Introduction
  • Teaser - Converting Downloads To Trojans On The Fly & Hacking Windows 10
  • Course Overview
Back To Basics/Pre-Connection Attacks
  • Pre-connection Attacks Overview
  • Spoofing Mac Address Manually
  • Targeting 5 GHz Networks
  • Deauthenticating a Client From Protected WiFi Networks
  • Deauthenticating Multiple Clients From Protected WiFi Networks
  • Deauthenticating All Clients From Protected WiFi Network
  • Deauthenticating Same Client From Multiple Bands or Networks
Gaining Access
  • Gaining Access Overview
  • Discovering Hidden Networks
  • Connecting To Hidden Networks
  • Bypassing Mac Filtering (Blacklists & Whitelists)
  • Cracking SKA WEP Networks
  • Securing Systems From The Above Attacks
Gaining Access - Captive Portals
  • Sniffing Captive Portal Login Information In Monitor Mode
  • Sniffing Captive Portal Login Information Using ARP Spoofing
  • Creating a Fake Captive Portal - Introduction
  • Creating Login Page - Cloning a Login Page
  • Creating Login Page - Fixing Relative Links
  • Creating Login Page - Adding Form Tag
  • Creating Login Page - Adding Submit Button
  • Preparing Computer To Run Fake Captive Portal
  • Starting The Fake Captive Portal
  • Redirecting Requests To Captive Portal Login Page
  • Generating Fake SSL Certificate
  • Enabling SSL/HTTPS On Webserver
  • Sniffing & Analysing Login Credentials
Gaining Access - WPA & WPA2 Cracking - Exploiting WPS
  • Exploiting WPS - Introduction
  • Bypassing "Failed to associate" Issue
  • Bypassing 0x3 and 0x4 Errors
  • WPS Lock - What Is It & How To Bypass It
  • Unlocking WPS
Gaining Access - WPA & WPA2 Cracking - Advanced Wordlist Attack
  • Advanced Wordlist Attacks - Introduction
  • Saving Cracking Progress
  • Using Huge Wordlists Without Wasting Storage
  • Saving Cracking Progress When Using Huge Wordlists Without Wasting Storage
  • Cracking WPA/WPA2 Much Faster Using GPU - Part 1
  • Cracking WPA/WPA2 Much Faster Using GPU - Part 2
Gaining Access - WPA & WPA2 Cracking - Evil Twin Attack
  • What is It & How it Works
  • Installing Needed Software
  • Stealing WPA & WPA2 Key Using Evil Twin Attack Without Guessing
  • Debugging & Fixing Login Interface Issues
Gaining Access - WPA & WPA2 Cracking - WPA/WPA2 Enterprise
  • What is WPA & WPA2 Enterprise & How it Works
  • 2 Methods To Hack WPA & WPA2 Enterprise
  • Stealing Login Credentials
  • Cracking Login Credentials
  • Securing Systems From The Above Attacks
Post Connection Attacks
  • Post Connection Attacks Overview
  • Ettercap - Basic Overview
  • Ettercap - ARP Spoofing & Sniffing Sensitive Data Such As Usernames & Passwords
  • Setting Up SSLstrip Manually To Bypass HTTPS & Sniff Data From HTTPS Websites
  • Automatically ARP Poisoning New Clients
  • DNS Spoofing Using Ettercap
  • Bypassing Router-Side Security & Poisoning Target Without Triggering Alarms
Post Connection Attacks - Analysing Data Flows & Running Custom Attacks
  • Introduction to MITMproxy
  • Using MITMproxy In Explicit Mode
  • Analysing (Filtering & Highlighting) Flows
  • Intercepting Network Flows
  • Modifying Responses & Injecting Javascript Manually
  • Intercepting & Modifying Responses In Transparent Mode
  • Editing Responses & Injecting BeEF's Code On The Fly
  • Editing Responses Automatically Based On Regex
  • [Bonus] - Stealing Login Info Using Fake Login Prompt
  • [Bonus] - Hacking Windows 10 Using A Fake Update
Post Connection Attacks - Writing Custom Scripts To Execute Own Attacks
  • Introduction to MITM Scripts?
  • Capturing & Printing Requests/Responses
  • Filtering Flows & Extracting Useful Data
  • Using Conditions To Execute Code On Useful Flows
  • Generating Custom HTTP Responses
  • Testing Script Locally
  • Generating Trojans - Installing The Trojan Factory
  • Generating Trojans - Converting Any File (eg:image) To a Trojan
  • Testing Script On Remote Computer To Replace Downloads With a Generic Trojan
  • Executing Bash Commands & Calling Trojan Factory From Our Script
  • Using Variables & More Complex Conditions
  • Converting Downloads To Trojans On The Fly
  • Configuring The Trojan Factory's MITMproxy Script
  • Using The Trojan Factory MITMproxy Script
Post-Connection Attacks - Doing All Of The Above On HTTPS Websites
  • Bypassing HTTPS With MITMproxy
  • Replacing HTTPS Downloads
  • Injecting Data (Javascript, HTML elements ...etc) In HTTPS Websites
  • Securing Systems From The Above Post Connection Attacks
Bonus Section
  • Bonus Lecture - What's Next?