کاربر گرامی، برای آموزش استفاده از وبسایت لطفا این صفحه را مشاهده نمایید.

برچسب: Pentest

دوره OpSecX – Web Security Bundle

The Web Security Bundle course offered by OpsecX is a comprehensive training package designed for individuals aiming to master the intricacies of web security. This course bundle covers a broad range of topics, from the basics of web application security to advanced concepts and practical techniques used in real-world scenarios.

Participants will gain hands-on experience in identifying, exploiting, and mitigating various web vulnerabilities, including SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and more. The course also delves into the OWASP Top Ten security risks, offering in-depth analysis and defensive strategies.

The training is suitable for security professionals, developers, and anyone interested in building a strong foundation in web security. By the end of the course, learners will be equipped with the knowledge and skills necessary to secure web applications effectively and protect them from a wide array of cyber threats.

ادامه مطلب

دوره Udemy – The complete iOS Pentesting & Bug Bounty Course

This course covers about how security works in iOS devices and how vulnerabilities can be found in iOS applications.

The course starts with the basics of how you can set up your hacking environment and then gradually moves on to how security works in iOS Applications.

The course also shows you the different types of Jailbreak and how you can Jailbreak your iOS Device.

The course also covers OWASP Mobile Top 10 and would cover all the categories of OWASP Mobile Top 10 with practical examples.

The course also includes a detailed overview of iOS Security such as Keychain, Device Management, Data Protection etc.

The major section of iOS Pentesting is the Static and the Dynamic Analysis where most of the vulnerabilities would be covered with practical approaches. These approaches can also be used to find vulnerabilities in bug bounty programs.

At the end of the course, you would be exposed to certain Tips and Tricks that will make your upgrade iOS Pentesting skills. These tips will help you to differentiate yourself from others.

This course also includes the Breakdown of some Hackerone Reports which are found and submitted by other hackers for better understanding.

ادامه مطلب

دوره Pentester Academy – Windows Process Injection for Red-Blue Teams

In this course, we will understand the basics of Windows processes, virtual memory and different techniques to enumerate processes. Then we will look at the fundamentals of process injection and try out techniques like remote Thread Injection, APC, Thread Hijacking and Process Hollowing.

This course is very practical with code examples to illustrate each technique!

ادامه مطلب

دوره Pentester Academy – DevSecOps: Insecure Docker Registry

Many organizations deploy private registry servers in their internal/external application development/deployment environment. Unfortunately, most often, these servers are not securely deployed. In this entirely lab based course, we will look at various configurational vulnerabilities in docker registry servers. In these labs we have used common deployment architectures of a registry server and shown how an attacker can get valuable information out of images stored on the server.

ادامه مطلب

دوره Pentester Academy – Memcache Reconnaissance for Red-Blue Teams

Reconnaissance the first and probably most important step of pentesting and red-blue teaming exercises. A well done recon can help prioritize which systems to go behind first and to dedicate more time and resources. In recent times, there has been a lot of technological progress in fields in web development, cloud tech, machine learning etc. which has led to a fundamental change in how networks are created and run. There has also been an introduction of a ton of new network and application components because of this. The focus of this course to help attendees understand these new technologies and components better.

ادامه مطلب

دوره Pentester Academy – Traffic Analysis: TSHARK Unleashed

Most of us have used Wireshark either academically or professionally for traffic analysis. Its a great tool for microscopic analysis of what is happening in the network. However, its greatest strength is also its greatest weakness i.e. it is extremely difficult to do macroscopic analysis, create custom reports, extract only certain fields from packets for offline analysis etc. This is where Tshark comes in! Tshark is a command line tool created by the Wireshark team and shares the same powerful parsing engine as Wireshark. It is capable of doing most things we’ve come to love Wireshark for, but with the “from command line” advantage. This makes it ideal for batch analysis, offline processing and routine automation of traffic analysis tasks. In this course, we will explore many of these capabilities. It is assumed you have a basic working knowledge of Wireshark and traffic analysis.

ادامه مطلب

جستجو در سایت