HTTP
Try to: Install Apache inside your vm, change the home page of the hosted site using vim. Access this page in your browser (on the host).
Change your host file to access the Linux system under the following names: vulnerable.
Write an HTTP client to retrieve the home page of your site using an http library (for example net/http in ruby).
Write an HTTP client to retrieve the home page of your site using a socket.
Download Burp Suite (free version) and visit a website and see what requests are sent and what responses are received.
PHP and DNS
Try to:Install PHP in your virtual machine (using your previous Apache installation), write a script that echoes back a parameter in the URL. For example, accessing http://vulnerable/hello.php?name=Louis will return "Hello Louis".
Install Mysql and create a script that retrieves information from it, like article.php?id=1 returns a book and article.php?id=2 returns a computer.
Create a page that sends data to itself using a POST request.
Install the command line tool dig in your vm.
Find what name servers are used by PentesterLab, find what Mail servers are used by pentesterlab and find the Ip address of www.pentesterlab.com
Obtain information about pentesterlab.com using the whois tool.
SSL/TLS
Try to: Enable HTTPs on your web server
Make sure you disabled all the weak ciphers.
Write a SSL client using an HTTP library.
Write a SSL client using a socket.
Access your SSL server with your previous HTTP script and socat to do the connection socket<->ssl-socket.
FTP and Traffic analysis
Try to: Install and use Wireshark: inspect the traffic sent by your HTTP client (use "Follow TCP stream) and HTTPs client (check the SSL handshake)
Install a FTP server on your system.
Write a FTP client using a socket
Nmap and crypto attacks
Try to: Use Nmap to find the open ports on your VM.
Use Nmap to find the open ports on your VM while blocking ICMP using iptables.
Use iptables to close one of the open ports, check that it works using Nmap.
Find a local security meetup (Ruxmon, 2600...) and go there.
Follow CVE-2008-1930: Wordpress 2.5 Cookie Integrity Protection Vulnerability (read the course and test on the ISO)
Web For Pentester
Try to: Download and solve the levels 05 to 09 of Nebula (mirror) from exploit.education
Use Nmap to find the open ports on your VM while blocking ICMP using iptables.
Do the exercises from Web For Pentester
Technical Books
A list of technical books we find useful in helping you level up. Think there is one we are missing? Send us a email: support@pentesterlab.com
Non-Technical books
A list of non-technical books we think you'll find enjoyable when your not hacking.