Web Application Penetration Testing ( Kali Linux )

Learning outcomes from this course : Install hacking lab & needed software (works on Windows, OS X and Linux). Install windows & vulnerable operating systems as virtual machines for testing. Discover vulnerabilities & exploit them hack into servers. Hack & secure both WiFi & wired networks. Use many hacking tools such as Metasploit, Aircrack-ng, SQLmap.....etc. Hack secure systems using client-side and social engineering attacks. Learn Network Penetration Testing. Learn linux commands and how to interact with the terminal.Network basics & how devices interact inside a network. Gather detailed information about clients and networks like their OS, opened ports ...etc. Crack WEP/WPA/WPA2 encryptions using a number of methods. ARP Spoofing/ARP Poisoning. Gain control over computer systems using server side attacks. Create undetectable backdoors. Use social engineering to gain full control over target systems. Discover, exploit & fix local file inclusion vulnerabilities. Discover, fix, and exploit SQL injection vulnerabilities. Bypass login forms and login as admin using SQL injections.

Module 1 : You will learn extensive hands-on with installation and configuration of Virtualization and Kali Linux.


    • --              Introduction to Ethical Hacking and Pentesting
    • --              VMWare Installation
    • --              Installation of Kali Linux
    • --              Kali Linux Configuration and VMWare Tools
    • --              Introduction to Kali Linux
    • --              Concept of Operating Systems

      • Module 2 : Master your commandline skills to navigate and administer Kali Linux and Windows Command lines

                • --              Linux terminal basics
                • --              Kali Linux editors
                • --              Kali Linux administrative commands
                • --              Windows and Networking command

Module 3 : Prepare Your Lab


    • --              Changing IP address and setting up Wireless Adapter
    • --              Creating Bootable Kali USB
    • --              Important Networking Terms
    • --              Important Hacking Terms
    • --              Few Things to Do After Installing Kali Linux
    • --              Changing Our Mac Address - MacChanger

Module 4 : Footprinting


    • --              Google Hacking
    • --              Working with Nikto
    • --              DNS Footprinting
    • --              The Harvester
    • --              Shodan
    • --              Zone Transfer With Dig

    Module 5 : Scanning


      • --              Installing Metasploitable
      • --              Working with Nmap
      • --              Working with Zenmap
      • --              TCP scans
      • --              Nmap Bypassing Defences
      • --              Nmap Scripts

    Module 6 : Web Penetration Testing


      • --              Installing Owasp
      • --              HTTP request
      • --              HTTP Response
      • --              Burpsuite Configuration
      • --              Editing Packets in Burpsuite
      • --              Whatweb & Dirb
      • --              Password Recovery Attack
      • --              Burpsuite Login Bruteforce
      • --              Hydra Login Bruteforce
      • --              Session Fixation
      • --              Injection Attacks
      • --              Simple Command Injection
      • --              Exploiting Command Injection Vulnerability
      • --              Finding Blind Command Injection
      • --              Webpentest - Basics Of SQL
      • --              Manual SQL Injection
      • --              SQLmap basics
      • --              XML Injection
      • --              Installing XCAT and Preventing Injection Attacks
      • --              Reflected XSS
      • --              Stored XSS
      • --              Changing HTML Code with XSS

    Module 7 : Cryptography


      • --              Introduction To Cryptography
      • --              Basic Concepts On Cryptography
      • --              Hash Func and Oracle Method
      • --              Birthday Theorem & Digital Signature
      • --              Pros and Cons Of Cryptography

    Module 8 : SQL Injections Attacks


      • --              Introduction To SQL injection
      • --              SQL Injection To Google Dorks
      • --              SQL Mapping Via Kali Linux
      • --              Gathering Password And Cracking The Hash
      • --              Website Hacking - SQL Injections with Sqlmap

    Module 9 : Wireless Attacks


      • --              Introduction to WEP and WPA
      • --              802 1X Standard
      • --              Wireless Cracking Overview
      • --              Wriless Cracking Via Kali Linux