وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

در حال حاضر محصولی در سبد خرید شما وجود ندارد.

رمز خود را فراموش کرده اید؟
وب سایت تخصصی شرکت فرین
خانه » فروشگاه » OffSec – PEN-200

OffSec – PEN-200

سرفصل های دوره

01. Vulnerability Scanning
    1.1. Vulnerability Scanning with Nessus
  • 1.1.1. Nessus Components
  • 1.1.2. Performing a Vulnerability Scan
  • 1.1.3. Analyzing the Results
  • 1.1.4. Performing an Authenticated Vulnerability Scan
  • 1.1.5. Working with Nessus Plugins
    1.2. Vulnerability Scanning with Nmap
  • 1.2.1. NSE Vulnerability Scripts
  • 1.2.2. Working with NSE Scripts

02. Introduction to Web Application Attacks
    2.1. Web Application Assessment Tools
  • 2.1.1. Fingerprinting Web Servers with Nmap
  • 2.1.2. Directory Brute Force with Gobuster
  • 2.1.3. Security Testing with Burp Suite
    2.2. Web Application Enumeration
  • 2.2.1. Debugging Page Content
  • 2.2.2. Inspecting HTTP Response Headers and Sitemaps
  • 2.2.3. Enumerating and Abusing APIs
    2.3. Cross-Site Scripting
  • 2.3.1. Basic XSS
  • 2.3.2. Privilege Escalation via XSS

03. Common Web Application Attacks
    3.1. Directory Traversal
  • 3.1.1. Absolute vs Relative Paths
  • 3.1.2. Identifying and Exploiting Directory Traversals
  • 3.1.3. Encoding Special Characters
    3.2. File Inclusion Vulnerabilities
  • 3.2.1. Local File Inclusion (LFI)
  • 3.2.2. PHP Wrappers
  • 3.2.3. Remote File Inclusion (RFI)
    3.3. File Upload Vulnerabilities
  • 3.3.1. Using Executable Files
  • 3.3.2. Using Non-Executable Files
    3.4. Command Injection
  • 3.4.1. OS Command Injection

04. SQL Injection Attacks
    4.1. SQL Theory and Databases
  • 4.1.1. DB Types and Characteristics
    4.2. Manual SQL Exploitation
  • 4.2.1. Identifying SQLi via Error-based Paylaods
  • 4.2.2. UNION-based Payloads
  • 4.2.3. Blind SQL Injections
    4.3. Manual and Automated Code Execution
  • 4.3.1. Manual Code Execution
  • 4.3.2. Automating the Attack

05. Client-side Attacks
    5.1. Target Reconnaissance
  • 5.1.1. Information Gathering
  • 5.1.2. Client Fingerprinting
    5.2. Exploiting Microsoft Office
  • 5.2.1. Leveraging Microsoft Word Macros
    5.3. Abusing Windows Library Files
  • 5.3.1. Obtaining Code Execution via Windows Library Files

06. Locating Public Exploits
    6.1. Offline Exploit Resources
  • 6.1.1. SearchSploit
  • 6.1.2. Nmap NSE Scripts
    6.2. Exploiting a Target
  • 6.2.1. Putting It Together

07. Information Gathering
    7.1. Passive Information Gathering
  • 7.1.1. Whois Enumeration
  • 7.1.2. Google Hacking
  • 7.1.3. Netcraft
  • 7.1.4. Open-Source Code
  • 7.1.5. Shodan
  • 7.1.6. Security Headers and SSL TLS
    7.2. Active Information Gathering
  • 7.2.1. DNS Enumeration
  • 7.2.2. Port Scanning with Nmap
  • 7.2.3. SMB Enumeration
  • 7.2.4. SMTP Enumeration
  • 7.2.5. SNMP Enumeration

08. Fixing Exploits
    8.1. Fixing Memory Corruption Exploits
  • 8.1.1. Importing and Examining the Exploit
  • 8.1.2. Cross-Compiling Exploit Code
  • 8.1.3. Fixing the Exploit
  • 8.1.4. Changing the Overflow Buffer
    8.2. Fixing Web Exploits
  • 8.2.1. Selecting the Vulnerability and Fixing the Code
  • 8.2.2. Troubleshooting the index out of range Error

09. Antivirus Evasion
    9.1. Antivirus Software Key Components and Operations
  • 9.1.1. Detection Methods
    9.2. AV Evasion in Practice
  • 9.2.1. Evading AV with Thread Injection
  • 9.2.2. Automating the Process

10. Password Attacks
    10.1. Attacking Network Services Logins
  • 10.1.1. SSH and RDP
  • 10.1.2. HTTP POST Login Form
    10.2. Password Cracking Fundamentals
  • 10.2.1. Introduction to Encryption, Hashes and Cracking
  • 10.2.2. Mutating Wordlists
  • 10.2.3. Password Manager
  • 10.2.4. SSH Private Key Passphrase
    10.3. Working with Password Hashes
  • 10.3.1. Cracking NTLM
  • 10.3.2. Passing NTLM
  • 10.3.3. Cracking Net-NTLMv2
  • 10.3.4. Relaying Net-NTLMv2

11. Windows Privilege Escalation
    11.1. Enumerating Windows
  • 11.1.1. Situational Awareness
  • 11.1.2. Hidden in Plain View
  • 11.1.3. Information Goldmine PowerShell
  • 11.1.4. Automated Enumeration
    11.2. Leveraging Windows Services
  • 11.2.1. Service Binary Hijacking
  • 11.2.2. DLL Hijacking
  • 11.2.3. Unquoted Service Paths
    11.3. Abusing Other Windows Components
  • 11.3.1. Scheduled Tasks
  • 11.3.2. Using Exploits

12. Linux Privilege Escalation
    12.1. Enumerating Linux
  • 12.1.1. Manual Enumeration
  • 12.1.2. Automated Enumeration
    12.2. Exposed Confidential Information
  • 12.2.1. Inspecting User Trails
  • 12.2.2. Inspecting Service Footprints
    12.3. Insecure File Permissions
  • 12.3.1. Abusing Cron Jobs
  • 12.3.2. Abusing Password Authentication
    12.4. Insecure System Components
  • 12.4.1. Abusing Setuid Binaries and Capabilities
  • 12.4.2. Abusing Sudo
  • 12.4.3. Exploiting Kernel Vulnerabilities

13. Port Redirection and SSH Tunneling
    13.1. Port Forwarding with Linux Tools
  • 13.1.1. A Simple Port Forwarding Scenario
  • 13.1.2. Setting Up the Lab Environment
  • 13.1.3. Port Forwarding with Socat
    13.2. SSH Tunneling
  • 13.2.1. SSH Local Port Forwarding
  • 13.2.2. SSH Dynamic Port Forwarding
  • 13.2.3. SSH Remote Port Forwarding
  • 13.2.4. SSH Remote Dynamic Port Forwarding
  • 13.2.5. Using sshuttle
    13.3. Port Forwarding with Windows Tools
  • 13.3.1. ssh.exe
  • 13.3.2. Plink
  • 13.3.3. Netsh

14. Tunneling Through Deep Packet Inspection
    14.1. HTTP Tunneling Theory and Practice
  • 14.1.1. HTTP Tunneling Fundamentals
  • 14.1.2. HTTP Tunneling with Chisel
    14.2. DNS Tunneling Theory and Practice
  • 14.2.1. DNS Tunneling Fundamentals
  • 14.2.2. DNS Tunneling with dnscat2

15. The Metasploit Framework
    15.1. Getting Familiar with Metasploit
  • 15.1.1. Setup and Work with MSF
  • 15.1.2. Auxiliary Modules
  • 15.1.3. Exploit Modules
    15.2. Using Metasploit Payloads
  • 15.2.1. Staged vs Non-Staged Payloads
  • 15.2.2. Meterpreter Payload
  • 15.2.3. Executable Payloads
    15.3. Performing Post-Exploitation with Metasploit
  • 15.3.1. Core Meterpreter Post-Exploitation Features
  • 15.3.2. Post-Exploitation Modules
  • 15.3.3. Pivoting with Metasploit
    15.4. Automating Metasploit
  • 15.4.1. Resource Scripts

16. Active Directory Introduction and Enumeration
    16.1. Active Directory - Manual Enumeration
  • 16.1.1. Active Directory - Enumeration Using Legacy Windows Tools
  • 16.1.2. Enumerating Active Directory using PowerShell and .NET Classes
  • 16.1.3. Adding Search Functionality to our Script
  • 16.1.4. AD Enumeration with PowerView
    16.2. Manual Enumeration - Expanding our Repertoire
  • 16.2.1. Enumerating Operating Systems
  • 16.2.2. Getting an Overview - Permissions and Logged on Users
  • 16.2.3. Enumeration Through Service Principal Names
  • 16.2.4. Enumerating Object Permissions
  • 16.2.5. Enumerating Domain Shares
    16.3. Active Directory - Automated Enumeration
  • 16.3.1. Collecting Data with SharpHound
  • 16.3.2. Analysing Data using BloodHound
139,000 تومان
بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
خرید اشتراک افزودن به سبد خرید
خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

ایمیل شما:
شناسه: 44836
حجم: 2784 مگابایت
مدت زمان: 864 دقیقه
تاریخ انتشار: ۱ تیر ۱۴۰۴
دسته بندی محصول
طراحی سایت و خدمات سئو

139,000 تومان
افزودن به سبد خرید