Autoplay
Autocomplete
Previous Lesson
Complete and Continue
NSD Certified Penetration Tester (NCPT)
1. Introduction to the Course
Welcome to the Course
Video - History of Hacking Part 1 (4:58)
Video - History of Hacking Part 2 (6:01)
1.1 Ethics and Culture
1.2 Overview of hacking history - Understand the evolution of hacking
1.3 Hacker Culture - Understand how hacker culture has evolved over time
Quiz
2. Enterprise Security Challenges - Lectures
Video - Enterprise Security Challenges Part 1 (5:10)
Video - Enterprise Security Challenges Part 2 (5:01)
Video - Enterprise Security Challenges- Adaptation (3:48)
Video - Enterprise Security Challenges- Evolution (6:14)
Video - Enterprise Security Challenges- Management Challenges (7:57)
Video - Enterprise Security Challenges- Security Concerns (6:01)
Quiz
3. Information Gathering - Lectures
Video - Information Gathering Part 1 (3:50)
Video - Information Gathering Part 2 (4:57)
Video - Black Widow (2:28)
Video - Ct Exposer (1:55)
Video - DNS Recon (4:15)
Video - Maltego (4:04)
Video - Metagoofil (2:34)
Video - Nessus (6:43)
Video - Netcraft (2:12)
Video - Netdiscover (2:26)
Video - Nmap (5:30)
Video - Phoneinfoga (2:12)
Video - Recon NG (3:20)
Video - Sherlock (2:16)
Video - Sparta (2:10)
Video - The Harvester (3:10)
Video - Whois Enumeration (2:04)
3.1 Information Gathering: Introduction
3.2 What is Information Gathering?
3.4 Objective of Information Gathering
3.3 Reconnaissance
3.5 Information Gathering: Classification
3.6 Footprinting
3.7 Network-based Footprinting
3.8 Tools Used
3.9 DNS Enumeration
3.10 Scanning
3.11 Scanning techniques
3.12 Identifying Vulnerabilities
3.13 Countermeasures
Lab 1 - Version Detection using Nmap (2:22)
Lab 2 - User Enumeration (2:37)
Lab 3 - Metasploitable Container
Lab 4 - Metagoofil
Lab 5 - Sherlock
Lab 6 - Phoneinfoga
Lab 7 - CT Exposer
Lab 8 - Black Widow
Lab 9 - DNS Recon
Quiz
4. Introduction to Social Engineering - Lectures
Video - Social Engineering- Reality Hacking (4:40)
Video - Social Engineering- Into the Mind: Inflicting Damage (7:42)
Video - Social Media Politics and Hacking (5:23)
Video - Social Engineering- Exploiting Religion and Occult Science (6:52)
Video - Social Engineering- Scripting in Daily Life (2:52)
Video: Social Engineering
Video - Getting Credentials with SEToolkit (3:32)
Video - Getting Gmail Credentials using Hiddeneye (3:53)
Video - Compromising Webcam using Say Cheese (1:41)
Video - QR Code Generator using SEToolkit (3:02)
Video - Tracking Target using Hiddeneye (4:14)
4.1 Introduction to Social Engineering
4.2 Understanding your targets - Basic approach in understanding your targets
4.3 Character Analysis - various approaches of character analysis
4.4 Body language - basic body language techniques
4.5 'Blink’ factor - Discussion on Instinct and Judgement on your targets
4.6 How SMS and Facebook has taken over our lives - Discussion on the impact of various social communications
4.7 Finding the right words
4.8 Chat addiction - Making a person attached to you on chat
4.9 Exploiting targets - Using the art effectively for gaining information
4.10 Possible Psychological damage - Discussion on possible psychological damage and concerns
4.11 Scripting in daily life: Games people play - Suggested reading of the book "Games People Play"
4.12 Transactional Analysis - How can it help in networking and information gathering
4.13 Introduction to Reality Hacking - Concept of reality hacking
4.14 Understanding reality hacking - Introduction and larger concept application
4.15 Weakest link in security - exploiting people
4.16 Application in real life - how "everything" around you can be used for hacking
4.17 Exploiting Religion and Occult Science: People and belief - Discussion on what is god, belief and religion
4.18 How religion plays a big role - Importance of religion in peoples lives
4.19 Understanding occult science - Brief introduction to occult science and what people believe
4.20 Astrology and daily life - How astrology impacts daily lives of people and their decisions
4.21 Faith - How to exploit faith for hacking
4.22 How to get personal information - Getting personal information in the name of god
4.23 Bluff master: How to be a palmist - effectively and instantly getting the secrets of people in your first meeting
4.24 Playing with the mind - How to induce self-fulfilling prophecies
4.25 Respecting the science - How not to cross the line
4.26 Into the Mind: Inflicting damage: Introducing hope - exploiting greed and success and fun and profit
4.27 Attachment in Adults - exploiting relationships for fun and profit
4.28 Turning people against each other - exploiting the weakest link
4.29 Phishing god - Using phishing and spam based on information gathered
4.30 Knowing your target - Crafting mails and messages to lure people
4.31 Social Media, Politics and Hacking
4.32 Importance of Social Media in opinion formation
4.33 Case Study: Politics and use of social media
4.34 Misleading people using Social Media
Quiz
5. Systems Security - Lectures
Video - System Security (5:13)
Video - System Security- Offensive Attacks (5:33)
Video - System Security - Wireless Security (4:37)
Video - Breaking WEP (3:48)
Video - Breaking WPA (4:59)
Video - Alternate Data Streams (4:12)
Video - Deauth Attack using Aircrack-NG (4:16)
Video - DNS Spoofing (5:55)
Video - MAC Spoofing (3:17)
Video - MITM Using ARPSpoof (5:54)
Video - MITM Using Bettercap (5:18)
Video - Wireshark (3:56)
5.1 Systems Security
5.2 Group Discussion
5.3 Active directory fundamentals
5.4 Hiding Data - NTFS streaming
5.5 Wireless Security
5.6 Wireless security standards
5.7 WEP and inherent vulnerabilities
5.8 Sniffing Wireless networks
5.9 Breaking WEP
5.10 Breaking WPA
5.11 Wireless security – Best practices
5.12 Offensive attacks
5.13 Linux Privilege Escalation
5.14 Man in the Middle Attack
5.15 Finding Vulnerabilities
Lab 1 - Authentication Bypass Vulnerability (1:52)
Lab 2 - Gitshell Sandbox Bypass (2:14)
Lab 3 - Logic Vulnerability in libssh (2:00)
Lab 4 - Sandbox Bypass & Code Execution Vulnerability (2:33)
Lab 5 - Shellshock (1:55)
Lab 6 - Sudoexploit (1:54)
Lab 7 - WEP Cracking (1:41)
Lab 8 - WPA2 PSK Cracking (2:39)
Quiz
6. Password Hacking - Lectures
Video - Password Hacking 1 (5:37)
Video - Password Hacking 2 (4:23)
Video - Common Password Profiler (4:10)
Video - Generating Keyloggers using Saint (3:55)
Video - Password Cracking using John the Ripper (2:43)
6.1 Password Hacking
6.2 Secret of passwords
6.3 Group Discussion: Do you use the same passwords everywhere?
6.4 Case study: The Most common passwords used
6.5 Team activity: Using online hash crackers
6.6 Attacking Windows system password
6.7 Attacking a Windows Server Domain Controller Password
6.8 Attacking Linux system password
6.9 Attacking Application passwords
6.10 Other approaches  - Using Brute Force Tools
6.11 Steganalysis concepts
6.12 Using Rainbow Tables
6.13 Default Passwords of devices
6.14 Using Key loggers
6.15 Case Study: Impact of Default Passwords on Security
6.16 Team activity: Password recovery tools
Lab 1 - Hydra Brute Force (2:10)
Lab 2 - Directory listing and MD5 decryption (2:14)
Lab 3 - Metasploit Practice - GlassFish Brute Force Utility
Quiz
7. Malwares - Lectures
VIdeo - Intalling Metasploit (2:09)
MSFConsole Overview (2:13)
Video - Malware- Trojan (5:04)
Video - Malware- Worm (4:55)
Video - Malware- Rootkits and Botnets (6:24)
7.1 Team activity: How would you define a Malware
7.2 Introduction to Malwares
7.3 What are Malwares?
7.4 Building a Trojan
7.5 Binding a Trojan to another file
7.6 Approaches for deploying a Trojan
7.7 Using Bit-torrent to spread Trojans
7.8 Anatomy of a Worm
7.9 Worm propagation process in a network
7.10 Defense against Worms
7.11 Worm Propagation possibilities in IPv6!
7.12 Rootkits and Botnets
7.13 Case study: How Botnets work?
7.14 Team activity: Find most popular malwares impacting the mobile platforms.
7.15 Rootkits Infection Techniques
7.16 Task: Analysis of a Malware.
Lab 1 - Volatility Malware 1
Lab 2 - Volatility Malware 2
Lab 3 - Volatility Malware 3
Lab 4 - Volatility - Malware 4
Lab 5 - Volatility - Malware 5
Quiz
8. Network and Web Application Security - Lectures
Video - Network Security (4:29)
Video - Network- Honeypots (2:24)
Video - Network- Sniffing & Session Hijacking (6:20)
Video - Network-Web Application Security (5:52)
Video - Network- Advanced Google Search Techniques (3:10)
Video - Burp Intruder (4:35)
Video - Burp Repeater (5:02)
Video - Client Side Browser Exploitation with BeEF (6:10)
Video - Email Spoofing (4:41)
Video - Evil Twin Attack (5:05)
Video - Exploiting Known Vulnerabilities (3:08)
Video - Injection (5:16)
Video - XML External Entity (2:26)
8.1 Network and Web Application Security
8.2 DDoS Attacks
8.3 Group discussion: DoS attacks impacting organizations
8.4 Targeting Firewalls and Routers
8.5 Defense - Clustering and NLB
8.6 Honeypots
8.7 Deploying Honeypots
8.8 Sniffing Networks
8.9 Encryption - Overview
8.10 Session Hijacking
8.11 Web Security
8.12 Web Application Attacks
8.13 Web Server Security
8.14 Top 10 Web Application Security Risks
8.15 Basic Authentication Attacks
8.16 Advanced Google Search Techniques
Lab 1 - Stored Xss (2:13)
Lab 2 - SQL injection (2:21)
Lab 3 - Reflected Xss (1:54)
Lab 4 - Remote Security Bypass (2:31)
Lab 5 - Remote code injection: (2:20)
Lab 6 - Arbitrary code execution (2:08)
Lab 7 - Remote Code Execution Vulnerability-Drupal (1:56)
Lab 8 - Directory traversal Vulnerability (1:39)
Lab 9 - Remote Code Execution Vulnerability-ProFTPD (2:05)
Lab 10 - Remote Code Execution Vulnerability-ThinkPHP (1:50)
Lab 11 - Arbitrary File Read Vulnerability (1:38)
Lab 12 - Arbitrary Write-file Vulnerability (1:55)
Lab 13 - S2-007 Remote Code Execution Vulnerablity (1:37)
Lab 14 - Arbitrary File Download Vulnerability (1:35)
Lab 15 - RCE In GoAhead (2:08)
Lab 16 - Unauthorized Access Vulnerability (1:41)
Lab 17 - Unauthorized Access in Jupyter Notebook (1:36)
Quiz
9. Exploiting Approaches - Lectures
Video - Aux Mode for Information Gathering (2:48)
Video - Bind and Reverse Payload (5:13)
Video - Exploiting Approaches (6:47)
Video - Exploiting Approaches - Advanced Exploitation (5:56)
Video - Exploiting Approaches- SMB Hacking & Anti Virus Evasion (5:46)
Video - Post Exploitation (3:54)
Video - Using Searchsploit (4:42)
9.1 Exploiting Approaches
9.2 Overview of Shellcodes
9.3 Using exploit-db effectively
9.4 Metasploit - The Big Daddy
9.5 Introduction to msfencode/msfpayload
9.6 Manual Shellcode Writing and Automatic Shellcode Generation
9.8 Concept of Tunneling and Techniques
9.7 Client Side Exploitation Techniques
9.9 Evading Firewalls by hopping through the tunnels using proxy servers
9.10 SMB Fun – Windows and Linux
9.11 Anti Virus Evasion
Lab 1 - Code Injection Vulnerability (2:15)
Lab 2 - Path Traversal Vulnerability (2:08)
Lab 3 - Integer Overflow Vulnerability (1:38)
Lab 4 - Vertical Privilege Bypass Vulnerability (2:10)
Lab 5 - Metasploit Practice - HP Intelligent Lab 5 - Management BIMS DownloadServlet Directory Traversal
Lab 6 - Metasploit Practice - Zyxel Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064
Quiz
Conclusion
Next Steps
Additional Resources
8.14 Top 10 Web Application Security Risks
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock