Pentesting 101: The Ultimate Hacking Guide Start To Finish


Pentest like a Pro. Hack like a Pro. This hacking course is created by an experienced hacker and business leader.

What you will learn

Report, document and properly index pentests

Handle clients and unexpected situations during/after testing

Web application pentesting

Network petesting

API pentesting

Description

Why you want to take this course

I am not one to keep my company secrets a secret, which kind of defeats the point of the word, but I strongly believe in sharing knowledge. That’s why I have created a guide that I think comprehensively covers this whole process. Pentesting is an art form and I’d like to teach how to do it.

What is this course?

This course takes you through 10 modules, each having it’s own objective with a capstone assignment that will guide you through network pen-testing, web, and even API pen-testing. I’ve created practical labs to guide you through the process so you are not just theoretically richer after completing this course.


Subscribe to latest coupons on our Telegram channel.

Who am I? 

Let’s start with the obligated section about who I am first. My name is Wesley Thijs and i have been an instructor and public figure for about 4 years, garnering 100 000+ students in my time doing it. Recently, however, I wanted to expand my business and I included pen testing as a service we offer. This means we also sometimes get requests for hundreds of hours of testing and this is impossible to do alone. I manage a team of several highly skilled cybersecurity professionals I have been able to pick out over the years I have been training.

My team needed a standard way of testing and a standard education however so I created this plan to teach them how to pentest, how to handle clients, and everything involved in successfully completing an assignment from start to finish.

English
language

Content

000 – Introduction

CNWPP_-_Certified_Network__Web_app_Pentesting_Professional (2).pdf
Exam Guidelines.pptx

001. Defining what a pentest is?

001 – 1 Defining a pentest MP4
001 – 1 defining_what_a_pentest_is PDF
001 – 1 What is pentesting? PPT

Getting help

Answering your questions
Udemy Tips and Tricks

001 – 2 ASSIGNMENT The deliverables of pentesting

001 – 2 ASSIGNMENT The deliverables of pentesting MP4
001 – 2 ASSIGNMENT The deliverables of pentesting PPT
001 – 2 ASSIGNMENT The deliverables of pentesting PDF
Template: Bugs

001 – 3 The deliverables of pentesting

001 – 3 The deliverables of pentesting MP4
001 – 3 The deliverables of pentesting PPT
00x.2 Contract template.docx
GENERAL-TPL-Bugtemplate-230722-2128.pdf

001 – 4 The pentest plan

001 – 4 The pentest plan MP4
001 – 4 The pentest plan PDF
00x.1 The parts of a test plan.mp4
00x.1 The parts of a test plan.pptx
00x.3 Test plan – example – hackxpert org.docx

001 – 5 ASSIGNMENT Make a test plan for hackxpert.com

001 – 5 ASSIGNMENT Make a test plan for hackxpert.com PDF
001 – 5 SOLUTION Assignment_Make_a_test_plan_for_hackxpert.com.pdf

001 – 6 The pentesting report

001 – 6 The pentesting report MP4
001 – 6 EXAMPLE the_pentesting_report.pdf
001 – 6 the_pentesting_report.pdf

001 – Extra’s

001 – XTRA1 The methodologies of a pentest.mp4
001 – XTRA2 – Letter of pen test commencing.rtf
001 – XTRA3 – SHORT TEST PLAN – UNCLE RAT’S EXAMPLE.rtf
001 – XTRA4 – The NDA.mp4

00×02 The different methodologies and how to pick one

002.1 Pentesting methodologies.mkv
002.1 Pentesting methodolgies.pptx
002.1_pentesting_methodologies.pdf
002.2 Assignment methodologies MP4
002.2 Assignment – describe the methodologies in your own words.pdf
002.3 OSSTMM MP4
002.3 OSSTMM.pptx
002.3 – 006 RAV Calc MP4
002.4 OWASP methodology MP4
002.4 OWASP.pptx
002.5 OSSTMM assignment MP4
002.5 OSSTMM assignment.pdf
002.5 OSSTMM assignment PPT
002.6 OWASP assignment.pdf
002.6 OWASP assignment PPT
002.8 PTES Questionnaires for pentests.rtf
002.8 PTES Pre-assignment.mp4
002.8 PTES – Pre-engagement.pptx
002.9 PTES Information gathering MP4
002.9 PTES Information gathering PPT

00×03 Network pentesting

003.1 BIS – How we do a pentest.mp4
003.1 BIS – How we do a pentest.pptx
003.2 Nmap MP4
003.2 Nmap PDF
003.2 port scanning PPT
003.3 portscanning assignment MP4
003.3 portscanning assignment PPT
003.4 FTP MP4
003.4 FTP PPT
003.5 FTP assignment MP4
003.5 FTP assignment PPT
003.6 SMB MP4
003.6 SMB PPT
003.7 network hacking tools MP4
003.7 network hacking tools PPT
003.7 WIRESHARK network hacking tools…
003.7 ZENMAP network hacking tools
003.7 EXPLOIT-DB network hacking tool…
003.8 network hacking tools assignment MP4
003.8 network hacking tools assignment PPT
003.8 DEMO Nikto Nmap network hacking

004.1 FUzzing

004.1 Fuzzing.mp4
004.1 Fuzzing.pdf
004.1 Fuzzing.key
004.1.1 Fuzzing Assignment.mp4

004.2 burp suite

004.2 Burp Suite CE.mp4
004.2 Burp Suite CE.pptx

004.3 CSRF

004.3 CSRF.mp4
004.3 CSRF.pptx
004.3 CSRF.pdf
004.3 CSRF CHECKLIST.rtf
004.4 CSRF assignment.pdf
004.4 CSRF assignment.pptx

00×04 Web app exploits

004.5 JWT.mp4
004.5 JWT.pdf
004.6 JWT assignment.key
004.6 JWT assignment.pdf
004.6 JWT assignment.mp4
004.6 SOLUTION JWT assignment.mkv
004.7 Open redirect.mkv
004.8 Open redirects assignment.pdf
004.8 Open redirects assignment.key
004.8 Open redirects assignment.mkv
004.9 SSRF.mkv
004.9 SSRF.pdf
004.10 SSRF LABS .pdf
004.10 SSRF LABS .key
004.11 SSRF labs solutions.mkv
004.XTRA 1 Setting_Up_Burp_Suite.pdf

005 Web exploits part 2

005.1 IDOR.mkv
005.1 IDOR – Slides.pptx
005.2 BAC labs ASS 1.mkv
005.2 BAC and IDOR assignments.rtf
005.2 IDOR AND BAC LABS .pptx
005.3+4 Business logic flaws.mkv
005.3 Business logic flaws.pptx
005.4 LABS BUSINESS LOGIC FLAWS.pptx
005.5 captcha bypasses.pptx
005.5+6 captcha bypasses .mkv
005.6 captcha labs.pptx
005.7 XPATH Injection.mp4
005.7 XPATH injections.pptx
005.8 Insecure_deserialization.mp4
005.8 Insecure_deserialization.pptx

006. Methodologies

006.1 Main app methodology web.mp4
006.1 A_main app_methodology_V5.0.pdf
006.1 Main app methodology web.pptx
006.1 Main app methodology web.pdf
006.1 Main app methodology web.key
006.2 Broad scope methodology.mp4
006.2 Broad scope methodology.pdf
006.2 Network hacking methodology.ppt
006.2-2 Network hacking methodology PART 2.ppt
006.3 Broad_scope_methodology_-_Manual (2).mp4
006.3 Broad_scope_methodology_-_Manual (2).pdf
006.3 Broad scope hacking.pptx
006.4 Network hacking methodology.mp4
006.4 Network hacking methodology PART 2.mp4
006.4 Network hacking methodology.pptx
006.4 Network hacking methodology PART 2.pptx
006.XTRA1 Practical_demonstration_-_Main_application_hacking.pdf
006.XTRA2 Broad Scope Methodology.png
006.XTRA3 Extra Resources – Main app methodology.txt
006.XTRA4 Main app methodology (1).pptx

007. Vulnerability scanners & tools

007.1 Vulnerability scanners.mp4
007.1 Vulnerability scanners.pptx
007.2 vulnerability scanners ASSIGNMENTS.mp4
007.2 vulnerability scanners ASSIGNMENTS.pptx
007.3 out of band servers.mp4
007.3 out of band servers.pptx
007.4 Labs out of band server.mp4
007.4 Labs out of band server.pptx
007.5 Postman demo.mp4
007.5 Postman demo.pptx
007.6 postman labs.mp4
007.6 postman labs.pptx
007.7 Assignement- scan hackxpert with zap .mp4
007.7 Assignement- scan hackxpert with zap .pptx
007.7 SOLUTION Assignement- scan hackxpert with zap .mp4

008 The OWASP top 10’s

008.1 OWASP top 10.pptx
008.1.1 BAC – OWASP top 10.mp4
008.1.2 Crypto failures – OWASP top 10.mp4
008.1.3 Injections – OWASP top 10.mp4
008.1.4 Insecure design – OWASP top 10.mp4
008.1.5 Sec misconfiguration – OWASP top 10.mp4
008.1.6 Vulnerable components – OWASP top 10.mp4
008.1.7 ident and auth failures – OWASP top 10.mp4
008.1.8 Integrity failures – OWASP top 10.mp4
008.1.9 Logging and monitoring failures.mp4
008.1.10 SSRF.mp4
The Full OWASP Top 10.zip
008.2 OWASP API top 10.pptx
008.2.0 Intro – OWASP API top 10.mp4
008.2.1 Broken Object Level Authentication – OWASP API top 10.mp4
008.2.1.1 Broken Object Level Authentication Labs – OWASP API top 10.mp4
008.2.2.1 Broken User Authorization – labs – OWASP API top 10.mp4
008.2.2 Broken User Authorization – OWASP API top 10.mp4.mp4
008.2.3 Excessive data exposure – OWASP API top 10.mp4
008.2.4 Rate limiting – OWASP API top 10.mp4
008.2.5 predictable naming – OWASP API top 10.mp4
008.2.6 Mass assignment – OWASP API top 10.mp4
008.2.7 Misconfigs – OWASP API top 10.mp4
008.2.8 injections Misconfigs – OWASP API top 10.mp4
008.2.9 Improper asset management.mp4
008.2.10 Insufficient logging – OWASP API top 10.mp4
The Full OWASP API top 10.zip

00×09 Pentesting checklists

009.1Web app pentesting exploit type checklist.rtf
009.2web app pentesting checklist.zip
009.3Dangerous_HTTP_methods.pdf
009.4How_i_would_hack_you__and_attack_you.pdf
009.5What_the_fuzz!__The_truth_behind_content_discovery.pdf
009.6Directory_brute_forcing.pdf

00×10 Fully simulated pentest

010. Tying it all together in 1 attack .rtf
Test plan – hackerats.com.docx