Practice Pentesting

Lessons, exercises, and projects about pentesting

Browse our list of curated database of projects, exercises, and lessons to learn pentesting

Comprehensive Guide to IPTables

Master IPTables and Protect Your Network with Advanced Firewall Techniques

2hrs average

Learn how to perform a buffer overflow exploit vulnerable from a Kali Linux machine.

Understanding Privilege Escalation: How Attackers Exploit Vulnerabilities to Gain Unauthorized Access

Learn about Broken Authentication, its impact on web security, and how to protect against this OWASP Top 10 vulnerability. Includes real-world examples and prevention techniques.

🔍 What is Cross-Site Scripting, examples and how to recreate the attack or prevent it on you web application

Identify vulnerabilities like lack of anti-CSRF tokens in HTML forms and learn effective solutions to mitigate CSRF attacks and enhance security.

Learn how to install and use Metasploitable 2, a vulnerable virtual machine designed for practicing penetration testing and enhancing cybersecurity skills. This guide covers common vulnerabilities and installation prerequisites, offering detailed instructions for setting up Metasploitable 2 on VirtualBox.

Enhance Security with Realistic Assessments. Learn about types, objectives, and ethical considerations in cybersecurity testing.

Mastering Windows Command Line for Remote System Control

Learn about Server-Side Request Forgery (SSRF), its impact on web security, and how to protect against this dangerous vulnerability. Includes real-world examples and prevention techniques.

Understanding and exploiting vulnerabilities in access control mechanisms

Learn essential firewall evasion techniques to bypass Web Application Firewalls (WAFs) and enhance your cybersecurity skills. Master methods like encoding, parameter tampering, and more in this concise, practical lesson for security professionals.

Documentation of activities performed during penetration testing: Key Steps for Detailed, Clear, and Effective Reporting

Mastering Information Gathering for Penetration Testing: Essential Techniques and Tools for Effective Reconnaissance

Wazuh is an open-source security platform that provides unified XDR and SIEM protection for endpoints and cloud workloads. It offers threat prevention, detection, and response capabilities through its integrated modules.

How Attackers Use Vulnerabilities to Gain System Control and Perform Privilege Escalation Attack

Discover the Causes, Consequences, and Solutions of NoSQL Injection: A Comprehensive Guide to Preventing and Mitigating Vulnerabilities in NoSQL Databases

How to evade firewalls using tools like NMAP, VPNs and verify bypass Methods for Optimized Network Security**

What is Metasploit and how to use it for pentesting, key components and complementary tools