This is a collection of practical labs.
- Footprinting and Reconnaissance ๐พ
- Extract Organization Information
- Extract Network Information
- Extract System Information
- Scanning Networks ๐พ
- Check Live Systems and Open Ports
- Identify Services Running in Live Systems
- Perform Banner Grabbing / OS Fingerprinting
- Identify Network Vulnerabilities
- Draw Network Diagrams of Vulnerable Hosts
- Enumeration ๐พ
- Extract Machine Names, their OSs, Services and Ports
- Extract Network Resources
- Extract Usernames and User Groups
- Extract Lists of Shares on Individual Hosts on the Network
- Extract Policies and Passwords
- Extract Routing Tables
- Extract Audit and Service Settings
- Extract SNMP and FQDN Details
- Vulnerability Analysis ๐พ
- Identify Network Vulnerabilities
- Identify IP and TCP/UDP Ports and Services that are Listening
- Identify Application and Services Configuration Errors/Vulnerabilities
- Identify the OS Version Running on Computers or Devices
- Identify Applications Installed on Computers
- Identify Accounts with Weak Passwords
- System Hacking ๐พ
- Bypassing Access Controls to Gain Access to the System (Password Cracking, Vulnerability Exploitation...)
- Acquiring the Rights of Another User or an Admin (Privilege Escalation)
- Creating and Maintaining Remote Access to the System (Trojans, Spyware, Backdoors, Keyloggers...)
- Hiding Malicious Activities and Data Theft (Rootkits, Steganography...)
- Hiding the Evidence of Compromise (Clearing Logs)
- Malware Threats ๐พ
- Create a Trojan and Exploit a Target Machine
- Create a Virus to Infect the Target Machine
- Perform Malware Analysis to Determine the Origin, Functionality and Potential Impact of a Given Type of Malware
- Detect Malware
- Sniffing ๐พ
- Sniff the Network
- Analyze Incoming and Outgoing Packets for any Attacks
- Troubleshoot the Network for Performance
- Secure the Network from Attacks
- Social Engineering ๐พ
- Sniff User/Employee Credentials
- Obtain Employees' Basic Personal Details
- Obtain Usernames and Passwords
- Perform Phishing
- Detect Phishing
- Denial-of-Service ๐พ
- Performing SYN Flooding, Ping of Death and UDP Application Layer Flooding Attacks on a Target Host
- Performing a DDoS Attack
- Detect and Analyze DoS Attack Traffic
- Detect and Protect Against a DDoS Attack
- Session Hijacking ๐พ
- Hijack a Session by Intercepting Traffic between Server and Client
- Steal a User Session ID by Intercepting Traffic
- Detect Session Hijacking Attacks
- Evading IDS, Firewalls and Honeypots ๐พ
- Detect Intrusion Attempts
- Detect Malicious Network Traffic
- Detect Intruders and their Attack Weapon
- Evade Firewalls
- Hacking Web Servers ๐พ
- Footprinting a Web Server
- Enumerate Web Server Information
- Crack Remote Passwords
- Hacking Web Applications ๐พ
- Footprinting a Web Application
- Performing Web Spidering, Detect Load Balancers and Identify Web Server Directories
- Performing Web Application Vulnerability Scanning
- Performing Brute-Force and CSRF Attacks
- Exploiting Parameter Tampering and XSS Vulnerabilities
- Exploiting WordPress Plugin Vulnerabilities
- Exploiting Remote Command Execution Vulnerabilities
- Exploiting File Upload Vulnerabilities
- Gaining Backdoor Access via a Web Shell
- Detecting Web Application Vulnerabilities
- SQL Injection ๐พ
- Performing a SQL Injection on an MSSQL Database
- Extracting basic SQL Injection Flaws and Vulnerabilities
- Detecting SQL Injection Vulnerabilities
- Hacking Wireless Networks ๐พ
- Discover Wi-Fi Networks
- Capture and Analyze Wireless Traffic
- Crack WEP, WPA and WPA2 Wi-Fi Networks
- Hacking Mobile Platforms ๐พ
- Exploit the Vulnerabilities in an Android Device
- Obtain Users' Credentials
- Hack Android Devices with a Malicious Application
- Use an Android Device to Launch a DoS Attack on a Target
- Exploit an Android Device through ADB
- Perform a Security Assessment on an Android Device
- IoT and OT Hacking ๐พ
- Performing IoT and OT Device Footprinting
- Capturing and Analyzing Traffic between IoT Devices
- Cloud Computing ๐พ
- Performing S3 Bucket Enumeration
- Exploiting Misconfigured S3 Buckets
- Escalating Privileges of a Target IAM User Account by Exploiting Misconfigurations in a User Policy
- Cryptography ๐พ
- Generate Hashes and Checksum Files
- Calculate the Encrypted Value of the Selected File
- Use Encrypting/Decrypting Techniques
- Perform File and Data Encryption
- Create Self-Signed Certificates
- Perform Email Encryption
- Perform Disk Encryption
- Perform Cryptanalysis