Course Outlines

Explore the comprehensive syllabus designed to make you a cybersecurity expert. Follow the updated modules below.

1 Introduction To Ethical Hacking & Overview

  • Offensive And Defensive Security

2 Hacking Environment Setup: Kali Linux & Linux Mastery

  • How To Install Kali Linux On Your Computer
  • Master Linux From Basic To Advanced

3 Web Application Testing Fundamentals

  • Burpsuite For Web Application Pentesting
  • Master BurpSuite Professional In One Lecture

4 File Path Traversal Vulnerabilities

  • File path traversal, simple case
  • File path traversal, traversal sequences blocked with absolute path bypass
  • File path traversal, traversal sequences stripped non-recursively
  • Automation of File path traversal vulnerabilities

5 Information Disclosure Vulnerabilities

  • Information Leakage Vulnerabilities
  • Information Leakage In Error Messages
  • Information Leakage On Debug Page
  • Source Code Disclosure Via Backup Files
  • Automating Information Disclosure Discovery: Feroxbuster, FFUF, Dirbuster & Dirb Step by Step

6 Automated Information Disclosure Techniques

  • Automate The Process Of Finding Information Disclosure Vulnerabilities

7 OS Command Injection

  • Introduction To OS Command Injection
  • OS Command Injection Simple Case
  • Blind OS Command Injection With Time Delays
  • Blind OS Command Injection With Output Redirection

8 SSRF Vulnerabilities

  • Introduction To SSRF Vulnerability
  • Basic SSRF Against The Local Server
  • SSRF Against Blacklist-Based Input Filter
  • Basic SSRF Against Another Back-End System

9 File Upload Vulnerabilities & Remote Code Execution

  • Introduction To File Upload Vulnerabilities
  • Remote Code Execution Via Web Shell Upload
  • Web Shell Upload Via Content-Type Restriction Bypass
  • Web Shell Upload Via Path Traversal
  • Remote Code Execution Via Polyglot Web Shell Upload
  • Web Shell Upload Via Obfuscated File Extension

10 Access Control Vulnerabilities

  • Introduction To Access Control Vulnerabilities
  • Unprotected Admin Functionality
  • Unprotected Admin Functionality With Unpredictable URL
  • User Role Controlled By Request Parameter
  • User Role Can Be Modified In User Profile
  • Insecure Direct Object References
  • User ID Controlled By Request Parameter With Password Disclosure

11 Business Logic Vulnerabilities

  • Introduction To Business Logic Vulnerabilities
  • Excessive Trust In Client-Side Controls
  • High-Level Logic Vulnerability
  • Inconsistent Security Controls
  • Flawed Enforcement Of Business Rules
  • Weak Isolation On Dual-Use Endpoint
  • Insufficient Workflow Validation

12 Cross-Site Scripting (XSS)

  • Introduction To XSS-Cross Site Scripting
  • Reflected XSS
  • Stored XSS
  • DOM XSS
  • DOM XSS- Part 2

13 SQL Injection Fundamentals

  • SQL Programming
  • Introduction To SQL Injection Vulnerability
  • SQL Injection Vulnerability Allowing Login Bypass

14 Advanced SQL Injection Techniques

  • SQL Injection UNION Attack, Determining Number Of Columns
  • SQL Injection UNION Attack, Finding A Column Containing Text
  • SQL Injection UNION Attack, Retrieving Data From Other Tables
  • SQL Injection UNION Attack, Retrieving Multiple Values
  • SQL Injection Attack, Listing Database Contents On Non-Oracle Databases
  • Blind SQL Injection With Time Delays
  • Mastering SQLmap Step by Step

15 Automation In Cybersecurity

  • Introduction To Automation (The Core Of Cybersecurity)

16 Subdomain Enumeration & Reconnaissance Tools

  • Installation Of Subfinder - Subdomain Enumeration
  • Installation Of Assetfinder - Subdomain Enumeration
  • Configure And Install Findomain - Subdomain Enumeration

17 URL & HTTP Reconnaissance Tools

  • How To Install Waymore URLs
  • Configure And Install HTTPX Tool

18 Exploitation Tools - Part 1

  • Install Katana Tool
  • How To Install Nuclei Framework - Exploitation
  • How To Install And Configure Nuclei Templates

19 Exploitation Tools - Part 2

  • Install Parallel, Qsreplace Tools

20 Web Security Automation - Integration

  • Putting It All Together - Web Security Automation Part: 1
  • Web Security Automation Part: 2

21 Web Security Automation - Exploitation Phase

  • Exploitation Phase - Web Security Automation Part: 3

22 Advanced Automation & Final Chapter

  • The Final Chapter; Automate Everything

23 XML Injection & XXE Attacks

  • Introduction To XML Injection Attacks
  • Exploiting XXE Using External Entities To Retrieve Files
  • Exploiting XXE To Perform SSRF Attacks
  • Blind XXE With Out-Of-Band Interaction

24 Authentication Vulnerabilities & User Enumeration

  • Introduction To Authentication Vulnerabilities
  • Username Enumeration Via Subtly Different Responses
  • 2FA Simple Bypass
  • Password Reset Broken Logic
  • Username Enumeration Via Subtly Different Responses

25 Reconnaissance & Vulnerability Assessment

  • The Art Of Hacking- Reconnaissance
  • NetSec Challange- Reconnaissance Part 2
  • Practical Vulnerabilities Exploitation
  • Penetration Testing Vulnerabilities 101

26 Metasploit & Exploitation Frameworks

  • Mastering Metasploit Framwork Part 1
  • Hack Windows Machine Using Metasploit

27 Linux Privilege Escalation

  • Sensitive Credentials Hunting
  • Weak File Permissions
  • Cron Jobs
  • SUID Wildcard
  • SUDO - Shell Escape Sequences
  • SUDO Exploitation ld_preload
  • SUDO LD_LIBRARY_PATH
  • SUID Exploitation - Known Vulnerabilities (CVEs)
  • SUID Shared Object Injection
  • Linux Capabilities
  • Service Exploitation: MySQL (Boot to Root)
  • Network File System (NFS)
  • Revision of LinuxPrivEsc

28 Practical Hacking into Linux Machines (Projects)

  • Mr.Robot CTF Linux
  • TryHackMe CTF: Vulnversity - Walkthrough Linux
  • Skynet Walkthrough Linux
  • DailyBugle TryHackMe Walkthrough Linux
  • Game Zone Linux
  • Kenobi Linux

29 Windows Privilege Architecture & Escalation

  • User Account Control (UAC)
  • Login to RDP and Dropping Files + Receiving
  • Windows PrivEsc (Overview)
  • Windows Services
  • Service Abuse: Weak Service Executable
  • Service Abuse: Weak Service Permission
  • Service Abuse: Unquoted Service Paths
  • Service Abuse: DLL Hijacking Intro
  • Service Abuse: DLL Hijacking Practical
  • Sensitive Credentials Hunting Theory
  • Sensitive Credentials Hunting
  • Part 1: SAM (Security Account Manager)
  • Part 2: SAM (Security Account Manager)
  • Introduction to Windows Registry
  • Lab: Registry Autorun Exploitation
  • Lab: Weak Registry Permissions
  • AlwaysInstallElevated
  • Theory - Impersonation Attacks
  • [LAB] SeImpersonate Exploit: JuicyPotato
  • Lab: PrintSpoofer (The King of Token Impersonation)
  • [LAB] RoguePotato (Token Impersonation)
  • Universal Methodology: SeTakeOwnership Exploit
  • Startup Apps Exploitation
  • Insecure GUI Apps
  • seBackupExploit
  • Kernel Exploit Windows 7
  • Windows 10 Kernel Exploitation
  • Attack Vector: Scheduled Task Resource Abuse
  • UAC (User Account Control) Bypass

30 Practical Hacking into Windows Machines (Projects)

  • Steel Mountain | WIN
  • Alfred Walkthrough WIN
  • HackPark TryHackMe WIN
  • Relevant (TryHackMe) WIN
  • Internal (TryHackMe) WIN
  • Retro TryHackMe Walkthrough WIN

31 Advanced / Miscellaneous Topics

  • Master Metasploit Overview
  • Port Forwarding, Tunneling and Pivoting
  • Port Forwarding, Tunneling and Pivoting in WINDOWS

32 Bash Scripting - Advanced Module

  • Introduction to Bash Scripting
  • Variables, Loops and Conditions
  • Functions and Automation Scripting
  • Writing Custom Recon Tools in Bash

33 Python for Hackers

  • Introduction to Python Programming
  • Network Programming (Sockets & Requests)
  • Building Custom Exploits in Python
  • Automating Tools with Python

34 AI in Red Teaming & Bug Bounty

  • How to use AI to Hack Machines
  • Using AI for Red Teaming and Pentesting
  • Automating Bug Bounty Workflows with AI
  • Creating Custom Exploits and Analysis using LLMs

Contact An Expert