We've worked really hard this year to make our AttackDefense Labs an immensely valuable resource for learners! Here are some of our favorite demos! Everything runs in your Browser - no VPN needed!
1. Docker Breakout via Process Injection piped.video/watch?v=fvhNOYDk…
From writing assembly code to analyzing and securing malware, learn everything cybersecurity. Subscribe for full access to our hands-on, browser-based labs: bit.ly/2SG0KQb#cybersecurity#pentest#infosec
Many of you've requested us to run FREE Public CTFs - we are finally launching our early Beta: CTF.Live ! We will be adding new features and content on it weekly. Enjoy!
Amazon Web Services is a prime target forthe attackers! In this FREE lab, learn the basics of AWS cloud pentesting, including testing of 5 primary components: EC2, Lambda, API Gateway,S3, and DynamoDB. Sign in at bit.ly/3hO2Shk and try it at bit.ly/3T8r0gw
Thanks for the overwhelming response! Many of you asked for a sneak preview of our online labs so here it is 😀 Free Beta Access link will close soon: goo.gl/forms/lFumjtgIE51LbG7… Sign up now!
We are giving out our annual subscription which includes access to over 1700+ live online labs at a 70% Discount! bit.ly/2NGNAMj Stay Safe and Happy Learning!
Start as a normal domain user and compromise multiple forests by just using features and functionalities without using any exploit in our fully patched Windows #RedTeam lab. bit.ly/2uDtfhC
5 Openings at our Kolkata location: Security Researcher, Experience: 0-4 Years CTC offered: 4-25 Lakhs/annum. Instructions on how to apply are attached.
WiMonitor: Plug and Play Wi-Fi Monitoring and Packet Sniffing HackerArsenal.com
WiMonitor: Plug and Play Wi-Fi Monitoring and Packet Sniffing
Once configured the device automatically scans channels 1-13 in the 2.4GHz band, captures packets and sends them to a remote IP address over Ethernet. The encapsulation is compatible with Wireshark!
Network pivoting is the process of abusing a compromised machine, connected to multiple networks, to access other networks. This approach comes handy when the attacker wants to target the machines on a different subnet. See how it works at bit.ly/3aw4lFM
It is dangerous to assume your internal network is always secure! Granting direct access to users to avoid credential management is one of the bad practices an admin can follow. Learn how an attacker can exploit this on a misconfigured #Jenkins server at bit.ly/3FCTxE5
A buffer overflow occurs when the input data to a program goes out of the allocated memory space and corrupts the contents of memory addresses adjacent to it. See how an attacker can craft an input to escalate privileges using buffer overflow: bit.ly/3FGZDUi
Socks4 Proxy is a #Metasploit module which allows an attacker to pivot through a compromised machine and access hidden machines available in that network. In this walkthrough, learn how to use this server module for pivoting: bit.ly/3v4ccE6#cybersecurity
We are planning to announce Pentester Academy's First Worldwide Conference soon! Will happen in 2019. @wifisecguy and rest of the team want me to do it here -- REAL Photo of the auditorium taken from the stage today!
Learn to pentest WiFi networks for both client- and infrastructure-side attacks in our 4-week WiFi Pentesting bootcamp. Acquire job-ready skills and get certified as a WiFi network pentester. bit.ly/3qb5qet#cybersecurity#redteam#pentest#infosec
Our online labs has launched into its early beta! All our labs are accessible using a web browser #NoVPN needed. Video below is a sample of our terminal based Tshark labs. Free Beta Signup: goo.gl/forms/lFumjtgIE51LbG7…
Written for the infosec community, AWSGoat is a realistic training ground for #AWS exploitation techniques. It features OWASP Top 10 (2021) security risks and misconfigurations based on AWS services. Check it out on our repo: bit.ly/3T6HWEd#cloud#pentest
Merry Christmas from PentesterAcademy! Thanks for making 2019 our best year so far! Our new year resolution is to work even harder in 2020 and create more awesome labs and courses.
Learn pentesting with @georgiaweidman! This new set of labs lets you practice on scenarios described in her book. Learn every stage of a pentesting assignment, including information gathering, finding exploitable vulnerabilities, post exploitation & more. bit.ly/36RTTa6
Sysadmins use AppArmor to specify allowed and denied actions for programs, thus increasing security posture. In this lab, experience the constraints imposed by AppArmor and learn how they can be relaxed! Sign in at bit.ly/3hO2Shk and try it at bit.ly/3dP6KR5
Written for the infosec community, AWSGoat is a realistic training ground for #AWS exploitation techniques. It features OWASP Top 10 (2021) security risks and misconfigurations based on AWS services. Check it out on our repo: bit.ly/3T6HWEd#cloud#pentest
A buffer overflow occurs when the input data to a program goes out of the allocated memory space and corrupts the contents of memory addresses adjacent to it. See how an attacker can craft an input to escalate privileges using buffer overflow: bit.ly/3FGZDUi
DevSecOps section just debuted on AttackDefense Labs! :) Over 100 challenges to be added on Docker, Kubernetes, Serverless, PaaS, etc. in the next few weeks! Stay tuned!
Network pivoting is the process of abusing a compromised machine, connected to multiple networks, to access other networks. This approach comes handy when the attacker wants to target the machines on a different subnet. See how it works at bit.ly/3aw4lFM
Running a Docker container with SYS_MODULE capability should be avoided! Check out our blog to see how excessive Linux capabilities granted can lead to host takeover: bit.ly/3lCYmoU#cybersecurity#Docker#container
Written for the infosec community, AWSGoat is a realistic training ground for #AWS exploitation techniques. It features OWASP Top 10 (2021) security risks and misconfigurations based on AWS services. Check it out on our repo: bit.ly/3T6HWEd#cloud#pentest
Free AWS lab: learn how a dictionary attack can be performed to identify objects on an S3 bucket. Try it in your browser by signing in at bit.ly/3A8U3H0, then access the lab at bit.ly/2XaKQze — no AWS account or additional software needed!
No pentester can be effective without a working understanding of WebApp security. Our syllabus covers WebApp basics, attack tools, the #OWASP Top 10, and more! Get a plan for you or your team at bit.ly/3zSW0qG#appsec#cybersecurity#pentest#infosec
Learn how to prevent Linux Capability exploits and control binary/service capabilities using AppArmor/Seccomp. Get an individual or team subscription at: bit.ly/3jB91jI#cybersecurity#infosec#linuxtraining
Learn all the ways an attacker can break out of a Docker container! Our Container Security Labs guide you all the way from #Docker basics to container breakouts. Subscribe for full access: bit.ly/3jv8NKO#cybersecurity#infosec
Can you forge a JWT token without having the signing key? Yes! Check out our lab walkthrough on leveraging kid claim and a blind SQLi vulnerability to control the signing key: blog.pentesteracademy.com/ha…
Misconfiguration is the leading cause of #AWS vulnerabilities. Gain the knowledge to secure S3 objects, buckets, and more in our Cloud Security Labs. Get full access for you or your team at bit.ly/2SHgylL#cybersecurity#infosec#cloudsecurity#cloud
Proud Moment -- AttackDefense.com now has over 700 Challenges and 43,000 Labs played during 4 months of Beta! Try it now if you have not already: lnkd.in/gRKHM2X
Learn all the ways an attacker can break out of a Docker container! Our Container Security Labs guide you all the way from #Docker basics to container breakouts. Subscribe for full access: bit.ly/3jv8NKO#cybersecurity#infosec
Linux Security is an essential skill to master for pentesting. Our labs cover everything from recon, exploitation, priv-esc, pivoting, and more! Enhance your skills with a subscription: bit.ly/3jB91jI#cybersecurity#infosec#linux
Our team is working hard to get the swag for the weekend lab sprint shipped! Locally we are under a lock down so @justineloh91 graciously did all the packing at her home! Ships later this week.
Amazon Web Services is a prime target forthe attackers! In this FREE lab, learn the basics of AWS cloud pentesting, including testing of 5 primary components: EC2, Lambda, API Gateway,S3, and DynamoDB. Sign in at bit.ly/3hO2Shk and try it at bit.ly/3T8r0gw
MAJOR MILESTONE: DevSecOps Labs - Docker, Kubernetes, etc. security will soon be available on AttackDefense online! This will be a *** Industry first *** : screenshot below: lnkd.in/gHVUkkb
All set for @BlackHatEvents ! Excited to be part of Passport to Prizes - Thanks BlackHat Team! Looking forward to setting up our booth tomorrow and meet some awesome people!
Whether you’re a beginner pentester or security professional, you’ll find something new to learn with our 2400+ hands-on exercises. Spanning 135+ subtopics, our labs are entirely browser-based. Get full access: bit.ly/2SG0KQb#cybersecurity#pentest#infosec
Learn all the ways an attacker can break out of a Docker container! Our Container Security Labs guide you all the way from #Docker basics to container breakouts. Subscribe for full access: bit.ly/3jv8NKO#cybersecurity#infosec
Understand how to attack and protect different parts of the Docker ecosystem with our hands-on lab exercises. Subscribe for full access: bit.ly/3jv8NKO#cybersecurity#infosec#docker
You can now try out INE's labs for FREE! Test them out: bit.ly/3PxuKr0
The available labs include...
+ Network Architecture
+ Enterprise Networking
+ Offensive Cybersecurity
+ Defensive Cybersecurity
+ CVE Cybersecurity
+ Cloud (AWS, GCP and Azure)
#infosec
Learn all the ways an attacker can break out of a Docker container! Our Container Security Labs guide you all the way from #Docker basics to container breakouts. Subscribe for full access: bit.ly/3jv8NKO#cybersecurity#infosec
Pivot through subnets and machines, bypass hardened boxes and abuse #Kerberos functionality to complete challenges in our Advanced Red Team lab. bit.ly/2PKAoZF
Socks4 Proxy is a #Metasploit module which allows an attacker to pivot through a compromised machine and access hidden machines available in that network. In this walkthrough, learn how to use this server module for pivoting: bit.ly/3v4ccE6#cybersecurity