Applied Ethical Hacking &
Rules Of Engagement

  01 Crash Course_ Linux

Available in days

days after you enroll

• 001 Virtual Environment (10:55) Start
• 002 Kali Linux Installation & Environment (19:00) Start
• 003 Power Up Your Linux Shell_ TERMINATOR-ZSH-TMUX (17:39) Start
• 004 Linux Basics & Commands (24:50) Start
• 005 Docker on Linux (17:11) Start

  02 Get Your Hands Dirty

Available in days

days after you enroll

• 003 Intro to Ethical Hacking Basic Concepts and Terminologies (15:30) Start
• 002 VSCode IDE For Your Scripts! (9:30) Start
• 004 Vulnerable Labs -1_ dvwa, bwapp, webgoat, juiceshop, metasploitable2 (19:05) Start
• 006 Vulnerable Labs -2_ metasploitable3 (10:16) Start
• 007 Capture The Flags(CTF)_ HTB and others (16:57) Start

  03 Ethical Hacking 1_ Understand Attack Vectors

Available in days

days after you enroll

• 001 Understanding Attack Vectors (12:48) Start

  04 Ethical Hacking 2_ Information Gathering & Enumeration

Available in days

days after you enroll

• 002 Scanning with ZENMAP (13:07) Start
• 001 Initial Reconnaissance with OSINT Framework (17:25) Start
• 003 Scanning with NMAP in Command Line & in Python (25:28) Start
• 004 Scanning with Metasploit AUX & CENSYS (14:41) Start
• 005 Metasploitable Environment Preparation (8:29) Start
• 006 Enum with NMAP Part 1 (20:29) Start
• 007 Enum with NMAP Part 2 (14:15) Start
• 008 Enum with Metasploit and other tools (16:22) Start

  05 Ethical Hacking 3_ Vulnerability Scanning & Analysis

Available in days

days after you enroll

• 002 Setting up OpenVAS-GVM (9:31) Start
• 001 Introduction to Vulnerability Scanning and Analysis (13:35) Start
• 003 Vulnerability Assessment with OpenVAS-GVM (16:01) Start
• 004 Vulnerability Analysis in Action (27:23) Start
• 005 Second Opinion Vulnerability Scanning with NMAP NSE Scripts (21:30) Start
• 006 Third Opinion Vulnerability Scanning with Metasploit (12:07) Start

  06 Ethical Hacking 4_ Exploitation, Post Exploitation and Password Attacks

Available in days

days after you enroll

• 002 Metasploitable2 - Part 1 (13:14) Start
• 001 Initial Presentation (18:18) Start
• 003 Metasploitable2 - Part 2 (11:49) Start
• 004 Metasploitable2 - Part 3 (17:02) Start
• 005 Metasploitable2 - Part 4 (17:12) Start
• 006 Metasploitable3 Ubuntu - Part 1 (18:30) Start
• 007 Metasploitable3 Ubuntu - Part 2 (17:10) Start
• 008 Metasploitable3 Ubuntu - Part 3 (16:08) Start
• 009 Metasploitable3 Ubuntu - Part 4 (13:19) Start
• 010 Metasploitable3 Win2k8 - Part 1 (13:22) Start
• 011 Metasploitable3 Win2k8 - Part 2 (15:50) Start
• 012 Metasploitable3 Win2k8 - Part 3 (16:18) Start
• 013 Password Hash Crack - Part 1 (15:42) Start
• 014 Password Hash Crack - Part 2 (19:23) Start

  07 Ethical Hacking 5_ Network Attacks (Wired & Wireless)

Available in days

days after you enroll

• 001 Man in the Middle Attacks (Sniffing & Spoofing) - Part 1 (24:06) Start
• 002 Man in the Middle Attacks (Sniffing & Spoofing) - Part 2 (20:59) Start
• 003 Wireless Attacks - Part 1 (9:39) Start
• 004 Wireless Attacks - Part 2 (12:34) Start

  08 Ethical Hacking 6_ Social Engineering Attacks

Available in days

days after you enroll

• 002 Social Engineering Concepts - Part 2 (11:25) Start
• 001 Social Engineering Concepts - Part 1 (10:10) Start
• 003 Gophish Framework - Reaching the Target - Part 1 (17:05) Start
• 004 Gophish Framework - Reaching the Target - Part 2 (13:13) Start
• 005 Social Engineering Client Side Attacks - Part 1 (11:31) Start
• 006 Social Engineering Client Side Attacks - Part 2 (10:52) Start

  09 Ethical Hacking 7_ Web App Pentesting (OWASP-TOP 10)

Available in days

days after you enroll

• 001 Web App Pentesting Concepts - Part 1 (17:50) Start
• 002 Web App Pentesting Concepts - Part 2 (12:49) Start
• 003 Web App Pentesting Concepts - Part 3 (15:48) Start
• 004 Web App Pentesting Concepts - Part 4 (11:29) Start
• 005 Burp Suite Basics - Part 1 (19:49) Start
• 006 Burp Suite Basics - Part 2 (16:55) Start
• 007 Damn Vulnerable Web Application Lab - Part 1 (15:40) Start
• 008 Damn Vulnerable Web Application Lab - Part 2 (20:41) Start
• 009 Damn Vulnerable Web Application Lab - Part 3 (23:51) Start
• 010 Damn Vulnerable Web Application Lab - Part 4 (20:36) Start
• 011 Damn Vulnerable Web Application Lab - Part 5 (10:32) Start
• 012 OWASP Webgoat Lab - Part 1 (9:56) Start
• 013 OWASP Webgoat Lab - Part 2 (14:22) Start
• 014 OWASP Mutillidae II Lab - Part 1 (23:09) Start
• 015 OWASP Mutillidae II Lab - Part 2 (21:48) Start
• 016 Metasploitable 3 Vulnerable Web App (9:07) Start
• 017 bWAPP - Buggy Web Application Lab (13:43) Start
• 018 PortSwigger - Online Vulnerable Web Apps - Part 1 (16:16) Start
• 019 PortSwigger - Online Vulnerable Web Apps - Part 2 (12:38) Start

  10 Crash Course_ Python Scripting (incl. 2x Mini Projects)

Available in days

days after you enroll

• 002 Basics 2_ Loop Statements, Flow Control and Modules (17:34) Start
• 001 Basics 1_ Installation & Config , Basic Operations, Binary Operations (17:18) Start
• 003 Basics 3_ Data Types and Functions (18:39) Start
• 004 Classes and Objects, Mini Project I_ Writing a Port Scanner (21:06) Start
• 005 Mini Project II_ Writing a Malware Command & Control (C&C) Server_Client (18:41) Start

  11 Practical Pentest with CTFs (Let's Capture The Flags)

Available in days

days after you enroll

• 001 Intro to Hack the Box (HTB) CTF (7:38) Start
• 002 Easy 1 - BLUE (Enumeration, Exploitation, Hash Dump and Impacket Framework) (20:07) Start
• 003 Easy 2 - DEVEL (Indirect Web Shell Upload, Local Exploit Suggester, Priv. Esc.) (14:40) Start
• 004 Easy 3 - NETMON (PRTG Exploit with Python, Creds Discovery & Guessing) - Part 1 (18:45) Start
• 005 Easy 3 - NETMON (PRTG Manual Exploit with Nishang Reverse Shells) - Part 2 (16:06) Start
• 006 Medium 1 - POPCORN (Dirbuster Enum, Upload Abuse, Nix PAM, DirtyCow Exploit) (21:43) Start
• 007 Medium 2 - BLUNDER (Gobuster, Bludit CMS exploits) - Part 1 (18:23) Start
• 008 Medium 2 - BLUNDER (Hashcat, LinPEAS Priv Esc., sudo Exploit) - Part 2 (16:32) Start
• 009 Medium 2 - BLUNDER (CSRF_Anti-Bruteforce Bypass with Python Scripting) - Part 3 (16:21) Start
• 010 Medium 3 - SNIPER (SMB Enum, LFI RFI, Gain Rev Shell) - Part 1 (18:30) Start
• 011 Medium 3 - SNIPER (RFI RCE, Local Enum, Priv Esc, CHM Weaponization) - Part 2 (17:18) Start
• 012 Medium 3 - SNIPER (CrackMapExec, Impacket, Cookie Poisoning) - Part 3 (19:16) Start
• 013 Medium 4 - MANGO (Recon, NoSQL MongoDB Injection) - Part 1 (18:40) Start
• 014 Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 2 (16:03) Start
• 015 Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 3 (20:43) Start
• 016 Medium 4 - MANGO (LinPEAS, GTFOBins Priv. Esc. Attack Vectors) - Part 4 (13:15) Start
• 017 Hard 1 - CONTROL (Manual SQL Injection, SQLmap) - Part 1 (19:18) Start
• 018 Hard 1 - CONTROL (Read & Write Webshells with SQLMap, winPEAS) - Part 2 (20:08) Start
• 019 Hard 1 - CONTROL (Windows Priv. Esc Abusing SDDL Perms, Service Exec) - Part 3 (20:16) Start

  12 Security Standards and Methodologies

Available in days

days after you enroll

• 002 OWASP TOP 10, ASVS, MASVS, PTES, ISSAF and OSSTMM (10:36) Start
• 001 MITRE ATT&CK and Cyber Kill Chain (11:12) Start

  13 Cobalt Strike_ Operations & Development

Available in days

days after you enroll

• 001 Introduction to Red Teaming - Part 1 (19:12) Start
• 002 Introduction to Red Teaming - Part 2 (20:03) Start
• 003 Red Teaming Operations - Part 1 (18:46) Start
• 004 Red Teaming Operations - Part 2 (21:50) Start
• 005 Red Teaming Infrastructure - Part 1 (16:15) Start
• 006 Red Teaming Infrastructure - Part 2 (12:01) Start
• 007 Red Teaming Infrastructure - Part 3 (11:15) Start
• 008 Red Teaming Command and Control (C&C) - Part 1 (18:54) Start
• 009 Red Teaming Command and Control (C&C) - Part 2 (18:43) Start
• 010 Red Teaming Command and Control (C&C) - Part 3 (18:06) Start
• 011 Red Teaming Command and Control (C&C) - Part 4 (17:57) Start
• 012 Red Teaming Command and Control (C&C) - Part 5 (22:17) Start
• 013 Red Teaming Weaponization (DDE & Micro Attacks) - Part 1 (16:12) Start
• 014 Red Teaming Weaponization (HTA Attack, Droppers, File Format Exploits) - Part 2 (10:44) Start
• 015 Red Teaming Initial Access Attack Scenarios (12:53) Start
• 016 Red Teaming Post Exploit (Proc Injection & Bypass UAC, Token Tampering) - Part 1 (16:10) Start
• 017 Red Teaming Post Exploit (Keylogger, Screen Spy, Cobalt Strike Ops) - Part 2 (15:59) Start
• 018 Red Teaming Post Exploit (Pivoting, Session Passing, RDP Tunnel) - Part 3 (12:26) Start

  14 Active Directory Attacks in Depth

Available in days

days after you enroll

• 001 Active Directory Attacks Concepts - Part 1 (19:17) Start
• 002 Active Directory Attacks Concepts - Part 2 (16:42) Start
• 003 Active Directory Attacks Concepts - Part 3 (18:08) Start
• 004 Active Directory Setup on Metasploitable VM (18:36) Start
• 005 Vulnerable AD Lab Preparation (17:16) Start
• 006 AD Enumeration, Credentials Replay Attacks, Over-PTH, Secretsdump and Evil-WinRM (17:35) Start
• 007 AS-REP Roast, Hashcat, Pass The Ticket Attacks (21:37) Start
• 008 Golden Tickets, Kerberoasting against User SPNs and Mimikatz Attacks (19:39) Start

  15 MITRE ATTACK & Framework

Available in days

days after you enroll

• 001 Introduction to MITRE ATT&CK - Part 1 (13:31) Start
• 002 Introduction to MITRE ATT&CK - Part 2 (12:23) Start
• 003 Reconnaissance (8:40) Start
• 004 Resource Development (6:29) Start
• 005 Initial Access (11:35) Start
• 006 Execution (5:43) Start
• 007 Persistence (9:35) Start
• 008 Privilege Escalation (6:50) Start
• 009 Defense Evasion (14:50) Start
• 010 Credential Access (8:03) Start
• 011 Discovery (7:57) Start
• 012 Lateral Movement (4:07) Start
• 013 Collection (5:17) Start
• 014 Command and Control (7:15) Start
• 015 Exfiltration (4:09) Start
• 016 Impact (7:09) Start

  16 Introduction to Defensive Security

Available in days

days after you enroll

• 002 How SIEM works (4:25) Start
• 001 SIEM vs. SOC (5:55) Start
• 003 What are SIEM Use-Cases and Common Mistakes_ (8:24) Start
• 004 Threat Intelligence & OSSIM Open Threat Exchange (OTX) P1 (9:00) Start
• 005 Threat Intelligence & OSSIM Open Threat Exchange (OTX) P2 (5:43) Start
• 006 SIEM vs. SOAR vs. UEBA (4:12) Start
• 007 How secure is secure enough_ (3:56) Start
• 008 Defense-in-Depth Architecture Part 1 (6:38) Start
• 009 Defense-in-Depth Architecture Part 2 (6:00) Start

  17 Setting Up Our SIEM with Elastic-Stack & Wazuh Manager

Available in days

days after you enroll

• 002 Architecture, Installation & Configuring Wazuh Manager Server (11:06) Start
• 003 Installation & Configuring Elasticsearch (12:36) Start
• 004 Installation & Configuring FileBeat & Kibana (15:10) Start

  18 Integrating Endpoints in Elastic-Stack & Wazuh Manager

Available in days

days after you enroll

• 001 Integrating Windows Endpoint in Wazuh Manager (4:53) Start
• 002 Automated Roll-out of Wazuh Agent on a Network of Windows Workstations (16:40) Start
• 003 Integrating Linux Endpoint in Wazuh Manager (3:58) Start
• 004 Integrating Fortigate Firewall in Wazuh Manager (13:02) Start
• 005 Changing Password of the Read-Only Admin Account (7:32) Start

  19 Index Life-Cycle Management (ILM) in Elasticsearch & Wazuh Manager

Available in days

days after you enroll

• 001 Wazuh Index State Management (ISM) & Storage Productivity (14:28) Start

  20 Applying Wazuh Capabilities for Security Monitoring

Available in days

days after you enroll

• 001 File Integrity Monitoring (FIM)_ Alert when Critical Files Touched (11:21) Start
• 002 Linux System Calls Monitoring_ Alert when Auditctl Rules are met (7:05) Start
• 003 Continuous Enterprise Vulnerability Monitoring (11:51) Start
• 004 CIS Hardening Monitoring with Wazuh SCA (Less is More Principle) (9:20) Start
• 005 Windows Defender in Wazuh_ Centrally Monitor Malware & Actions across Endpoints (6:18) Start
• 006 Use Sysinternals Sysmon with Wazuh_ The Swiss Army Knife for Windows Monitoring (9:34) Start

  21 Programming Rulesets (Decoders & Rules) in Wazuh

Available in days

days after you enroll

• 002 Programming Decoders and Rules in Wazuh Part 2 (17:41) Start
• 001 Programming Decoders and Rules in Wazuh Part 1 (18:19) Start

  22 Practical Attacks & Threat Hunting IoC Use-Cases with Wazuh

Available in days

days after you enroll

• 001 Run & Detect SSH & RDP Brute Force Attack - Linux & Windows Endpoint (7:45) Start
• 002 Run & Detect Shellshock Attack - Linux Endpoint (5:22) Start
• 003 Run & Detect MSHTA Session initiation Attack (6:35) Start
• 004 Run & Detect Spawn Session and Process Injection (4:49) Start
• 005 Run & Detect Priv Esc, Lateral Mov. & Exec using PSExec WMIC (Windows Endpoint) (6:24) Start
• 006 Run & Detect Mimikatz & Pass The Hash Attacks (4:21) Start
• 007 Run & Detect Log Tampering IoC (Someone is deleting his traces) (4:34) Start