1
00:00:00,270 --> 00:00:00,970
Welcome back.

2
00:00:01,470 --> 00:00:09,270
It's time for a small break, we covered a full penetration test by now or you can say recovered how

3
00:00:09,270 --> 00:00:13,120
it would look like and how would we perform a penetration test.

4
00:00:13,740 --> 00:00:20,940
We went from gathering information about our target, from personal and technical information to then

5
00:00:20,940 --> 00:00:27,330
later performing a scan to figure out the target's infrastructure and if we could find some openings

6
00:00:27,330 --> 00:00:29,370
or vulnerabilities to attack.

7
00:00:30,710 --> 00:00:38,930
After doing that, we gained access to the target by either exploiting a vulnerability or delivering

8
00:00:38,930 --> 00:00:47,480
a payload that the target will execute, and at the end we performed post exploitation with the payload

9
00:00:47,480 --> 00:00:53,870
that we delivered from stealing information with a key logger to download the files from their machine

10
00:00:53,900 --> 00:00:55,810
or maintaining access.

11
00:00:56,150 --> 00:00:57,710
We did all of that.

12
00:00:58,070 --> 00:01:01,630
And you can say we completed the penetration testing circle.

13
00:01:02,430 --> 00:01:04,940
We did all of this on both windows.

14
00:01:04,940 --> 00:01:10,760
And the next target and the next step that you could take is to practice all of these things that we

15
00:01:10,760 --> 00:01:17,540
learned on various virtual machines that you can download online and that have different vulnerabilities,

16
00:01:18,380 --> 00:01:21,320
machines that are similar to our anticipatable.

17
00:01:21,950 --> 00:01:27,530
You can also subscribe to different online programs that host vulnerable machines that allow you to

18
00:01:27,530 --> 00:01:31,940
test them and advance your skills even more through testing those machines.

19
00:01:32,990 --> 00:01:39,800
However, more about all of this, I will say at the end of the course, and even after covering all

20
00:01:39,800 --> 00:01:42,760
of this, we're still not done yet.

21
00:01:43,400 --> 00:01:46,100
We still have more things to cover.

22
00:01:46,850 --> 00:01:52,420
Remember when I told you that port, it is something that we will be attacking later in the course.

23
00:01:53,180 --> 00:01:54,830
Well, why port 80?

24
00:01:55,720 --> 00:02:02,920
Remember, Port 80 is used to host a website and websites have a lot of different vulnerabilities that

25
00:02:02,920 --> 00:02:08,100
we haven't covered yet, so we're going to do that in a section of it.

26
00:02:08,120 --> 00:02:14,650
So the next thing that we cover are going to be the basics of Web application penetration testing.

27
00:02:15,070 --> 00:02:18,340
And if I didn't mention it already, let me say it again.

28
00:02:18,790 --> 00:02:20,530
This is a huge topic.

29
00:02:20,770 --> 00:02:27,280
You might have also heard about bug bounties, and that is mostly referred to Web app penetration testing.

30
00:02:27,880 --> 00:02:34,300
Nonetheless, once you finish that, we're also going to take a look at gaining access to the wireless

31
00:02:34,300 --> 00:02:35,150
access points.

32
00:02:35,830 --> 00:02:40,380
This will also involve password cracking, which we also haven't encountered yet.

33
00:02:40,600 --> 00:02:45,610
And after that, we're going to take a look at something not so important, but interesting.

34
00:02:45,760 --> 00:02:48,940
And that is called Man in the Middle Attack.

35
00:02:49,910 --> 00:02:55,040
We're going to see exactly how it works once we get to it, but for now, you can just remember it as

36
00:02:55,040 --> 00:03:00,710
an attack that will allow us to steal information on a network from other devices connected.

37
00:03:01,220 --> 00:03:02,930
So we still have a lot to go.

38
00:03:03,650 --> 00:03:11,540
But before we do any of these, I have another surprise for you, and that is another coding project.

39
00:03:12,300 --> 00:03:12,950
That's right.

40
00:03:13,130 --> 00:03:18,800
It is time to create a tool that will have something to do with all these exploitation things that we

41
00:03:18,800 --> 00:03:20,500
covered in last few sections.

42
00:03:21,230 --> 00:03:26,410
And for this, I've picked to show you how to code our own payload.

43
00:03:27,200 --> 00:03:30,560
I believe this is what most people would want to see.

44
00:03:30,920 --> 00:03:33,020
So we're going to code it ourselves.

45
00:03:33,350 --> 00:03:38,840
It won't be anything to advance, but you will get a good understanding of behind the scenes on how

46
00:03:38,840 --> 00:03:40,940
payloads and rehearsals work.

47
00:03:41,450 --> 00:03:46,970
And by the end of that project, you will have a working back door that you can send to the target and

48
00:03:46,970 --> 00:03:50,090
execute commands with the help of it on the target machine.

49
00:03:50,810 --> 00:03:51,140
Cool.

50
00:03:51,140 --> 00:03:58,520
Right now that you know what the surprise is, we're ready to get straight into Back-Door in the next

51
00:03:58,520 --> 00:03:58,780
video.

52
00:03:59,200 --> 00:03:59,840
See you there.