Offensive Security Ex

Module 1
Brief Introduction to Web World and Web Technology
Module 2
Introduction to the port 80 and port 443(SSL)
Module 3
Introduction to Web languages
Module 4
Examine Web Internal Architecture with web coding and Database
Module 5
Examine Flag associated with Three-way Handshaking
Module 6
Configuring System for Web Hacking
Module 7
Metasploit and Metasploit Framework
Module 8
Examine Top Ten Vulnerability in Web Application (OWASP)
Module 9
Web Proxies and How We Use Web Proxies for Penetration Testing
Module 10
SSL (Secure Socket Layer), SSL Exploitation and SSL Sniffing Technique
Module 11
Different Web Framework for Web Penetration Testing
Module 12
Netcat Lab for HTTP 1.0, 1.1 and 2.X etc
Module 13
HTTP Method Testing with Metasploit
Module 14
Attacking HTTP Authentication with Nmap and Metasploit
Module 15
HTTP Digest Auth hashing RFC 2069
Module 16
HTTP-set Cookie with HTTP Cookie
Module 17
SSL-TLS(Socket Oriented Protocol) Transport Layer Security
Module 18
File Extraction from HTTP/HTTPS Traffic
Module 19
HTML Injection in Tag Parameter
Module 20
HTML Injection- Bypass Filter CGI ESCAPE
Module 21
Web to Shell on the Server (Advanced Exploitation)
Module 22
Configure SSH SOCKS Proxy With Burp Suite To Tunnel All Testing Traffic Through A Cloud Server (Digital Ocean, AWS, Azure)
Module 23
Brief Introduction to XSS (Cross Site Scripting) & Tools Setup for Exploitation
Module 24
XSS (Cross Site Scripting) Identification Process on Live Application
Module 25
XSS All Types (Persistent, Non-Persistent & DOM Based) Exploitation on Live Application
Module 26
XSS via Event Handler Attributes
Module 27
JavaScript for Penetration Tester- Loop, function and Data Types
Module 28
JavaScript For Penetration: Stealing Cookie and Advanced Form Manipulations
Module 29
Null file Injection Technique
Module 30
LFI (Local File Inclusion) & RFI (Remote File Inclusion) Exploitation on Live Application
Module 31
Session Management in Depth, Session Hijacking , Cookie and Token Based Attack on Live Application
Module 32
Use Burp Suite To Identify HTTP Request That Are Vulnerable To Open Redirect Attacks (Live Application)
Module 33
MIME Sniffing Vulnerabilities & Exploitation
Module 34
Same-Origin-Policy, CORS (Cross Origin Resource Sharing) Identification & Exploitation on Live Application.
Module 35
Authentication and Authorization Bypass (Live Application Assessment, Cloud Azure AD Assessment , Vertical PE , Horizontal PE)
Module 36
Crypto Attack (Advanced Technique): Algo, PKI, Hash Cracking (All Types) Attacks etc.
Module 37
Advanced Burp Hacks for Bug Bounty Hunters
Module 38
Browser Fuzzing: Fuzz Popular Browsers Such As Google Chrome, Firefox and Safari
Module 39
Automate HTML Fuzzing : Live Exploitation
Module 40
Brief Introduction to Database: MYSQL, NOSQL, MONGO DB, POSTGRES, AURORA, SQLITE3 etc
Module 41
Fuzzing the JavaScript Engine
Module 42
Official Hacker Associate Web & Cloud API Assessment Mind Map
Module 43
Examine Web Coding & Learn How to Write Code for Web
Module 44
Cloud Web & API Exploitation & Security: OWASP TOP 10 for Cloud
Module 45
Examine Iframe Vulnerability & Exploitation on a Live Web Application
Module 46
Stress Penetration Testing on Live Web Application : DOS and DDOS Attacks
Module 47
Offensive Penetration Testing for Web (Black hat Approach)
Module 48
JavaScript Based Attack & Exploitation on Live Web Application
Module 49
HTTP Methods and Verb Tempering Attack & Analysis
Module 50
HTTP Basic Authentication
Module 51
HTTP Digest Authentication RFC 2069
Module 52
HTTP Statelessness and Cookie
Module 53
Session ID and Cookie Stealing (Cookie/Token Attack) on Live Application
Module 54
SSL MITM using Proxies
Module 55
HTML Injection All Types
Module 56
HTML Injection Using 3rd Party Data Sources
Module 57
Command Injection Technique
Module 58
Web Shell PHP Meterpreter
Module 59
Web Shell Using Python,PHP etc
Module 60
JavaScript for Penetration Tester-Introduction to Hello World
Module 61
JavaScript for Penetration Tester: Variable
Module 62
JavaScript for Penetration Tester: Operator
Module 63
JavaScript for Penetration Tester-Conditionals
Module 64
JavaScript for Penetration: Enumerating Data Properties
Module 65
File Upload Vulnerabilities & Exploitation (Advanced Methods)
Module 66
Invalidated Redirect
Module 67
CSRF (Client Side Request Forgery) Identification & Exploitation All Types: Live Application
Module 68
Encoding Sniffing
Module 69
Null Termination Vulnerability
Module 70
SSRF (Server Side Request Forgery) Identification & Exploitation All Types: Live Application
Module 71
Threat Modeling
Module 72
Generation of POC (Proof of Concept) on a Live Application
Module 73
Cloud API Security Assessment
Module 74
Red Teaming Tools for Web Application Penetration Testing
Module 75
WAF Bypassing
Module 76
Source Code Analysis
Module 77
Live Subdomain Takeover
Module 78
Broken Link Hijacking
Module 79
RECOX-Engine
Module 80
Injection : All Types
Module 81
HTTP Request Smuggling
Module 82
Live Web Application Audit using Professional Web App Exploitation Framework
Module 83
Open Redirect Vulnerabilities Identification & Exploitation All Types: Live Application
Module 84
OAuth2.0 Attacks & Security
Module 85
JSON Web Token Attacks & Security
Module 86
Hacker Associate Custom Payloads for All Types of Attacks Captcha Attack
Module 87
Black Hat Tools & Technique
Module 88
IP Rotating
Module 89
Insufficient Anti Automation Attack & Security
Module 90
MFA Bypassing Technique
Module 91
Burp Extension : Writing Your Own Burp Extension
Module 92
Advanced Burp Hacks for Bounty Hunters
Module 93
Blind XSS
Module 94
Captch Attack
Module 95
Clickjacking Attack
Module 96
CAT Framework for Web Application Penetration Tester
Module 97
XXE (External Entity Injection) Identification & Exploitation All Types: Live Application
Module 98
Adversary Simulation of a Live Attack using Cloud VPS
Module 99
Obscure Email Vulnerability
Module 100
Email Attacking Vector
Module 101
Server Side Template Injection
Module 102
Web Sockets Exploitation
Module 103
Complete Web Application Audit : Report Writing