Requirements:
No Linux, programming or hacking knowledge required.
Computer with a minimum of 4GB ram/memory
Operating System: Windows / OS X / Linux
Welcome to my course on Website & Web applications Hacking! This course assumes you have NO prior knowledge in hacking and by the end of it you'll be at a high level, being able to hack websites like black-hat hackers and secure them like security experts!
This course is highly practical but it won't neglect the theory, first you'll learn how to install the needed software (works on Windows, Linux and Mac OS X) and then we'll start with basics about how websites work, the different components that make a website, the technologies used, and then we'll dive into website hacking straight away. From here onwards you'll learn everything by example, by discovering vulnerabilities and exploiting them to hack into websites, so we'll never have any dry boring theoretical lectures.
Before jumping into hacking, you'll first learn how to gather comprehensive information about your target website, then the course is divided into a number of sections, each section covers how to discover, exploit and mitigate a common web application vulnerability, for each vulnerability you will first learn the basic exploitation, then you will learn advanced techniques to bypass security, escalate your privileges, access the database, and even use the hacked websites to hack into other websites on the same server.
You will learn how and why these vulnerabilities are exploitable, how to fix them and what are the right practices to avoid causing them.
The course is divided into 3 main sections:
Here's a more detailed breakdown of the course content:
1. Information Gathering - In this section you'll learn how to gather information about a target website, you'll learn how to discover the DNS server used, the services, subdomains, un-published directories, sensitive files, user emails, websites on the same server and even the web hosting provider. This information is crucial as it increases the chances of being able to successfully gain access to the target website.
2. Discovering, Exploiting & Mitigation - In this section you will learn how to discover, exploit and mitigate a large number of vulnerabilities, this section is divided into a number of sub-sections, each covering a specific vulnerability, firstly you will learn what is that vulnerability and what does it allow us to do, then you will learn how to exploit this vulnerability and bypass security measurements, and finally we will analyse the code causing this vulnerability and see how to fix it, the following vulnerabilities are covered in the course:
File upload : This vulnerability allow attackers to upload executable files on the target web server, exploiting these vulnerabilities properly gives you full control over the target website.
Code Execution - This vulnerability allow users to run system code on the target web server, this can be used to execute malicious code and get a reverse shell access which gives the attacker full control over the target web server.
Local File inclusion - This vulnerability can be used to read any file on the target server, so it can be exploited to read sensitive files, we will not stop at that though, you will learn two methods to escalate this vulnerability and get a reverse shell connection which gives you full control over the target web server.
Remote File inclusion - This vulnerability can be load remote files on the target web server, exploiting this vulnerability properly gives you full control over the target web server.
SQL Injection- This is one of the most dangerous vulnerabilities, it is found everywhere and can be exploited to do all of the things the above vulnerabilities allow us to do and more, so it allows you to login as admin without knowing the password, access the database and get all data stored there such as usernames, passwords, credit cards ....etc, read/write files and even get a reverse shell access which gives you full control over the target server!
Cross Site Scripting (XSS) - This vulnerability can be used to run javascript code on users who access the vulnerable page, we won't stop at that, you will learn how to steal credentials from users (such as facebook or youtube passwords) and even gain full access to their computer. You will learn all three types (reflected, stored and DOM-based).
Insecure Session Management - In this section you will learn how to exploit insecure session management in web applications and login to other user accounts without knowing their password, you'll also learn how to discover and exploit CSRF (Cross Site Request Forgery) vulnerabilities.
Brute Force & Dictionary Attacks - In this section you will learn what are these attacks, what is the difference between them and how to launch them, in successful cases you will be able to guess the password for a target login page.
3. Post Exploitation - In this section you will learn what can you do with the access you gained from exploiting the above vulnerabilities, you will learn how to convert reverse shell access to a Weevely access and vice versa, you will also learn how to execute system commands on the target server, navigate between directories, access other websites on the same server, upload/download files, access the database and even download the whole database to your local machine. You will also learn how to bypass security and do all of that even if you did not have enough permissions!
With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 15 hours.
- Anybody who is interested in learning website & web application hacking / penetration testing
- Anybody who wants to learn how hackers hack websites
- Anybody who wants to learn how to secure websites & web applications from hacker
- Web developers so they can create secure web application & secure their existing ones
- Web admins so they can secure their websites
What You Will Learn From This Course:
What you'll learn
- Install hacking lab & needed software (works on Windows, OS X and Linux).
- Discover, exploit and mitigate a number of dangerous vulnerabilities.
- Use advanced techniques to discover and exploit these vulnerabilities.
- Bypass security measurements and escalate privileges.
- Intercept requests using a proxy.
- Hack all websites on same server.
- Bypass filters and client-side security
- Adopt SQL queries to discover and exploit SQL injections in secure pages
- Gain full control over target server using SQL injections
- Discover & exploit blind SQL injections
- Install Kali Linux - a penetration testing operating system
- Install windows & vulnerable operating systems as virtual machines for testing
- Learn linux commands and how to interact with the terminal
- Learn linux basics
- Understand how websites & web applications work
- Understand how browsers communicate with websites
- Gather sensitive information about websites
- Discover servers, technologies and services used on target website
- Discover emails and sensitive data associated with a specific website
- Find all subdomains associated with a website
- Discover unpublished directories and files associated with a target website
- Find all websites hosted on the same server as the target website
- Discover, exploit and fix file upload vulnerabilities
- Exploit advanced file upload vulnerabilities & gain full control over the target website
- Discover, exploit and fix code execution vulnerabilities
- Exploit advanced code execution vulnerabilities & gain full control over the target website
- Discover, exploit & fix local file inclusion vulnerabilities
- Exploit advanced local file inclusion vulnerabilities & gain full control over the target website
- Exploit advanced remote file inclusion vulnerabilities & gain full control over the target website
- Discover, fix, and exploit SQL injection vulnerabilities
- Bypass login forms and login as admin using SQL injections
- Writing SQL queries to find databases, tables and sensitive data such as usernames and passwords using SQL injections
- Bypass filtering, and login as admin without password using SQL injections
- Bypass filtering and security measurements
- Read / Write files to the server using SQL injections
- Patch SQL injections quickly
- Learn the right way to write SQL queries to prevent SQL injections
- Discover basic & advanced reflected XSS vulnerabilities
- Discover basic & advanced stored XSS vulnerabilities
- Discover DOM-based XSS vulnerabilities
- How to use BeEF framwork
- Hook victims to BeEF using reflected, stored and DOM based XSS vulnerabilities
- Steal credentials from hooked victims
- Run javascript code on hooked victims
- Create an undetectable backdoor
- Hack into hooked computers and gain full control over them
- Fix XSS vulnerabilities & protect yourself from them as a user
- What do we mean by brute force & wordlist attacks
- Create a wordlist or a dictionary
- Launch a wordlist attack and guess admin's password
- Discover all of the above vulnerabilities automatically using a web proxy
- Run system commands on the target webserver
- Access the file system (navigate between directories, read/write files)
- Download, upload files
- Bypass security measurements
- Access all websites on the same webserver
- Connect to the database and execute SQL queries or download the whole database to the local machine
Curriculum For This Course
- Course Introduction
- Lab Overview & Needed Software
- Installing Kali 2019 As a Virtual Machine Using a Ready Image
- Installing Metasploitable As a Virtual Machine
- Installing Windows As a Virtual Machine
- Basic Overview Of Kali Linux
- The Linux Terminal & Basic Linux Commands
- Configuring Metasploitable & Lab Network Settings
- What is a Website?
- How To Hack a Website ?
- Gathering Information Using Whois Lookup
- Discovering Technologies Used On The Website
- Gathering Comprehensive DNS Information
- Discovering Websites On The Same Server
- Discovering Subdomains
- Discovering Sensitive Files
- Analysing Discovered Files
- Maltego - Discovering Servers, Domains & Files
- Maltego - Discovering Websites, Hosting Provider & Emails
- What are they? And How To Discover & Exploit Basic File Upload Vulnerabilities
- HTTP Requests - GET & POST
- Intercepting HTTP Requests
- Exploiting Advanced File Upload Vulnerabilities
- Exploiting More Advanced File Upload Vulnerabilities
- [Security] Fixing File Upload Vulnerabilities
- What are they? & How To Discover & Exploit Basic Code Execution Vulnerabilities
- Exploiting Advanced Code Execution Vulnerabilities
- [Security] - Fixing Code Execution Vulnerabilities
- What are they? And How To Discover & Exploit Them
- Gaining Shell Access From LFI Vulnerabilities - Method 1
- Gaining Shell Access From LFI Vulnerabilities - Method 2
- Remote File Inclusion Vulnerabilities - Configuring PHP Settings
- Remote File Inclusion Vulnerabilities - Discovery & Exploitation
- Exploiting Advanced Remote File Inclusion Vulnerabilities
- [Security] Fixing File Inclusion Vulnerabilities
- What is SQL
- Dangers of SQL Injections
- Discovering SQL Injections In POST
- Bypassing Logins Using SQL Injection Vulnerability
- Bypassing More Secure Logins Using SQL Injections
- [Security] Preventing SQL Injections In Login Pages
- Discovering SQL Injections in GET
- Reading Database Information
- Finding Database Tables
- Extracting Sensitive Data Such As Passwords
- Discovering & Exploiting Blind SQL Injections
- Discovering a More Complicated SQL Injection
- Extracting Data (passwords) By Exploiting a More Difficult SQL Injection
- Bypassing Filters
- Bypassing Security & Accessing All Records
- [Security] Quick Fix To Prevent SQL Injections
- Reading & Writing Files On The Server Using SQL Injection Vulnerability
- Getting A Reverse Shell Access & Gaining Full Control Over The Target Web Server
- Discovering SQL Injections & Extracting Data Using SQLmap
- Getting a Direct SQL Shell using SQLmap
- [Security] - The Right Way To Prevent SQL Injection
- Introduction - What is XSS or Cross Site Scripting?
- Discovering Basic Reflected XSS
- Discovering Advanced Reflected XSS
- Discovering An Even More Advanced Reflected XSS
- Discovering Stored XSS
- Discovering Advanced Stored XSS
- Hooking Victims To BeEF Using Reflected XSS
- Hooking Victims To BeEF Using Stored XSS
- BeEF - Interacting With Hooked Victims
- BeEF - Running Basic Commands On Victims
- BeEF - Stealing Credentials/Passwords Using A Fake Login Prompt
- Bonus - Installing Veil 3.1
- Bonus - Veil Overview & Payloads Basics
- Bonus - Generating An Undetectable Backdoor Using Veil 3
- Bonus - Listening For Incoming Connections
- Bonus - Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10
- BeEF - Gaining Full Control Over Windows Target
- [Security] Fixing XSS Vulnerabilities
- Logging In As Admin Without a Password By Manipulating Cookies
- Discovering Cross Site Request Forgery Vulnerabilities (CSRF)
- Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File
- Exploiting CSRF Vulnerabilities To Change Admin Password Using Link
- [Security] The Right Way To Prevent CSRF Vulnerabilities
- What Are Brute Force & Dictionary Attacks?
- Creating a Wordlist
- Launching a Wordlist Attack & Guessing Login Password Using Hydra
- Scanning Target Website For Vulnerabilities
- Analysing Scan Results
- Post Exploitation Introduction
- Interacting With The Reverse Shell Access Obtained In Previous Lectures
- Escalating Reverse Shell Access To Weevely Shell
- Weevely Basics - Accessing Other Websites, Running Shell Commands ...etc
- Bypassing Limited Privileges & Executing Shell Commands
- Downloading Files From Target Webserver
- Uploading Files To Target Webserver
- Getting a Reverse Connection From Weevely
- Accessing The Database
Student's Feedback
Duraipandi VLS
2 years ago