Zero to Hero Pentesting: Episode 7 - Exploitation, Shells, and Some Credential Stuffing

Name: Zero to Hero Pentesting: Episode 7 - Exploitation, Shells, and Some Credential Stuffing
Uploaded: 2019-05-02T15:49:09Z
Channel: The Cyber Mentor
Description: Zero to Hero: 0:00 - Welcome 2:43 - Lesson overview & staying humble 8:20 - Reverse shells vs bind shells 11:05 - Staged vs non-stage payloads 12:20 - B...

The Cyber Mentor · Beginner ·🔐 Cybersecurity ·6y ago

Zero to Hero: 0:00 - Welcome 2:43 - Lesson overview & staying humble 8:20 - Reverse shells vs bind shells 11:05 - Staged vs non-stage payloads 12:20 - Brief bind shell demonstration with netcat 15:30 - Reviewing scans from last week 17:30 - Exploiting mod_ssl 2.8.4 w/ OpenLuck manually 27:38 - Exploiting Samba 2.2.1a w/ trans2open Metasploit 37:50 - Reviewing some of our report findings 39:45 - Scanning, enumerating, and exploiting Hack The Box's Lame 1:01:00 - Credential stuffing & password spraying overview 1:13:05 - Running breach-parse against Tesla.com 1:14:05 - Using Burp Suite to perfor…

Watch on YouTube ↗ (saves to browser)

Chapters (42)

Welcome

2:43 Lesson overview & staying humble

8:20 Reverse shells vs bind shells

11:05 Staged vs non-stage payloads

12:20 Brief bind shell demonstration with netcat

15:30 Reviewing scans from last week

17:30 Exploiting mod_ssl 2.8.4 w/ OpenLuck manually

27:38 Exploiting Samba 2.2.1a w/ trans2open Metasploit

37:50 Reviewing some of our report findings

39:45 Scanning, enumerating, and exploiting Hack The Box's Lame

1:01:00 Credential stuffing & password spraying overview

1:13:05 Running breach-parse against Tesla.com

1:14:05 Using Burp Suite to perform credential stuffing & password spraying

1:28:53 Boxers or briefs?

1:29:00 What are you drinking?

1:29:42 Are web pentest skills and network pentest skills interchangeable?

1:30:02 What college degree is best for cybersecurity?

1:30:25 What's new in your life / upcoming talks?

1:30:55 What is this channel about?

1:31:10 Troubleshooting a Kioptrix issue

1:31:40 Is the CEH worth pursuing?

1:31:55 Jon Jones??

1:32:10 Best advice to move from service desk to security?

1:33:10 Is OSCP the best certification?

1:33:30 Do you need a CS degree to be successful?

1:33:45 What makes hacking unethical?

1:34:30 How to transition from webdev to appsec?

1:35:38 Tips for organization when testing large clients?

1:37:02 What did you think about the Pentest+?

1:38:50 How many more segments of Zero to Hero are left?

1:40:20 How do you submit/plan a talk?

1:44:48 What keyboard are you using?

1:45:25 Are we building an AD lab next week?

1:45:48 Are most of your assessments AD?

1:46:30 Should I stop the OSCP and attempt the eJPT if I'm struggling?

1:47:00 What are your specs?

1:48:15 Are we covering all PowerShell in the course?

1:48:40 OSCP vs HTB

1:48:55 What is you Domain Admin % rate on all engagements?

1:49:45 Domain Admin from a printer?

1:52:30 How many assessments have you done total?

1:53:30 How much time do you get per as

Playlist

Uploads from The Cyber Mentor · The Cyber Mentor · 34 of 60

← Previous Next →