[25% Off] Offensive Security Certified Professional (arabic) Course Coupon

Description

Explaining the oscp certificate in a professional and easy way, you will study in the next course:

• 1. General Course Information

  1.1.Overall Strategies for Approaching the

  Course

  1.1.1. Course Materials2.4.2. HTTP Service

  1.1.2. Course Exercises2.4.3. Exercises

  1.1.3. Course Labs2.5. Searching, Installing, and

  1.2. About Penetration TestingRemoving Tools

  1.3. Setup Labs2.5.1. apt update

  1.3.1. Virtualization2.5.2. apt upgrade

  1.3.1.1. Kali Virtual Machines2.5.3. apt-cache search and

  v

  1.3.1.2. Linux Virtual Machinesapt show

  1.3.1.3. Windows Virtual Machines2.5.4. apt install

  1.3.1.4. Virtual Networks and Labs Deployment 2.5.5. apt remove -purge

  2.5.6. dpkg

  2. Getting Comfortable with Kali Linux

  2.1. Booting Up Kali Linux3.Linux Command Line

  2.2. The Kali Menu3.1. The Bash Environment

  2.3. Finding Your Way Around Kali3.1.1. Environment Variables

  2.3.1. The Linux Filesystem3.1.2. Tab Completion

  2.3.2. Basic Linux Commands3.1.3. Bash History

  2.3.3. Finding Files in Kali Linux3.2. Piping and Redirection

  2.4. Managing Kali Linux Services

  2.4.1. SSH Service

  13.2.1. Redirecting to New File

  3.2.2. Redirecting to an Existing File

  3.6. Backgrounding Processes (bg)

  3.2.3. Redirecting from a File

  3.6.1. Jobs Control: jobs and fg

  3.2.4. Redirecting STDERR

  3.6.2. Process Control: ps and kill

  3.2.5. Piping

  3.7. File and Command Monitoring

  3.3. Text Searching and

  3.7.1. tail

  Manipulation

  3.7.2. watch

  3.3.1. grep

  3.8. Downloading Files

  3.3.2. sed

  3.8.1. wget

  3.3.3. cut

  3.8.2. curl

  3.3.4. awk

  3.8.3. axel

  3.3.5. Practical Example

  3.9. Customizing the Bash Environmen

  3.4. Editing Files from the

  3.9.1. Bash History Customization

  Command Line

  3.9.2. Alias

  3.4.1. nano

  3.9.3. Persistent Bash Customization

  3.4.2. vi

  4. Practical Tools

  3.5. Comparing Files

  4.1. Netcat

  3.5.1. comm

  Cat

  3.5.2. diff

  4.1.1. Connecting to a

  3.5.3. vimdiff

  TCP/UDP Port

  3.5.4. Managing Processes

  24.1.2. Listening on a TCP/UDP Port

  4.1.3. Transferring Files with Net

  4.1.4. Remote Administration with Netcat

  4.4.4. Display Filters

  4.2. Socat

  4.4.5. Following TCP Streams

  4.2.1. Netcat vs Socat

  4.5. Tcpdump

  4.2.2. Socat File Transfers

  4.5.1. Filtering Traffic

  4.2.3. Socat Reverse Shells

  4.5.2. Advanced Header Filtering

  4.2.4. Socat Encrypted Bind Shells

  5. Bash Scripting

  4.3. PowerShell and Powercat

  5.1. Intro to Bash Scripting

  4.3.1. PowerShell File Transfers

  5.2. Variables

  4.3.2. PowerShell Reverse Shells

  5.2.1. Arguments

  4.3.3. PowerShell Bind Shells

  5.2.2. Reading User Input

  4.3.4. Powercat

  5.3. If, Else, Elif Statements

  4.3.5. Powercat File Transfers

  5.4. Boolean Logical Operations

  4.3.6. Powercat Reverse Shells

  5.5. Loops

  4.3.7. Powercat Bind Shells

  5.5.1. For loops

  4.3.8. Powercat Stand-Alone Payloads

  5.5.2. While Loops

  4.4. Wireshark

  5.6. Functions

  4.4.1. Wireshark Basics

  5.7. Practical Examples

  4.4.2. Launching Wireshark

  4.4.3. Capture Filters

  36. Passive Information Gathering

  6.1. Taking Notes

  6.2. Website Recon

  6.3. Whois Enumeration

  6.4. Google Hacking

  6.5. Netcraft

  6.6. Recon-ng

  6.7. Open-Source Code

  6.8. Shodan

  6.9. Security Headers Scanner

  6.10. SSL Server Test

  6.11. Pastebin

  6.12. User Information Gathering

  6.12.1. Email Harvesting

  6.12.2. Passwords Dumps

  6.13. Social Media Tools

  6.13.1. Site-Specific Tools

  6.14. Stack Oveflow

  6.15.InformationGathering

  Frameworks

  6.15.1. OSINT Framework

  6.15.2. Maltego

  7. Active Information Gathering

  7.1. DNS Enumeration

  7.1.1. Interacting with a DNS Server

  7.1.2. Automating Lookups

  7.1.3. Forward Lookup Brute Force

  7.1.4. Reverse Lookup Brute Force

  7.1.5. DNS Zone Transfers

  7.1.6. Relevant Tools in Kali Linux

  7.2. Port Scanning

  7.2.1. TCP / UDP Scanning

  7.2.2. Port Scanning with Nmap

  7.2.3. Masscan

  7.3. SMB Enumeration

  7.3.1. Scanning for the NetBIOS Service

  7.3.2. Nmap SMB NSE Scripts

  7.4. NFS Enumeration

  7.4.1. Scanning for NFS Shares

  7.4.2. Nmap NFS NSE Scripts

  7.5. SMTP Enumeration

  7.6. SNMP Enumeration

  47.6.1. The SNMP MIB Tree

  7.6.2. Scanning for SNMP

  7.6.3. Windows SNMP Enumeration9. Web Application Attacks

  Example9.1. Web Application Assessment

  8. Vulnerability ScanningMethodology

  8.1. Vulnerability Scanning Overview and9.2. Web Application Enumeration

  Considerations9.2.1. Inspecting URLs

  8.1.1. How Vulnerability Scanners Work9.2.2. Inspecting Page Content

  8.1.2. Manual vs. Automated Scanning9.2.3. Viewing Response Headers

  8.1.3. Internet Scanning vs Internal9.2.4. Inspecting Sitemaps

  Scanning9.2.5. Locating Administration Consoles

  8.1.4. Authenticated vs Unauthenticated9.3. Web Application Assessment Tools

  Scanning9.3.1. DIRB

  8.2. Vulnerability Scanning with Nessus9.3.2. Burp Suite

  8.2.1. Installing Nessus9.3.3. Nikto

  8.2.2. Defining Targets9.4. Exploiting Web-based

  8.2.3. Configuring Scan DefinitionsVulnerabilities

  8.2.4. Unauthenticated Scanning with9.4.1. Exploiting Admin Consoles

  Nessus9.4.2. Cross-Site Scripting (XSS)

  8.2.5. Authenticated Scanning with Nessus9.4.3. Directory Traversal

  8.2.6. Scanning with Individual NessusVulnerabilities

  Plugins9.4.4. File Inclusion Vulnerabilities

  8.3. Vulnerability Scanning with Nmap9.4.5. SQL Injection

  510.Introduction to Buffer Overflows

  10.1. Introduction to the x Architecture

  10.1.1. Program Memory

  10.1.2. CPU Registers

  10.2. Buffer Overflow Walkthrough

  10.2.1. Sample Vulnerable Code

  10.2.2. Introducing the Immunity Debugger

  10.2.3. Navigating Code

  10.2.4. Overflowing the Buffer

  11. Windows Buffer Overflows

  11.1. Discovering the Vulnerability

  11.1.1. Fuzzing the HTTP Protocol

  11.2. Win Buffer Overflow Exploitation

  11.2.1. A Word About DEP, ASLR, and CFG

  11.2.2. Replicating the Crash

  11.2.3. Controlling EIP

  11.2.4. Locating Space for Our Shellcode

  11.2.5. Checking for Bad Characters

  11.2.6. Redirecting the Execution Flow

  11.2.7. Finding a Return Address

  11.2.8. Generating Shellcode with Metasploit

  11.2.10. Improving the Exploit

  12. Linux Buffer Overflows

  12.1. About DEP, ASLR, and Canaries

  12.2. Replicating the Crash

  12.3. Controlling EIP

  12.4. Locating Space for Our Shellcode

  12.5. Checking for Bad Characters

  12.6. Finding a Return Address

  12.7. Getting a Shell

  13. Attacking Wi-Fi Networks

  13.1. WEP

  13.1.1. Overview and Setup

  13.1.2. Deauthentication attack

  13.1.3. ARP Replay Attack

  13.1.4.

  Cracking

  the

  Key

  with

  Aircrack-ng

  13.1.4.1. Running PTW Attack with

  Aircrack-ng

  13.1.4.2. KoreK Attack

  13.1.5. Clientless WEP Cracking

  11.2.9. Getting a Shell

  613.1.6. Bypassing Shared Key Authentication

  13.1.7. Attacking the Client14.2. Sniffing in action

  13.1.7.1. Caffe-Latte Overview14.2.1. Passive Sniffing

  13.1.7.2. Practical Caffe-Latte Attack14.2.2. Active Sniffing

  13.2. WPA and WPA214.2.2.1. MAC Flooding

  13.2.1. The Four-Way Handshake14.2.2.2. ARP Poisoning

  13.2.2. Capture the Handshake14.3. Basic of ARP

  13.2.3. Using Aircrack-ng Against the14.3.1. Gratuitous ARP

  Handshake14.3.2. ARP Poisoning

  13.2.3.1. Build a Wordlist with Crunch14.3.3. Host poisoning

  13.2.3.2. A Note on Cracking Speed14.3.4. Gateway poisoning

  13.2.4. Exploit the GPU power14.4. Sniffing Tools

  13.2.4.1. oclHashCat14.4.1. Dsniff

  13.2.5. Cracking as a Service14.4.2. Wireshark

  13.2.5.1. CloudCracker14.4.3. TCPDump

  13.2.6. Space-time Tradeoff14.4.4. WinDump

  13.2.6.1. Pyrit14.5.Man-in-the-Middle(MITM) Attacks

  13.2.6.2. Pre-built Hash Files14.5.1. What they are

  13.3. WPS14.5.2. ARP Poisoning for MITM

  14. Sniffing & MITM14.5.3. Local to Remote MITM

  14.1. What sniffing meansoofing

  14.1.1. Why it is Possible

  7

  14.5.6.1. Responder/MultiRelay14.5.4. DHCP Spoofing

  14.5.5. MITM in Public Key Exchange

  15.2.2. HTA Attack in Action

  14.5.6.LLMNR and NBT-NS

  15.3. Exploiting Microsoft Office

  Spoofing/Poisoning

  15.3.1. Installing Microsoft Office

  14.5.6.1. Responder/MultiRelay

  15.3.2. Microsoft Word Macro

  14.6. Attacking Tools

  15.3.3. Object Linking and Embedding

  14.6.1. Ettercap: Sniffing and MITM Attacks

  15.3.4. Evading Protected View

  14.6.1.1. SSL Traffic Sniffing

  16. Locating Public Exploits

  14.6.2. Cain&Abel: Sniffing and MITM

  16.1. A Word of Caution

  Attacks

  16.2.1. Online Exploit Resources

  14.6.3. Macof

  16.2.2. Offline Exploit Resources

  14.6.4. Arpspoof

  16.3. Putting It All Together

  14.6.5. Bettercap

  17. Fixing Exploits

  14.7. Intercepting SSL traffic

  17.1. Fixing Memory Corruption

  14.7.1. SSLStrip

  Exploits

  14.7.2. HSTS Bypass

  17.1.1. Overview and Considerations

  15. client-Side Attacks

  17.1.2. Importing and Examining the

  15.1. Know Your Target

  Exploit

  15.1.1. Passive Client Information Gathering

  17.1.3. Cross-Compiling Exploit Code

  15.1.2. Active Client Information Gathering

  17.1.4. Changing the Socket

  15.2. Leveraging HTML Applications

  Information

  15.2.1. Exploring HTML Applications

  817.1.5. Changing the Return Address

  17.1.6. Changing the Payload

  18.2.5. Uploading Files with TFTP

  17.1.7. Changing the Overflow Buffer

  19. Antivirus Evasion

  17.2. Fixing Web Exploits

  19.1. What is Antivirus Software

  17.2.1. Considerations and Overview

  19.2. Methods of Detecting

  17.2.2. Selecting the Vulnerability

  Malicious Code

  17.2.3. Changing Connectivity Information

  19.2.1. Signature-Based Detection

  17.2.4. Troubleshooting the “index out of

  19.2.2. Heuristic and

  range” Error

  Behavioral-Based Detection

  18. File Transfers

  19.3. Bypassing Antivirus Detection

  18.1. Considerations and Preparations

  19.4. On-Disk Evasion

  18.1.1. Dangers of Transferring Attack

  19.5. In-Memory Evasion

  Tools

  19.6. AV Evasion: Practical

  18.1.2. Installing Pure-FTPd

  Example

  18.1.3. The Non-Interactive Shell

  20. Privilege Escalation

  18.2. Transferring Files with Windows

  20.1. Information Gathering

  Hosts

  20.1.1. Manual Enumeration

  18.2.1. Non-Interactive FTP Download

  20.1.2. Automated Enumeration

  18.2.2. Windows Downloads Using

  20.2. Windows Privilege Escalation

  Scripting Languages

  Examples

  18.2.3. Windows Downloads with exe2hex

  and PowerShell

  920.2.1. Understanding Windows Privileges

  and Integrity Levels

  21.1. Wordlists

  20.2.2. Introduction to User Account Control

  21.1.1. Standard Wordlists

  (UAC)

  21.2. Brute Force Wordlists

  20.2.3. User Account Control (UAC) Bypass:

  21.3. Common Network Service

  fodhelper.exe Case Study

  Attack Methods

  20.2.4. Insecure File Permissions: Serviio

  21.3.1. HTTP htaccess Attack with

  Case Study

  Medusa

  20.2.5. Leveraging Unquoted Service Paths

  21.3.2. Remote Desktop Protocol

  20.2.6. Windows Kernel Vulnerabilities:

  Attack with Crowbar

  USBPcap Case Study

  21.3.3. SSH Attack with THC-Hydra

  20.3. Linux Privilege Escalation Examples

  21.3.4. HTTP POST Attack with

  20.3.1. Understanding Linux Privileges

  THC-Hydra

  20.3.2. Insecure File Permissions: Cron Case

  21.4. Leveraging Password Hashes

  Study

  21.4.1. Retrieving Password Hashes

  20.3.3. Insecure File Permissions: /etc/passwd

  21.4.2. Passing the Hash in Windows

  Case Study

  21.4.3. Password Cracking

  20.3.4. Kernel Vulnerabilities: CVE-7-2 Case

  22. Port Redirection and Tunneling

  Study

  21. Password Attacks

  1022.1. Port Forwarding

  22.1.1. RINETD

  23.3.2. Kerberos Authentication

  22.2. SSH Tunneling

  23.3.3. Cached Credential Storage and

  22.2.1. SSH Local Port Forwarding

  Retrieval

  22.2.2. SSH Remote Port Forwarding

  23.3.4. Service Account Attacks

  22.2.3. SSH Dynamic Port Forwarding

  23.3.5. Low and Slow Password Guessing

  22.3. PLINK.exe

  23.4. Active Directory Lateral

  22.4. NETSH

  Movement

  22.5. HTTPTunnel-ing Through Deep Packet

  23.4.1. Pass the Hash

  Inspection

  23.4.2. Overpass the Hash

  23. Active Directory Attacks

  23.4.3. Pass the Ticket

  23.1. Active Directory Theory

  23.4.4. Distributed Component

  23.2. Active Directory Enumeration

  Object Model

  23.2.1. Traditional Approach

  23.5. Active Directory Persistence

  23.2.2. A Modern Approach

  23.5.1. Golden Tickets

  23.2.3. Resolving Nested Groups

  23.5.2. Domain Controller

  23.2.4. Currently Logged on Users

  Synchronization

  23.2.5. Enumeration Through Service

  24. The Metasploit Framework

  Principal Names

  24.1. Metasploit User Interfaces and

  23.3. Active Directory Authentication

  Setup

  23.3.1. NTLM Authentication

  1124.1.1. Getting Familiar with MSF

  Syntax24.5.1. Core Post-Exploitation

  24.1.2. Metasploit Database AccessFeatures

  24.1.3. Auxiliary Modules24.5.2. Migrating Processes

  24.2. Exploit Modules24.5.3. Post-Exploitation Modules

  24.2.1. SyncBreeze Enterprise24.5.4. Pivoting with the Metasploit

  24.3. Metasploit PayloadsFramework

  24.3.1. Staged vs Non-Staged24.6. Metasploit Automation

  Payloads25. PowerShell Empire

  24.3.2. Meterpreter Payloads25.1. Installation, Setup, and Usage

  24.3.3. Experimenting with25.1.1. PowerShell Empire Syntax

  Meterpreter25.1.2. Listeners and Stagers

  24.3.4. Executable Payloads25.1.3. The Empire Agent

  24.3.5. Metasploit Exploit Multi25.2. PowerShell Modules

  Handler25.2.1. Situational Awareness

  24.3.6. Client-Side Attacks25.2.2.

  24.3.7. Advanced Features andEscalation

  Transports25.2.3. Lateral Movement

  24.4. Building Our Own MSF Module25.3. Switching Between Empire and

  24.5. Post-Exploitation withMetasploit

  Metasploit

  12

  Credentials

  and

  Privilege14

If the coupon is not opening, disable Adblock, or try another browser.