Ethical Hacking

Ethical Hacking

Just letting ya'll know, that if you click on the text, you will be redirected to the blog post, i just linked it.

Also, i am putting, dates of the expected date of the post, to be published. You can bookmark and follow along, by checking on that date.

1. Introduction & Basics

    > Introduction to Information Technology (20th April, 2024)

    > Hacking Metholodogies and Auditing (22nd April, 2024)

    > Computer Networking (24nd April, 2024)

    > IP Address and NAT (26nd April, 2024)

2. Information Gathering and Web Development

    > Digital Footprints and Information Gathering

    > Advanced Information Gathering

    > Google Dorking

    > Introduction to Web Architecutre and Understanding HTML

    > HTML Basics

    > HTML and Introduction to Javascript

    > Introduction to PHP and Setting up Xampp

    > Working with PHP

    > Handling User Input and Biolding Basic Apps using PHP

3. Introduction to Web VAPT, OWASP, SQL Injection

    > Introduction to VAPT and OWASP

    > Basics of Databases and SQL

    > Authentication Bypass using SQL Injection

    > GET Based SQL Injection

    > POST Based SQL Injection

    > Advanced SQL Injections

    > Automapping SQL Injections - SQL Mapping

4. Advanced Web Application Attacks

    > Bypassing Client Side Filters using Burp Suite

    > IDOR and Rate-limiting issues

    > Arbitary File Upload Vulnerabilities

5. Client Side Attacks

    > Understanding Important Response Headers, DOM and Event Listeners

    > Fundamentals of Cross Site Scripting (XXS)

    > Understanding Forced Browsing and Session-Cookie Flaws

    > Cross Site Request Forgery (CSRF) and Open Redirections

    > Dictionary Based Brute Force Attacks

    > Logical Brute Force Attacks

    > Personally Identifiable Information (PII) Leakage and Sensitive Information Disclosure

6. Identifying Security Misconfigurations and Exploiting Outdated Web Applications

    > Common Security Misconfigurations

    > DefaultWeak Password Vulnerabilities

    > Fingerprinting Components with Known Vulnerabilities

    > Scanning for Bugs in WordPress and Drupal

    > Using Public Exploits

7. Automating VAPT and Secure Code Development

    > Information Gathering for Endpoints

    > Application Assessment using Nmap

    > Automating VAPT with Nikto and Burp Suite Pro

8. Documenting and Reporting Vulnerabilities

    > Documenting Stages of Vulnerabilities Using Tools

    > VAPT Reports Developer Report vs Higher Management Report

    > Concepts of Code Security and Patching

    > Parts of a VAPT Report

    > Common Good Practices and Bad Practices