Advanced Linux Privilege Escalation with Hack The Box

How to find and exploit modern Linux Privilege Escalation vulnerabilities without relying on Metasploit.

4.85 (46 reviews)
Udemy
platform
English
language
Network & Security
category
instructor
Advanced Linux Privilege Escalation with Hack The Box
1,167
students
5 hours
content
Nov 2022
last update
$49.99
regular price

What you will learn

How to use multiple methods to escalate privileges on popular Linux Distros

How to succeed in CTF style exams such as the OSCP, eCPPT and CEH

How to escalate privileges in CTFs such as HackTheBox, TryHackMe and more

How to level up your ethical hacking, penetration testing and red teaming skills to earn more money in your career

How to map modern attacks against the MITRE ATT&CK framework!

Description

New Spring\Summer 2021 Launch!

This is a 100% hands on course as you will be using the same tradecraft and techniques Red Teamer's and advanced adversaries use to escalate privileges on Linux servers after they have gained initial access and established a foothold. This course is not "death by PowerPoint", in fact there is not a single Powerpoint slide in the course. This course is aimed for intermediate to advanced users who are hungry to know how to discover and exploit novel escalation paths on popular Linux servers (including some that are patched). Everything is carefully, explained - step-by-step and mapped to MITRE ATT&CK

Additionally, although Metasploit is used in some attacks, we will be using less Metasploit and more manual walk-throughs because I wanted to take the time to carefully explain WHY each method works and detail how common misconfigurations happen in enterprise environments.

Where Metasploit is used, everything is carefully explained and deconstructed so you can understand why and how it works. Exploits start easy and escalate in difficulty as you progress through the course.

The Techniques

You will quickly learn and execute the following escalation of privilege techniques across 5 vulnerable machines.  New videos are being released weekly.

  • Malicious Python Package

  • CVE 

  • Modify Launch Daemon (NEW! Just added 02/12/2021 6 New Lectures!)

The Tools

You will use ffuf, gobuster, dirsearch, nmap, Bash Scripting, Python Scripting,  netcat, pwncat, Burp Suite (advanced features) and more. You will learn how to threat hunt for SQLi attacks and how to exploit Server Side Template Injection (SSTI) attacks and much much more.

My dream for you

By the end of this course you should be able to use these techniques in:

  1. Your day to day work

  2. OSCP preparation

  3. CTF hacking

About the lab

There are 5 vulnerable machines.

No lab setup is required as the entire environment is already established in HackTheBox VIP labs

I wanted to make this course as realistic as possible while removing as many barriers to entry as possible so I've partnered with HackTheBox VIP labs to make it as easy as possible to get started.

Yes, HackTheBox is an additional charge but it offers hundreds of pre-configured vulnerable machines in a lab which is accessible via a VPN connection. This means you can get started right away and don't have to waste time fumbling with VirtualBox and VMWare settings on your local system. Most of the systems are also licensed which provides the best environment for realistic exploitation.

Tip:

I made these videos so all commands are zoomed in close so you can watch on a mobile phone if desired. I hate watching videos on my smartphone and squinting at the command prompt or terminal. Never again will that happen.

Content

Techniques

Malicious Python Package (Recon + Spidering)
Malicious Python Package (Fuzzing + Forced Browsing)
Malicious Python Package (Scraping + Scripting + Phishing)
Malicious Python Package (Spying + Pivoting)
Malicious Python Package (Evasion + Shell)
Malicious Python Package (Horizontal Escalation)
Malicious Python Package (Horizontal Escalation 2)
Malicious Python Package (Horizontal Escalation 3)
Malicious Python Package (Vertical Escalation)

Reviews

Michael
September 7, 2023
Great content. Vonnie knows his stuff. Great way of not only showing the tools in use but also the basic thought process.
Snuckerzlul
May 7, 2022
Been waiting for the continuation (since it's promised that there will be 5 covered machines). Will fix review once more contents have been added.
Sujith
October 14, 2021
Vonnie's instruction is clear and to the point. He does not assumes that the student understands everything and explains new concepts and commands. I liked his way of explaining every flags in the command. A big thumps up to Vonnie. Will be interested in seeing a Python programming for hackers course from the instructor. Thanks.
Devin
August 24, 2021
Vonnie as always sir you have exceeded my expectations. Love the way you break down everything and make it easier to digest. Hoping you to come up with a Burp Course.lol ?

Charts

Price

Advanced Linux Privilege Escalation with Hack The Box - Price chart

Rating

Advanced Linux Privilege Escalation with Hack The Box - Ratings chart

Enrollment distribution

Advanced Linux Privilege Escalation with Hack The Box - Distribution chart

Related Topics

3757566
udemy ID
1/7/2021
course created date
2/4/2021
course indexed date
Bot
course submited by