黑客艺术（视频集）

上次更新时间：2024-12-12

课程售价: 2.9 元

联系右侧微信客服充值或购买课程

课程内容

Enterprise Penetration Testing and Continuous Monitoring (The Art of Hacking Series) by Omar Santos

001. Introduction (免费)

Hacking Web Applications (The Art of Hacking Series) Security Penetration Testing for Today's DevOps and Cloud Environments

001. Introduction (免费)

Lesson 1 Introduction to Enterprise Penetration Testing and Continuous Monitoring

001. Learning objectives
002. 1.1 Introducing Red Teams and Enterprise Hacking
003. 1.2 Understanding Enterprise Wide Penetration Testing
004. 1.3 Understanding the Difference Between Red and Blue Teams
005. 1.4 Exploring How to Plan and Fund a Red Team
006. 1.5 Surveying Operational Processes and Policies for the Red Team
007. 1.6 Understanding How to Create and Hire the Red Team
008. 1.7 Understanding Red Team Collaboration

Lesson 2 External and Internal Reconnaissance

001. Learning objectives
002. 2.1 Understanding the Red Team Environment
003. 2.2 Understanding Passive Recon
004. 2.3 Understanding Active Recon

Lesson 2 Kali Linux

001. Learning objectives
002. 2.1 Installing Kali
003. 2.2 Examining Kali Modules and Architecture
004. 2.3 Managing Kali Services

Lesson 2 Overview of Web Applications for Security Professionals

001. Learning objectives
002. 2.1 Understanding the Web Application Protocols
003. 2.2 Exploring the HTTP Request and Response
004. 2.3 Surveying Session Management and Cookies
005. 2.4 Introducing DevOps
006. 2.5 Exploring Cloud Services
007. 2.6 Exploring Web Application Frameworks
008. 2.7 Surveying Docker Containers
009. 2.8 Introducing Kubernetes

Lesson 2 Wireless Client Attacks

001. Learning objectives
002. 2.1 Understanding Wireless Client Attacks and Their Motives
003. 2.2 Learning Packet Injection Attacks
004. 2.3 Eavesdropping and Manipulating Unencrypted Wi-Fi Communications
005. 2.4 Attacking Publicly Secure Packet Forwarding (PSPF)
006. 2.5 Attacking the Preferred Network List (PNL)

Lesson 3 Build Your Own Web Application Lab

001. Learning objectives
002. 3.1 Exploring Kali Linux
003. 3.2 Introducing Vulnerable Applications
004. 3.3 Surveying DVWA
005. 3.4 Surveying WebGoat
006. 3.5 Surveying Hackazon
007. 3.6 Exploring the Web Security Dojo
008. 3.7 Understanding Web Application Proxies
009. 3.8 Understanding Cyber Ranges and Capture the Flag Events

Lesson 3 Building Your Lab and Attack Hardware

001. Learning objectives
002. 3.1 Understanding Wireless Antennas
003. 3.2 Surveying Wi-Fi Devices Like the Pinneaple
004. 3.3 Building Your Own Lab

Lesson 3 Enterprise Social Engineering

001. Learning objectives
002. 3.1 Surveying Social Engineering Methodologies
003. 3.2 Understanding How to Target Employees
004. 3.3 Exploiting Social Engineering Tools

Lesson 3 Passive Reconnaissance

001. Learning objectives
002. 3.1 Understanding Passive Reconnaissance
003. 3.2 Exploring Passive Reconnaissance Methodologies Discovering Host and Port Information
004. 3.3 Exploring Passive Reconnaissance Methodologies Searching for Files
005. 3.4 Exploring Passive Reconnaissance Methodologies Searching for Names, Passwords, and Sensitive Information
006. 3.5 Surveying Essential Tools for Passive Reconnaissance SpiderFoot, theHarvester, and Discover
007. 3.6 Surveying Essential Tools for Passive Reconnaissance Recon-ng

Lesson 4 Active Reconnaissance

001. Learning objectives
002. 4.1 Understanding Active Reconnaissance
003. 4.2 Exploring Active Reconnaissance Methodologies from an Ethical Hacker Perspective
004. 4.3 Surveying Essential Tools for Active Reconnaissance Port Scanning and Web Service Review
005. 4.4 Surveying Essential Tools for Active Reconnaissance Network and Web Vulnerability Scanners

Lesson 4 Aircrack-ng

001. Learning objectives
002. 4.1 Introducing the Aircrack-ng Suite
003. 4.2 Introducing Airmon-ng
004. 4.3 Understanding Airodump-ng
005. 4.4 Introducing Aireplay-ng
006. 4.5 Introducing Airdecap-ng
007. 4.6 Introducing Airserv-ng
008. 4.7 Introducing Airtun-ng

Lesson 4 Network and Vulnerability Scanning

001. Learning objectives
002. 4.1 Exploring Network and Vulnerability Scanning Methodologies
003. 4.2 Understanding the Operational Impact of Enterprise-wide Scanning
004. 4.3 Understanding Scanning Tools
005. 4.4 Exploring How to Automate Scans
006. 4.5 Using Shodan and Its API
007. 4.6 Exploring Vulnerability Scanners
008. 4.7 Understanding Binary and Source Code Scanners
009. 4.8 Understanding How to Perform Continuous Monitoring

Lesson 4 Reconnaissance and Profiling Web Applications

001. Learning objectives
002. 4.1 Understanding Passive vs. Active Reconnaissance
003. 4.2 Using Search Engines and Public Information
004. 4.3 Exploring Shodan, Maltego, Recon-NG, SpiderFoot, and TheHarvester
005. 4.4 Exploring CMS and Framework Identification
006. 4.5 Surveying Web Crawlers and Directory Brute Force
007. 4.6 Understanding How Web Application Scanners Work
008. 4.7 Introducing Nikto
009. 4.8 Introducing the Burp Suite
010. 4.9 Introducing OWASP Zed Application Proxy (ZAP)
011. 4.10 Introducing OpenVAS

Lesson 5 Authentication and Session Management Vulnerabilities

001. Learning objectives
002. 5.1 Understanding Authentication Schemes in Web Applications and Related Vulnerabilities
003. 5.2 Exploring Session Management Mechanisms and Related Vulnerabilities

Lesson 5 Hacking Web Applications

001. Learning objectives
002. 5.1 Understanding Web Applications
003. 5.2 Understanding Web Architectures
004. 5.3 Uncovering Web Vulnerabilities
005. 5.4 Testing Web Applications Methodology
006. 5.5 Testing Web Applications Reconnaissance
007. 5.6 Testing Web Applications Mapping
008. 5.7 Testing Web Applications Vulnerability Discovery
009. 5.8 Understanding the Exploitation of Web Applications
010. 5.9 Surveying Defenses to Mitigate Web Application Hacking

Lesson 5 Web App Testing

001. Learning objectives
002. 5.1 Exploring How to Target Hosts
003. 5.2 Exploring Web App Testing Essential Tools
004. 5.3 Understanding Enterprise Application Continuous Testing

Lesson 6 Exploiting Injection-Based Vulnerabilities

001. Learning objectives
002. 6.1 Understanding Command Injection
003. 6.2 Exploiting Command Injection Vulnerabilities
004. 6.3 Understanding SQL Injection
005. 6.4 Exploiting SQL Injection Vulnerabilities
006. 6.5 Understanding XML Injection
007. 6.6 Exploiting XML Injection Vulnerabilities
008. 6.7 Mitigating Injection Vulnerabilities

Lesson 6 Hacking User Credentials

001. Learning objectives
002. 6.1 Understanding Authentication and Authorization Mechanisms
003. 6.2 Understanding Authentication and Authorization Attacks
004. 6.3 Exploring Password Storage Mechanisms
005. 6.4 Understanding Password Storage Vulnerability
006. 6.5 Cracking Passwords with John the Ripper
007. 6.6 Cracking Passwords with hashcat
008. 6.7 Improving Password Security

Lesson 6 Hacking WPA

001. Learning objectives
002. 6.1 Understanding WPA Fundamentals
003. 6.2 Surveying Attacks Against WPA2-PSK Networks
004. 6.3 Using coWPAtty
005. 6.4 Using Pyrit
006. 6.5 Exploring WPA Enterprise Hacking

Lesson 6 Internal Testing

001. Learning objectives
002. 6.1 Understanding How to Initially Get on the Network
003. 6.2 Understanding What Hosts to Target and the Scope of the Testing
004. 6.3 Exploring the Hidden Cost of Open Source Software
005. 6.4 Learning How to Host Enterprise Capture the Flag Events

Lesson 7 Cross-Site Scripting (XSS) and Cross-Site Request Forgery Vulnerabilities

001. Learning objectives
002. 7.1 Introducing XSS
003. 7.2 Exploiting Reflected XSS Vulnerabilities
004. 7.3 Exploiting Stored XSS Vulnerabilities
005. 7.4 Exploiting DOM-based XSS Vulnerabilities
006. 7.5 Understanding Cross-Site Request Forgery (CSRF)
007. 7.6 Exploiting CSRF Vulnerabilities
008. 7.7 Evading Web Application Security Controls
009. 7.8 Mitigating XSS and CSRF Vulnerabilities

Lesson 7 Hacking Databases

001. Learning objectives
002. 7.1 Reviewing Database Fundamentals
003. 7.2 Attacking a Database Discovery, Validation, and Exploitation
004. 7.3 Attacking a Database Automated Scanners
005. 7.4 Surveying Defenses to Mitigate Database Hacking

Lesson 7 Performing Wireless Reconnaissance

001. Learning objectives
002. 7.1 Using Kismet
003. 7.2 Using Wireshark
004. 7.3 Learning How to Hack Default Configurations

Lesson 7 Privilege Escalation

001. Learning objectives
002. 7.1 Learning Privilege Escalation Methodologies
003. 7.2 Understanding Lateral Movement
004. 7.3 Surveying Privilege Escalation Essential Tools

Lesson 8 Enterprise Secrets, Post Exploitation, and Data Exfiltration

001. Learning objectives
002. 8.1 Understanding Persistent Access
003. 8.2 Learning How to Achieve Domain Admin Access
004. 8.3 Understanding How to Compromise User Credentials
005. 8.4 Surveying Password Cracking & Reporting
006. 8.5 Understanding That Domain Admin Is Not the End Goal
007. 8.6 Searching for Sensitive Data
008. 8.7 Understanding Data Exfiltration Techniques
009. 8.8 Understanding How to Cover Your Tracks

Lesson 8 Evil Twins and Rogue Access Points

001. Learning objectives
002. 8.1 Defining Evil Twin Attacks
003. 8.2 Performing Evil Twin Attacks
004. 8.3 Using Karmetasploit
005. 8.4 Exploring the WiFi Pineapple

Lesson 8 Exploiting Weak Cryptographic Implementations

001. Learning objectives
002. 8.1 Introducing Cryptography, Encryption, and Hashing Protocols
003. 8.2 Identifying Common Flaws in Data Storage and Transmission
004. 8.3 Surveying Examples of Crypto-based Attacks and Vulnerabilities
005. 8.4 Mitigating Flaws in Cryptographic Implementations

Lesson 8 Hacking Networking Devices

001. Learning objectives
002. 8.1 Understanding the Reasons for and the Steps to Hacking a Network
003. 8.2 Reviewing Networking Technology Fundamentals OSI and DoD Internet Models
004. 8.3 Reviewing Networking Technology Fundamentals Forwarding Device Architecture and Communication
005. 8.4 Building an Internetwork Topology Using VIRL
006. 8.5 Hacking Switches Reviewing Ethernet Fundamentals
007. 8.6 Hacking Switches Demo
008. 8.7 Hacking Switches ARP Vulnerabilities and ARP Cache Poisoning
009. 8.8 Reviewing Router Fundamentals
010. 8.9 Examining ICMP, First Hop Redundancy and Routing Protocol Attacks
011. 8.10 Hacking the Management Plane
012. 8.11 Understanding Firewall Fundamentals and Levels of Inspection
013. 8.12 Performing Firewall Reconnaissance and Tunneling
014. 8.13 Surveying Essential Tools for Hacking Network Devices Packet Capture
015. 8.14 Surveying Essential Tools for Hacking Network Devices Switch and Router Hacking Tools
016. 8.15 Surveying Essential Tools for Hacking Network Devices ARP Spoofing Tools
017. 8.16 Surveying Essential Tools for Hacking Network Devices MiTM Tools
018. 8.17 Surveying Essential Tools for Hacking Network Devices Linux Tools
019. 8.18 Using Network Device Hacking Tools to Perform a MiTM Attack

Lesson 9 Attacking Application Programming Interfaces (APIs)

001. Learning objectives
002. 9.1 Understanding the APIs
003. 9.2 Exploring the Tools Used to Test the APIs

Lesson 9 Attacking Bluetooth

001. Learning objectives
002. 9.1 Understanding Bluetooth Vulnerabilities
003. 9.2 Surveying Tools for Bluetooth Monitoring

Lesson 9 Cloud Services

001. Learning objectives
002. 9.1 Understanding the Challenge of Testing Cloud Services
003. 9.2 Exploring How to Test in the Cloud

Lesson 9 Fundamentals of Wireless Hacking

001. Learning objectives
002. 9.1 Reviewing Wireless Technology Fundamentals
003. 9.2 Surveying Wireless Hacking Tools Wireless Adapters
004. 9.3 Surveying Wireless Hacking Tools Software
005. 9.4 Hacking WEP, WPA, and Other Protocols
006. 9.5 Understanding Hacking Wireless Clients

Lesson 10 Attacking NFC

001. Learning objectives
002. 10.1 Understanding NFC Vulnerabilities
003. 10.2 Exploring NFC Attacks and Case Studies

Lesson 10 Buffer Overflows

001. Learning objectives
002. 10.1 Understanding Buffer Overflows
003. 10.2 Exploiting Buffer Overflows
004. 10.3 Overcoming Defenses for Buffer Overflow Vulnerabilities
005. 10.4 Understanding Fuzzing
006. 10.5 Creating a Fuzzing Strategy
007. 10.6 Exploring Mutation-based, Generation-based, and Evolutionary Fuzzers
008. 10.7 Surveying Tools to Find and Exploit Buffer Overflows

Lesson 10 Client-side Attacks

001. Learning objectives
002. 10.1 Surveying the Client-side Code and Storage
003. 10.2 Understanding HTML5 Implementations
004. 10.3 Understanding AJAX Implementations
005. 10.4 Mitigating AJAX, HTML5, and Client-side Vulnerabilities

Lesson 10 Reporting &amp; Continuous Evaluation

001. Learning objectives
002. 10.1 Surveying Final Reports for Transactional Penetration Testing Events
003. 10.2 Surveying Continouos Reporting for Enterprise Continuous Monitoring

Lesson 11 Additional Web Application Security Vulnerabilities and Attacks

001. Learning objectives
002. 11.1 Understanding the Other Common Security Flaws in Web Applications
003. 11.2 Exploiting Insecure Direct Object References and Path Traversal
004. 11.3 Surveying Information Disclosure Vulnerabilities
005. 11.4 Fuzzing Web Applications

Lesson 11 Powershell Attacks

001. Learning objectives
002. 11.1 Understanding Powershell
003. 11.2 Pwning Windows Using PowerShell Empire Components, Setup, and Basic Exploits
004. 11.3 Pwning Windows Using PowerShell Empire Modules and Advanced Exploits
005. 11.4 Gathering Network Information Using PowerShell

Lesson 11 Wireless Defenses

001. Learning objectives
002. 11.1 Understanding the Evolution of Wireless Defenses
003. 11.2 Surveying Fast and Secure Roaming
004. 11.3 Understanding Wireless Intrusion Monitoring and Prevention
005. 11.4 Understanding Wireless Security Policies

Lesson 12 Hacking IoT Devices

001. Learning objectives
002. 12.1 Understanding IoT Fundamentals
003. 12.2 Exploring ZigBee and IEEE 802.15.4
004. 12.3 Exploring INSTEON
005. 12.4 Exploring ZWave
006. 12.5 Exploring LoRA

Lesson 12 Evasion and Post Exploitation Techniques

001. Learning objectives
002. 12.1 Understanding Security Evasion Techniques
003. 12.2 Exploring Post Exploitation Techniques
004. 12.3 Covering Your Tracks

Lesson 13 Mobile Device Security

001. Learning objectives
002. 13.1 Understanding OWASP Mobile Device Vulnerabilities
003. 13.2 Wrestling with the BYOD Dilemma
004. 13.3 Understanding Mobile Device Management (MDM)
005. 13.4 Understanding Mobile Device Security Policies

Lesson 13 Social Engineering

001. Learning objectives
002. 13.1 Understanding Social Engineering
003. 13.2 Exploring the Social Engineering Toolkit (SET)
004. 13.3 Exploring Maltego
005. 13.4 Surveying Social Engineering Case Studies

Lesson 14 Hacking Android Devices

001. Learning objectives
002. 14.1 Exploring The Android Security Model
003. 14.2 Exploring Android Emulators and SDK
004. 14.3 Understanding Android Hacking Tools and Methodologies

Lesson 14 Maintaining Persistence, Pivoting, and Data Exfiltration

001. Learning objectives
002. 14.1 Understanding Persistence
003. 14.2 Gaining Network Access
004. 14.3 Gaining Network Access with SMB Relay Attacks, NetBIOS Name Service and LLMNR Poisoning
005. 14.4 Maintaining Persistence
006. 14.5 Understanding Pivoting and Lateral Movement
007. 14.6 Defending Against the Advanced Persistent Threat

Lesson 15 Hacking iOS Devices

001. Learning objectives
002. 15.1 Introducing iOS Security
003. 15.2 Exploring Jailbraking iOS
004. 15.3 Surveying Tools for Dissasembling iOS Applications

Lesson 15 Writing Penetration Testing Reports

001. Learning objectives
002. 15.1 Understanding Pen Test Reports and How They Are Used
003. 15.2 Planning and Organizing Your Report
004. 15.3 Understanding the Pen Test Report Format
005. 15.4 Exploring Risk Ratings
006. 15.5 Distributing Pen Test Reports

Security Penetration Testing (The Art of Hacking Series) by Omar Santos, Ron Taylor, Chris McCoy, and Jon Sternstein

001. Introduction

Summary

001. Enterprise Penetration Testing and Continuous Monitoring Summary
001. Hacking Web Applications Summary
001. Security Penetration Testing Summary
001. Wireless Networks, IoT, and Mobile Devices Hacking Summary

Wireless Networks, IoT, and Mobile Devices Hacking (The Art of Hacking Series) by Omar Santos

001. Introduction

网站首页 > 编程开发 > 其他

黑客艺术（视频集）

The Art of Hacking (Video Collection)

上次更新时间：2024-12-12 09:33

课程售价：2.9元

联系客服微信，购买课程或充值

请登录网站 , 没有账号点击这里注册

课程内容

56个章节 , 316个讲座

Enterprise Penetration Testing and Continuous Monitoring (The Art of Hacking Series) by Omar Santos

001. Introduction (免费)

Hacking Web Applications (The Art of Hacking Series) Security Penetration Testing for Today's DevOps and Cloud Environments

001. Introduction (免费)

Lesson 1 Overview of Ethical Hacking and Penetration Testing

001. Learning objectives
002. 1.1 Introducing Ethical Hacking and Pen Testing
003. 1.2 Getting Started with Ethical Hacking and Pen Testing
004. 1.3 Understanding the Legal Aspects of Penetration Testing
005. 1.4 Exploring Penetration Testing Methodologies
006. 1.5 Exploring Penetration Testing and other Cyber Security Certifications
007. 1.6 Building Your Own Lab Overview
008. 1.7 Building Your Own Lab VIRL and Operating System Software
009. 1.8 Understanding Vulnerabilities, Threats, and Exploits
010. 1.9 Understanding the Current Threat Landscape

Lesson 1 Introducing Wireless

001. Learning objectives
002. 1.1 Introducing Wireless Hacking
003. 1.2 Introducing Wireless Standards and Technologies
004. 1.3 Understanding the 802.11 Standard
005. 1.4 Understanding Bluetooth
006. 1.5 Understanding NFC
007. 1.6 Understanding 802.1x and Wireless Authentication Mechanisms

Lesson 1 Introduction to Web Application Penetration Testing

001. Learning objectives
002. 1.1 Understanding Ethical Hacking and Penetration Testing
003. 1.2 Surveying Web Application Penetration Testing Methodologies
004. 1.3 Understanding the Need for Web Application Penetration Testing
005. 1.4 Exploring How Web Applications Have Evolved Over Time
006. 1.5 Exploring What Programming Languages You Should Know

Lesson 1 Introduction to Enterprise Penetration Testing and Continuous Monitoring

001. Learning objectives
002. 1.1 Introducing Red Teams and Enterprise Hacking
003. 1.2 Understanding Enterprise Wide Penetration Testing
004. 1.3 Understanding the Difference Between Red and Blue Teams
005. 1.4 Exploring How to Plan and Fund a Red Team
006. 1.5 Surveying Operational Processes and Policies for the Red Team
007. 1.6 Understanding How to Create and Hire the Red Team
008. 1.7 Understanding Red Team Collaboration

Lesson 2 External and Internal Reconnaissance

001. Learning objectives
002. 2.1 Understanding the Red Team Environment
003. 2.2 Understanding Passive Recon
004. 2.3 Understanding Active Recon

Lesson 2 Kali Linux

001. Learning objectives
002. 2.1 Installing Kali
003. 2.2 Examining Kali Modules and Architecture
004. 2.3 Managing Kali Services

Lesson 2 Overview of Web Applications for Security Professionals

001. Learning objectives
002. 2.1 Understanding the Web Application Protocols
003. 2.2 Exploring the HTTP Request and Response
004. 2.3 Surveying Session Management and Cookies
005. 2.4 Introducing DevOps
006. 2.5 Exploring Cloud Services
007. 2.6 Exploring Web Application Frameworks
008. 2.7 Surveying Docker Containers
009. 2.8 Introducing Kubernetes

Lesson 2 Wireless Client Attacks

001. Learning objectives
002. 2.1 Understanding Wireless Client Attacks and Their Motives
003. 2.2 Learning Packet Injection Attacks
004. 2.3 Eavesdropping and Manipulating Unencrypted Wi-Fi Communications
005. 2.4 Attacking Publicly Secure Packet Forwarding (PSPF)
006. 2.5 Attacking the Preferred Network List (PNL)

Lesson 3 Build Your Own Web Application Lab

001. Learning objectives
002. 3.1 Exploring Kali Linux
003. 3.2 Introducing Vulnerable Applications
004. 3.3 Surveying DVWA
005. 3.4 Surveying WebGoat
006. 3.5 Surveying Hackazon
007. 3.6 Exploring the Web Security Dojo
008. 3.7 Understanding Web Application Proxies
009. 3.8 Understanding Cyber Ranges and Capture the Flag Events

Lesson 3 Building Your Lab and Attack Hardware

001. Learning objectives
002. 3.1 Understanding Wireless Antennas
003. 3.2 Surveying Wi-Fi Devices Like the Pinneaple
004. 3.3 Building Your Own Lab

Lesson 3 Enterprise Social Engineering

001. Learning objectives
002. 3.1 Surveying Social Engineering Methodologies
003. 3.2 Understanding How to Target Employees
004. 3.3 Exploiting Social Engineering Tools

Lesson 3 Passive Reconnaissance

001. Learning objectives
002. 3.1 Understanding Passive Reconnaissance
003. 3.2 Exploring Passive Reconnaissance Methodologies Discovering Host and Port Information
004. 3.3 Exploring Passive Reconnaissance Methodologies Searching for Files
005. 3.4 Exploring Passive Reconnaissance Methodologies Searching for Names, Passwords, and Sensitive Information
006. 3.5 Surveying Essential Tools for Passive Reconnaissance SpiderFoot, theHarvester, and Discover
007. 3.6 Surveying Essential Tools for Passive Reconnaissance Recon-ng

Lesson 4 Active Reconnaissance

001. Learning objectives
002. 4.1 Understanding Active Reconnaissance
003. 4.2 Exploring Active Reconnaissance Methodologies from an Ethical Hacker Perspective
004. 4.3 Surveying Essential Tools for Active Reconnaissance Port Scanning and Web Service Review
005. 4.4 Surveying Essential Tools for Active Reconnaissance Network and Web Vulnerability Scanners

Lesson 4 Aircrack-ng

001. Learning objectives
002. 4.1 Introducing the Aircrack-ng Suite
003. 4.2 Introducing Airmon-ng
004. 4.3 Understanding Airodump-ng
005. 4.4 Introducing Aireplay-ng
006. 4.5 Introducing Airdecap-ng
007. 4.6 Introducing Airserv-ng
008. 4.7 Introducing Airtun-ng

Lesson 4 Network and Vulnerability Scanning

001. Learning objectives
002. 4.1 Exploring Network and Vulnerability Scanning Methodologies
003. 4.2 Understanding the Operational Impact of Enterprise-wide Scanning
004. 4.3 Understanding Scanning Tools
005. 4.4 Exploring How to Automate Scans
006. 4.5 Using Shodan and Its API
007. 4.6 Exploring Vulnerability Scanners
008. 4.7 Understanding Binary and Source Code Scanners
009. 4.8 Understanding How to Perform Continuous Monitoring

Lesson 4 Reconnaissance and Profiling Web Applications

001. Learning objectives
002. 4.1 Understanding Passive vs. Active Reconnaissance
003. 4.2 Using Search Engines and Public Information
004. 4.3 Exploring Shodan, Maltego, Recon-NG, SpiderFoot, and TheHarvester
005. 4.4 Exploring CMS and Framework Identification
006. 4.5 Surveying Web Crawlers and Directory Brute Force
007. 4.6 Understanding How Web Application Scanners Work
008. 4.7 Introducing Nikto
009. 4.8 Introducing the Burp Suite
010. 4.9 Introducing OWASP Zed Application Proxy (ZAP)
011. 4.10 Introducing OpenVAS

Lesson 5 Authentication and Session Management Vulnerabilities

001. Learning objectives
002. 5.1 Understanding Authentication Schemes in Web Applications and Related Vulnerabilities
003. 5.2 Exploring Session Management Mechanisms and Related Vulnerabilities

Lesson 5 Cracking WEP

001. Learning objectives
002. 5.1 Understanding WEP Fundamentals
003. 5.2 Learning How to Crack WEP

Lesson 5 Hacking Web Applications

001. Learning objectives
002. 5.1 Understanding Web Applications
003. 5.2 Understanding Web Architectures
004. 5.3 Uncovering Web Vulnerabilities
005. 5.4 Testing Web Applications Methodology
006. 5.5 Testing Web Applications Reconnaissance
007. 5.6 Testing Web Applications Mapping
008. 5.7 Testing Web Applications Vulnerability Discovery
009. 5.8 Understanding the Exploitation of Web Applications
010. 5.9 Surveying Defenses to Mitigate Web Application Hacking

Lesson 5 Web App Testing

001. Learning objectives
002. 5.1 Exploring How to Target Hosts
003. 5.2 Exploring Web App Testing Essential Tools
004. 5.3 Understanding Enterprise Application Continuous Testing

Lesson 6 Exploiting Injection-Based Vulnerabilities

001. Learning objectives
002. 6.1 Understanding Command Injection
003. 6.2 Exploiting Command Injection Vulnerabilities
004. 6.3 Understanding SQL Injection
005. 6.4 Exploiting SQL Injection Vulnerabilities
006. 6.5 Understanding XML Injection
007. 6.6 Exploiting XML Injection Vulnerabilities
008. 6.7 Mitigating Injection Vulnerabilities

Lesson 6 Hacking User Credentials

001. Learning objectives
002. 6.1 Understanding Authentication and Authorization Mechanisms
003. 6.2 Understanding Authentication and Authorization Attacks
004. 6.3 Exploring Password Storage Mechanisms
005. 6.4 Understanding Password Storage Vulnerability
006. 6.5 Cracking Passwords with John the Ripper
007. 6.6 Cracking Passwords with hashcat
008. 6.7 Improving Password Security

Lesson 6 Hacking WPA

001. Learning objectives
002. 6.1 Understanding WPA Fundamentals
003. 6.2 Surveying Attacks Against WPA2-PSK Networks
004. 6.3 Using coWPAtty
005. 6.4 Using Pyrit
006. 6.5 Exploring WPA Enterprise Hacking

Lesson 6 Internal Testing

001. Learning objectives
002. 6.1 Understanding How to Initially Get on the Network
003. 6.2 Understanding What Hosts to Target and the Scope of the Testing
004. 6.3 Exploring the Hidden Cost of Open Source Software
005. 6.4 Learning How to Host Enterprise Capture the Flag Events

Lesson 7 Cross-Site Scripting (XSS) and Cross-Site Request Forgery Vulnerabilities

001. Learning objectives
002. 7.1 Introducing XSS
003. 7.2 Exploiting Reflected XSS Vulnerabilities
004. 7.3 Exploiting Stored XSS Vulnerabilities
005. 7.4 Exploiting DOM-based XSS Vulnerabilities
006. 7.5 Understanding Cross-Site Request Forgery (CSRF)
007. 7.6 Exploiting CSRF Vulnerabilities
008. 7.7 Evading Web Application Security Controls
009. 7.8 Mitigating XSS and CSRF Vulnerabilities

Lesson 7 Hacking Databases

001. Learning objectives
002. 7.1 Reviewing Database Fundamentals
003. 7.2 Attacking a Database Discovery, Validation, and Exploitation
004. 7.3 Attacking a Database Automated Scanners
005. 7.4 Surveying Defenses to Mitigate Database Hacking

Lesson 7 Performing Wireless Reconnaissance

001. Learning objectives
002. 7.1 Using Kismet
003. 7.2 Using Wireshark
004. 7.3 Learning How to Hack Default Configurations

Lesson 7 Privilege Escalation

001. Learning objectives
002. 7.1 Learning Privilege Escalation Methodologies
003. 7.2 Understanding Lateral Movement
004. 7.3 Surveying Privilege Escalation Essential Tools

Lesson 8 Enterprise Secrets, Post Exploitation, and Data Exfiltration

001. Learning objectives
002. 8.1 Understanding Persistent Access
003. 8.2 Learning How to Achieve Domain Admin Access
004. 8.3 Understanding How to Compromise User Credentials
005. 8.4 Surveying Password Cracking & Reporting
006. 8.5 Understanding That Domain Admin Is Not the End Goal
007. 8.6 Searching for Sensitive Data
008. 8.7 Understanding Data Exfiltration Techniques
009. 8.8 Understanding How to Cover Your Tracks

Lesson 8 Evil Twins and Rogue Access Points

001. Learning objectives
002. 8.1 Defining Evil Twin Attacks
003. 8.2 Performing Evil Twin Attacks
004. 8.3 Using Karmetasploit
005. 8.4 Exploring the WiFi Pineapple

Lesson 8 Exploiting Weak Cryptographic Implementations

001. Learning objectives
002. 8.1 Introducing Cryptography, Encryption, and Hashing Protocols
003. 8.2 Identifying Common Flaws in Data Storage and Transmission
004. 8.3 Surveying Examples of Crypto-based Attacks and Vulnerabilities
005. 8.4 Mitigating Flaws in Cryptographic Implementations

Lesson 8 Hacking Networking Devices

001. Learning objectives
002. 8.1 Understanding the Reasons for and the Steps to Hacking a Network
003. 8.2 Reviewing Networking Technology Fundamentals OSI and DoD Internet Models
004. 8.3 Reviewing Networking Technology Fundamentals Forwarding Device Architecture and Communication
005. 8.4 Building an Internetwork Topology Using VIRL
006. 8.5 Hacking Switches Reviewing Ethernet Fundamentals
007. 8.6 Hacking Switches Demo
008. 8.7 Hacking Switches ARP Vulnerabilities and ARP Cache Poisoning
009. 8.8 Reviewing Router Fundamentals
010. 8.9 Examining ICMP, First Hop Redundancy and Routing Protocol Attacks
011. 8.10 Hacking the Management Plane
012. 8.11 Understanding Firewall Fundamentals and Levels of Inspection
013. 8.12 Performing Firewall Reconnaissance and Tunneling
014. 8.13 Surveying Essential Tools for Hacking Network Devices Packet Capture
015. 8.14 Surveying Essential Tools for Hacking Network Devices Switch and Router Hacking Tools
016. 8.15 Surveying Essential Tools for Hacking Network Devices ARP Spoofing Tools
017. 8.16 Surveying Essential Tools for Hacking Network Devices MiTM Tools
018. 8.17 Surveying Essential Tools for Hacking Network Devices Linux Tools
019. 8.18 Using Network Device Hacking Tools to Perform a MiTM Attack

Lesson 9 Attacking Application Programming Interfaces (APIs)

001. Learning objectives
002. 9.1 Understanding the APIs
003. 9.2 Exploring the Tools Used to Test the APIs

Lesson 9 Attacking Bluetooth

001. Learning objectives
002. 9.1 Understanding Bluetooth Vulnerabilities
003. 9.2 Surveying Tools for Bluetooth Monitoring

Lesson 9 Cloud Services

001. Learning objectives
002. 9.1 Understanding the Challenge of Testing Cloud Services
003. 9.2 Exploring How to Test in the Cloud

Lesson 9 Fundamentals of Wireless Hacking

001. Learning objectives
002. 9.1 Reviewing Wireless Technology Fundamentals
003. 9.2 Surveying Wireless Hacking Tools Wireless Adapters
004. 9.3 Surveying Wireless Hacking Tools Software
005. 9.4 Hacking WEP, WPA, and Other Protocols
006. 9.5 Understanding Hacking Wireless Clients

Lesson 10 Attacking NFC

001. Learning objectives
002. 10.1 Understanding NFC Vulnerabilities
003. 10.2 Exploring NFC Attacks and Case Studies

Lesson 10 Buffer Overflows

001. Learning objectives
002. 10.1 Understanding Buffer Overflows
003. 10.2 Exploiting Buffer Overflows
004. 10.3 Overcoming Defenses for Buffer Overflow Vulnerabilities
005. 10.4 Understanding Fuzzing
006. 10.5 Creating a Fuzzing Strategy
007. 10.6 Exploring Mutation-based, Generation-based, and Evolutionary Fuzzers
008. 10.7 Surveying Tools to Find and Exploit Buffer Overflows

Lesson 10 Client-side Attacks

001. Learning objectives
002. 10.1 Surveying the Client-side Code and Storage
003. 10.2 Understanding HTML5 Implementations
004. 10.3 Understanding AJAX Implementations
005. 10.4 Mitigating AJAX, HTML5, and Client-side Vulnerabilities

Lesson 10 Reporting &amp; Continuous Evaluation

001. Learning objectives
002. 10.1 Surveying Final Reports for Transactional Penetration Testing Events
003. 10.2 Surveying Continouos Reporting for Enterprise Continuous Monitoring

Lesson 11 Additional Web Application Security Vulnerabilities and Attacks

001. Learning objectives
002. 11.1 Understanding the Other Common Security Flaws in Web Applications
003. 11.2 Exploiting Insecure Direct Object References and Path Traversal
004. 11.3 Surveying Information Disclosure Vulnerabilities
005. 11.4 Fuzzing Web Applications

Lesson 11 Powershell Attacks

001. Learning objectives
002. 11.1 Understanding Powershell
003. 11.2 Pwning Windows Using PowerShell Empire Components, Setup, and Basic Exploits
004. 11.3 Pwning Windows Using PowerShell Empire Modules and Advanced Exploits
005. 11.4 Gathering Network Information Using PowerShell

Lesson 11 Wireless Defenses

001. Learning objectives
002. 11.1 Understanding the Evolution of Wireless Defenses
003. 11.2 Surveying Fast and Secure Roaming
004. 11.3 Understanding Wireless Intrusion Monitoring and Prevention
005. 11.4 Understanding Wireless Security Policies

Lesson 12 Hacking IoT Devices

001. Learning objectives
002. 12.1 Understanding IoT Fundamentals
003. 12.2 Exploring ZigBee and IEEE 802.15.4
004. 12.3 Exploring INSTEON
005. 12.4 Exploring ZWave
006. 12.5 Exploring LoRA

Lesson 12 Evasion and Post Exploitation Techniques

001. Learning objectives
002. 12.1 Understanding Security Evasion Techniques
003. 12.2 Exploring Post Exploitation Techniques
004. 12.3 Covering Your Tracks

Lesson 13 Mobile Device Security

001. Learning objectives
002. 13.1 Understanding OWASP Mobile Device Vulnerabilities
003. 13.2 Wrestling with the BYOD Dilemma
004. 13.3 Understanding Mobile Device Management (MDM)
005. 13.4 Understanding Mobile Device Security Policies

Lesson 13 Social Engineering

001. Learning objectives
002. 13.1 Understanding Social Engineering
003. 13.2 Exploring the Social Engineering Toolkit (SET)
004. 13.3 Exploring Maltego
005. 13.4 Surveying Social Engineering Case Studies

Lesson 14 Hacking Android Devices

001. Learning objectives
002. 14.1 Exploring The Android Security Model
003. 14.2 Exploring Android Emulators and SDK
004. 14.3 Understanding Android Hacking Tools and Methodologies

Lesson 14 Maintaining Persistence, Pivoting, and Data Exfiltration

001. Learning objectives
002. 14.1 Understanding Persistence
003. 14.2 Gaining Network Access
004. 14.3 Gaining Network Access with SMB Relay Attacks, NetBIOS Name Service and LLMNR Poisoning
005. 14.4 Maintaining Persistence
006. 14.5 Understanding Pivoting and Lateral Movement
007. 14.6 Defending Against the Advanced Persistent Threat

Lesson 15 Hacking iOS Devices

001. Learning objectives
002. 15.1 Introducing iOS Security
003. 15.2 Exploring Jailbraking iOS
004. 15.3 Surveying Tools for Dissasembling iOS Applications

Lesson 15 Writing Penetration Testing Reports

001. Learning objectives
002. 15.1 Understanding Pen Test Reports and How They Are Used
003. 15.2 Planning and Organizing Your Report
004. 15.3 Understanding the Pen Test Report Format
005. 15.4 Exploring Risk Ratings
006. 15.5 Distributing Pen Test Reports

Security Penetration Testing (The Art of Hacking Series) by Omar Santos, Ron Taylor, Chris McCoy, and Jon Sternstein

001. Introduction

Summary

001. Enterprise Penetration Testing and Continuous Monitoring Summary
001. Hacking Web Applications Summary
001. Security Penetration Testing Summary
001. Wireless Networks, IoT, and Mobile Devices Hacking Summary

Wireless Networks, IoT, and Mobile Devices Hacking (The Art of Hacking Series) by Omar Santos

001. Introduction

黑客艺术（视频集）

课程内容

Enterprise Penetration Testing and Continuous Monitoring (The Art of Hacking Series) by Omar Santos

Hacking Web Applications (The Art of Hacking Series) Security Penetration Testing for Today's DevOps and Cloud Environments

Lesson 1 Overview of Ethical Hacking and Penetration Testing

Lesson 1 Introducing Wireless

Lesson 1 Introduction to Web Application Penetration Testing

Lesson 1 Introduction to Enterprise Penetration Testing and Continuous Monitoring

Lesson 2 External and Internal Reconnaissance

Lesson 2 Kali Linux

Lesson 2 Overview of Web Applications for Security Professionals

Lesson 2 Wireless Client Attacks

Lesson 3 Build Your Own Web Application Lab

Lesson 3 Building Your Lab and Attack Hardware

Lesson 3 Enterprise Social Engineering

Lesson 3 Passive Reconnaissance

Lesson 4 Active Reconnaissance

Lesson 4 Aircrack-ng

Lesson 4 Network and Vulnerability Scanning

Lesson 4 Reconnaissance and Profiling Web Applications

Lesson 5 Authentication and Session Management Vulnerabilities

Lesson 5 Cracking WEP

Lesson 5 Hacking Web Applications

Lesson 5 Web App Testing

Lesson 6 Exploiting Injection-Based Vulnerabilities

Lesson 6 Hacking User Credentials

Lesson 6 Hacking WPA

Lesson 6 Internal Testing

Lesson 7 Cross-Site Scripting (XSS) and Cross-Site Request Forgery Vulnerabilities

Lesson 7 Hacking Databases

Lesson 7 Performing Wireless Reconnaissance

Lesson 7 Privilege Escalation

Lesson 8 Enterprise Secrets, Post Exploitation, and Data Exfiltration

Lesson 8 Evil Twins and Rogue Access Points

Lesson 8 Exploiting Weak Cryptographic Implementations

Lesson 8 Hacking Networking Devices

Lesson 9 Attacking Application Programming Interfaces (APIs)

Lesson 9 Attacking Bluetooth

Lesson 9 Cloud Services

Lesson 9 Fundamentals of Wireless Hacking

Lesson 10 Attacking NFC

Lesson 10 Buffer Overflows

Lesson 10 Client-side Attacks

Lesson 10 Reporting &amp;amp; Continuous Evaluation

Lesson 11 Additional Web Application Security Vulnerabilities and Attacks

Lesson 11 Powershell Attacks

Lesson 11 Wireless Defenses

Lesson 12 Hacking IoT Devices

Lesson 12 Evasion and Post Exploitation Techniques

Lesson 13 Mobile Device Security

Lesson 13 Social Engineering

Lesson 14 Hacking Android Devices

Lesson 14 Maintaining Persistence, Pivoting, and Data Exfiltration

Lesson 15 Hacking iOS Devices

Lesson 15 Writing Penetration Testing Reports

Security Penetration Testing (The Art of Hacking Series) by Omar Santos, Ron Taylor, Chris McCoy, and Jon Sternstein

Summary

Wireless Networks, IoT, and Mobile Devices Hacking (The Art of Hacking Series) by Omar Santos

黑客艺术（视频集）

The Art of Hacking (Video Collection)

课程内容

Enterprise Penetration Testing and Continuous Monitoring (The Art of Hacking Series) by Omar Santos

Hacking Web Applications (The Art of Hacking Series) Security Penetration Testing for Today's DevOps and Cloud Environments

Lesson 1 Overview of Ethical Hacking and Penetration Testing

Lesson 1 Introducing Wireless

Lesson 1 Introduction to Web Application Penetration Testing

Lesson 1 Introduction to Enterprise Penetration Testing and Continuous Monitoring

Lesson 2 External and Internal Reconnaissance

Lesson 2 Kali Linux

Lesson 2 Overview of Web Applications for Security Professionals

Lesson 2 Wireless Client Attacks

Lesson 3 Build Your Own Web Application Lab

Lesson 3 Building Your Lab and Attack Hardware

Lesson 3 Enterprise Social Engineering

Lesson 3 Passive Reconnaissance

Lesson 4 Active Reconnaissance

Lesson 4 Aircrack-ng

Lesson 4 Network and Vulnerability Scanning

Lesson 4 Reconnaissance and Profiling Web Applications

Lesson 5 Authentication and Session Management Vulnerabilities

Lesson 10 Reporting & Continuous Evaluation

Lesson 10 Reporting & Continuous Evaluation