¿ Necesitas empezar con el pentesting web y ser un ethical hacker ? Con esta tabla de S4vitar (ethical hacker , Twichyoutube ) podrás ver sus videos y filtrarlo según necesites. Podrás filtrar por:

  • Dificultad de la máquina a vulnerar
  • Certificación a la que quieras presentarte ( OSCP , EWPT , eCPPT, eJPT... )
  • Por los tipos de vulnerabilidades más conocidas ( SQLI , XSS , CSRF ...)

 

 

Nombre de la máquinaipSODificultadDescripciónCertificacionesVideo youtube
Tentacle10.10.10.224LinuxDifícilDNS Enumeration (dnsenum)
SQUID Proxy
WPAD Enumeration
OpenSMTPD v2.0.0 Exploit
SSH using Kerberos (gssapi)
Abusing .k5login file
Abusing krb5.keytab file
eCPPTv2
eCPTXv2
OSCP
OSEP
eWPT
eWPTXv2
OSWE
Active Directory
Video
Validation10.10.11.116LinuxFácilSQLI (Error Based)
SQLI -> RCE (INTO OUTFILE)
Information Leakage
eJPT
eWPT
Video
Mischief10.10.10.92LinuxInsaneSNMP Enumeration
Information Leakage
IPV6
ICMP Data Exfiltration (Python Scapy)
OSCP
eWPT
eWPTXv2
eCPPTv2
eCPTXv2
OSWE
Video
Reddish10.10.10.94LinuxInsaneAbusing Node-Red
Chisel & Socat Usage
Redis-Cli Exploitation
Rsync Abusing
Cron Exploitation
Disk Mount
File Transfer Tips
PIVOTING

eCPPTv2
eCPTXv2
Video
Return10.10.11.108WindowsFácilAbusing Printer
Abusing Server Operators Group
Service Configuration Manipulation
eJPT
OSCP (Escalada)
Video
Horizontall10.10.11.105LinuxFácilInformation Leakage
Port Forwarding
Strapi CMS Exploitation
Laravel Exploitation
eWPT
eJPT
Video
Pressed10.10.11.142LinuxDifícilPassword Guessing
WordPress Abusing RPC Calls
WordPress XML-RPC Create WebShell
PwnKit Exploit
OSCP
eWPT
eWPTXv2
OSWE
Video
Epsilon10.10.11.134LinuxMediaGit Source Leak Exploit (GitHack)
AWS Enumeration
Lambda Function Enumeration
Authentication Bypass
Abusing JWT
Server Side Template Injection (SSTI)
Tar Symlink Exploitation
eWPT
eWPTXv2
OSCP
OSWE
Video
Jeeves10.10.10.63WindowsMediaJenkins Exploitation (Groovy Script Console)
RottenPotato (SeImpersonatePrivilege)
PassTheHash (Psexec)
Breaking KeePass
Alternate Data Streams (ADS)
OSCP
eJPT
eWPT
Video
Pit10.10.10.241LinuxMediaInformation Leakage
SNMP Enumeration (Snmpwalk/Snmpbulkwalk)
SeedDMS Exploitation
SELinux (Extra)
SNMP Code Execution
OSCP
eWPT
Video
Blackfield10.10.10.192WindowsDifícilSMB Enumeration
Kerberos User Enumeration (Kerbrute)
ASRepRoast Attack (GetNPUsers)
Bloodhound Enumeration
Abusing ForceChangePassword Privilege (net rpc)
Lsass Dump Analysis (Pypykatz)
Abusing WinRM
SeBackupPrivilege Exploitation
DiskShadow
Robocopy Usage
NTDS Credentials Extraction (secretsdump)
OSCP
OSEP
Active Directory
Video
EarlyAccess10.10.11.110LinuxDifícilXSS Injection
XSS Cookie Stealing
Cookie Hijacking
Code Analysis
Building a Key Generator (PYTHON)
SQLI (Error Based)
LFI && Wrappers
Bash Scripting for Host Discovering
Information Leakage
Pivoting
Abusing Docker
Abusing Capabilities
eCPPTv2
eCPTXv2
OSCP
eWPT
eWPTXv2
OSWE
Video
Flustered10.10.11.131LinuxMediaAbusing Squid Proxy
Abusing GlusterFS
Information Leakage
Server Side Template Injection (SSTI)[RCE]
Abusing Azure Storage
OSCP
eJPT
eWPT
eWPTXv2
eCPPTv2
OSWE
Video
Love10.10.10.239WindowsFácilServer Side Request Forgery (SSRF)
Exploiting Voting System
Abusing AlwaysInstallElevated (msiexec/msi file)
eJPT
eWPT
OSCP (Escalada)
Video
NodeBlog10.10.11.139LinuxFácilNoSQL Injection (Authentication Bypass)
XXE File Read
NodeJS Deserialization Attack (IIFE Abusing)
Mongo Database Enumeration
eJPT
eWPT
Video
NunChucks10.10.11.122LinuxFácilNodeJS SSTI (Server Side Template Injection)
AppArmor Profile Bypass (Privilege Escalation)
eJPT
eWPT
Video
Bolt10.10.11.114LinuxMediaInformation Leakage
Subdomain Enumeration
SSTI (Server Side Template Injection)
Abusing PassBolt
Abusing GPG
eJPT
eWPT
eWPTXv2
OSWE
Video
GoodGames10.10.11.130LinuxFácilSQLI (Error Based)
Hash Cracking Weak Algorithms
Password Reuse
Server Side Template Injection (SSTI)
Docker Breakout (Privilege Escalation) [PIVOTING]
eJPT
eWPT
eCPPTv2
OSCP (Escalada)
Video
Hawk10.10.10.102LinuxMediaOpenSSL Cipher Brute Force and Decryption
Drupal Enumeration/Exploitation
H2 Database Exploitation
eJPT
eWPT
Video
Monitors10.10.10.238LinuxDifícilInformation Leakage
WordPress Plugin Exploitation (Spritz)
Local File Inclusion (LFI)