Hands-on Penetration Testing Labs 3.0 from Udemy

What's inside

Learning objectives

Enumeration
Remote and local exploitation
Vulnerability scanning
Sql injection
Cross-site scripting (xss)
Reverse shells
Nmap
Metasploit
Nikto

Dirb
Remote and local buffer overflows
Burp suite
Kali linux
Privilege escalation
Custom exploit development
Show more
Show less

Enumeration
Remote and local exploitation
Vulnerability scanning
Sql injection
Cross-site scripting (xss)
Reverse shells
Nmap
Metasploit
Nikto
Dirb
Remote and local buffer overflows
Burp suite
Kali linux
Privilege escalation
Custom exploit development
Show more
Show less

Syllabus

Introduction

Due to popular demand in my previous pentesting courses, I'm going to provide a technical explanation of many but not all of the commands and tools we'll be utilizing within this course. Also, in the resources attached to this lecture, I have a bunch of URLs that contain additional comprehensive information related to what we're about to cover. If there's anything you're confused about or need further information on that you cannot find out on your own with research, please feel free to contact me via the Q&A system or direct messaging.

If you're already well versed in basic to intermediate Linux commands, you should be okay with skipping this lecture. Otherwise, stay tuned for the new information or refresher depending on your skill level.

This lecture will show you how and where to download and configure the latest version of Kali Linux, 2020, which is tailor made for my Udemy course Hands-on Penetration Testing Labs 4.0. It's also being made available for all other courses, as the newest version has some slight differences which may make an impact.

This video will show you how to download and configure Kali Linux for VirtualBox. Kali Linux is the primary operating system that we'll be using for penetration testing during the remainder of our course. Kali Linux is an industry standard for penetration testing, and has numerous conveniently built in tools for enumeration and exploitation. We're going to be downloading the most recent version as of June 2019 at the time of this recording, so the version you download may be different. However, in most cases, it should be the same or just slightly different in terms of commands and usability. If big changes occur that severely impact its usage, I will make updates to the course as needed.

In this quick lecture, I'm going to explain where you can find the vulnerable VMs that are going to be utilized within the remainder of the course. As you can see on screen, I'm providing a Google drive location where you can conveniently download all of the vulnerable VMs. Alternatively, you could grab them from VulnHub, with the exception of the Windows box which is only available here.

This video will cover the enumeration and exploitation of the intentionally vulnerable Linux VM GoldenEye 1.

This video will cover the enumeration and exploitation of the intentionally vulnerable Linux VM Raven 1. The goal of this CTF challenge is to gain root access and acquire four flags which are hidden in various parts of the file system.

This video will cover the enumeration and exploitation of Raven 2, which is obviously part 2 of the previous lab walkthrough Raven 1. You can get this from VulnHub or from my Google drive.

Lampiao is another intentionally vulnerable Linux VM which we'll be enumerating and exploiting. As with all the others, the goal is to get an interactive root shell on the target. To acquire this VM you can get it on VulnHub or download it from my Google drive.

This video will show you how to enumerate and exploit DerpnStink, another intentionally vulnerable Linux VM. The objective is to obtain root access and collect several flags which are hidden throughout the system.

Stapler is an intentionally vulnerable Linux VM authored by g0tmi1k, who consistently creates stellar pentesting content. This VM is interesting because there are two different ways to get shells with limited privileges, and three different ways to get root access. We're only going to cover one way to enumerate and exploit this VM, but I highly encourage you to find out the other ways on your own.

This video will cover the enumeration and exploitation of VulnOS 2, which is another intentionally vulnerable Linux VM. You can download it at VulnHub or from my Google drive.

Here is a custom made intentionally vulnerable 32-bit Windows 7 box that was built from scratch using the free Windows 7 developer VirtualBox VM. It's really hard to find pre-made vulnerable Windows machines to practice on, so that's why there's only one of them in this course. The only other one I know if is Metasploitable 3, and that's already covered within one of my other courses. For additional practice on Windows enumeration and exploitation, I highly suggest that you start using hackthebox.eu. It has a plethora of Windows machines to hit. I also suggest offensive security's PWK course which is a prep for the coveted OSCP certification.

This lab will focus on the enumeration and exploitation of the intentionally vulnerable VM IMF, which is another Linux box you can find on VulnHub or my Google drive.

The public firing range is a spectacular resource for practicing several exploitation techniques, but mainly cross-site scripting or XSS. We're going to go over several XSS exploitation techniques in detail, showing where the vulnerability exists, how to exploit it, and why the exploit works. While we're only going to cover a certain portion of this site, I suggest that you thoroughly exploit every one of these vulnerabilities manually and do your best to understand everything there is to know about these vulnerabilities. It's one thing to automatically scan vulnerable web applications, it's another to completely understand how the web application works and how to exploit it without the use of automated tools. This is how to bring your penetration testing skills to a new level.

Traffic lights

Read about what's good

what should give you pause

and possible dealbreakers

Suitable for novices and aspiring network/penetration testers interested in learning the latest technologies for pentesting

Taught by Jesse K, M.S., OSCP, CEH, Security+, Linux+, Network+, CISSP, who is recognized for their expertise in cyber security

Course offers hands-on labs, a preferred method of learning for practical certifications like OSCP

Students will develop technical knowledge and proficiency in penetration testing tools, techniques, and procedures

Demonstrates essential pentesting skills, such as enumeration, vulnerability scanning, exploitation, and reverse shells

Covers fundamentals like port scanning, service enumeration, buffer overflows, and SQL injection

Reviews summary

Practical hands-on penetration testing labs

According to learners, this course offers a highly practical, hands-on experience, which is a major strength. Students appreciate that it focuses on real-world penetration testing skills and serves as excellent preparation for certifications like OSCP. The course provides valuable walkthroughs of intentionally vulnerable VMs and covers key techniques like buffer overflows, SQL injection, and privilege escalation. However, some learners note the content, particularly tool versions, is from June 2019 and may require additional research to handle updates. It is also mentioned that the course has little focus on theory, making it better suited for those with some foundational knowledge or willing to supplement their learning. Learners also highlight the necessity of having a PC with sufficient RAM for running multiple virtual machines.

Material from 2019 may need additional research.

"Some tools and commands were slightly outdated, requiring quick Googling."

"The course mentions the content is from 2019, which is accurate."

"Needed to figure out some minor differences in tool versions."

"Instructor is upfront about the technology date."

Needs sufficient RAM for running multiple VMs.

"Make sure you have at least 8GB RAM, 16GB+ is ideal."

"Running Kali and target VMs simultaneously requires decent hardware."

"Had some performance issues on my older laptop."

"The course description is clear about the RAM needs."

Less theory focus, assumes basic prerequisite understanding.

"This course focuses purely on hands-on, don't expect deep theory."

"Good if you have some basics, otherwise you might need to study theory elsewhere."

"Perfect if you want to jump straight into labs, not foundational concepts."

"Builds on existing skills rather than teaching from scratch."

Instructor explains lab steps clearly and effectively.

"The instructor is very clear in explaining each step of the labs."

"His walkthroughs are easy to follow."

"Instructor responsiveness in Q&A was helpful."

"Liked the way the labs were explained."

Strong focus on real-world and certification skills.

"This course is excellent preparation for the OSCP."

"Provides highly relevant skills for a penetration testing job."

"The practical focus directly translates to real-world scenarios."

"Much better than just theory for building job skills."

Excellent hands-on practice with vulnerable VMs.

"The hands-on labs were the best part, very practical."

"Working through the vulnerable VMs provided crucial experience."

"I really enjoyed the step-by-step walkthroughs for each lab."

"Great exercises to apply the concepts learned."

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Hands-on Penetration Testing Labs 3.0 with these activities:

Review Bash scripting basics

Show steps

Bash scripting is a fundamental skill for penetration testing and allows for automating tasks and analyzing results.

Browse courses on Bash Scripting

Show steps

Go through the official Bash tutorial
Practice writing simple Bash scripts

Practice port scanning and service enumeration

Show steps

Port scanning and service enumeration are essential skills for identifying vulnerabilities and understanding the target infrastructure.

Browse courses on Port Scanning

Show steps

Use Nmap to scan a range of IP addresses
Identify open ports and services

Join a penetration testing study group

Show steps

Collaboration and discussions with peers can enhance understanding and foster knowledge sharing.

Show steps

Find or start a study group
Meet regularly to discuss course material and practice techniques

Two other activities

Expand to see all activities and additional details

Show all five activities

Follow a video tutorial series on web application security

Show steps

Video tutorials provide a structured and engaging way to learn about advanced topics.

Browse courses on Web Application Security

Show steps

Find a reputable tutorial series
Watch the videos and take notes
Practice the techniques shown in the videos

Participate in a bug bounty program

Show steps

Participating in bug bounties allows for real-world experience and the opportunity to earn rewards.

Show steps

Find a bug bounty program that aligns with your skills
Review the program rules and scope
Start testing the target application or system
Report any vulnerabilities you find

Career center

Learners who complete Hands-on Penetration Testing Labs 3.0 will develop knowledge and skills that may be useful to these careers:

Web Application Penetration Tester

Web Application Penetration Testers identify and exploit vulnerabilities in web applications. They use a variety of techniques to test for vulnerabilities, including black box testing, white box testing, and fuzzing. This course provides a foundation in web application penetration testing by teaching you how to use tools such as Burp Suite, ZAP, and OWASP ZAP to identify and exploit vulnerabilities in web applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Web Application Penetration Tester

Security Engineer

Security Engineers design, implement, and maintain security systems and procedures. They also perform security audits, risk assessments, and penetration tests to identify and fix security vulnerabilities. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Security Engineer

Security Consultant

Security Consultants provide advice and guidance to organizations on how to improve their security posture. They also perform security audits, risk assessments, and penetration tests to identify and fix security vulnerabilities. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Security Consultant

Ethical Hacker

Ethical Hackers are security professionals who use their skills to identify and exploit vulnerabilities in systems and applications. They work with organizations to help them improve their security posture and prevent attacks. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Ethical Hacker

Network Penetration Tester

A Network Penetration Tester designs, develops, and deploys network security systems and procedures. They also perform security audits, risk assessments, and penetration tests to identify and exploit system vulnerabilities. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Network Penetration Tester

Vulnerability Researcher

Vulnerability Researchers identify and disclose vulnerabilities in software and systems. They work with vendors to fix vulnerabilities and help prevent future attacks. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Vulnerability Researcher

Information Security Analyst

Information Security Analysts design, implement, and maintain security systems and procedures. They also perform security audits, risk assessments, and penetration tests to identify and fix security vulnerabilities. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Information Security Analyst

Cybersecurity Analyst

Cybersecurity Analysts protect computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Cybersecurity Analyst

IT Security Specialist

IT Security Specialists plan, implement, and manage security measures to protect an organization's information systems and data. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for IT Security Specialist

Information Systems Security Manager

Information Systems Security Managers oversee the security of an organization's information systems and data. They develop and implement security policies and procedures, and manage security risk assessments and audits. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Information Systems Security Manager

Risk Analyst

Risk Analysts identify, assess, and manage risks to an organization. They develop and implement risk management strategies, and help organizations to make informed decisions about risk. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Risk Analyst

Compliance Auditor

Compliance Auditors ensure that organizations comply with laws and regulations. They review and evaluate an organization's policies, procedures, and systems to identify areas of non-compliance. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Compliance Auditor

Forensic Analyst

Forensic Analysts investigate and analyze computer systems and data to identify and collect evidence of crimes. They also provide expert testimony in court. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Forensic Analyst

Incident Responder

Incident Responders respond to security incidents and breaches. They investigate and contain the damage, and help organizations to recover from the incident. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Incident Responder

Security Architect

Security Architects design and implement security solutions for organizations. They work with stakeholders to identify security requirements, and design and implement solutions that meet those requirements. This course provides a foundation in penetration testing by teaching you how to use tools such as Nmap, Metasploit, and Burp Suite to enumerate, exploit, and escalate privileges on vulnerable systems and applications. This course may be useful for someone looking to enter this field.

See salaries and explore the career path for Security Architect