnerabilities
004. 6.3 Understanding SQL Injection
005. 6.4 Exploiting SQL Injection Vulnerabilities
006. 6.5 Understanding XML Injection
007. 6.6 Exploiting XML Injection Vulnerabilities
008. 6.7 Mitigating Injection Vulnerabilities
Lesson 6 Hacking User Credentials
001. Learning objectives
002. 6.1 Understanding Authentication and Authorization Mechanisms
003. 6.2 Understanding Authentication and Authorization Attacks
004. 6.3 Exploring Password Storage Mechanisms
005. 6.4 Understanding Password Storage Vulnerability
006. 6.5 Cracking Passwords with John the Ripper
007. 6.6 Cracking Passwords with hashcat
008. 6.7 Improving Password Security
Lesson 6 Hacking WPA
001. Learning objectives
002. 6.1 Understanding WPA Fundamentals
003. 6.2 Surveying Attacks Against WPA2-PSK Networks
004. 6.3 Using coWPAtty
005. 6.4 Using Pyrit
006. 6.5 Exploring WPA Enterprise Hacking
Lesson 6 Internal Testing
001. Learning objectives
002. 6.1 Understanding How to Initially Get on the Network
003. 6.2 Understanding What Hosts to Target and the Scope of the Testing
004. 6.3 Exploring the Hidden Cost of Open Source Software
005. 6.4 Learning How to Host Enterprise Capture the Flag Events
Lesson 7 Cross-Site Scripting (XSS) and Cross-Site Request Forgery Vulnerabilities
001. Learning objectives
002. 7.1 Introducing XSS
003. 7.2 Exploiting Reflected XSS Vulnerabilities
004. 7.3 Exploiting Stored XSS Vulnerabilities
005. 7.4 Exploiting DOM-based XSS Vulnerabilities
006. 7.5 Understanding Cross-Site Request Forgery (CSRF)
007. 7.6 Exploiting CSRF Vulnerabilities
008. 7.7 Evading Web Application Security Controls
009. 7.8 Mitigating XSS and CSRF Vulnerabilities
Lesson 7 Hacking Databases
001. Learning objectives
002. 7.1 Reviewing Database Fundamentals
003. 7.2 Attacking a Database Discovery, Validation, and Exploitation
004. 7.3 Attacking a Database Automated Scanners
005. 7.4 Surveying Defenses to Mitigate Database Hacking
Lesson 7 Performing Wireless Reconnaissance
001. Learning objectives
002. 7.1 Using Kismet
003. 7.2 Using Wireshark
004. 7.3 Learning How to Hack Default Configurations
Lesson 7 Privilege Escalation
001. Learning objectives
002. 7.1 Learning Privilege Escalation Methodologies
003. 7.2 Understanding Lateral Movement
004. 7.3 Surveying Privilege Escalation Essential Tools
Lesson 8 Enterprise Secrets, Post Exploitation, and Data Exfiltration
001. Learning objectives
002. 8.1 Understanding Persistent Access
003. 8.2 Learning How to Achieve Domain Admin Access
004. 8.3 Understanding How to Compromise User Credentials
005. 8.4 Surveying Password Cracking & Reporting
006. 8.5 Understanding That Domain Admin Is Not the End Goal
007. 8.6 Searching for Sensitive Data
008. 8.7 Understanding Data Exfiltration Techniques
009. 8.8 Understanding How to Cover Your Tracks
Lesson 8 Evil Twins and Rogue Access Points
001. Learning objectives
002. 8.1 Defining Evil Twin Attacks
003. 8.2 Performing Evil Twin Attacks
004. 8.3 Using Karmetasploit
005. 8.4 Exploring the WiFi Pineapple
Lesson 8 Exploiting Weak Cryptographic Implementations
001. Learning objectives
002. 8.1 Introducing Cryptography, Encryption, and Hashing Protocols
003. 8.2 Identifying Common Flaws in Data Storage and Transmission
004. 8.3 Surveying Examples of Crypto-based Attacks and Vulnerabilities
005. 8.4 Mitigating Flaws in Cryptographic Implementations
Lesson 8 Hacking Networking Devices
001. Learning objectives
002. 8.1 Understanding the Reasons for and the Steps to Hacking a Network
003. 8.2 Reviewing Networking Technology Fundamentals OSI and DoD Internet Models
004. 8.3 Reviewing Networking Technology Fundamentals Forwarding Device Architecture and Communication
005. 8.4 Building an Internetwork Topology Using VIRL
006. 8.5 Hacking Switches Reviewing Ethernet Fundamentals
007. 8.6 Hacking Switches Demo
008. 8.7 Hacking Switches ARP Vulnerabilities and ARP Cache Poisoning
009. 8.8 Reviewing Router Fundamentals
010. 8.9 Examining ICMP, First Hop Redundancy and Routing Protocol Attacks
011. 8.10 Hacking the Management Plane
012. 8.11 Understanding Firewall Fundamentals and Levels of Inspection
013. 8.12 Performing Firewall Reconnaissance and Tunneling
014. 8.13 Surveying Essential Tools for Hacking Network Devices Packet Capture
015. 8.14 Surveying Essential Tools for Hacking Network Devices Switch and Router Hacking Tools
016. 8.15 Surveying Essential Tools for Hacking Network Devices ARP Spoofing Tools
017. 8.16 Surveying Essential Tools for Hacking Network Devices MiTM Tools
018. 8.17 Surveying Essential Tools for Hacking Network Devices Linux Tools
019. 8.18 Using Network Device Hacking Tools to Perform a MiTM Attack
Lesson 9 Attacking Application Programming Interfaces (APIs)
001. Learning objectives
002. 9.1 Understanding the APIs
003. 9.2 Exploring the Tools Used to Test the APIs
Lesson 9 Attacking Bluetooth
001. Learning objectives
002. 9.1 Understanding Bluetooth Vulnerabilities
003. 9.2 Surveying Tools for Bluetooth Monitoring
Lesson 9 Cloud Services
001. Learning objectives
002. 9.1 Understanding the Challenge of Testing Cloud Services
003. 9.2 Exploring How to Test in the Cloud
Lesson 9 Fundamentals of Wireless Hacking
001. Learning objectives
002. 9.1 Reviewing Wireless Technology Fundamentals
003. 9.2 Surveying Wireless Hacking Tools Wireless Adapters
004. 9.3 Surveying Wireless Hacking Tools Software
005. 9.4 Hacking WEP, WPA, and Other Protocols
006. 9.5 Understanding Hacking Wireless Clients
Lesson 10 Attacking NFC
001. Learning objectives
002. 10.1 Understanding NFC Vulnerabilities
003. 10.2 Exploring NFC Attacks and Case Studies
Lesson 10 Buffer Overflows
001. Learning objectives
002. 10.1 Understanding Buffer Overflows
003. 10.2 Exploiting Buffer Overflows
004. 10.3 Overcoming Defenses for Buffer Overflow Vulnerabilities
005. 10.4 Understanding Fuzzing
006. 10.5 Creating a Fuzzing Strategy
007. 10.6 Exploring Mutation-based, Generation-based, and Evolutionary Fuzzers
008. 10.7 Surveying Tools to Find and Exploit Buffer Overflows
Lesson 10 Client-side Attacks
001. Learning objectives
002. 10.1 Surveying the Client-side Code and Storage
003. 10.2 Understanding HTML5 Implementations
004. 10.3 Understanding AJAX Implementations
005. 10.4 Mitigating AJAX, HTML5, and Client-side Vulnerabilities
Lesson 10 Reporting &amp; Continuous Evaluation
001. Learning objectives
002. 10.1 Surveying Final Reports for Transactional Penetration Testing Events
003. 10.2 Surveying Continouos Reporting for Enterprise Continuous Monitoring
Lesson 11 Additional Web Application Security Vulnerabilities and Attacks
001. Learning objectives
002. 11.1 Understanding the Other Common Security Flaws in Web Applications
003. 11.2 Exploiting Insecure Direct Object References and Path Traversal
004. 11.3 Surveying Information Disclosure Vulnerabilities
005. 11.4 Fuzzing Web Applications
Lesson 11 Powershell Attacks
001. Learning objectives
002. 11.1 Understanding Powershell
003. 11.2 Pwning Windows Using PowerShell Empire Components, Setup, and Basic Exploits
004. 11.3 Pwning Windows Using PowerShell Empire Modules and Advanced Exploits
005. 11.4 Gathering Network Information Using PowerShell
Lesson 11 Wireless Defenses
001. Learning objectives
002. 11.1 Understanding the Evolution of Wireless Defenses
003. 11.2 Surveying Fast and Secure Roaming
004. 11.3 Understanding Wireless Intrusion Monitoring and Prevention
005. 11.4 Understanding Wireless Security Policies
Lesson 12 Hacking IoT Devices
001. Learning objectives
002. 12.1 Understanding IoT Fundamentals
003. 12.2 Exploring ZigBee and IEEE 802.15.4
004. 12.3 Exploring INSTEON
005. 12.4 Exploring ZWave
006. 12.5 Exploring LoRA
Lesson 12 Evasion and Post Exploitation Techniques
001. Learning objectives
002. 12.1 Understanding Security Evasion Techniques
003. 12.2 Exploring Post Exploitation Techniques
004. 12.3 Covering Your Tracks
Lesson 13 Mobile Device Security
001. Learning objectives
002. 13.1 Understanding OWASP Mobile Device Vulnerabilities
003. 13.2 Wrestling with the BYOD Dilemma
004. 13.3 Understanding Mobile Device Management (MDM)
005. 13.4 Understanding Mobile Device Security Policies
Lesson 13 Social Engineering
001. Learning objectives
002. 13.1 Understanding Social Engineering
003. 13.2 Exploring the Social Engineering Toolkit (SET)
004. 13.3 Exploring Maltego
005. 13.4 Surveying Social Engineering Case Studies
Lesson 14 Hacking Android Devices
001. Learning objectives
002. 14.1 Exploring The Android Security Model
003. 14.2 Exploring Android Emulators and SDK
004. 14.3 Understanding Android Hacking Tools and Methodologies
Lesson 14 Maintaining Persistence, Pivoting, and Data Exfiltration
001. Learning objectives
002. 14.1 Understanding Persistence
003. 14.2 Gaining Network Access
004. 14.3 Gaining Network Access with SMB Relay Attacks, NetBIOS Name Service and LLMNR Poisoning
005. 14.4 Maintaining Persistence
006. 14.5 Understanding Pivoting and Lateral Movement
007. 14.6 Defending Against the Advanced Persistent Threat
Lesson 15 Hacking iOS Devices
001. Learning objectives
002. 15.1 Introducing iOS Security
003. 15.2 Exploring Jailbraking iOS
004. 15.3 Surveying Tools for Dissasembling iOS Applications
Lesson 15 Writing Penetration Testing Reports
001. Learning objectives
002. 15.1 Understanding Pen Test Reports and How They Are Used
003. 15.2 Planning and Organizing Your Report
004. 15.3 Understanding the Pen Test Report Format
005. 15.4 Exploring Risk Ratings
006. 15.5 Distributing Pen Test Reports
Security Penetration Testing (The Art of Hacking Series) by Omar Santos, Ron Taylor, Chris McCoy, and Jon Sternstein
001. Introduction
Summary
001. Enterprise Penetration Testing and Continuous Monitoring Summary
001. Hacking Web Applications Summary
001. Security Penetration Testing Summary
001. Wireless Networks, IoT, and Mobile Devices Hacking Summary
Wireless Networks, IoT, and Mobile Devices Hacking (The Art of Hacking Series) by Omar Santos
001. Introduction