Practice Pentesting
Lessons, exercises, and projects about pentesting
Browse our list of curated database of projects, exercises, and lessons to learn pentesting
Master IPTables and Protect Your Network with Advanced Firewall Techniques
Wazuh is an open-source security platform that provides unified XDR and SIEM protection for endpoints and cloud workloads. It offers threat prevention, detection, and response capabilities through its integrated modules.
How Attackers Use Vulnerabilities to Gain System Control and Perform Privilege Escalation Attack
Discover the Causes, Consequences, and Solutions of NoSQL Injection: A Comprehensive Guide to Preventing and Mitigating Vulnerabilities in NoSQL Databases
Learn everything about SQL Injection
How to evade firewalls using tools like NMAP, VPNs and verify bypass Methods for Optimized Network Security**
Documentation of activities performed during penetration testing: Key Steps for Detailed, Clear, and Effective Reporting
Discover the essential techniques for using the Nessus scanner to protect your organization's assets through automated vulnerability scanning.
2hrs average
Learn how to perform a buffer overflow exploit vulnerable from a Kali Linux machine.
Understanding Privilege Escalation: How Attackers Exploit Vulnerabilities to Gain Unauthorized Access
Learn about Broken Authentication, its impact on web security, and how to protect against this OWASP Top 10 vulnerability. Includes real-world examples and prevention techniques.
🔍 What is Cross-Site Scripting, examples and how to recreate the attack or prevent it on you web application
2hrs average
This project aims to consolidate the knowledge gained from previous pentesting exercises to propose preventive measures against identified vulnerabilities. The focus is on developing a comprehensive report that details identified vulnerabilities, exploitation techniques used, and recommendations for preventing future exploits.
2hrs average
This project focuses on teaching students how to exploit vulnerabilities found in a vulnerable web application (DVWA) using Metasploit. It includes confirming vulnerabilities, exploiting them, performing privilege escalation, and documenting the process. Note: Post-exploitation activities are not included.
Enhance Security with Realistic Assessments. Learn about types, objectives, and ethical considerations in cybersecurity testing.
Learn about Server-Side Request Forgery (SSRF), its impact on web security, and how to protect against this dangerous vulnerability. Includes real-world examples and prevention techniques.
Understanding and exploiting vulnerabilities in access control mechanisms
Learn essential firewall evasion techniques to bypass Web Application Firewalls (WAFs) and enhance your cybersecurity skills. Master methods like encoding, parameter tampering, and more in this concise, practical lesson for security professionals.
Identify vulnerabilities like lack of anti-CSRF tokens in HTML forms and learn effective solutions to mitigate CSRF attacks and enhance security.