Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      itsMe

      The Complete Pentesting & Privilege Escalation Course

      Recommended Posts

      Staff

      Hidden Content

        Give reaction to this post to see the hidden content.

      What you'll learn

          Penetration Tests
          Privilege Escalation for Windows
          Privilege Escalation for Linux
          CTF Solutions

      Requirements

          This is an intermediate to advanced course, please refer to previous courses if you have no cybersecurity fundamental training
          Minimum intermediate cyber security knowledge
          Minimum beginner Python knowledge
          Optional: HackTheBox membership (Only for two sections, thus optional)

      Description

      Welcome to The Complete Pentesting & Privilege Escalation Course

      If you want to become a cyber security professional, if you want to deepen your knowledge in ethical hacking topics, if you are preparing yourself for certifications such as OSCP; then you are at the right place! This is an intermediate to advanced course. If you want to make most of it, you should already have a background in cyber security and Python.

      Throughout the course we will solve number of vulnerable machines on Vulnhub, TryHackMe & HackTheBox along with the other platforms. Especially Privilege Escalation topic will be thoroughly explained during the course, which will provide you the best tools if you are studying to get a certification such as OSCP. Furthermore we will not only focus on Linux machines but Windows machines as well.

      Training is given by Atil Samancioglu who has more than 200.000 students worldwide on Ethical Hacking & Mobile Application Development topics along with the Codestars serving more than 1 MM students. If you are ready to take your ethical hacking skills to next level you can immediately see the content of the course and enroll today!

      Some of the topics that we are going to cover during the course, completely hands-on:

          Advanced Linux

          CTF Solutions

          Linux Privilege Escalation

          Windows Privilege Escalation

          Kernel Exploit

          Suid

          Sudo

          Cronjobs

          Metasploit

          Potato Attacks

          Brute Force

          Meterpreter Shells

      Content

      This training will be completely hands on experience but without neglecting the theory. We will cover a lot of scenarios when we solve vulnerable machines which you will face a lot during pentests and certification exams. This will be a big step for you to advance your cyber security career.

      In order to make most of this course you should have taken The Complete Ethical Hacking Course and similar courses before. You should have a working Kali Linux or a counterpart system already, this will not be covered during the course.

      Due to the licensing issues, in the Windows pentest & privilege escalation sections we will need a Hack The Box membership. If you do not want to pay for that, you can always watch the last two sections by only taking notes, without exercising. However you should take into consideration that by exercising you can learn in a better way.

      Warning: This course aims to provide a good training for people who want to be cyber security professionals. You should not break the law in any way with the offensive penetration test techniques and you accept the responsibility by taking this course.

      Who this course is for:

          Students who want to be cyber security professionals
          Cyber security professionals who wants to get a certification
          Cyber security students who wants to deepen their knowledge about pentests and privilege escalation

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Share this post


      Link to post
      Share on other sites

      Join the conversation

      You can post now and register later. If you have an account, sign in now to post with your account.
      Note: Your post will require moderator approval before it will be visible.

      Guest
      Reply to this topic...

      ×   Pasted as rich text.   Paste as plain text instead

      ×   Your link has been automatically embedded.   Display as a link instead

      Sign in to follow this  

      • Similar Content

        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. WoWonder is a PHP Social Network Script, WoWonder is the best way to start your own social network website! WoWonder is fast, secured, and it will be regularly updated.
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
          The sqlmap project is sponsored by Netsparker Web Application Security Scanner.
          Features implemented in sqlmap include:
              Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB and HSQLDB database management systems.     Full support for five SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query and stacked queries.     Support to directly connect to the database without passing via a SQL injection, by providing DBMS credentials, IP address, port and database name.     It is possible to provide a single target URL, get the list of targets from Burp proxy or WebScarab proxy requests log files, get the whole HTTP request from a text file or get the list of targets by providing sqlmap with a Google dork which queries Google search engine and parses its results page. You can also define a regular-expression based scope that is used to identify which of the parsed addresses to test.     Tests provided GET parameters, POST parameters, HTTP Cookie header values, HTTP User-Agent header value and HTTP Referer header value to identify and exploit SQL injection vulnerabilities. It is also possible to specify a comma-separated list of specific parameter(s) to test.     Option to specify the maximum number of concurrent HTTP(S) requests (multi-threading) to speed up the blind SQL injection techniques. Vice versa, it is also possible to specify the number of seconds to hold between each HTTP(S) request. Others optimization switches to speed up the exploitation are implemented too.     HTTP Cookie header string support, useful when the web application requires authentication based upon cookies and you have such data or in case you just want to test for and exploit SQL injection on such header values. You can also specify to always URL-encode the Cookie.     Automatically handles HTTP Set-Cookie header from the application, re-establishing of the session if it expires. Test and exploit on these values is supported too. Vice versa, you can also force to ignore any Set-Cookie header.     HTTP protocol Basic, Digest, NTLM and Certificate authentications support.     HTTP(S) proxy support to pass by the requests to the target application that works also with HTTPS requests and with authenticated proxy servers.     Options to fake the HTTP Referer header value and the HTTP User-Agent header value specified by user or randomly selected from a textual file.     Support to increase the verbosity level of output messages: there exist seven levels of verbosity.     Support to parse HTML forms from the target URL and forge HTTP(S) requests against those pages to test the form parameters against vulnerabilities.     Granularity and flexibility in terms of both user’s switches and features.     Estimated time of arrival support for each query, updated in real time, to provide the user with an overview on how long it will take to retrieve the queries’ output.     Automatically saves the session (queries and their output, even if partially retrieved) on a textual file in real time while fetching the data and resumes the injection by parsing the session file.     Support to read options from a configuration INI file rather than specify each time all of the switches on the command line. Support also to generate a configuration file based on the command line switches provided.     Support to replicate the back-end database tables structure and entries on a local SQLite 3 database.     Option to update sqlmap to the latest development version from the subversion repository.     Support to parse HTTP(S) responses and display any DBMS error message to the user.     Integration with other IT security open source projects, Metasploit and w3af.     More… Changelog v1.5.3
              Speedup of caching for char encoding (non-Unicode chars in page)

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. What you'll learn
              Complete Information Security Fundamentals and Core Concepts like Vulnerability Management, Ethical Hacking, Cryptography and Cybersecurity
              Entire networking related to Information security and Terminologies - Threat, Vulnerability, Incident, Management, Attacks, Exploits, Events
              How to carry out a complete penetration test with SQL Injection, XSS, CSRF, File Upload Vulnerability, Command Execution
              Master Cybersecurity Concepts to clear interviews and certifications
              Learn how to use Kali Linux for Ethical Hacking and Complete Web Application Penetration Testing
              Fundamentals of Cryptography and brief overview of malware and its types
              You will get to know about the Bug Bounty Hunting rewards such as Hall of Fame, Reward Money, Reputation, and Appreciation.
              Information security Terminologies - Threat, Vulnerability, Incident, Management, Attacks, Exploits, Events
              MOST IMPORTANT - Learn how to write a Penetration Testing Report
              Learn how to use Kali Linux Operating Systems commands
              Overview of Security Audits and Frameworks
              Learn to find vulnerabilities in a website and its exploitation.
          This course includes:
              17 hours on-demand video
              1 article
              7 downloadable resources
              1 practice test
              Full lifetime access
              Access on mobile and TV
              Certificate of completion
          Requirements
              IMPORTANT - You should be enthusiastic to learn Information Security
              Rest everything leave it to us, we will take you from novice to an expert Information Security Professional!
          Description
          This course designed with the latest Information Security Industry Trends.
          Have you ever dreamed of getting started with Information Security or becoming an Information Security Professional but you don’t know where to start? Then you’ve come to the right place!
          Introducing your all-in-one course to get you up and running with information Security, cybersecurity, computer networking, and ethical hacking.
          We are We Secure Training, we have the top class certified instructors with various certifications like ISO 27001 Lead Security Auditor, CEH, ITIL, Project Management. We have created over 6 highest-rated courses on cybersecurity, computer networking, and ethical hacking.
          You will learn the entire Information Security including Risk management, security assessment, Identity access management, cybersecurity fundamentals as well as ethical hacking concepts such as web application penetration testing, database hacking, penetration tests, and much more. I strongly believe in learning by doing, so you will acquire real-world skills by following the hands-on practical lectures.
          Key Course Topics:
              Introduction to the Course and how to benefit from this course!
              Complete Computer Networking for Information Security
              Getting Started with Information Security!
              Fundamentals of Information Security
              Key Information Security Concepts
              Introduction to Ethical Hacking
              Setting up your own Penetration Testing Lab
              Information Gathering - Reconnaissance
              Scanning and Enumeration
              Vulnerability Assessment and Penetration Testing
              Web Application Penetration Test
              Denial of Service
              Malware Threats
              Social Engineering - The Art of Human Exploitation
              Cryptography - Securing your Data
              Writing a Penetration Testing Report
          At the end of each section, you will learn how to detect, prevent, and secure systems and yourself from the discussed attacks. All the techniques in this course are practical and work against real systems, you'll understand the whole mechanism of each technique first, then you'll learn how to use it to hack into the target system. By the end of the course, you'll be able to modify these techniques to launch more powerful attacks and adapt them to suit different situations and different scenarios.
          With this course, you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 48 hours.
          Who this course is for:
              Those who are looking for a perfect start in Information Security
              Those who are looking for a perfect start in Ethical Hacking Career
              Pursue careers like CEH, ECSA, OSCP, CCNA, PWK, etc
              Those who want to become a SECURITY EXPERT
              Those who are looking to change their field to Information Technology
              Web developers so they can create secure web application & secure their existing ones.
          Hidden Content
          Give reaction to this post to see the hidden content.
          Content:

          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Name-That-Hash
          What is this?
          Have you ever come across a hash such as 5f4dcc3b5aa765d61d8327deb882cf99 and wondered what type of hash that is? 🤔
          Name-that-hash will name that hash type!
          🔥 Features
              📺 Popularity Ratings – Name that hash will show you the most popular hashes first. In older systems, it would prioritise Skype Hash the same as Active Directory’s NTLM! Which makes as much sense as saying that my GitHub is as popular as VSCode 📈
              ✍ Hash Summaries – no more wondering whether it’s MD5 or NTLM. It will summarise the main usage of each hash, allowing you to make an informed & decisive choice ⚡
              🌈 Colour Output – Don’t worry, the colours were hand-selected with a designer to be 100% accessible and gnarly 😎
              🤖 JSON output && API – Want to use it in your project? We are API first, CLI second. Use JSON output or import us as a Python module! 💾
              👵 Updated! – HashID was last updated in 2015. Hash-Identifier in 2011! It is a 2021 project 🦧
              ♿ Accessible – We are 100% committed to making this an accessible hacking tool 🙏
              🎫 Extensible – Add new hashes as quickly as you can edit this README. No, seriously — it’s that easy! 🎱
          Changelog v1.1.6
          What’s Changed
              Fix typo in help dialogue (#47) @jgmoss
              Fixed bug that printed “hello” in non grep mode.

          Hidden Content
          Give reaction to this post to see the hidden content.