Offensive Security Pathway

From Script Kiddy to Offensive Security General - From Absolute Beginner to Skilled Ethical Hacker!

What you'll learn

Become a skilled ethical hacker

Start with zero knowledge and learn all the important things from scratch!

Cybersecurity Concepts

Job Opportunities

Legal & Ethical Hacking

Learn about Computers, Networking, the Commandline, Cryptography and Virtualisation

Setup a Pentesting Demo Lab

Working with Windows & Linux

OSINT Techniques

Social Engineering

Scripting

Hacking tools

Gaining a Foothold

Windows & Linux Enumeration

Web Attacks

Hacking Active Directory

Privilege Escalation

Persistence Techniques

Lateral Movement

Cloud Exploitation

Reverse Engineering

Anti-Virus Evasion

Requirements

All you need is a computer and a willingness to learn! This course is truly unique, as we start from the basics and gradually progress to a professional level. If you're ready to invest your valuable time, you'll gain in-depth knowledge and hands-on skills, fully prepared to step into an offensive security role in the real world.

Description

Jarno Baselier’s Offensive Security Pathway is a comprehensive training program (+/- 47 hour) designed for aspiring cybersecurity professionals eager to develop expertise in offensive security. This meticulously structured course takes participants from foundational knowledge to advanced offensive techniques, ensuring a thorough understanding of the cybersecurity landscape. Beginning with no prior knowledge, learners will be introduced to essential offensive security concepts, fundamental cybersecurity principles, and the importance of ethical hacking. They will explore vital topics such as Windows and Linux basics, networking fundamentals, and scripting, laying the groundwork for their journey into offensive security.As participants progress, they will delve deeper into critical skills, including virtualization, network protocols, and command-line interfaces necessary for effective system management. Basic social engineering tactics will prepare them for real-world scenarios where human factors significantly influence security outcomes. The course emphasizes practical application, teaching students to utilize popular hacking tools like Nmap and Metasploit for vulnerability assessment and exploitation. They will learn to identify and exploit vulnerabilities in both Windows and Linux systems, gaining hands-on experience that is essential for a successful career in offensive security.Advanced topics such as web attacks, post-exploitation techniques, and privilege escalation strategies will be covered, with a focus on Active Directory environments and sophisticated network attacks. This approach ensures that learners develop the real-world application and problem-solving skills needed in the field. Critical skills in documentation and reporting, alongside advanced persistence techniques and cloud exploitation, will also be introduced, enabling participants to navigate the complexities of modern cybersecurity challenges effectively.Finally, this course prepares students for industry-recognized certifications such as CEH, OSCP, eCPTX, and PNPT. With an emphasis on advanced evasion techniques, exploit development, and threat hunting, participants will emerge from the program job-ready, equipped to tackle sophisticated cyber threats. By the end of this course, students will possess extensive knowledge, practical experience, and the confidence necessary to pursue rewarding careers in offensive security. Join us to transform your passion for cybersecurity into a successful and fulfilling career!Course Learning path:Start with Zero Knowledge: Begin with foundational concepts in cybersecurity, computer systems, and networking, ensuring that everyone, regardless of their background, can follow along.Understanding the Basics: Dive into essential knowledge of Windows and Linux operating systems, networking fundamentals, and introduction to cybersecurity principles.Grasping Offensive Security: Learn the principles of offensive security, ethical hacking, and legal practices. This prepares you for a career in cybersecurity.Hands-On Lab Experience: Set up and configure a demo lab environment to practice skills in a safe and isolated setting. This practical experience is crucial for applying theoretical knowledge.Basic Hacking Skills: Start using basic hacking tools and techniques to understand vulnerabilities in systems. Gain hands-on experience in vulnerability scanning and exploit development.Web Application Security: Develop skills in identifying and exploiting web vulnerabilities, learning to hack applications and understand the OWASP Top 10 vulnerabilities.Advanced Hacking Techniques: As you progress, dive deeper into specialized hacking techniques, including advanced web attacks, privilege escalation, and exploitation of Active Directory.Persistence & Evasion Techniques: Learn advanced persistence techniques for maintaining access to compromised systems, and study advanced evasion techniques to bypass security mechanisms.Expert-Level Skills: Finally, master advanced topics such as shellcoding, exploit development, reverse engineering, and cloud exploitation, while preparing for professional certifications.Job-Ready Skills: By the end of the course, participants will have extensive knowledge and practical skills, making them well-prepared for a job in offensive security and able to tackle widely recognized certifications.

Overview

Section 1: Level 1 - Offensive Security Recruit (OSR)

Lecture 1 Course Information

Lecture 2 1.1 Intro

Lecture 3 1.2 Intro + What Can You Expect

Lecture 4 1.3 Offensive Security Introduction

Lecture 5 1.4 Next Steps in Learning - Computers

Lecture 6 1.5 Next Steps in Learning - Windows

Lecture 7 1.6 Next Steps in Learning - Linux

Lecture 8 1.7 Next Steps in Learning - Networking

Lecture 9 1.8 Next Steps in Learning - Cryptography

Lecture 10 1.9 Shell Commands and Scripting

Lecture 11 1.10 Virtualization and Cloud Basics

Lecture 12 1.11 Installing Demo Lab Environment

Lecture 13 1.12 Demo Lab Virtual Box Networks

Lecture 14 1.13 Setup Kali Linux Machine

Lecture 15 1.14 Setup Win10 & Win11 Clients + CommandoVM

Lecture 16 1.15 bWAPP Install

Lecture 17 1.16 pfSense Install

Lecture 18 1.17 Install Metasploitable

Lecture 19 1.18 DC01 Installation

Lecture 20 1.19 Install IIS - SQL Server

Lecture 21 1.20 Install Windows Client

Lecture 22 1.21 Outro

Section 2: Level 2 - Offensive Security Officer (OSO)

Lecture 23 Course Information

Lecture 24 2.1 Intro

Lecture 25 2.2 Windows Medium Knowledge

Lecture 26 2.3 Linux Medium Knowledge

Lecture 27 2.4 Networking Medium Knowledge

Lecture 28 2.5 Network Packet Analysis

Lecture 29 2.6 Basic Scripting in Python

Lecture 30 2.7 OSINT

Lecture 31 2.8 Social Engineering

Lecture 32 2.9 Wrapping Up

Section 3: Level 3 - Offensive Security Lieutenant (OSL)

Lecture 33 Course Information

Lecture 34 3.1 Intro

Lecture 35 3.2 Chapter & Hacking Tools Introduction

Lecture 36 3.3 Active DNS Enumeration

Lecture 37 3.4 Nmap

Lecture 38 3.5 NetCat

Lecture 39 3.6 RPC

Lecture 40 3.7 NetBIOS

Lecture 41 3.8 SMB

Lecture 42 3.9 FTP

Lecture 43 3.10 SNMP

Lecture 44 3.11 SMTP

Lecture 45 3.12 LolBins

Lecture 46 3.13 Shells

Lecture 47 3.14 Metasploit and Meterpreter

Lecture 48 3.15 Interactive and Non-Interactive Shells

Lecture 49 3.16 Hacking Windows VS Hacking Linux

Lecture 50 3.17 Password Cracking

Lecture 51 3.18 NTLM & Kerberos

Lecture 52 3.19 Vulnerability Scanning

Lecture 53 3.20 Wrapping Up

Section 4: Level 4 - Offensive Security Colonel (OSC)

Lecture 54 Course Information

Lecture 55 4.1 Intro

Lecture 56 4.2 Course Content

Lecture 57 4.3 Web Proxy Tools and BurpSuite

Lecture 58 4.4 Web Reconnaissance Tools

Lecture 59 4.5 cURL

Lecture 60 4.6 Basic Web Knowledge

Lecture 61 4.7 Basic Website Enumeration

Lecture 62 4.8 API Testing

Lecture 63 4.9 Cross-Side Request Forgery

Lecture 64 4.10 Server-Side Request Forgery

Lecture 65 4.11 Cross-Site Scripting

Lecture 66 4.12 Directory Traversal

Lecture 67 4.13 File Inclusion - Local and Remote

Lecture 68 4.14 PHP Wrappers

Lecture 69 4.15 File Upload Vulnerabilities

Lecture 70 4.16 Command Injection

Lecture 71 4.17 SQL Injection

Lecture 72 4.18 Active Directory Introduction

Lecture 73 4.19 Active DIrectory Enumeration

Lecture 74 4.20 Mapping Active Directory - Bloodhound

Lecture 75 4.21 AD Password Spraying

Lecture 76 4.22 AS-REP Roasting

Lecture 77 4.23 Kerberoasting

Lecture 78 4.24 DES-Based AS-REP Roasting and Kerberoasting

Lecture 79 4.25 Golden & Silver Tickets

Lecture 80 4.26 Pass the Hash and OverPass the Hash

Lecture 81 4.27 Pass the Ticket

Lecture 82 4.28 Relay NTLMv2 Hashes

Lecture 83 4.29 TimeRoasting

Lecture 84 4.30 Active Directory User Security Permissions

Lecture 85 4.31 Unconstrained Delegation

Lecture 86 4.32 Constrained Delegation

Lecture 87 4.33 Resource-Based Constrained Delegation

Lecture 88 4.34 Windows Privilege Escalation - Manual Enumeration

Lecture 89 4.35 Windows Privilege Escalation - Automatic Enumeration tools & techniques

Lecture 90 4.36 Windows Shadow Copies

Lecture 91 4.37 Binary & DLL Hijacking

Lecture 92 4.38 Unquoted Service Paths

Lecture 93 4.39 Scheduled Tasks

Lecture 94 4.40 Windows Exploits

Lecture 95 4.41 Abusing Windows Privileges

Lecture 96 4.42 Exploiting Microsoft Office Macro's

Lecture 97 4.43 Abusing Microsoft Library Files and Shortcuts

Lecture 98 4.44 Linux Privilege Escalation - Manual Enumeration

Lecture 99 4.45 Linux Automatic Enumeration

Lecture 100 4.46 SUID Programs and Linux Capabilities

Lecture 101 4.47 Special Sudo Permissions

Lecture 102 4.48 Exploiting Writeable Path

Lecture 103 4.49 SSH Key Injection

Lecture 104 4.50 Abusing SystemCTL

Lecture 105 4.51 CRON Job Exploitation

Lecture 106 4.52 System Kernel Vulnerabilities

Lecture 107 4.53 Wrapping Up

Section 5: Level 5 - Offensive Security Major (OSM)

Lecture 108 Course Information

Lecture 109 5.1 Intro

Lecture 110 5.2 Course Content

Lecture 111 5.3 Advanced Persistence Techniques - Windows

Lecture 112 5.4 Advanced Persistence Techniques - Linux

Lecture 113 5.5 Data Exfiltration Techniques

Lecture 114 5.6 Pivotting

Lecture 115 5.7 Buffer Overflows

Lecture 116 5.8 Cloud Exploitation - General Concepts and Azure Concepts

Lecture 117 5.9 Cloud Exploitation - Azure Enumeration and gaining credentials

Lecture 118 5.10 Cloud Exploitation - Azure Persistence

Lecture 119 5.11 Documentation and Reporting

Lecture 120 5.12 Wrapping Up

Section 6: Level 6 - Offensive Security General (OSG)

Lecture 121 Course Information

Lecture 122 6.1 Intro

Lecture 123 6.2 Course Content

Lecture 124 6.3 Active Directory Certificate Services

Lecture 125 6.4 Advanced Reverse Engineering - Theory

Lecture 126 6.5 Advanced Reverse Engineering - Reversing a simple binary

Lecture 127 6.6 Advanced Reverse Engineering - Reversing a stripped binary

Lecture 128 6.7 User Account Control Bypassing Techniques

Lecture 129 6.8 Advanced Evasion Techniques

Lecture 130 6.9 Wireless Hacking

Lecture 131 6.10 Wrapping Up

Beginners in Cybersecurity: Individuals with little to no prior knowledge in cybersecurity who are eager to start a career in the field of offensive security. This course provides a solid foundation and guides them through the necessary concepts and skills.,Aspiring Ethical Hackers: Individuals who have a keen interest in ethical hacking and wish to develop the skills needed to identify vulnerabilities in systems, applications, and networks, and understand the mindset of an attacker.,IT Professionals: Current IT practitioners looking to expand their skill set by gaining expertise in offensive security practices. This course can help IT support staff, network administrators, system engineers and developers transition into cybersecurity roles.,Security Enthusiasts: Individuals who have a passion for technology and security, and want to deepen their knowledge in offensive strategies to better understand and defend against cyber threats.,Career Changers: Professionals from other fields who are looking to pivot into cybersecurity. This course offers comprehensive training that prepares them for entry-level positions in offensive security.,Students and Recent Graduates: Individuals studying computer science, information technology, or related fields who want to enhance their resumes with practical skills and knowledge in offensive security.,Job Seekers in offensive Cybersecurity: Those actively seeking employment in the cybersecurity industry who need a structured learning path that equips them with the skills necessary to meet job requirements and prepare for certification exams.,By the end of this course, participants will possess extensive knowledge and hands-on experience, making them well-prepared to enter the workforce and pursue recognized certifications in the field of offensive security.