Offensive Security Certified Professional (arabic)

In this course we will start our journey with OSCP in Arabic

Description

Explaining the oscp certificate in a professional and easy way, you will study in the next course:

  • 1. General Course Information 1.1.Overall Strategies for Approaching the Course 1.1.1. Course Materials2.4.2. HTTP Service 1.1.2. Course Exercises2.4.3. Exercises 1.1.3. Course Labs2.5. Searching, Installing, and 1.2. About Penetration TestingRemoving Tools 1.3. Setup Labs2.5.1. apt update 1.3.1. Virtualization2.5.2. apt upgrade 1.3.1.1. Kali Virtual Machines2.5.3. apt-cache search and v 1.3.1.2. Linux Virtual Machinesapt show 1.3.1.3. Windows Virtual Machines2.5.4. apt install 1.3.1.4. Virtual Networks and Labs Deployment 2.5.5. apt remove -purge 2.5.6. dpkg 2. Getting Comfortable with Kali Linux 2.1. Booting Up Kali Linux3.Linux Command Line 2.2. The Kali Menu3.1. The Bash Environment 2.3. Finding Your Way Around Kali3.1.1. Environment Variables 2.3.1. The Linux Filesystem3.1.2. Tab Completion 2.3.2. Basic Linux Commands3.1.3. Bash History 2.3.3. Finding Files in Kali Linux3.2. Piping and Redirection 2.4. Managing Kali Linux Services 2.4.1. SSH Service 13.2.1. Redirecting to New File 3.2.2. Redirecting to an Existing File 3.6. Backgrounding Processes (bg) 3.2.3. Redirecting from a File 3.6.1. Jobs Control: jobs and fg 3.2.4. Redirecting STDERR 3.6.2. Process Control: ps and kill 3.2.5. Piping 3.7. File and Command Monitoring 3.3. Text Searching and 3.7.1. tail Manipulation 3.7.2. watch 3.3.1. grep 3.8. Downloading Files 3.3.2. sed 3.8.1. wget 3.3.3. cut 3.8.2. curl 3.3.4. awk 3.8.3. axel 3.3.5. Practical Example 3.9. Customizing the Bash Environmen 3.4. Editing Files from the 3.9.1. Bash History Customization Command Line 3.9.2. Alias 3.4.1. nano 3.9.3. Persistent Bash Customization 3.4.2. vi 4. Practical Tools 3.5. Comparing Files 4.1. Netcat 3.5.1. comm Cat 3.5.2. diff 4.1.1. Connecting to a 3.5.3. vimdiff TCP/UDP Port 3.5.4. Managing Processes 24.1.2. Listening on a TCP/UDP Port 4.1.3. Transferring Files with Net 4.1.4. Remote Administration with Netcat 4.4.4. Display Filters 4.2. Socat 4.4.5. Following TCP Streams 4.2.1. Netcat vs Socat 4.5. Tcpdump 4.2.2. Socat File Transfers 4.5.1. Filtering Traffic 4.2.3. Socat Reverse Shells 4.5.2. Advanced Header Filtering 4.2.4. Socat Encrypted Bind Shells 5. Bash Scripting 4.3. PowerShell and Powercat 5.1. Intro to Bash Scripting 4.3.1. PowerShell File Transfers 5.2. Variables 4.3.2. PowerShell Reverse Shells 5.2.1. Arguments 4.3.3. PowerShell Bind Shells 5.2.2. Reading User Input 4.3.4. Powercat 5.3. If, Else, Elif Statements 4.3.5. Powercat File Transfers 5.4. Boolean Logical Operations 4.3.6. Powercat Reverse Shells 5.5. Loops 4.3.7. Powercat Bind Shells 5.5.1. For loops 4.3.8. Powercat Stand-Alone Payloads 5.5.2. While Loops 4.4. Wireshark 5.6. Functions 4.4.1. Wireshark Basics 5.7. Practical Examples 4.4.2. Launching Wireshark 4.4.3. Capture Filters 36. Passive Information Gathering 6.1. Taking Notes 6.2. Website Recon 6.3. Whois Enumeration 6.4. Google Hacking 6.5. Netcraft 6.6. Recon-ng 6.7. Open-Source Code 6.8. Shodan 6.9. Security Headers Scanner 6.10. SSL Server Test 6.11. Pastebin 6.12. User Information Gathering 6.12.1. Email Harvesting 6.12.2. Passwords Dumps 6.13. Social Media Tools 6.13.1. Site-Specific Tools 6.14. Stack Oveflow 6.15.InformationGathering Frameworks 6.15.1. OSINT Framework 6.15.2. Maltego 7. Active Information Gathering 7.1. DNS Enumeration 7.1.1. Interacting with a DNS Server 7.1.2. Automating Lookups 7.1.3. Forward Lookup Brute Force 7.1.4. Reverse Lookup Brute Force 7.1.5. DNS Zone Transfers 7.1.6. Relevant Tools in Kali Linux 7.2. Port Scanning 7.2.1. TCP / UDP Scanning 7.2.2. Port Scanning with Nmap 7.2.3. Masscan 7.3. SMB Enumeration 7.3.1. Scanning for the NetBIOS Service 7.3.2. Nmap SMB NSE Scripts 7.4. NFS Enumeration 7.4.1. Scanning for NFS Shares 7.4.2. Nmap NFS NSE Scripts 7.5. SMTP Enumeration 7.6. SNMP Enumeration 47.6.1. The SNMP MIB Tree 7.6.2. Scanning for SNMP 7.6.3. Windows SNMP Enumeration9. Web Application Attacks Example9.1. Web Application Assessment 8. Vulnerability ScanningMethodology 8.1. Vulnerability Scanning Overview and9.2. Web Application Enumeration Considerations9.2.1. Inspecting URLs 8.1.1. How Vulnerability Scanners Work9.2.2. Inspecting Page Content 8.1.2. Manual vs. Automated Scanning9.2.3. Viewing Response Headers 8.1.3. Internet Scanning vs Internal9.2.4. Inspecting Sitemaps Scanning9.2.5. Locating Administration Consoles 8.1.4. Authenticated vs Unauthenticated9.3. Web Application Assessment Tools Scanning9.3.1. DIRB 8.2. Vulnerability Scanning with Nessus9.3.2. Burp Suite 8.2.1. Installing Nessus9.3.3. Nikto 8.2.2. Defining Targets9.4. Exploiting Web-based 8.2.3. Configuring Scan DefinitionsVulnerabilities 8.2.4. Unauthenticated Scanning with9.4.1. Exploiting Admin Consoles Nessus9.4.2. Cross-Site Scripting (XSS) 8.2.5. Authenticated Scanning with Nessus9.4.3. Directory Traversal 8.2.6. Scanning with Individual NessusVulnerabilities Plugins9.4.4. File Inclusion Vulnerabilities 8.3. Vulnerability Scanning with Nmap9.4.5. SQL Injection 510.Introduction to Buffer Overflows 10.1. Introduction to the x Architecture 10.1.1. Program Memory 10.1.2. CPU Registers 10.2. Buffer Overflow Walkthrough 10.2.1. Sample Vulnerable Code 10.2.2. Introducing the Immunity Debugger 10.2.3. Navigating Code 10.2.4. Overflowing the Buffer 11. Windows Buffer Overflows 11.1. Discovering the Vulnerability 11.1.1. Fuzzing the HTTP Protocol 11.2. Win Buffer Overflow Exploitation 11.2.1. A Word About DEP, ASLR, and CFG 11.2.2. Replicating the Crash 11.2.3. Controlling EIP 11.2.4. Locating Space for Our Shellcode 11.2.5. Checking for Bad Characters 11.2.6. Redirecting the Execution Flow 11.2.7. Finding a Return Address 11.2.8. Generating Shellcode with Metasploit 11.2.10. Improving the Exploit 12. Linux Buffer Overflows 12.1. About DEP, ASLR, and Canaries 12.2. Replicating the Crash 12.3. Controlling EIP 12.4. Locating Space for Our Shellcode 12.5. Checking for Bad Characters 12.6. Finding a Return Address 12.7. Getting a Shell 13. Attacking Wi-Fi Networks 13.1. WEP 13.1.1. Overview and Setup 13.1.2. Deauthentication attack 13.1.3. ARP Replay Attack 13.1.4. Cracking the Key with Aircrack-ng 13.1.4.1. Running PTW Attack with Aircrack-ng 13.1.4.2. KoreK Attack 13.1.5. Clientless WEP Cracking 11.2.9. Getting a Shell 613.1.6. Bypassing Shared Key Authentication 13.1.7. Attacking the Client14.2. Sniffing in action 13.1.7.1. Caffe-Latte Overview14.2.1. Passive Sniffing 13.1.7.2. Practical Caffe-Latte Attack14.2.2. Active Sniffing 13.2. WPA and WPA214.2.2.1. MAC Flooding 13.2.1. The Four-Way Handshake14.2.2.2. ARP Poisoning 13.2.2. Capture the Handshake14.3. Basic of ARP 13.2.3. Using Aircrack-ng Against the14.3.1. Gratuitous ARP Handshake14.3.2. ARP Poisoning 13.2.3.1. Build a Wordlist with Crunch14.3.3. Host poisoning 13.2.3.2. A Note on Cracking Speed14.3.4. Gateway poisoning 13.2.4. Exploit the GPU power14.4. Sniffing Tools 13.2.4.1. oclHashCat14.4.1. Dsniff 13.2.5. Cracking as a Service14.4.2. Wireshark 13.2.5.1. CloudCracker14.4.3. TCPDump 13.2.6. Space-time Tradeoff14.4.4. WinDump 13.2.6.1. Pyrit14.5.Man-in-the-Middle(MITM) Attacks 13.2.6.2. Pre-built Hash Files14.5.1. What they are 13.3. WPS14.5.2. ARP Poisoning for MITM 14. Sniffing & MITM14.5.3. Local to Remote MITM 14.1. What sniffing meansoofing 14.1.1. Why it is Possible 7 14.5.6.1. Responder/MultiRelay14.5.4. DHCP Spoofing 14.5.5. MITM in Public Key Exchange 15.2.2. HTA Attack in Action 14.5.6.LLMNR and NBT-NS 15.3. Exploiting Microsoft Office Spoofing/Poisoning 15.3.1. Installing Microsoft Office 14.5.6.1. Responder/MultiRelay 15.3.2. Microsoft Word Macro 14.6. Attacking Tools 15.3.3. Object Linking and Embedding 14.6.1. Ettercap: Sniffing and MITM Attacks 15.3.4. Evading Protected View 14.6.1.1. SSL Traffic Sniffing 16. Locating Public Exploits 14.6.2. Cain&Abel: Sniffing and MITM 16.1. A Word of Caution Attacks 16.2.1. Online Exploit Resources 14.6.3. Macof 16.2.2. Offline Exploit Resources 14.6.4. Arpspoof 16.3. Putting It All Together 14.6.5. Bettercap 17. Fixing Exploits 14.7. Intercepting SSL traffic 17.1. Fixing Memory Corruption 14.7.1. SSLStrip Exploits 14.7.2. HSTS Bypass 17.1.1. Overview and Considerations 15. client-Side Attacks 17.1.2. Importing and Examining the 15.1. Know Your Target Exploit 15.1.1. Passive Client Information Gathering 17.1.3. Cross-Compiling Exploit Code 15.1.2. Active Client Information Gathering 17.1.4. Changing the Socket 15.2. Leveraging HTML Applications Information 15.2.1. Exploring HTML Applications 817.1.5. Changing the Return Address 17.1.6. Changing the Payload 18.2.5. Uploading Files with TFTP 17.1.7. Changing the Overflow Buffer 19. Antivirus Evasion 17.2. Fixing Web Exploits 19.1. What is Antivirus Software 17.2.1. Considerations and Overview 19.2. Methods of Detecting 17.2.2. Selecting the Vulnerability Malicious Code 17.2.3. Changing Connectivity Information 19.2.1. Signature-Based Detection 17.2.4. Troubleshooting the “index out of 19.2.2. Heuristic and range” Error Behavioral-Based Detection 18. File Transfers 19.3. Bypassing Antivirus Detection 18.1. Considerations and Preparations 19.4. On-Disk Evasion 18.1.1. Dangers of Transferring Attack 19.5. In-Memory Evasion Tools 19.6. AV Evasion: Practical 18.1.2. Installing Pure-FTPd Example 18.1.3. The Non-Interactive Shell 20. Privilege Escalation 18.2. Transferring Files with Windows 20.1. Information Gathering Hosts 20.1.1. Manual Enumeration 18.2.1. Non-Interactive FTP Download 20.1.2. Automated Enumeration 18.2.2. Windows Downloads Using 20.2. Windows Privilege Escalation Scripting Languages Examples 18.2.3. Windows Downloads with exe2hex and PowerShell 920.2.1. Understanding Windows Privileges and Integrity Levels 21.1. Wordlists 20.2.2. Introduction to User Account Control 21.1.1. Standard Wordlists (UAC) 21.2. Brute Force Wordlists 20.2.3. User Account Control (UAC) Bypass: 21.3. Common Network Service fodhelper.exe Case Study Attack Methods 20.2.4. Insecure File Permissions: Serviio 21.3.1. HTTP htaccess Attack with Case Study Medusa 20.2.5. Leveraging Unquoted Service Paths 21.3.2. Remote Desktop Protocol 20.2.6. Windows Kernel Vulnerabilities: Attack with Crowbar USBPcap Case Study 21.3.3. SSH Attack with THC-Hydra 20.3. Linux Privilege Escalation Examples 21.3.4. HTTP POST Attack with 20.3.1. Understanding Linux Privileges THC-Hydra 20.3.2. Insecure File Permissions: Cron Case 21.4. Leveraging Password Hashes Study 21.4.1. Retrieving Password Hashes 20.3.3. Insecure File Permissions: /etc/passwd 21.4.2. Passing the Hash in Windows Case Study 21.4.3. Password Cracking 20.3.4. Kernel Vulnerabilities: CVE-7-2 Case 22. Port Redirection and Tunneling Study 21. Password Attacks 1022.1. Port Forwarding 22.1.1. RINETD 23.3.2. Kerberos Authentication 22.2. SSH Tunneling 23.3.3. Cached Credential Storage and 22.2.1. SSH Local Port Forwarding Retrieval 22.2.2. SSH Remote Port Forwarding 23.3.4. Service Account Attacks 22.2.3. SSH Dynamic Port Forwarding 23.3.5. Low and Slow Password Guessing 22.3. PLINK.exe 23.4. Active Directory Lateral 22.4. NETSH Movement 22.5. HTTPTunnel-ing Through Deep Packet 23.4.1. Pass the Hash Inspection 23.4.2. Overpass the Hash 23. Active Directory Attacks 23.4.3. Pass the Ticket 23.1. Active Directory Theory 23.4.4. Distributed Component 23.2. Active Directory Enumeration Object Model 23.2.1. Traditional Approach 23.5. Active Directory Persistence 23.2.2. A Modern Approach 23.5.1. Golden Tickets 23.2.3. Resolving Nested Groups 23.5.2. Domain Controller 23.2.4. Currently Logged on Users Synchronization 23.2.5. Enumeration Through Service 24. The Metasploit Framework Principal Names 24.1. Metasploit User Interfaces and 23.3. Active Directory Authentication Setup 23.3.1. NTLM Authentication 1124.1.1. Getting Familiar with MSF Syntax24.5.1. Core Post-Exploitation 24.1.2. Metasploit Database AccessFeatures 24.1.3. Auxiliary Modules24.5.2. Migrating Processes 24.2. Exploit Modules24.5.3. Post-Exploitation Modules 24.2.1. SyncBreeze Enterprise24.5.4. Pivoting with the Metasploit 24.3. Metasploit PayloadsFramework 24.3.1. Staged vs Non-Staged24.6. Metasploit Automation Payloads25. PowerShell Empire 24.3.2. Meterpreter Payloads25.1. Installation, Setup, and Usage 24.3.3. Experimenting with25.1.1. PowerShell Empire Syntax Meterpreter25.1.2. Listeners and Stagers 24.3.4. Executable Payloads25.1.3. The Empire Agent 24.3.5. Metasploit Exploit Multi25.2. PowerShell Modules Handler25.2.1. Situational Awareness 24.3.6. Client-Side Attacks25.2.2. 24.3.7. Advanced Features andEscalation Transports25.2.3. Lateral Movement 24.4. Building Our Own MSF Module25.3. Switching Between Empire and 24.5. Post-Exploitation withMetasploit Metasploit 12 Credentials and Privilege14

Who this course is for:

  • this course for beginners in field of cyber security

Tutorial Bar
Logo