Detailed Course Outline
Day 1:
- TCP/IP Basics
- The Art of Port scanning
- Target Enumeration
- Brute-forcing
- Metasploit Basics
- Password Cracking
Day 2:
- Hacking Recent Unix Vulnerabilities
- Hacking Databases
- Hacking Application Servers
- Hacking third party applications (Wordpress, Joomla, Drupal)
Day 3:
- Windows Enumeration
- Hacking recent Windows Vulnerabilities.
- Hacking Third party software (Browser, PDF, Java)
- Post Exploitation: Dumping Secrets
- Hacking Windows Domains
Day 4:
- Understanding HTTP protocol
- Identifying the attack surface
- Username Enumeration
- Information Disclosure
- Issues with SSL/TLS
- Cross Site Scripting
- Cross-Site Request Forgery
Day 5:
- SQL Injection
- XXE attacks
- OS Code Injection
- Local/Remote File include
- Cryptographic weakness
- Business Logic Flaws
- Insecure File Uploads