fbpx
4.5 out of 5
4.5
45 reviews on Udemy

Hands-on Penetration Testing Labs 2.0

Learn from a real penetration tester!
Enumeration
Remote and Local Exploitation
Vulnerability Scanning
SQL injection
Cross-site Scripting
Reverse shells
Nmap
Metasploit
Nikto
Dirb
Burp Suite
Penetration Testing
Kali Linux
Remote and local buffer overflows
Privilege escalation
Custom exploit development

Requirements

  • Windows host (preferred, course tested with Windows 10, although other OS’s should work)
  • VirtualBox
  • 8 GB RAM (the more the better)
  • Basic Linux skills
  • Several free vulnerable VMs (will include comprehensive lab setup instruction)

Welcome to my Hands-on Penetration Testing Labs 2.0 course. First of all, this course is extremely hands-on. This means we’re not going to be doing much talking about the theory of penetration testing, we’re going to be diving into hands on technical application right away. We’ll be using VirtualBox as a software hypervisor to build a host-only lab environment. Not only will this help you gain insight into penetration testing, but will give you the skills and resources to create your own environment to test and research beyond what you learn in this course.

The lab is going to consist of Kali Linux, and a variety of intentionally vulnerable Linux and Windows VMs. Some of the things we’ll be covering are enumeration and vulnerability scanning and local and remote exploitation with industry standard penetration testing tools such as nmap, dirb, and nikto, Metasploit and standalone exploits. We’re also going to focus upon exploit development, covering in detail how to craft a buffer overflow exploit for a custom Linux and Windows binary.

In order to accomplish this goal of buffer over flow exploit development and debugging, we’re going to be creating a Windows 7 analysis and attack machine. This will have industry standard tools for exploit dev such as Immunity Debugger. We’re also going to learn how to use Kali Linux’s built in gnu debugger for this purpose.

This content should still be highly relevant for aspiring penetration testers. I will also be introducing you to several free training platforms which I’ve found to be extremely helpful prior to earning my many hands-on penetration testing certs including OSCP and eWPT. This training has also helped sky rocket my progress as a skilled senior penetration tester and subject matter expert.

Also, I highly encourage independent research and attempting to find answers on your own. This is the single most important skill as a penetration tester, the ability to find solutions to problems you haven’t yet encountered.

I ask you to please go through the majority of this course prior to leaving a review so that you can accurately measure the course’s quality in entirety. I always appreciate constructive feedback, and encourage students to reach out to me if they think anything valuable could be added to the coursework.

Thanks, and have fun!

Who this course is for:

  • Penetration Testers
  • Cyber Security Students
  • Cyber Security Analysts
  • Aspiring Penetration Testers
  • Aspiring Cyber Security Analysts
  • Technology Enthusiasts
  • OSCP Candidates
  • CEH Candidates
  • Pentest+ Candidates

Introduction

1
Introduction

Welcome. This lecture consists of an introduction and overview of my Hands-on Penetration Testing Labs 2.0 course. I look forward to working with you!

2
Overview of Lab Commands and Tools

This lecture will  provide a technical explanation of many but not all of the commands and tools we'll be utilizing within this course. Also, in the resources attached to this lecture, there are multiple URLs that contain additional comprehensive information related to what is covered. If there's anything you're confused about or need further information on that you cannot find out on your own with research, please feel free to contact me via the Q&A system or direct messaging.

3
Download and Configure Kali Linux VM on VirtualBox

This video will show you how to download and configure Kali Linux within VirtualBox, using the most recent version as of January 2019. Kali Linux is an industry standard for pentesters, and will be the OS used to exploit numerous intentionally vulnerable VMs during this course.

4
Download and Configure Window 7 Analysis VM

This lab will show you how to download, configure, and setup a Windows 7 VM and the various tools we’ll be needing to perform analysis on binaries. We’re going to need Immunity Debugger and mona.py for efficient and effective analysis of applications and Windows-based exploit development. All of the things we need are free, and I’ll show you where and how to get them.

5
Download Vulnerable Lab VMs

Now we're going to download several intentionally vulnerable VMs from my Google drive, which I've set up to allow you to conveniently download from a single location. Alternatively, you can search for them on Google, as they're publicly available on vulnhub. There will be more setups required later on for specific VMs that require manual installation and configuration, but these are what we use to start. If you don't have enough storage for all the VMs, you can delete them as necessary during your progression through this course.

6
PwnLab VM Enumeration and Exploitation

This lab will consist of the enumeration and exploitation of an intentionally vulnerable VM. You should already have this VM downloaded at this point. If not, please refer to the previous lab (lecture 5) for instructions on how to acquire all vulnerable VM's from my Google drive.

7
Brainpan 1 VM Enumeration and Exploitation

This lab will consist of the enumeration and exploitation of an intentionally vulnerable VM. You should already have this VM downloaded at this point. If not, please refer to the previous lab (lecture 5) for instructions on how to acquire all vulnerable VM's from my Google drive.

8
Mr Robot 1 VM Enumeration and Exploiotation

This lab will consist of the enumeration and exploitation of an intentionally vulnerable VM. You should already have this VM downloaded at this point. If not, please refer to the previous lab (lecture 5) for instructions on how to acquire all vulnerable VM's from my Google drive.

9
SickOS VM Enumeration and Exploitation

This lab will consist of the enumeration and exploitation of an intentionally vulnerable VM. You should already have this VM downloaded at this point. If not, please refer to the previous lab (lecture 5) for instructions on how to acquire all vulnerable VM's from my Google drive.

10
SkyTower 1 VM Enumeration and Exploitation

This lab will consist of the enumeration and exploitation of an intentionally vulnerable VM. You should already have this VM downloaded at this point. If not, please refer to the previous lab (lecture 5) for instructions on how to acquire all vulnerable VM's from my Google drive.

11
Introduction to Hackthebox

This lab will provide an overview of Hackthebox, and show you how to get set up and start hacking their VMs. Hackthebox is one of the best platforms for pentesting hands-down, offering free and paid CTF style VMs to hack over their VPN. Obviously, the paid version has more content. However, the catch is, you have to hack your way into their site in order to get an invite code.     

12
Active VM Enumeration and Exploitation

This lab will show you how to enumerate and exploit the retired Hackthebox VM, Active.

13
Windows 2008 Setup, Enumeration and Exploitation (Metasploitable 3)

This lab will show you how to setup, enumerate, and exploit one of the only available intentionally vulnerable Windows Server 2008 VMs, Metasploitable 3.

14
Apache Struts Setup and Exploitation

In this lab, we'll be setting up a local vulnerable Apache Struts application with docker, utilizing a standalone exploit to show proof of concept.

Apache Struts is an open source web application framework for developing Java EE web applications. There are several critical vulnerabilities which pertain to certain versions of Apache Struts, several of which result in remote code execution. Due to its importance, I wanted to include a hands-on demo of Apache Struts to show its potential.

15
Introduction to Hack.me

This lab will provide an overview of Hack.me and show you how to get started with it. Hack.me is an open source collection of vulnerable sites that can be utilized anywhere for free, but requires registration. All you need to register is a valid e-mail address.

Hack.me is supported by the creators of eLearnsecurity, which is one of the best cybersecurity training providers I've ever used. At the time of this recording, I've only completed their Web Application Penetration Testing cert, known as eWPT, but I plan to do their other certs over the next few years to support my continuing education units for my other certs.

16
Wordpress Enumeration and Exploitation

This lab will cover two of hack.me's vulnerable Wordpress exercises. Instructions on how to sign up for it are in the previous lab.

You can view and review the lecture materials indefinitely, like an on-demand channel.
Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don`t have an internet connection, some instructors also let their students download course lectures. That`s up to the instructor though, so make sure you get on their good side!
4.5
4.5 out of 5
45 Ratings

Detailed Rating

Stars 5
23
Stars 4
16
Stars 3
5
Stars 2
1
Stars 1
0