Categories

There are currently no items in your shopping cart.

User Panel

Forgot your password?.

Mile2 Mile2 – Certified Penetration Testing Consultant

Video Introducing this tutorial


1. Pentesting Team Formation:
1. Pentesting Team Formation
10. Executing Process Activities
11. Executing Process (cont.)
12. Closing Process Activities
13. Section 2 Pentesting Metrics
14. Types of Analysis
15. Quantitative Analysis
16. Qualitative Analysis
17. Mixed-Method Analysis
18. Section 3 Team Roles, Responsibilities, and Benefits
19. Pentesting Team Structure
2. What are we covering
20. RolesResponsibilities
21. Benefits
22. Module 1 Review
23. Quiz
3. Section 1 Project Management
4. PMBOK
5. PMBOK
6. Initiating Process Activities
7. Planning Process Activities
8. Planning Process (cont.)
9. Planning Process (cont.)

10. Windows Exploit Protection:
1. Windows Exploit Protection
10. How to Use SEH
11. How to Use SEH (conti...)
12. How to Use SEH (conti...)
13. Section 3 Data Execution Prevention (DEP)
14. Data Execution Prevention
15. DEP Types
16. DEP Benefits
17. Configuring DEP
18. Configuring DEP (cont.)
19. Configuring DEP (cont.)
2. What are we covering
20. Configuring DEP (cont.)
21. Configuring DEP (cont.)
22. Configuring DEP (cont.)
23. Section 4 SafeSEHSEHOP
24. SEH Exploit Buffer
25. SEH Exploit Buffer Explained
26. SafeSEH
27. SEHOP
28. Module 10 Review
29. Module 10 Quiz
3. Section 1 Introduction to Windows Exploit Protection
4. Software Exploits
5. Common Targets
6. Common Targets - YOU!
7. Section 2 Structured Exception Handling (SEH)
8. Structured Exception Handling
9. Types of SEH

11. Getting Around SEH and ASLR (Windows):
1. Getting Around SEH and ASLR (Windows)
10. Immunity!
11. Immunity!
12. Section 4 VulnServer Demo
13. Demo Getting Around SEH and ASLR
14. Proof of Concept Code
15. Running the Script
16. Immunity Crash Review
17. Immunity Crash Review (cont.)
18. Immunity Crash Review (cont.)
19. Immunity Debugger
2. Introduction
20. Proof of Concept Code (updated)
21. Crash Again
22. Crash Again (cont.)
23. Immunity Debugger
24. Proof of Concept Code (updated)
25. Crash Again
26. Immunity Debugger
27. Proof of Concept Code (updated)
28. Crash Again
29. Crash Again (cont.)
3. What are we covering
30. Finding loaded modules
31. Redirecting Mona logs
32. Finding ROP Gadgets with Mona
33. Immunity Debugger
34. Proof of Concept Code (updated)
35. Crash Again
36. Crash Again (cont.)
37. nasm_shell
38. Proof of Concept Code (updated)
39. Crash Again
4. Section 1 Vulnerable Server Setup
40. Crash Again (cont.)
41. Crash Again (cont.)
42. Immunity Debugger
43. Proof of Concept Code (updated)
44. Crash Again
45. Immunity Debugger
46. Proof of Concept Code (updated)
47. Crash Again
48. Crash Again (cont.)
49. Crash Again (cont.)
5. Vulnerable Server Setup
50. Crash Again (cont.)
51. Crash Again (cont.)
52. Crash Again (cont.)
53. Crash Again (cont.)
54. Crash Again (cont.)
55. Crash Again (cont.)
56. Vulnerable Server
57. Proof of Concept Code (updated)
58. Proof of Concept Code (updated)
59. Throwing our Exploit
6. VulnServer in Action
60. Module 11 Review
61. Module 11 Quiz
7. Section 2 Time to Test it out
8. Time to Test it out
9. Section 3 VulnServer meet Immunity

12. Penetration Testing Report Writing:
1. Penetration Testing Report Writing
10. Confidentiality Statement
11. Document Control
12. Timeline
13. Executive Summary
14. Executive Summary Sections
15. Executive Summary Sections
16. Executive Summary Sections
17. Security Risk OriginCategory
18. Executive Summary Sections
19. Executive Summary Sections
2. What are we covering
20. Executive Summary Sections
21. Technical Report
22. Technical Report Sections
23. Technical Report Sections
24. Technical Report Sections
25. Technical Report Sections
26. Technical Report Sections
27. Technical Report Sections
28. Technical Report Sections
29. Technical Report Sections
3. Introduction
30. Technical Report Sections
31. Technical Report Sections
32. Technical Report Sections
33. Module 12 Review
34. Module 12 Quiz
4. Findings Document
5. Section 1 Reporting
6. Pentest Report Format Sections
7. Cover Page
8. Confidentiality Statement
9. Confidentiality Statement

2. NMAP Automation:
1. NMAP Automation
10. NMAP Basics - Host Discovery (cont.)
11. NMAP Basics - Port Scanning Basics
12. NMAP Basics - Port Scanning Techniques
13. NMAP Basics - Port Specification and Scan Order
14. NMAP Basics - Service and Version Detection
15. NMAP Basics - OS Detection
16. NMAP Basics - NMAP Scripting Engine
17. NMAP Basics - NMAP Scripting Engine
18. NMAP Basics - Timing and Performance
19. NMAP Basics - Output
2. Introduction
20. NMAP Basics - Miscellaneous Options
21. NMAP Basics - Runtime Interaction
22. NMAP Basics - Examples
23. Section 2 NMAP Automation
24. NMAP Automation
25. NMAP Automation
26. Section 3 NMAP Report Documentation
27. NMAP Report Documentation
28. NMAP Report Documentation
29. Module 2 Review
3. What are we covering
30. Quuiz
4. Section 1 NMAP Basics
5. NMAP Basics
6. NMAP Basics
7. NMAP Basics - Options Summary
8. NMAP Basics - Target Specification
9. NMAP Basics - Host Discovery

3. Exploitation Process:
1. Exploitation Process
10. Countermeasures
11. Countermeasures
12. Section 3 Evasion
13. Evasion
14. Section 4 Precision Strike
15. Precision Strike
16. Section 5 Customized Exploitation
17. Customized Exploitation
18. Section 6 Tailored Exploits
19. Tailored Exploits
2. Introduction
20. Section 7 Zero-Day Angle
21. Zero-Day Angle
22. Section 8 Example Avenues of Attack
23. Example Avenues of Attack
24. Section 9 Overall Objective of Exploitation
25. Overall Objective
26. Module 3 Review
27. Quiz
3. What are we covering
4. Section 1 Purpose
5. Purpose
6. Section 2 Countermeasures
7. Countermeasures
8. Countermeasures
9. Countermeasures

4. Fuzzing with Spike:
1. Fuzzing with Spike
10. Source Code (cont.)
11. Booting Vulnserver
12. Vulnserver
13. Section 2 Spike Fuzzing Setup
14. Built-in 'Spike'
15. Spikes
16. Section 3 Fuzzing a TCP Application
17. Generic_send_tcp
18. Generic_send_tcp (cont.)
19. Generic_send_tcp (cont.)
2. What are we covering
20. Generic_send_tcp (cont.)
21. Section 4 Custom Fuzzing Script
22. TRUN primitive
23. TRUN primitive
24. Spiketrunaudit.spk
25. Fuzzing in progress?
26. Fuzzing Complete!
27. Final Thoughts
28. Module 4 Review
29. Quiz
3. Introduction to Spike
4. Introduction to Spike
5. Section 1 Vulnserver
6. What is Vulnserver
7. What is Vulnserver (cont.)
8. Vulnserver Source Code
9. Source Code (cont.)

5. Writing Simple Buffer Overflow Exploits:
1. Writing Simple Buffer Overflow Exploits
10. Section 2 Immunity Debugger
11. Immunity Debugger
12. Immunity Debugger
13. Immunity Layout
14. Immunity Layout
15. Immunity Layout
16. Immunity Layout
17. 32-bit Registers
18. 32-bit Registers
19. What is a Buffer Overflow
2. Introduction
20. Running DPE
21. Section 3 Python
22. Searching Exploit-DB
23. Pythons you say
24. Continued
25. Section 4 Shellcode
26. MSFVenom
27. MSFVenom
28. Sending our Exploit
29. Connect and Win
3. What are we covering
30. Module 5 Review
31. Quiz
4. Setup
5. Section 1 Exploit-DB
6. Exploit-DB
7. Exploit-DB
8. Searchsploit
9. Searchsploit

6. Stack Based Windows Buffer Overflow:
1. Stack Based Windows Buffer Overflow
10. Immunity!
11. Section 2 Vulnerability Research
12. Vulnerability Research
13. Exploit-DB
14. MiniShare Exploit Explained
15. Proof of Concept Code
16. Running the Script
17. Running the Script
18. Section 3 Control EIP, Control the Crash
19. Control EIP, Control the Crash
2. Introduction
20. Control EIP, Control the Crash
21. Section 4 JMP ESP Instruction
22. JMP ESP Instruction
23. Finding Loaded Modules
24. Exploit Note
25. Finding JMP ESP
26. Search DLL for xffxe4
27. Section 5 Finding the Offset
28. Finding the Offset
29. Pattern_create.rb
3. What are we covering
30. Proof of Concept Code (Update pattern_create.rb)
31. Running the Script
32. Finding the Offset
33. Proof of Concept Code (Update Control EIP Overwrite)
34. Running the Script
35. Section 6 Code Execution and Shellcode
36. Code Execution and Shellcode
37. Proof of Concept Code (Update JMP ESP Addition)
38. Code Execution and Shellcode
39. Running the Script
4. Section 1 Debugger
40. Code Execution and Shellcode
41. Proof of Concept Code (Update Adding Shellcode)
42. Section 7 Does the Exploit Work
43. Does the Exploit Work
44. Does the Exploit Work
45. Module 6 Review
46. Quiz
5. Debugger
6. Immunity!
7. Immunity!
8. Immunity!
9. Debugger

7. Web Application Security and Exploitation:
1. Web Application Security and Exploitation
10. A1 Injection
11. A1 Injection
12. A2 Broken Authentication
13. A3 Sensitive Data Exposure
14. A4 XML External Entities
15. A5 Broken Access Control
16. A6 Security Misconfiguration
17. A7 Cross-Site Scripting
18. A8 Insecure Deserialization
19. A9 Using Components with Known Vulnerabilities
2. Introduction
20. A9 Using Components with Known Vulnerabilities (conti...)
21. A10 Insufficient Logging & Monitoring
22. Tying it all together
23. Section 3 Zap
24. Everything you need for Free
25. Proxy Connection
26. Zed Attack Proxy
27. Do What Now
28. Intercept All the Things!!
29. Intercept All the Things!!
3. What are we covering
30. Intercept All the Things!!
31. Intercept All the Things!!
32. Intercept All the Things!!
33. Do What Now
34. So Then
35. Section 4 Scapy
36. The way of the packet
37. The way of the packet
38. Finding the Way
39. Picturing the Way
4. Section 1 Web Applications
40. Module 7 Review
41. Quiz
5. Why Though
6. Where Though
7. Compromise
8. Section 2 OWASP Top 10 - 2017
9. Top 10

8. Linux Stack Smashing:
1. Linux Stack Smashing
10. gdb .mile2_smash (Part1)
11. gdb .mile2_smash (Part2)
12. Program Crashed
13. Pattern_create
14. gdb .mile2_smash (pattern_create) (Part1)
15. gdb .mile2_smash (pattern_create) (Part2)
16. Finding the Offset
17. Updating the Exploit
18. gdb .mile2_smash (updated exploit) (Part 1)
19. gdb .mile2_smash (updated exploit) (Part 2)
2. Introduction
20. gdb .mile2_smash (updated exploit) (Part 3)
21. Gained Control RIP
22. Environment Variable Location
23. Final Updates to the Exploit
24. Throwing our Exploit
25. Module 8 Review
26. Module 8 Quiz
3. What are we covering
4. Section 1 Exploiting the Stack on Linux
5. Demo Exploiting the Stack on Linux
6. Mile2_smash Program
7. Buffer Overflow Found
8. Creating the Exploit
9. Looking to Overwrite RIP

9. Linux Address Space Layout Randomization:
1. Linux Address Space Layout Randomization
10. Mile2_leak Program (cont.)
11. Mile2_leak Program (cont.)
12. Mile2_leak Program (cont.)
13. Mile2_leak Program (cont.)
14. Mile2_leak Program (cont.)
15. Mile2_leak Program (cont.)
16. Mile2_leak Program (cont.)
17. Mile2_leak Program (cont.)
18. Global Offset Table (memset())
19. poc.py Program (part 1)
2. Introduction
20. poc.py Program (part 2)
21. Confirming memset()'s Address
22. Calculate libc's Base Address
23. Calculate libc's Base Address
24. memset()'s offset
25. system()'s offset
26. Find the address of any library function
27. poc.py updated (part 1)
28. poc.py updated (part 2)
29. Seeing our PoC in action
3. What are we covering
30. ret2libc to complete the exploit
31. poc.py final (part 1)
32. poc.py final (part 2)
33. poc.py final (part 3)
34. Final PoC in action
35. Module 9 Review
36. Module 9 Quiz
4. Section 1 Stack Smashing to the Extreme
5. Demo Stack Smashing to the Extreme
6. Mile2_leak Program
7. ASLR Explained
8. Additional ASLR Information
9. Additional ASLR Information