ＨｉｄｅＺｅｒｏＯｎｅ

The objective of this course is to show students how to perform a full digital forensic investigation of a Windows system in a complete DIY setup.

The course covers a full digital forensic investigation of a Windows system. It begins with the simple preparation of our lab, which consists of setting up a “victim” VM and a forensic workstation. We’ll then run an attack simulation script on the victim VM that simulates attack patterns as commonly observed by threat actors in the industry to create a realistic setting for our investigation. From there, we’ll kick off the forensic process, beginning with the data collection, examination and extraction before diving deeper into the analysis of the information at hand.

This specialized and comprehensive course is designed to provide an in-depth understanding of cybersecurity practices, with a focus on ethical hacking techniques to safeguard digital infrastructure. Through a series of detailed modules, participants will delve into modern security architectures, learn how to set up and manage phishing simulations using tools like GoPhish, bypass multi-factor authentication with Evilginx, and explore advanced phishing and vishing strategies. The curriculum also covers essential setup procedures for domain and email registration, configurations for AWS EC2 instances, and the use of SMS phishing (smishing) for security testing. Furthermore, the course emphasizes the importance of reporting, documentation, and ethical considerations in cybersecurity operations.

Welcome to this course on Practical Web Hacking. This course follows on from the Practical Bug Bounty course and will take you deeper into the world of finding and exploiting vulnerabilities in web applications. It’s recommended that you have completed the Practical Bug Bounty course or at least one year’s worth of experience in hacking web applications before you take this course. In this course, you will develop a deeper understanding of how web attacks work, learn to craft custom payloads and build a methodology for finding and exploiting more complex vulnerabilities.

Practical Web Application Security and Testing is an entry-level course on web application technologies, security considerations for web application development, and the web application penetration testing process. We begin with the basics of HTTP, servers, and clients, before moving through the OWASP Top 10 on our way to a full demonstration penetration test. We also cover the reporting process for web application assessments, so you’re prepared not only to conduct security assessments on web applications but also clearly and effectively communicate your findings.

Welcome to the Practical Bug Bounty course crafted by TCM Security and Intigriti. This comprehensive course dives into identifying and responsibly exploiting application vulnerabilities, laying a solid foundation in Web Application Architecture and delving into the crucial OWASP Top 10. Participants will distinguish Bug Bounty Hunting from Penetration Testing, engage in hands-on simulations, and master key tools like Burp Suite.

Practical API Hacking provides you with everything you need to start hacking APIs. This course was designed for beginners and those familiar with web application hacking but want to expand their skill set.

The course covers industry-standard tools such as Burp Suite and Postman, and how to find and exploit vulnerabilities common to applications powered by APIs. Throughout the course there are demonstration labs to help you understand the theory, and challenges to make sure you get hands-on experience too.