Complete Ethical Hacking Series: Hacking Applications – Chad Russell

Salepage link: At HERE. Archive: https://archive.is/wip/HSsH3

Hours of Content:1

Requirements

• Students should have a working understanding of TCP/IP and networking concepts.

Description

Complete Ethical Hacking Series: Social Engineering

This course is for beginners and IT pros looking to get certified and land an entry level Cyber Security position paying upwards of six figures! Each chapter closes with exercises putting your new learned skills to practical use immediately. You will start by understanding network anonymity by using tools such as the Zed Attack Proxy, Hamster, and Ferret. Next, you will learn how to conduct XSS attacks, buffer overflows and then learn how to hack AJAX.

What are the pre-requisites for this course?

1. Students should have a working understanding of TCP/IP and networking concepts.

What will you be able to do after taking this course?

• Hamster – Hamster is a tool or “sidejacking”. It acts as a proxy server that replaces your cookies with session cookies stolen from somebody else, allowing you to hijack their sessions.
• Ferret – Ferret is used to sniff cookies. It can be used in conjunction with Hamster to conduct session hijacking attacks on the wire.
• Morpheus – Morpheus is a framework tool which automates TCP/UDP packet manipulation tasks by using filters to manipulate target requests/responses under MitM attacks replacing the TCP/UDP packet contents by our contents before forwarding the packet back to the target host.
• Zed Attack Proxy – TheOWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It’s also a great tool for experienced pen testers to use for manual security testing.
• Buffer Overflow Attacks – A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold or when a program attempts to put data in a memory area past a buffer. In this case, a buffer is a sequential section of memory allocated to contain anything from a character string to an array of integers. Writing outside the bounds of a block of allocated memory can corrupt data, crash the program, or cause the execution of malicious code.
• Hacking AJAX – Asynchronous Javascript and XML (AJAX) is one of the latest techniques used by web application developers to provide a user experience similar to that of a traditional (i.e., “pre-web”) application. Since AJAX is still a new technology, there are many security issues that have not yet been fully researched. Some of the security issues in AJAX include:
  • Increased attack surface with many more inputs to secure
  • Exposed internal functions of the application
  • Client access to third-party resources with no built-in security and encoding mechanisms
  • Failure to protect authentication information and sessions
  • Blurred line between client-side and server-side code, possibly resulting in security mistakes

• Heap Spraying – Heap spraying refers to the attempt to insert code into a predetermined location using the exploits of vulnerable browsers. “Heap” comes from the term heap-based memory allocation (also known as dynamic memory allocation), which is the allowance of memory storage to be used by a computer program when it runs.

Who is the target audience?

• This course is for beginners and IT pros looking to get certified and land an entry level Cyber Security position paying upwards of six figures! There are currently over a million Cyber Security job openings global and demand is greatly outpacing supply which means more opportunity, job security and higher pay for you! Each chapter closes with exercises putting your new learned skills to practical use immediately.

Course Curriculum

Complete Ethical Hacking Series: Hacking Applications

• 01 – Introduction (7:58)
• 02 – Hamster and Ferret (5:58)
• 03 – Morpheus (4:24)
• 04 – Heap Spraying Demonstration (4:32)
• 05 – Zed Attack Proxy (12:15)
• 06 – Persistent XSS Demo (1:53)
• 07 – Buffer Overflow Demonstration (4:38)
• 08 – Buffer Overflows Explained (23:54)
• 09 – Hacking AJAX (10:06)