How To Hack The Box To Your OSCP (Part 3)

Rating 4.9 out of 5 (10 ratings in Udemy)

What you'll learn

How modern adversaries breach public facing webservers
How to weoponize benign applications with exploits
How to evade AV and EDR with advanced shellcode loaders
How attackers move laterally, create reverse tunnels and expand influence on the victim network
How to think in terms of MITRE ATT&CK and understand the vernacular.
How to test and validate SQLi, XSS, SSTI and more

Description

Are you ready to level up your game? …

Rating 4.9 out of 5 (10 ratings in Udemy)

What you'll learn

How modern adversaries breach public facing webservers
How to weoponize benign applications with exploits
How to evade AV and EDR with advanced shellcode loaders
How attackers move laterally, create reverse tunnels and expand influence on the victim network
How to think in terms of MITRE ATT&CK and understand the vernacular.
How to test and validate SQLi, XSS, SSTI and more

Description

Are you ready to level up your game?

Ready for the hardest boxes to hack?

Want a challenge without feeling overwhelmed or confused?

I finally did it. I finally decided to create the last series in my three part collection on pwning Hack The Box machines.

There are tons of free write-ups and Youtube videos on-line that will show you how to breach a box but almost none of them break down the process step by step.

And almost none of them include all the commands as a tidy reference.

And even fewer map all attacks to the MITRE ATT&CK Matrix.

What I’ve done is taken you on a journey into my mind as I help you understand how an expert hacker thinks. You will get the behind-the-curtain view into my thought process as I think through difficult scenarios and carefully step through each obstacle until the box is pwned.

In addition, after we pop the box, we’ll take a step back and understand what vulnerabilities led to the initial intrusion vector by exploring host logs, vulnerable application source code and event logs.

I’ve prepared everything you need for learning success in one convenient package.

So, I’m going to ask again - are you ready to level up your game?

You are about to learn the following tools and techniques from an offensive perspective:

MITREATT&CKEnterprise Framework TTPs
ping
nmap
rpcdump
rpcclient
smbmap
smbclient
crackmapexec
whatweb
Wappalyzer
curl
openssl
gowitness
Burp Proxy
Burp EmbeddedChromium Browser
feroxbuster
wfuzz
Web Application Attacks: SQLi
Web Application Attacks: Reflected XSS
Web Application Attacks: SSTI
Polyglot Payloads
Web Application Attacks: Command Injection
Reverse Shells: Powershell
Reverse Shells: Powershell Upgrade
Reverse Shells: Netcat
Reverse Shells: Meterpeter
Reverse Shells: PSExec
Reverse Shells: NoPAC
Base64 Encoded Powershell Payloads
rlwrap
PEASS-ng
Blue Team: wmic
Blue Team: tasklist
Blue Team: Get-WmiObject
CSRs
Chisel
ProxyChains
FoxyProxy SOCKSProxies
tshark
responder
hashcat
Lateral Movement
Resource Development: Commando VM!
Resource Development: Exploit Testing and Maldoc creation
Defense Evasion: charlotte
Defense Evasion: Meterpreter
certutil
SharpCollection
PowerView
Rubeus
Certify
date (sounds lame but we actually use it in a way you've never seen before)
Detection Engineering: Log Review
SecureCoding Principles: SourceCode Review

If this doesn't excite you, you are not the right person for this course.

But if you're ready to freggin' have a blast and take your learning and skills to beast mode click Buy Now and let's begin!

Duration 5 Hours 58 Minutes

Paid

Self paced

Expert Level

English (US)

409

Rating 4.9 out of 5 (10 ratings in Udemy)

Go to the Course
We have partnered with providers to bring you collection of courses, When you buy through links on our site, we may earn an affiliate commission from provider.