This course teaches practical penetration testing methodology using the pastebin as a target. You'll learn reconnaissance, vulnerability discovery, and exploitation using CLI tools like Nmap, mitmproxy, ffuf, and curl.
Overview
Syllabus
- Unit 1: Introduction to Penetration Testing
- Think Like an Attacker — Close the Information Leak
- Unit 2: Reconnaissance with Nmap
- Your First Network Scan
- Complete the Comprehensive Port Scanner
- Detect and Document Service Versions
- Harden Your Express Server
- Restrict Unwanted HTTP Methods
- Unit 3: API Enumeration and Fuzzing
- Your First Enumeration Scan
- Signal Through the Noise
- Beyond Automated Discovery
- Tightening the Throttle
- Covering All Angles
- Unit 4: Traffic Interception Basics
- Your First Traffic Interception
- Targeting Critical Authentication Traffic
- Capturing POST Request Body Data
- Linking Responses to Request Sources
- Defending Against Traffic Interception
- Unit 5: Vulnerability Chaining Basics
- Finding Your Attack Target
- Probing the Search Endpoint
- Building Your First Attack Chain
- Escalating to Complete Credential Theft
- Breaking the Vulnerability Chain