Posts

Showing posts from February, 2021

Bounty Hacker

The next one in our Pop Pop Pop Another Server Drop series is Bounty Hacker from tryhackme.com. This one goes over some things like password cracking, privilege escalation using GTFOBINS among others.

Blue

Image
This one from my Pop Pop Pop Another Server Drop series is using the tryhackme.com room Blue. Topics include scanning, searching for exploits (specifically Eternal Blue), password cracking, Metasploit among other things.

Basic Pentesting

Image
As part of my Pop Pop Pop Another Server Drop series, this one is Basic Pentesting room from tryhackme.com. This will cover scanning with nmap, directory busting with gobuster, SSH and other interesting topics. Below is the video going into more detail, followed by the written guide

Bypass SQL Injection Filters

Image
This video goes over some DQL Injection filter bypasses. enjoy

Command Injection

Image
This video goes over the basic techniques for performing command injections. Enjoy

SQl Injection (Manual) Part 2

Image
Part 2 in a 2 part series on the basics of manual SQL Injection. Enjoy

SQL Injection (Manual) Part 1

Image
Part 1 in a 2 part series on basic manual SQL Injection techniques. Enjoy

SQL Injection Basics

Image
In this video I go over the basic concepts behind SQL Injections. Enjoy

Virus Creation

Image
In this video I go over some basics on creating malware using the Metasploit Framework. Enjoy

XSS Part 3

Image
Part 3 of a 3 part series on Cross Site Scripting, otherwise known as XSS. Enjoy

XSS Part 2

Image
This video is part 2 of a 3 part series on the basics of Cross Site Scripting, otherwise known as XSS. Enjoy

XSS Part 1

Image
Part 1 in a 3 video series about the basics of Cross Site Scripting, otherwise known as XSS. Enjoy

Basic Exploitation

Image
In this video I go over the basics of exploitation using a purposeful vulnerable server environment. Enjoy

Denial of Service

Image
In this video I demonstrate the effects of a denial of service attack. Enjoy

Passwords

Image
In this video I go into the concept of passwords and how they relate to security as a whole. Enjoy

Prerequisites for hacking

Image
In this video I go over some key things that I think are important to shore up before moving into an ethical hacking career. Enjoy

Recon for Hacking

Image
In this video I go over some tools and techniques to perform basic reconnaissance for targets used in your hacktivities. Enjoy

Scanning for Hacking Part 2

Image
Part 2 in my series going over the basic tools and techniques for scanning in your hacktivities. Enjoy

Scanning for Hacking Part 1

Image
This is part 1 of a 2 part series on some tools and techniques for scanning during your hacktivities. Enjoy

Scanning with Nmap

Image
In this video I go over the basics of the popular port scanner Nmap. I show you how to create a cheat sheet for use in your hacktivities and how the scans look through Wireshark. Enjoy

Session Hijacking

Image
In this video I explain some basics of Session Hijacking. Enjoy

System Hacking Part 3

Image
Part 3 in a series about the basics of system hacking. Enjoy

System Hacking Part 2

Image
Part 2 in a series about the basics of system hacking. Enjoy

System Hacking Part 1

Image
In this video in a 3 part series, I go over some basics of system hacking. Enjoy

Certifications....do I need them?

Image
I was an instructor for 12 years with 21 certifications, teaching a variety of technology and cybersecurity boot camps, which would then have a certification test after the class. I was a certifed instructor for Microsoft, Comptia and ECCouncil, teaching certification boot camps for Microsoft Server, Net+, Sec+, Certified Ethical Hacker and various other ones. Throughout my years teaching these classes, I got a good understanding of how these play into the actual industry. Also, as a Penetration Tester for a couple of companies I understand the practicality of these certifications. This video goes over my opinons on certifications and how they relate to the practicality of the industry you are looking to go into.

How to Create a Virtual Hacking Lab

Image
This video goes over the basics of installing and running a virtualized environment called VirtualBox. Virtual machines are a great way to practice your skills and still keep your host machine from being infected. A lot of Wargames can be found on sites like Vulnhub and you can download the wargame in a virtualized format. So I go over loading a security Linux OS called ParrotOS and using Docker to load some purposeful vulnerable environments to practice against. Enjoy

Linux basics for Cybersecurity

Image
In this vide from the Pop Pop Pop Another Server Drop series, I go over the basics of the Linux command line. As most Wargames we will go over in the series are environments that use the Linux OS, this is a good primer to help you navigate the basics of the Linux command shell.

Linux privilege Escalation

Image
This video is part of the Pop Pop Pop Another Server Drop series and it goes over some basic Linux privilege escalation techniques. A large amount of servers, especially web servers, are running on Linux machines because of the resiliency the OS brings. When doing the Wargames that I go over in the series, you will encounter some privilege escalation challenges and this video will give you a primer to do that. Enjoy

XPATH Injection

XML External Entity Injection

WebSockets

Unvalidated Redirects and Forwards

SQL Injection

Session Management

Server Side Request Forgery

Server Side Includes

Passwords

LDAP Injection

Insecure Direct Object Reference

Input Validation

HTTP Request Smuggling

HTTP Parameter Pollution

HTML 5 Web Storage

HTML Injection

File Upload

File Inclusion

Directory Traversal

Deserialization

Denial of Service

Cryptographic Security

Cross Site Scripting

Cross Site Request Forgery

Cross Origin Resource Sharing

Cookies

Content Security Policy

Command Injection

Clickjacking

Cache Security

Brute Force

Authentication

API Security

Ajax Security

Access Control