Ethical Hacking - Log4Shell The Complete Course

Udemy Ethical Hacking - Log4Shell The Complete Course

Register & Get access to index
4614370-dfe1-6.jpg


Ethical Hacking - Knowing, Identifying and Exploiting Log4Shell Vulnerabilities | Pentesting Methodology | Cybersecurity

What you'll learn​

  • Know what is Logging, Log4J and Log4Shell;
  • Create a Virtual Hacking Lab;
  • How to exploit Log4Shell - Step by Step;
  • Exploit Log4Shell Locally on a Windows Environment (Minecraft Server);
  • Exploit Log4Shell Locally on a Linux Environment (Ubuntu Web Server);
  • Exploit Log4Shell Remotely;
  • Create tunnels with Ngrok;
  • Security Assessments and Pentesting Methodology;
  • Identifying Log4Shell vulnerabilities manually and with automation;
  • How to mitigate Log4Shell;

Requirements​

  • Operating System: Windows / OS X / Linux;
  • Memory (RAM): 6Gb;
  • Basic IT knowledge;
  • Knowledge on hacking or programming languages, not needed;

Description​

On this course we will learn about what Log4Shell vulnerabilities are and how to identify and exploit this vulnerabilities in a security assessment point of view.
--> We start by learning the theoretical concepts about this vulnerability.
--> Then, we are going to create our hacking lab with virtualized environments. Here, we will use Oracle Virtual Box to create 3 virtual machines. The first virtual machine will be running Kali Linux and it will be our hacking machine, from which we will exploit Log4Shell vulnerabilities. The second virtual machine will be running Ubuntu Desktop and it will be one of the victims machine, which will be running a Log4Shell vulnerable web application. The third virtual machine will be running Windows 11 and it will be one of the victims machine, which will be running a Log4Shell vulnerable Minecraft Server.
--> Then, we will learn how to exploit Log4Shell vulnerabilities and so, perform the following attacks: Log Manipulation, Out-Of-Band (OOB) Interactions , Ourt-Of-Band (OOB) Interactions With Data Exfiltration and Gaining a Shell. Here, all the attacks will be explaned step by step.
--> Then, we will learn about pentesting and security assessments methodologies, focusing on the identifications of Log4Shell vulnerabilities.
--> Finally, we will learn how to mitigate Log4Shell vulnerabilities.
This course is mainly focused on aquiring knowledge through practical exercises, which i do believe that is the best way to learn. Hope you enjoy it!
Rui Carreira

Who this course is for:​

  • Anyone interested in cybersecurity;
  • Beginner, Intermediate and Advanced Web Developers & Network Administrators
  • Security Analysts, Pentesters and Bug Hunters
  • IT technicians in general
Author
TUTProfessor
Downloads
76
Views
724
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from TUTProfessor