diff --git a/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Ethical_Hacking_-_The_Complete_Course.md b/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Ethical_Hacking_-_The_Complete_Course.md new file mode 100644 index 000000000..c0e00fce8 --- /dev/null +++ b/docs/Knowledge_Base/Cyber_Journey/TCM_Security/Practical_Ethical_Hacking_-_The_Complete_Course.md @@ -0,0 +1,1504 @@ +!!! info "" + + ### Networking Refresher + + + + !!! info "" + + #### Introduction (1:11) + + + + !!! info "" + + #### IP Addresses (13:06) + + + + !!! info "" + + #### MAC Addresses (3:13) + + + + !!! info "" + + #### TCP, UDP, and the Three-Way Handshake (5:12) + + + + !!! info "" + + #### Common Ports and Protocols (6:09) + + + + !!! info "" + + #### The OSI Model (5:30) + + + + !!! info "" + + #### Subnetting Part 1 (26:59) + + + + !!! info "" + + #### Subnetting Part 2 (4:13) + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Setting Up Our Lab + + + + !!! info "" + + #### Installing VMWare / VirtualBox (6:15) + + + + !!! info "" + + #### Configuring VirtualBox (3:16) + + + + !!! info "" + + #### Installing Kali Linux (5:32) + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Introduction to Linux + + + + !!! info "" + + #### Exploring Kali Linux (3:28) + + + + !!! info "" + + #### Sudo Overview (5:12) + + + + !!! info "" + + #### Navigating the File System (18:12) + + + + !!! info "" + + #### Users and Privileges (16:54) + + + + !!! info "" + + #### Common Network Commands (8:26) + + + + !!! info "" + + #### Viewing, Creating, and Editing Files (6:21) + + + + !!! info "" + + #### Starting and Stopping Services (6:17) + + + + !!! info "" + + #### Installing and Updating Tools (11:53) + + + + !!! info "" + + #### Scripting with Bash (22:34) + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Introduction to Python + + + + + !!! info "" + + #### Introduction (2:19) + + + + + !!! info "" + + #### Strings (7:24) + + + + + !!! info "" + + #### Math (5:44) + + + + + !!! info "" + + #### Variables and Methods (10:20) + + + + + !!! info "" + + #### Functions (8:58) + + + + + !!! info "" + + #### Boolean Expressions and Relational Operators (8:33) + + + + + !!! info "" + + #### Conditional Statements (6:58) + + + + + !!! info "" + + #### Lists (12:12) + + + + + !!! info "" + + #### Tuples (2:11) + + + + + !!! info "" + + #### Looping (4:29) + + + + + !!! info "" + + #### Advanced Strings (12:39) + + + + + !!! info "" + + #### Dictionaries (6:24) + + + + + !!! info "" + + #### Importing Modules (5:58) + + + + + !!! info "" + + #### Sockets (7:39) + + + + + !!! info "" + + #### Building a Port Scanner (18:33) + + + + + !!! info "" + + #### User Input (8:38) + + + + + !!! info "" + + #### Reading and Writing Files (9:56) + + + + + !!! info "" + + #### Classes and Objects (7:51) + + + + + !!! info "" + + #### Building a Shoe Budget Tool (14:19) + + + + + !!! info "" + + #### Section Quiz + + + +!!! info "" + + ### The Ethical Hacker Methodology + + + + + !!! info "" + + #### The Five Stages of Ethical Hacking (5:16) + + + + + !!! info "" + + #### Section Quiz + + + +!!! info "" + + ### Information Gathering (Reconnaissance) + + + + + !!! info "" + + #### Passive Reconnaissance Overview (7:32) + + + + + !!! info "" + + #### Identifying Our Target (3:33) + + + + + !!! info "" + + #### Discovering Email Addresses (15:48) + + + + + !!! info "" + + #### Gathering Breached Credentials with Breach-Parse (7:17) + + + + + !!! info "" + + #### Hunting Breached Credentials with DeHashed (11:55) + + + + + !!! info "" + + #### Hunting Subdomains Part 1 (5:31) + + + + + !!! info "" + + #### Hunting Subdomains Part 2 (4:48) + + + + + !!! info "" + + #### Identifying Website Technologies (7:06) + + + + + !!! info "" + + #### Information Gathering with Burp Suite (8:48) + + + + + !!! info "" + + #### Google Fu (5:31) + + + + + !!! info "" + + #### Utilizing Social Media (5:37) + + + + + !!! info "" + + #### Additional Learning (OSINT Fundamentals) (0:48) + + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Scanning & Enumeration + + + + + !!! info "" + + #### Installing Kioptrix (6:17) + + + + + !!! info "" + + #### Scanning with Nmap (19:46) + + + + + !!! info "" + + #### Enumerating HTTP and HTTPS Part 1 (15:01) + + + + + !!! info "" + + #### Enumerating HTTP and HTTPS Part 2 (15:08) + + + + + !!! info "" + + #### Enumerating SMB (14:19) + + + + + !!! info "" + + #### Enumerating SSH (4:09) + + + + + !!! info "" + + #### Researching Potential Vulnerabilities (14:49) + + + + + !!! info "" + + #### Our Notes So Far (3:06) + + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + + + + !!! info "" + + #### Vulnerability Scanning with Nessus + + + + + !!! info "" + + #### Scanning with Nessus Part 1 (10:34) + + + + + !!! info "" + + #### Scanning with Nessus Part 2 (6:09) + + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Exploitation Basics + + + + + !!! info "" + + #### Reverse Shells vs Bind Shells (7:00) + + + + + !!! info "" + + #### Staged vs Non-Staged Payloads (3:21) + + + + + !!! info "" + + #### Gaining Root with Metasploit (7:40) + + + + + !!! info "" + + #### Manual Exploitation (12:40) + + + + + + + + !!! info "" + + #### Brute Force Attacks (7:49) + + + + !!! info "" + + #### Credential Stuffing and Password Spraying (14:02) + + + + + !!! info "" + + #### Our Notes, Revisited (3:03) + + + + + !!! info "" + + #### Section Quiz + + + +!!! info "" + + ### New Capstone + + + !!! info "" + + #### Introduction (5:42) + + + + + !!! info "" + + #### Set Up - Blue (3:56) + + + + + !!! info "" + + #### Walkthrough - Blue (17:00) + + + + + !!! info "" + + #### Set Up - Academy (2:24) + + + + + !!! info "" + + #### Walkthrough - Academy (44:19) + + + + !!! info "" + + #### Walkthrough - Dev (25:20) + + + + + !!! info "" + + #### Walkthrough - Butler (36:18) + + + + + !!! info "" + + #### Walkthrough - Blackpearl (23:30) + + + + !!! info "" + + #### Active Directory Overview + + + + + + !!! info "" + + #### Active Directory Overview (5:39) + + + + + + !!! info "" + + #### Physical Active Directory Components (2:37) + + + + + + + !!! info "" + + #### Logical Active Directory Components (7:13) + + + + + + + !!! info "" + + #### Section Quiz + + + +!!! info "" + + ### Active Directory Lab Build + + + + !!! info "" + + #### Lab Overview and Requirements (3:03) + + + + + + !!! info "" + + #### Lab Build - (Cloud Alternative) (2:04) + + + + + + !!! info "" + + #### Downloading Necessary ISOs (3:59) + + + + + !!! info "" + + #### Setting Up the Domain Controller (16:25) + + + + + !!! info "" + + #### Setting Up the User Machines (11:01) + + + + + !!! info "" + + #### Setting Up Users, Groups, and Policies (17:02) + + + + + !!! info "" + + #### Joining Our Machines to the Domain (12:06) + + + + !!! info "" + + #### Attacking Active Directory: Initial Attack Vectors + + + + + !!! info "" + + #### Introduction (2:14) + + + + + !!! info "" + + #### LLMNR Poisoning Overview (4:56) + + + + + !!! info "" + + #### Capturing Hashes with Responder (5:59) + + + + + !!! info "" + + #### Cracking Our Captured Hashes (11:04) + + + + + !!! info "" + + #### LLMNR Poisoning Mitigation (2:22) + + + + + !!! info "" + + #### SMB Relay Attacks Overview (5:28) + + + + + !!! info "" + + #### SMB Relay Attacks Lab (10:59) + + + + + !!! info "" + + #### SMB Relay Attack Defenses (3:45) + + + + + !!! info "" + + #### Gaining Shell Access (13:42) + + + + + !!! info "" + + #### IPv6 Attacks Overview (4:00) + + + + + !!! info "" + + #### IPv6 DNS Takeover via mitm6 (10:57) + + + + + !!! info "" + + #### IPv6 Attack Defenses (2:50) + + + + + !!! info "" + + #### Passback Attacks (5:16) + + + + + !!! info "" + + #### Initial Internal Attack Strategy (3:56) + + + + + !!! info "" + + #### Section Quiz + + + +!!! info "" + + ### Attacking Active Directory: Post-Compromise Enumeration + + Introduction (2:10) + + + + + !!! info "" + + #### Domain Enumeration with ldapdomaindump (4:24) + + + + + !!! info "" + + #### Domain Enumeration with Bloodhound (12:28) + + + + + !!! info "" + + #### Domain Enumeration with Plumhound (6:42) + + + + + !!! info "" + + #### Domain Enumeration with PingCastle (6:16) + + + + + !!! info "" + + #### Section Quiz + + + +!!! info "" + + ### Attacking Active Directory: Post-Compromise Attacks + + + + + !!! info "" + + #### Introduction (0:49) + + + + + !!! info "" + + #### Pass Attacks Overview (5:56) + + + + + !!! info "" + + #### Pass Attacks (13:37) + + + + + !!! info "" + + #### Dumping and Cracking Hashes (10:59) + + + + + !!! info "" + + #### Pass Attack Mitigations (1:53) + + + + + !!! info "" + + #### Kerberoasting Overview (3:47) + + + + + !!! info "" + + #### Kerberoasting Walkthrough (3:34) + + + + + !!! info "" + + #### Kerberoasting Mitigation (0:53) + + + + + !!! info "" + + #### Token Impersonation Overview (4:51) + + + + + !!! info "" + + #### Token Impersonation Walkthrough (9:26) + + + + + !!! info "" + + #### Token Impersonation Mitigation (1:19) + + + + + !!! info "" + + #### LNK File Attacks (8:00) + + + + + !!! info "" + + #### GPP / cPassword Attacks and Mitigations (4:20) + + + + + !!! info "" + + #### Mimikatz Overview (2:02) + + + + + !!! info "" + + #### Credential Dumping with Mimikatz (8:59) + + + + + !!! info "" + + #### Post-Compromise Attack Strategy (3:40) + + + + + !!! info "" + + #### Section Quiz + + + +!!! info "" + + ### We've Compromised the Domain - Now What? + + + + + !!! info "" + + #### Post-Domain Compromise Attack Strategy (4:16) + + + + + !!! info "" + + #### Dumping the NTDS.dit (9:43) + + + + + !!! info "" + + #### Golden Ticket Attacks Overview (2:41) + + + + + !!! info "" + + #### Golden Ticket Attacks (7:18) + + + + !!! info "" + + #### Additional Active Directory Attacks + + + + + !!! info "" + + #### Section Overview (2:53) + + + + + !!! info "" + + #### Abusing ZeroLogon (9:02) + + + + + !!! info "" + + #### PrintNightmare (CVE-2021-1675) Walkthrough (12:05) + + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Active Directory Case Studies + + + + + !!! info "" + + #### AD Case Study #1 (7:41) + + + + + !!! info "" + + #### AD Case Study #2 (7:19) + + + + + !!! info "" + + #### AD Case Study #3 (7:52) + + + + !!! info "" + + #### Post Exploitation + + + + + !!! info "" + + #### Introduction (1:49) + + + + + !!! info "" + + #### File Transfers Review (2:32) + + + + + !!! info "" + + #### Maintaining Access Overview (3:32) + + + + + !!! info "" + + #### Pivoting Overview (4:00) + + + + + !!! info "" + + #### Pivoting Walkthrough (8:07) + + + + + !!! info "" + + #### Cleaning Up (2:48) + + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Web Application Enumeration, Revisited + + + + + !!! info "" + + #### Introduction (1:49) + + + + + !!! info "" + + #### Installing Go (1:19) + + + + + !!! info "" + + #### Finding Subdomains with Assetfinder (7:43) + + + + + !!! info "" + + #### Finding Subdomains with Amass (5:27) + + + + + !!! info "" + + #### Finding Alive Domains with Httprobe (7:14) + + + + + !!! info "" + + #### Screenshotting Websites with GoWitness (4:10) + + + + + !!! info "" + + #### Automating the Enumeration Process (5:46) + + + + + !!! info "" + + #### Additional Resources (2:18) + + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Find & Exploit Common Web Vulnerabilities + + + + + !!! info "" + + #### Introduction (0:58) + + + + + !!! info "" + + #### Lab Setup (full text instructions included in course notes) (8:35) + + + + + !!! info "" + + #### SQL Injection - Introduction (4:03) + + + + + !!! info "" + + #### SQL Injection - UNION (9:38) + + + + + !!! info "" + + #### SQL Injection - Blind Part 1 (9:52) + + + + + !!! info "" + + #### SQL Injection - Blind Part 2 (12:53) + + + + + !!! info "" + + #### SQL Injection - Challenge Waklthrough (5:36) + + + + + !!! info "" + + #### XSS - Introduction (4:50) + + + + + !!! info "" + + #### XSS - DOM Lab (3:25) + + + + + !!! info "" + + #### XSS - Stored Lab (7:38) + + + + + !!! info "" + + #### XSS - Challenge Walkthrough (3:24) + + + + + !!! info "" + + #### Command Injection - Introduction (2:24) + + + + + !!! info "" + + #### Command Injection - Basics (7:54) + + + + + !!! info "" + + #### Command Injection - Blind / Out-of-Band (8:49) + + + + + !!! info "" + + #### Command Injection - Challenge Walkthrough (4:04) + + + + + !!! info "" + + #### Insecure File Upload - Introduction (0:31) + + + + + !!! info "" + + #### Insecure File Upload - Basic Bypass (8:48) + + + + + !!! info "" + + #### Insecure File Upload - Magic Bytes (9:13) + + + + + !!! info "" + + #### Insecure File Upload - Challenge Walkthrough (3:29) + + + + + !!! info "" + + #### Attacking Authentication - Intro (1:14) + + + + + !!! info "" + + #### Attacking Authentication - Brute Force (7:00) + + + + + !!! info "" + + #### Attacking Authentication - MFA (6:20) + + + + + !!! info "" + + #### Attacking Authentication - Challenge Walkthrough (10:30) + + + + + + !!! info "" + + #### XXE - External Entities Injection (6:04) + + + + + + !!! info "" + + #### IDOR - Insecure Direct Object Reference (4:38) + + + + + + !!! info "" + + #### Capstone - Introduction (0:57) + + + + + + !!! info "" + + #### Capstone - Solution (17:07) + + + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Wireless Penetration Testing + + + + + + !!! info "" + + #### 001_Wireless_Penetration_Testing_Overview (10:26) + + + + + + !!! info "" + + #### 002_WPA_PS2_Exploit_Walkthrough (13:12) + + + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Legal Documents and Report Writing + + + + !!! info "" + + #### 001_Common_Legal_Documents (7:17) + + + + + + + !!! info "" + + #### 002_Pentest_Report_Writing (11:16) + + + + + + + !!! info "" + + #### 003_Reviewing_a_Real_Pentest_Report (19:34) + + + + + + !!! info "" + + #### Section Quiz + + +!!! info "" + + ### Career Advice + \ No newline at end of file