Home

Welcome to the Aidan-SEC-335 Wiki!

Wiki Description

This wiki covers Ethical Hacking and Penetration Testing (SEC-335). This course examines information security flaws and vulnerabilities in software systems, common network services, and internet servers, as well as increasing security awareness and remediation practices in organizations. Central topics include:

• Incorporating security into the design of software systems and e-commerce applications.
• Determining and mitigating the security vulnerabilities of various software and web-based tools.
• Articulating findings and remediations of vulnerabilities in a system.
• Maintaining secure software and internet server systems.
• Applying best information security practices for software systems to meet the needs of an organization.
• Selecting the optimal tools for implementing software systems and server-based internet applications with respect to project constraints.
• Documenting the impact and management of secure software and server systems for professional peers and managers.

Wiki Index

Week 1: Passive Recon

Google Chrome Remote Desktop Access

Passive Recon Activity

Week 2: Active Recon

Google Chrome Remote Desktop Access [Updated]

Guide to NMAP Port Scanning

Host Discovery Activity

Port Scanning Reflection

Week 3: DNS

DNS Enumeration Reflection

Guide to DNS Enumeration

Week 4: Manual Vulnerability Detection

Exploiting Cupcake Activity

Exploiting Cupcake Reflection

Week 5: Password Guessing

Password Guessing

Week 6: Password Cracking

Password Cracking

Password Cracking Reflection

Week 7: Database, File Upload, and Webshell Vulnerabilities

Exploiting Pippin Lab

Exploiting Pippin Reflection

Week 8: Reverse Shells

Reverse Shells Documentation

Weevely Documentation

Week 10: SQLi

Exploiting Gloin Lab

Exploiting Gloin Reflection

Week 11: Permission Errors

Exploiting Nancurunir Lab and Reflection

Hunting Techniques: SUID Programs and World‐Writable Files

Week 13: The Metasploit Framework

Metasploit Documentation