This course teaches learners how to exploit a specific target on HackTheBox by covering various steps such as Nmap scanning, exploring ports, modifying hosts, enumerating sub-domains, using tools like Dirb and Burp, testing for SQL injection, gaining shells, bypassing whitelisting, transferring files, and elevating privileges. The teaching method involves a walkthrough of the entire process with practical demonstrations. This course is intended for individuals interested in cybersecurity, ethical hacking, penetration testing, and offensive security techniques.
Overview
Syllabus
- Introduction.
- Nmap scan review.
- Exploring port 80.
- Modifying /etc/hosts.
- Enumerating sub-domains.
- Using Dirb to find hidden directories and pages.
- Intercepting login requests with Burp.
- Using sqlmap to test for SQL injection.
- Building a custom SQL injection & Gaining a shell.
- Enumeration as the low-priv user.
- Bypassing application whitelisting using msbuild.
- Using certutil for file transfers & Gaining a Meterpreter shell.
- Using the capcom.sys exploit to elevate privileges.
- Discovering root.exe and reverse engineering the process.
Taught by
The Cyber Mentor
Related Courses
-
Web Application Ethical Hacking - Penetration Testing Course for Beginners
4.1 -
Complete Ethical Hacking Bootcamp
-
Pentesting for N00bs - Jerry
-
Web App Testing - SQL Injections and Live Bug Bounty Hunting
-
Web Application Pentesting
-
Zero to Hero Pentesting - Exploitation, Shells, and Some Credential Stuffing
