YoVDO

Pentesting for N00bs - Jerry

Offered By: Cyber Mentor via YouTube

Tags

Penetration Testing Courses Ethical Hacking Courses Burp Suite Courses Apache Tomcat Courses Reverse Shell Courses

Course Description

Overview

Dive into the fifth episode of a penetration testing tutorial series focused on exploiting the "Jerry" box. Learn to analyze scan results, explore open ports, and leverage Apache Tomcat default credentials. Master Burp Suite configuration and features, including intercepts, decoder, repeater, and intruder. Discover techniques for building default credential lists and using one-line for loops. Practice using Burp intruder to test credentials, explore Tomcat with found access, and generate WAR reverse shells. Gain insights into post-exploitation enumeration, file transfers with certutil, setting up Python HTTP servers, and improving shell capabilities.

Syllabus

- Introduction and box overview.
- Reviewing scan results.
- Exploring port 8080.
- Apache Tomcat default credentials.
- Configuring Burp Suite.
- Discussing Burp Suite intercepts, decoder, repeater, and intruder.
- Building out a default credential list.
- One line for loops for the win.
- Using Burp intruder to test for default credentials.
- Exploring Tomcat with found credentials.
- Enumerating Tomcat, generating WAR reverse shells, and getting a shell.
- Discussing post enumeration, certutil file transfers, Python HTTP servers, and improving a shell.


Taught by

The Cyber Mentor

Related Courses

Ethical Hacking
Indian Institute of Technology, Kharagpur via Swayam
Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax
MSc Cyber Security
Coventry University via FutureLearn
Network Security - Introduction to Network Security
New York University (NYU) via edX
Network Security - Advanced Topics
New York University (NYU) via edX