• Post category:StudyBullet-7
  • Reading time:13 mins read


Fun way to learn Ethical Hacking & Reverse Engineering by hacking real practice websites & reversing CrackMe’s

What you will learn

Web Hacking

Website defacement

Tampering Cookies

Hacking Admin Passwords

Hack Bank Accounts to Transfer Money

Stealing email mailing lists

Reversing Encryption

Tampering voting pages

Hacking website database

Tampering browser javascript to gain access

How to crack software serial number keys

Remove Nag Screen Reminders asking you to register

Convert Trial Software to Fully Functional Software

Extend 30-day Trial Period Software

Learn Reverse Engineering and Assembly Language

Browser Spoofing

SQL Injection Attacks

Port scanning

Log Injection Attacks

Computer Forensics

Hacking Captchas

Description

If you want to learn ethical hacking  & also reverse engineering the fun and easy way like playing a computer game, then this course is for you. There exists on the Internet several websites which allows people to hack  and also to reverse software. These websites typically have different levels from easy to advanced. By solving each level and gradually levelling up, you will learn hacking and reversing.  All you need is a PC. In this course I am only using a Windows PC to do ethical hacking and reverse engineering.

The website we will be hacking is DefendTheWeb which is a popular hacker’s playground where hackers play hacking games reminiscent of CTF (Capture the Flag) and learn at the same time. However, without some help and guidance you will find it quite challenging. Hence this course. I will walk through each level from Basic to Realistic.

For the Reverse Engineering lessons, you will  learn how to reverse CrackMe’s.   A CrackMe is a small program designed to test a programmer’s reverse engineering skills.

These CrackMe’s typically have different levels from easy to advanced. By solving each level and gradually levelling up, you will learn reverse engineering (reversing).  Traditionally, reverse engineering is taught by first learning C/C++, assembly language and then debugging. Note that we do not crack software nor condone the act of cracking software.


Get Instant Notification of New Courses on our Telegram channel.


The crackme’s we will be reversing is provided by CrackingLessons and Crackmes One which are a popular reverser’s playground . Information on solving crackmes on the Internet is terse and unstructured. Hence this course. I will walk through each level just like in a classroom where you can follow along and ask questions in the Q & A section. All you need is a PC running Windows.

Great way to learn Web Development, Information Technology (IT), Assembly programming and Reverse Engineering:

If you had always wanted to learn HTML, Javascript, PHP, MySQL, etc, Assembly and Reverse Engineering, what better way than to learn how to hack websites ethically and reverse engineering. .  This course is also a great stepping stone to other Reverse Engineering fields like malware analysis, exploits development and software testing.   So let’s get started in your journey of hacking & cracking to learn.

This course is backed by a 30-day money back guarantee.  So, go ahead and enroll in this course now and start hacking the fun and easy way!

English
language

Content

[New] Introduction

Introduction
Registering for an account with defendtheweb.net
How to use this Guide

Intro Levels

Intro 1 (Client code information leak)
[NEW] Intro 2 (HTML tag information leak)
Intro 3 (Javascript code information leak)
Intro 4 (Path traversal vulnerability)
Intro 5 (Javascript prompt() function information leak)
[NEW] Intro 6 (Client code modification vulnerability)
[NEW] Intro 7 (robots.txt data leak vulnerability)
Intro 8 (Path traversal vulnerability)
Intro 9 (Client code modification vulnerability)
Intro 10 (Javascript code exposure and decryption)
Intro 11 (File redirection vulnerability)
Intro 12 (MD5 decryption)

24-bit (File extension manipulation exploit)

24-bit (File extension manipulation exploit)

Word of Peacecraft/Realistic (Dumpster diving for emails)

World of Peacecraft/Realistic (Dumpster diving for emails)

Secure Agent (Browser Spoofing)

Secure Agent (Browser Spoofing)

Crypt1/Crypt (Reverse encryption)

Crypt1/Crypt (Reverse encryption)

Beach (Steganography analyis)

Beach (Steganography analyis)

Squashed image/Stego (Cracking steganography)

Squashed image/Stego (Cracking steganography)

HTTP Method/Intro (HTTP POST exploit & Bypassing CSRF-token protection)

HTTP Method/Intro (HTTP POST exploit & Bypassing CSRF-token protection)

Library Gateway/Realistic (Javascript code exposure vulnerability)

Library Gateway/Realistic (Javascript code exposure vulnerability)

Sid/Intro (Cookie tampering to bypass login)

Sid/Intro (Cookie tampering to bypass login)

Crypt2/Crypt (Cracking Caeser Cipher encryption)

Crypt2/Crypt (Cracking Caeser Cipher encryption)

Crypt3/Crypt (Decoding Morse Code)

[NEW] Crypt3/Crypt (Decoding Morse Code)

SQLi1/SQLi (Bypassing login page password using SQL Injection Attack)

SQLi1/SQLi (Bypassing login page password using SQL Injection Attack)

Recon (Information gathering skills, including B6-Key)

Recon (Information gathering skills, including B6-Keys)

Crypt4/Crypt (Decrypting ciphertext using online decryptors)

Crypt4/Crypt (Decrypting ciphertext using online decryptors)

Map It (Portscanning and gaining remote access)

Map It (Portscanning and gaining remote access)

Crypt5/Crypt (Reversing & Decrypting ciphertext using online decryptors)

Crypt5/Crypt (Reversing & Decrypting ciphertext using online decryptors)

SQLi2/SQLi (Hacking admin username & password using SQL Injection Attack)

[NEW] SQLi2/SQLi (Hacking admin username & password using SQL Injection Attack)

Princess Slag/Realistic (Directory traversal attack & null byte attacks)

[NEW] Princess Slag/Realistic (Directory traversal attack & null byte attacks)

Xmas ’08/Realistic (Website defacement attacks)

Xmas ’08/Realistic (Website defacement attacks)

Planet Bid/Realistic (Password reminder exploits)

Planet Bid/Realistic (Password reminder exploits)

Access Logs (Log Injection Attack)

Access Logs (Log Injection Attack)

Sandra Murphy (XML Injection Attack)

Sandra Murphy (XML Injection Attack)

Alphabetize/Coding (Using Javascript coding to defeat countdown timer)

Alphabetize/Coding (Using Javascript coding to defeat countdown timer)

Aliens/Stego (Decoding wav files to extract passwords)

Aliens/Stego (Decoding wav files to extract passwords)

Custom Encoding/Coding (Decryption & hacking website countdown timer)

Custom Encoding/Coding (Decryption & hacking website countdown timer)

Missile codes/Forensics (Analyzing and extracting data from disk images)

Missile codes/Forensics (Analyzing and extracting data from disk images)

Captcha1/CAPTCHA (Hacking Captcha using OCR and AutoIt)

Introduction to Captcha1 challenge
Downloading and Installing an OCR software
Using Abby (OCR tool) to convert image to text
Download and install AutoIt (Automation tool)
Using AutoIt

Captcha2/CAPTCHA (Hacking Captcha with node.js, imagemagick & AutoIt )

Intro to Captcha2 challenge
Collecting key images
Splitting the captcha image into 15 sample files
Installing node.js
Intro to Node.js
Using node.js to decode captcha image
Using AutoIt to defeat countdown timer

Captcha3/CAPTCHA (Using Python to hack Captcha )

Introduction to the Captcha3 challenge
Installing and Using Python
Installing Pillow library for Python Image Manipulation
Collecting key images
Splitting the captcha3 sample using python
Creating nodejs script to decode captcha sample images
Using AutoIt to automate tasks and defeat timer limitation

Bonus Lecture

Bonus Lecture