In client-side exploitation, we take advantage of the weakest link, that is, clients. In this course, we will take a practical approach to learning, and our major targets will be client-side software like web browsers, media players, and e-mail applications. The vulnerabilities in these software are published often, and patches are often not installed quickly. Through attack scenarios, this course will increase your client-side attack skills.
Who is this course for?
Every stakeholder who is eager to learn:
- Pentesters and ethical hackers
- Security admins
- Security analysts
- Software developers & testers
- Blue, Red, and Purple Teamers
Also, virtual communications are increasing significantly in the post-covid era, and they will increase a cybersecurity culture as a cyber security practitioner.
Why this course?
The server side is getting stronger by the day, but the client is still left vulnerable. This course will introduce various client-side exploitation techniques that can be used in a penetration test.
What tools will you use?
- Virtual Box or parallel
- Kali Linux (2021.3) or Parrot OS Linux (4.11.2)
- Metasploitable (version 2 or latest)
- Different tools and features within Linux
- For browser attacks, we will be using Firefox Mozilla for demonstrations
- For Windows demonstrations, we will use Windows 7 or Windows 10 (depending on which attacks will work best on each)
What skills will you gain?
This course includes the most offensive methods and will provide new methods for attacking client targets.
- Virtual Environment
- OSINT (open-source intelligence)
- Penetration Test
- Social Engineering
- Client-Side Attacks
- Client Remote Exploitations
- Proficiency in Metasploit
Course general information:
DURATION: 18 hours
CPE POINTS: On completion, you get a certificate granting you 18 CPE points.
- Accessible even after you finish the course
- No preset deadlines
- Materials are video, labs, and text
- All videos captioned
What equipment will you need?
- Installed Virtual Box with Kali Linux (2021.3) and vulnerable machines (setup instructions will be presented in the course)
What should you know before you join?
- This course is very practical, you will learn everything by simulations. Basic pentesting and ethical hacking knowledge will come in handy
Krenar Kepuska is a cybersecurity researcher and lecturer who believes in the importance of cybersecurity culture. He is a PhD candidate studying cybersecurity threat management at the University of Montenegro. He has experience with threats and vulnerabilities, frameworks, and standards such as NIST, ISO 27001, COBIT, GDPR, CIS Controls, and tools such as Nmap, Nessus, Wireshark, OpenVAS, Burp Suite, Kali Linux, and Metasploit. He is also an ERASMUS+ alumnus and a FULBRIGHT Research Scholar. Krenar is currently pursuing a PhD internship in New York State.
Client-Side Exploitation Attack Scenarios - Part 1
How to become an effective cyber security analyst following this course.
- Client VS Server Side: Types of Client-Side Attacks, Client-Side Attack Methodology
- Attack Scenario 1: E-Mails Leading to Malicious Link
- Metasploit Framework: Exploits, Payloads, Auxiliary/Post/Encoders
- DEMO - Configuring Apache Server
- DEMO - Creating Reverse TCP Connection Payloads
- Attack Scenario 2: E-Mails Leading to Malicious Attachments
- Attack Scenario 3: Malware Loaded on USB
- Attack Scenario 4: Credential Harvester Attacks
- DEMO - Designing Backdoor with SET Tools
- Practical assignments based on the contents of the module.
Using social engineering for client-side attacks
To attack client-side applications you often start with social engineering. Once you get a foothold, you can exploit various vulnerabilities in client-side software. In this module, we will focus on that step-by-step process.
- Social Engineering
- Client-user attacks and exploits
- Installing and operating with Veil
- Veil Payloads
- Generating backdoor using Veil
- Listening for incoming connections
- Hack client with backdoor
- Backdoor delivery with different methods
- Protecting client-side from backdoors
- Enumerating targets
- Spoofing (exe) extension with (jpg) and (pdf)
- Spoofing email
- BeEF Framework
- BeEF hooking target using MiTM
- BeEF gaining full control over client target
- Detecting Trojans
Client-Side Exploitation Attack Scenarios - Part 2
During this module, we will simulate different problems/attacks/weaknesses related with client caching, client cookies, client authentication, client password and sensitive information. To protect from different attacks in the client-side background, we should educate ourselves and increase cyber security awareness.
- Different types of caching problems
- Importance of secure cooking
- Cookie Attacks
- Cookie processing
- Simulating different types of vulnerabilities in authentication mechanism
- Password reset functionality and attacks
- Different types of sensitive data exposure
- Google caching
- Cacheable HTTPs Responses
- Credit card data
- Sensitive data in URL
- Leakage cookies
- Cookie hijacking
- XSS via Cookies
- Remote cookie tampering
- SQL injection
- Dictionary Attacks
- HTTPS enforcement
- Session Regeneration
- Insecure direct object reference
- Insecure session management
- Weakness in life cycle of password reset link
Sensitive Data Exposure
- Insecure error handling
- Disclosure of sensitive data
- Leakage cookies with sensitive data
Client Remote Exploitation
In this module, we will learn the skills and principles of client remote exploitation. Using multiple tools, such as the classic Metasploit, and various techniques, we will learn advanced methods, building on previous modules.
The main goal of this module is to learn the following:
- Reconnaissance with Metasploit
- Exploiting the local/remote target with Metasploit
- Metasploit Utilities (latest version)
- Reconnaissance with Metasploit
- Port Scanning with Metasploit and NMAP
- Compromising a Windows (version 7) Host with Metasploit
- Enumerating a Linux Machine
- Enumerating with Meterpreter
- Escalating Privileges
- Bypassing User Access Control
- Cracking the Hashes to Gain Access to Other Services
- Disabling the Firewall
- Killing the Antivirus
- Generating a Backdoor with MSFPayload
- Hashing Algorithm
- Cracking passwords
MCQ Test, checking knowledge from all 4 modules.
If you have any questions, please contact our eLearning Manager at [email protected].