This course was created with the
course builder. Create your online course today.
Start now
Create your course
with
Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Basic Penetration Testing Online Course in Thai language
Section 0: ข้อมูลการติดต่อและ tip & technique ต่างๆของ Course
Facebook Group ของกลุ่มผู้เรียน
Windows XP สำหรับใช้เป็นเครื่องเหยื่อ
การแก้ไขปัญหา Kali Rolling Edition ไม่สามารถขยายหน้าจอได้ใน VMWare Workstation
VDO Link สำหรับ download Advance Metasploit Next Level
VMWare for web application security lab
Slide of course
การได้รับเงินตอบแทนเมื่อเชิญเพื่อนเข้ามาสมัคร Course (Affiliate Program)
Windows 7 VM Link
Section 1: Overview and basic information security knowledge
Course Overview (0:56)
Introduction and basic knowledge of information security (14:49)
Risk Assessment - Part 1 (14:10)
Risk Assessment - Part 2 (5:27)
Section 2: Kali Linux
Kali Linux (6:32)
How to run Kali Linux (5:52)
Kali Rolling Edition (5:09)
How to install Kali Linux in Virtualbox (11:24)
How to install Guest Additional Tool in Virtualbox (6:26)
How to install Kali Linux in VMWare Fusion (13:41)
Install open-vm-tools-desktop in VMWare Fusion (4:09)
Section 3: Intelligence Gathering
Overview of Intelligence Gathering (9:36)
What is DNS, NSLOOKUP, WHOIS (9:00)
How to use NSLOOKUP (14:40)
What is dig command (1:22)
Dig and Zonetransfer (9:28)
Zonetransfer with tools (15:55)
Intelligence Gathering with Windows and Website (16:33)
OSINT - Part 1 (11:33)
OSINT - Part 2 (7:36)
What is Recon-ng? And how to use it (5:13)
Recon-ng in actions - Part 1 (10:51)
Recon-ng in actions - Part 2 (12:43)
Recon-ng in actions - Part 3 (9:12)
Google Hacking - Part 1 (10:37)
Google Hacking - Part 2 (13:03)
Google Hacking with Tools (10:18)
What is Spiderfoot? And how to use it (9:29)
Search Engine for Pentester (5:26)
Metadata and how to view it (18:10)
Section 4: Network Security
What is surface of target (2:17)
What is NetBIOS (2:43)
Network Security and Basic Network - Part 1 (11:56)
Network Security and Basic Network - Part 2 (6:38)
Learning NMAP in practical way - Part 1 (11:12)
Learning NMAP in practical way - Part 2 (8:56)
NSE Categories (4:18)
Example of NSE (6:54)
Learning NSE in practical way (13:42)
Auditing website with NSE - Part 1 (9:44)
Auditing website with NSE - Part 2 (11:50)
Write your own NSE (16:25)
Edit NSE for your propose (4:21)
How to install Nessus and How to use Nessus scanner (16:16)
How to setup and use Openvas (5:59)
Web Vulnerability Scanner and Arachni (12:53)
Netcat Usage (12:56)
Network Sniffer and Man in the middle (16:03)
DNS Spoofing (2:52)
DNS Spoofing with Ettercap (4:47)
Bettercap (5:20)
Using bettercap to inject javascript (13:05)
Section 5: Metasploit
Overview of Metasploit - Part 1 (4:54)
Overview of Metasploit - Part 2 (17:24)
Metasploit Pro Log
Ranking of Module (3:51)
Msfconsole (10:56)
Metasploit in one line (3:23)
Msfvenom (11:39)
Msfvenom in actions - Part 1 (13:57)
Msfvenom in actions - Part 2 (8:27)
Metasploit works with database (9:30)
Web Delivery Module (4:43)
Exploit MS08_067_netapi with Metasploit (14:36)
Exploit Easy File Management Web Server with Metasploit (12:54)
Brute Forcing SSH with Metasploit (5:21)
Automate in Metasploit (5:51)
Metasploit Cheat Sheet
Metasploit Base64 encoder module (7:47)
Section 6: Crack the password
Overview crack the password (14:32)
Cewl Usage (4:32)
Brute forcing SSH with Hydra (13:08)
Brute forcing HTTP with Hydra (10:08)
LM Hash และ Linux Password (8:41)
Cracking LMHash and NTLM (12:29)
Windows Credential Editor (5:04)
Cracking Linux Password (4:34)
Crack PDF Password (7:26)
Crack Zip File (4:28)
Section 7: Web Application Security
Slide of Web Architecture
Web Architecture - Part 1 (8:20)
Web Architecture - Part 2 (12:52)
Information gathering website (9:23)
Basic SQL (9:43)
SQL Injection (11:21)
Timebase SQL Injection (4:51)
Cheat Sheet SQL Injection (8:50)
SQL Injection with SQLMap (13:40)
SQL Injection 2nd order attack (16:37)
Cross Site Scripting (XSS) (13:57)
File Inclusion - Part 1 (8:58)
File Inclusion - Part 2 (4:11)
File Upload (3:45)
Insecure Direct Object Reference (IDOR) (6:06)
Command Injection (2:22)
Command Injection with COMMIX (13:08)
Cross Site Request Forgery (CSRF) (4:16)
Example payload for redirect
Section 8: Client Side Exploitation
Overview of Client Side Exploitation (2:10)
Overview of DLL Hijacking (7:08)
DLL Hijacking in actions (14:47)
Exploit with Winrar SFX (9:40)
Bypass antivirus with Shellter (7:13)
Create malicious document with Metasploit (8:38)
Exploit Adobe Reader with adobe_pdf_embbed_exe (5:35)
Exploit Adobe Flash Player with Metasploit (2:50)
Microsoft DDEAUTO Attack (6:58)
Section 9: Post Exploitation
Overview of Post Exploitation and Post exploitation in Windows (16:08)
Post Exploitation in Linux (12:04)
Privilege Escalation with dirty c0w vulnerability in Linux OS (11:02)
Privilege Escalation with Hot Potato technique in Windows OS (12:44)
Privilege Escalation with Always Install Elevated in Windows OS (2:59)
BypassUAC with Metasploit (2:40)
Post Exploitation with windows command (9:02)
Pivoting network (4:09)
Pivoting network with autoroute command in Metasploit (4:37)
Pivoting network with SSH (5:00)
Pivoting network with proxychains (3:54)
Post exploitation with Metasploit - Part 1 (9:46)
Post exploitation with Metasploit - Part 2 (7:39)
Privilege Escalation with MS16-032 (Powershell) (3:25)
Post exploitation - using Mimikatz in Metasploit (2:20)
Basic Windows Privilege Escalation
Powershell - Reverse TCP Shell (1:51)
OSX Post-Exploitation
Post Exploitation in Linux with Mimipenguin & Swap_digger (5:08)
Section 10: Reporting
Reporting (7:02)
Example of sample report from many company
Section 11: Play Ground
Lab 1 - Part 1 (10:53)
Lab 1 - Part 2 (12:38)
Lab 2 - Part 1 (10:59)
Lab 2 - Part 2 (18:46)
Vulnerability Lab01 (11:55)
Lab - hack drupal (Droopy) (26:51)
Shadow Broker Toolkit Demo (18:47)
การแก้ไขปัญหา Kali Rolling Edition ไม่สามารถขยายหน้าจอได้ใน VMWare Workstation
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock