| # | Topics Discussed |
|---|---|
| 1 | Information Security concepts - CIA, Course Objectives |
| 2 | Linux Basics - Overthewire Bandit |
| 3 | VA/PT - Ethical Hacking Basics |
| # | Topics Discussed |
|---|---|
| 4 | Information Gathering - Passive |
| 5 | Notekeeping - Freemind |
| 6 | Device Discovery - Basic Scripting |
| 7 | Service Discovery - Different Types of Port Scanning |
| 8 | Manual Packet Crafting - Automated Port Scanning |
| 9 | Basic Service Enumeration - Using nc, ftp, dnsrecon, amap |
| 10 | Advanced Service Enumeration |
| 11 | Basic Exploitation |
| 12 | Basic Privelege Escalation |
| 13 | Privelege Escalation - Using Exploits |
| 14 | Password Guessing Attacks - Hydra |
| 15 | Privelege Escalation - Common Methods |
| 16 | Types of Payloads and Types of communication methods |
| 17 | Realworld Foothold - Social Engineering - Beef-xss, Virus |
| 18 | Stable Connection and Persistence |
| 19 | Post Exploitation - Pivoting |
| 20 | Stealthy Foothold -Trojan, Macro |
| # | Topics Discussed |
|---|---|
| 21 | Device and Service Discovery |
| 22 | SNMP Enumeration |
| 23 | Wannacry Ransomware Exploit - NSA's Role |
| 24 | Blending with traffic using RDP |
| 25 | Basics of Active Directory - Local Admin, Domain Admin. |
| 26 | Initial foothold - Exploiting a typo |
| 27 | Hash Cracking |
| 28 | Enumerating Local Admin |
| 29 | Token Impersonation |
| 30 | Domain Persistence using Domain Admin |
| 31 | Extracting krbtgt user credential from DC |
| # | Topics Discussed |
|---|---|
| 32 | Basics of Web Application - Architecture, Components |
| 33 | Understanding HTTP Protocol - Verbs, Status Codes |
| 34 | Basic HTTP Headers - Wireshark |
| 35 | Manually Sending a Web Request from Command Line |
| 36 | Understanding and Setting up Intercepting Proxy |
| 37 | Understanding Sessions and Cookies |
| 38 | Bruteforcing Web Forms - Intruder, Hydra |
| 39 | Forced Browsing |
| 40 | Understanding and Exploiting CSRF |
| 41 | LFI and RFI |
| 42 | XSS - Server XSS, Client XSS |
| 43 | SQLi - Error, Union, Blind |
| 44 | Understanding IDOR |
| # | Topics Discussed |
|---|---|
| 45 | Symmetric Encyption, Asymmetric Encryption, Hashing |
| 46 | Public Key Infrastructure - CA, Chain of Trust |
| 47 | ARP Cache Poisoning, DHCP Startvation |
| # | Topics Discussed |
|---|---|
| 48 | Pre-Engagement - Scoping, NDA, etc. |
| 49 | Post-Engagement - Reporting |
| 50 | Reporting - Three Sections. |
| 51 | CVSS, CVE, CWE |