Learn Ethical Hacking and Reverse Engineering

• Registering for an Account with defendtheweb.net
• How to Use this Guide?

• Intro 1 (Client Code Information Leak)
• Intro 2 (HTML Tag Information Leak)
• Intro 3 (JavaScript Code Information Leak)
• Intro 4 (Path Traversal Vulnerability)
• Intro 5 (JavaScript prompt() Function Information Leak)
• Intro 6 (Client Code Modification Vulnerability)
• Intro 7 (robots.txt Data Leak Vulnerability)
• Intro 8 (Path Traversal Vulnerability)
• Intro 9 (Client Code Modification Vulnerability)
• Intro 10 (JavaScript Code Exposure and Decryption)
• Intro 11 (File Redirection Vulnerability)
• Intro 12 (MD5 Decryption)
• Chapter 2 Quiz

24-bit (File Extension Manipulation Exploit)

World of Peacecraft/Realistic (Dumpster Diving for Emails)

Secure Agent (Browser Spoofing)

Crypt1/Crypt (Reverse Encryption)

Beach (Steganography Analysis)

Squashed Image/Stego (Cracking Steganography)

• HTTP Method/Intro (HTTP POST Exploit & Bypassing CSRF-token Protection)
• Update HTTP Method/Intro (HTTP POST Exploit & Bypassing CSRF-token Protection)

Library Gateway/Realistic (JavaScript Code Exposure Vulnerability)

Sid/Intro (Cookie Tampering to Bypass Login)

Crypt2/Crypt (Cracking Caeser Cipher Encryption)

Crypt3/Crypt (Decoding Morse Code)

SQLi1/SQLi (Bypassing Login Page Password using SQL Injection Attack)

Recon (Information Gathering Skills, Including B6-Keys)

Crypt4/Crypt (Decrypting Ciphertext using Online Decryptors)

Map It (Port Scanning and Gaining Remote Access)

Crypt5/Crypt (Reversing & Decrypting Ciphertext using Online Decryptors)

SQLi2/SQLi (Hacking Admin Username & Password using SQL Injection Attack)

Princess Slag/Realistic (Directory Traversal Attack & Null Byte Attacks)

Xmas '08/Realistic (Website Defacement Attacks)

Planet Bid/Realistic (Password Reminder Exploits)

Access Logs (Log Injection Attack)

Sandra Murphy (XML Injection Attack)

Alphabetize/Coding (Using JavaScript Coding to Defeat Countdown Timer)

Aliens/Stego (Decoding wav Files to Extract Passwords)

Custom Encoding/Coding (Decryption & Hacking Website Countdown Timer)

Missile Codes/Forensics (Analyzing and Extracting Data from Disk Images)

• Introduction to Captcha1 Challenge
• Downloading and Installing an OCR Software
• Using Abby (OCR Tool) to Convert Image to Text
• Download and Install AutoIt (Automation Tool)
• Using AutoIt
• Chapter 29 Quiz

• Intro to Captcha2 Challenge
• Collecting Key Images
• Splitting the Captcha Image into 15 Sample Files
• Installing Node.js
• Intro to Node.js
• Using node.js to Decode Captcha Image
• Using AutoIt to Defeat Countdown Timer
• Chapter 30 Quiz

• Introduction to the Captcha3 Challenge
• Installing and Using Python
• Installing Pillow Library for Python Image Manipulation
• Collecting Key Images
• Splitting the Captcha3 Sample using Python
• Creating nodejs Script to Decode Captcha Sample Images
• Using AutoIt to Automate Tasks and Defeat Timer Limitation
• Chapter 31 Quiz

Introduction to crackme's

Downloading and Installing x64dbg and Detect It Easy (DIE)

Setting up Your Cracking Workspace and Workflow

Debugger Stepping Basics

Stepping Into Calls

• Breakpoints
• Setting Breakpoints on Strings
• Chapter 37 Quiz

Reversing Jumps

• How to Patch a Program?
• Patching with Jumps
• Chapter 39 Quiz

The 5 Steps of Cracking Software

Introduction to Cracking gui-based Programs

Analyzing the PE for a gui-based Program

• Setting up x64dbg
• Crack the Serial Key using BP on Strings

• Window API Functions
• Pushing Parameters to the Stack
• Chapter 44 Quiz

• Patching to Bypass Wrong Serial Key Message
• Bypassing using XOR Assembly
• Chapter 45 Quiz

Bonus Lecture