We started our Patreon Page to inspire more people evolve, develop and enhance their hacking skills, always from an ethical perspective. The Content is recommended for moderate to experienced people that have knowledge in using the Kali Linux OS, and understanding about the hacking methodologies.
By becoming a Patron (Member),
You will find exclusive new content available ONLY on Patreon every month, showing you continuous techniques and methodologies in Offensive Security.
Expect to learn about hacking tools covering several aspects such as OSINT, Brute-Forcing & Fuzzing Attacks, Content Discovery, Web Application Testing, Post-Exploitation, Attacks, and Recon, covering tools from Kali Linux and GitHub.
You will also get access to Exclusive Mini series of Episodes about various scenarios covering Hacking/Red Teaming that require more hours, such as how to hack from the Top 10 OWASP Vulnerabilities, with more focus on top tools but with chained attacks, and a more in-depth explanation of the topic that we will be covering.
What we aim is to help you think outside the box by expanding your creativity as a hacker from a Red Teaming Mindset. You will constantly discover new topics covering such wide topics in the Offensive Security World.
You will unlock: Over 70 episodes and Over 30 hours worth of Content.
Overcoming Security Measures: Path Traversal filter bypass, OAuth, and 2FA for Red Teams
This full episode is a free sample of our Exclusive Premium content on Patreon, giving you a glimpse of what you’ll learn when you join. In this episode, we’ll focus on manual attacks with a focus on Path Traversal. You’ll learn how to manipulate variables with “dot-dot-slash” sequences to access files and directories outside of the web root folder. We’ll also cover bypassing an OAuth service that allows users to log in with social media accounts, and explore techniques for bypassing 2FA measures when they are in place. This Episode demonstrates that even if you implement 2FA measures which is a great step toward security, it is only as ever secure as its implementation.
Maltego Series
Episodes:
- Maltego – Mastering Recon from an Offensive Mindset (Part 1)
- Maltego – Mastering Corporate Recon from an Offensive Mindset (Episode 2)
The Recon-ng Framework: Rapid and Customized Reconnaissance for Red Teams
Episodes:
- Explaining Marketplace, Modules Installation and API Setup for effective Recon Scans
- Perform Bug Bounty using Active and Passive Recon techniques, exporting results for reporting with Recon-ng
Mastering Reconnaissance: Bug Bounty Techniques using Amass
Episodes:
- Maximizing your Passive and Active Scanning Techniques with Amass (Part 1)
- Bug Bounty Techniques using Amass (Part 2)
How Hackers get past EDRs, AVs, and Endpoint Defenses Series
Episodes:
- Creating evasion payloads to bypass EDRs and AVs (Part 1)
- How Hackers get past EDRs, AVs, and Endpoint Defenses (Part 2)
Unleashing the Power of One-Liners Series
Episodes:
- Unleashing the Power of One-Liners with Amass for Advanced Red Team Hacking Techniques (EP.1)
- Perform Recon on subdomains by capturing screenshots of all URLs and searching for .js and .json files (EP.2)
- Automating Reconnaissance and SSRF Testing (EP.3)
Exploitation from the Top 10 OWASP Vulnerabilities Series
Episodes:
- Hacking A Website using SQL Injection and Cross-Site Scripting (EP.1)
- Hacking a Website using File Inclusion and Path Traversal Attacks (EP.2)
- Hacking a Website using Sensitive Information and Broken Authentication (EP.3)
Perform advanced Fuzzing Techniques Series
Episodes:
- Introduction to Fuzzing Web Applications (EP.1)
- Advanced Fuzzing Guide for identifying Vulnerabilities (EP.2)
- Advanced Fuzzing with Ffuf for Bug Bounty Hunters and Pentesting (EP.3)
OSINT Techniques Series
Episodes:
- Introduction to OSINT: Advanced Recon Techniques (EP.1)
- Going deeper with advanced Recon Techniques using the best tools (EP.2)
- Use the Dark Side of OSINT Search engines to investigate a Person of Interest (POI) (EP.3)
Nmap/Masscan Series
Episodes:
- Scan the entire Internet in less than 5 minutes with Masscan and NMAP (EP. 1)
- Find vulnerabilities with Nmap using manual advanced Active Recon Techniques (EP.2)
- Advanced Enumeration techniques with NMAP, Zenmap and Hydra (EP.3)
Wireshark Series
Episodes:
- Explore further under the layers of sniffing network packets & analyzing with Wireshark (EP. 1)
- How to use Wireshark’s dumpcap, tcpdump & capinfos to capture and analyze traffic from your terminal (EP. 2)
- Analysis of the Log4j Attack, VOIP Capture, Credential harvesting and pcap files with Wireshark (EP. 3)
Burp Suite Series
Episodes:
- Introduction to Burp Suite – Installing & Updating on Kali Linux (EP. 1)
- Perform Spidering, SQL Injection Attacks, Fuzzing with Intruder, Analyze Responses & More (EP. 2)
- Bug Bounty Techniques using Burp Collaborator, Repeater, Decoder, Intruder to audit WebApps (EP. 3)
- Going beyond with Burp Extender, using top extensions for Pentesters & Bug Bounty Hunters (EP. 4)
- How to manually exploit vulnerabilities based on attacks such as Path Traversal, Authentication Bypass & Bypassing 2FA logins using Burpsuite Pro (EP. 5)
Metasploit Series
Episodes:
- Installation, Configuration & Setup (EP. 1)
- Scanning & Exploiting using NMAP (EP. 2)
- Exploiting, Shell to Meterpreter & Persistency – (EP. 3)
- Exploiting the FireFox Browser (EP. 4)
- Finding SQL Injection using built in SQLMAP & Metasploit (EP. 5)
- Perform a WebApp Vulnerability Scan using WMAP on Metasploitable 2 (EP. 6)
- How Hackers perform advanced Post Exploitation techniques (EP. 7)
- The Power of Privilege Escalation with Mimikatz using Pass the Hash & Advanced Techniques (EP. 8)
- Using Searchsploit to install new exploits into Metasploit manually (EP. 9)
- Creating your own Vulnerability Scanner and Backdoors using Metasploit’s Own Scripting Engine (EP. 10)
- How to Create a Meterpreter Session compromising an Android Phone using Metasploit & BeEF
- Using BeEF with The Social Engineering Toolkit
- BeEF Framework: Understanding The Attack Modules & Demo
- So do AVs work? Demo of How Hackers bypass Latest AVs using Advanced Techniques
- Kali Linux & The Raspberry Pi 4 – Sniffing HTTPS Traffic & Creating FUD Backdoors
- Burp Suite: Intercepting Requests & Modifying Responses
- Zenmap The GUI of NMAP, DDoS Tool by BHEH
- Exploiting website vulnerabilities using complex evasive injection-based attacks with Burp Suite and SSTImap
- Mastering HTML Smuggling Attacks using advanced Steganography tactics w/ Bob the Smuggler
- ReconSpider – Most Advanced Open Source Intelligence (OSINT) Framework
- Write your own Nmap NSE Scripts converting them into Nuclei templates
- Obtain a Callback Powershell reverse TCP Session and more using advanced scripting attacks with the FlipperZero
- Post-Exploitation Attacks with BloodHound through Microsoft’s Active Directory
- UFONet – P2P and Cryptographic Denial of Service Toolkit with Botnets
- PhoneSploit Pro: Advanced Remote Exploitation of Android Devices with ADB, Metasploit-Framework, and Meterpreter Sessions
- The Art of Stealthy Infiltration: Decoding HTTPS Request Smuggling Techniques Manually
- Advanced Post Exploitation Attacks using CrackMapExec: From Recon to gaining access and elevating to a Meterpreter Session.
- Deploying Custom Payloads and C2 Channels with Mythic, a Red Teamer’s Dream.
- Mastering MITM (Man In The Middle) Attacks with Bettercap: Injection Attacks, ARP Spoofing, Sniffing, SSL Stripping and BeEF Framework.
- Digital Forensics File Carving – Recover Deleted Data from any Formatted USB Drive (EP.3)
- Digital Forensics Investigation in Autopsy – Analysis of Data Sources (EP.2)
- Digital Forensic Analysis – Introduction to Autopsy (EP.1)
- API Penetration Testing on Postman Platform (Part 2)
- Introduction to API Penetration Testing on Postman Platform (Part 1)
- Penetration Testing and Reverse Engineering for Mobile Applications (Part 2)
- Penetration Testing and Reverse Engineering for Mobile Applications (Part 1)
- Types of Wireless Network and Bluetooth Attacks (Part 2)
- Can a Wi-Fi password be hacked? (Part 1)
- Advanced Post Exploitation with Metasploit, dumping and analyzing network traffic with Tshark
- Starkiller an Elegant Powerful Tool for Post-Exploitation (Visualise interaction with payloads in style)
- Build your own Recon System for Bug Bounty Hunting w/ Osmedeus tool.
- Detect malicious hacker activities on endpoints using Thor scanner tool.
- Find hidden and encrypted secrets keys from any website using SecretFinder tool.
- Automated XSS Injection Attacks with Dalfox.
- How to use Commix and perform sophisticated attacks using OS Command Injection & Getting RCE
- Perform Post-Exploitation using Shad0w C2 on Windows 10
- Bug Bounty & Pentesting Techniques using Pixload to create and inject payloads in various images
- How to use XSSER to detect, exploit and report XSS vulnerabilities in web-based applications
- How to Perform advanced Open Source Intelligent Gathering (OSINT) with the OSRFramework
- How to Perform Advanced XSS (Cross Site Scripting) Injection Attacks with XSStrike
- How to perform Phishing Attacks with Blackeye & The Social Engineering Toolkit
- How to find Vulnerabilities using Raccoon
- Sublist3r: How to Enumerate, Bruteforce & Discover Subdomains of any Company using Sublist3r
- Using ATSCAN Hacking Toolkit and Real Demo Tutorial