INE – OSCP Security Technology Course-AnonLive

ine-2b-2boscp-2bsecurity-2btechnology-2bcourse-300x169-1334086

INE – OSCP Security Technology Course-AnonLive

This course provides a foundation in advanced penetration testing which will prepare students for the Penetration Testing with Kali Linux (PWK) course . The course also will prepare students for the Offensive Security Certified Professional (OSCP) exam, which usually proceeds the PWK course. Students should be conversant in Linux instruction , common networking terminology, and basic Bash/Python scripting before attempting this course

Course

Overview
Course Introduction
Introduction to Kali Linux
Installing Kali Linux
Command Line Refresher
Kali Linux Services
Bash Scripting in Kali Linux
Information Gathering
Information Gathering
Scanning
TCP vs UDP
Scanning with Nmap
Scanning with Nessus
Scanning with Metasploit
Enumeration
Installing Kioptrix: Level 1
SSH Enumeration
HTTP Enumeration
SMB Enumeration
DNS Enumeration
Other Enumeration
Netcat
Introduction to Netcat
Buffer Overflows
Introduction to Buffer Overflows
Fuzzing
Finding the Offset
Overwriting the EIP
Finding Bad Characters
Finding the Right Module
Generating Shellcode & Gaining Root
Exploitation
Gaining Root with Metasploit
Compiling an Exploit
Modifying Shellcode
Client Side Attacks
Java Applet Attacks
Antivirus Bypassing
Pre-Exploit Password Attacks
WebApp Exploitation
Installing XSS & MySQL FILE
Cross-Site Scripting (XSS)
SQL Injection (SQLi)
Local File Inclusion (LFI)
Remote File Inclusion (RFI)
File Transfers
Introduction to File Transfers
Privilege Escalation
Introduction to Privilege Escalation
Post Exploitation
Linux Post Exploitation
Windows Post Exploitation
Post-Exploit Password Attacks
Pivoting
Capstone
Kioptrix Level 1.1 Walkthrough
BTRSys 2.1 Walkthrough
DroopyCTF Walkthrough
SickOS 1.2 Walkthrough
Summary
Course Conclusion.

This course is meant during a thanks to assist you learning exploit development without opening many books. 

You will find out how to get buffer overflow vulnerabilities in FTP Servers, Email Server and the way to get weaknesses in web servers. In any exploit development and research, fuzzing place a crucial role, this course will teach you different methods of fuzzing.

You will find out how to code fuzzers and real working exploits. Follow the pace in fact and you ought to be ready to write your own working exploit as explained within the course.

We believe this course is basically informative for exploit development, we don’t claim it’ll take you from zero to infinity but you’ll get what we’ve explained here.

You will rock once you develop your first working exploit after completing the course, however following instructions may be a must.

This course will start from basic principles of each vulnerability and How to attack them using multiple bypass techniques, In addition to exploitation, you will also learn how to fix them.

This course is very practical and is formed on Live websites to offer you the precise environment once you start your penetrating testing or bug hunting journey.

We will start from the basics of OWASP to the exploitation of vulnerabilities leading to Account Takeover on live websites.

This course is split into variety of sections, each section covers the way to hunt, exploit and mitigate a vulnerability in an ethical manner.

After identification of a vulnerability, we’ll exploit to leverage the utmost severity out of it. We will also learn how to fix vulnerabilities which are commonly found on the websites on the internet.

In this course, you’ll also find out how are you able to start your journey on many famous bug hunting platforms like Bugcrowd, Hackerone and Open Bug Bounty.

Along with this, you’ll be ready to hunt and report vulnerabilities to NCIIPC Government of India, also to non-public companies and to their responsible disclosure programs.

You will also learn Advance techniques to bypass filters and therefore the developers logic for every quite vulnerability. I have also shared personal tips and tricks for each attacks where you can trick the application and find bugs quickly.

This course also includes the Breakdown of all Hackerone Reports which are found and submitted by other hackers for better understanding as we will cover each type of technique in the course.

This course also includes important interview questions and answers which will be helpful in any penetrating testing job interview.

Here’s a more detailed breakdown of the course content:

In all the sections we will start the fundamental principle of How the attack works, Exploitation and How to defend from those attacks.

In OWASP, We will cover what is OWASP and Top 10 vulnerabilities.

We will also understand what is the difference between owasp 2013 vs 2017.

1. In Cross site scripting XSS, we will cover all diff types of attacks like Reflected XSS, Stored XSS and DOM XSS. In addition, we will learn Advance Exploitation for Limited Inputs and Filter Bypass.

We will see all the types of XSS attacks on live websites which will give you a better understanding of the live environment when you will start your bug hunting journey.

We will also cover different ways to perform XSS Exploitation using multiple types of payloads like Phishing, File Upload, Cookie Stealing and Redirection.

We will also see the exploitation of Blind XSS which generally other researchers miss out.

This course also includes a breakdown of all the Hackerone reports submitted by other hackers for XSS type of vulnerability wherein we will see and practice all types of attacks in our course.

In the end, we will also cover mitigations to secure a website and prevent these types of attacks.

In the end, I have added Interview Questions and answers which be helpful for you when XSS questions are asked in any job or internship.

2. In Authentication Bypass, we will cover all diff types of ways to attack like OTP Bypass, 2FA Bypass, Captcha bypass, Email Verification Bypass etc. So we will perform all the ways to attack protection on websites.

We will see all the types of Authentication bypass on live websites which will give you a better understanding of the live environment when you will start your bug hunting journey.

We will also cover different ways to perform Auth Bypass Exploitation using different techniques.

This course also includes a breakdown of all the Hackerone reports submitted by other hackers for Authentication Bypass type of vulnerability wherein we will see and practice all types of attacks in our course.

In the end, we will also cover mitigations to secure a website and prevent these types of attacks.

I have added Interview Questions and answers which be helpful for you when Auth Bypass questions are asked in any job or internship.

3. In No Rate-Limit Attacks, we will check this vulnerability for different injection points, In addition, we will learn how to find these types of vulnerabilities in signup/creation of account or Login using password or verification of OTP or Tokens.

We will see all the types of No Rate-Limit attacks on live websites which will give you a better understanding of the live environment when you will start your bug hunting journey.

We will also cover different ways to perform No RL Exploitation using multiple types by automated spoofing our IP address on each request the same way this bug was found on Instagram and was awarded $15000 bounty.

We will also cover how to throttle our requests by changing the requests and giving delay between each simultaneous request to bypass IDS and RateLimit checkers on the server-side.

We will also see the exploitation of No RL on various injection points which generally other researchers miss out.

This course also includes a breakdown of all the Hackerone reports submitted by other hackers for No RL type of vulnerability wherein we will see and practice all types of attacks in our course.

In the end, we will also cover mitigations to secure a website and prevent these types of attacks.

4. In CSRF Attacks, we will check this vulnerability for different injection points, In addition, we will learn how to find these types of vulnerabilities can lead to Account Takeover by changing the email and password.

We will see all the types of CSRF attacks on live websites which will give you a better understanding of the live environment when you will start your bug hunting journey.

We will also cover different ways to perform CSRF attacks and bypass CSRF protection on many live websites.

This course also includes a breakdown of all the Hackerone reports submitted by other hackers for No RL type of vulnerability wherein we will see and practice all types of attacks in course.

fileenroll-nowpng-wikimedia-commons-enroll-now-png-743_250-300x101-5721354
About atharvhatwar 129 Articles
Atharv Hatwar is a blogger who is always fascinated with the technology and the amount of knowledge he can gather from the internet. He is trying to nerdify everyone around him with that same knowledge, through his writings. Website : Anon Live

1 Comment

Leave a Reply

Your email address will not be published.