Learn Linux Web and WordPress Security With BitNinja
What you’ll learn
We will start with an overview of a WordPress Attack. We will sca a website hosted on WordPress and exploit its vulnerabilities.
We will talk then about proactive protection mechanisms such as IP Reputation, Port Honeypots, Web Honeypots, DoS Detection and WAF Modules.
We will continue with reactive protection mechanisms such as Malware Detection, Outbound WAF and we will see bitninja-cli capabilities.
Furthermore, we will find sources of an infection and spamming and source of outbound attacks.
In the end we will learn about troubleshooting and how to find a trouble maker IP. I think you will enjoy all of this.
How BitNinja Works
Requirements
Basic Linux Knowledge
Basic Networking Knowledge
Basic HTTP Knowledge
Description
There are a lot of courses out here about offensive security and penetration testing. They are extremely useful. But even if you are a penetration tester, security consultant, a linux administrator or a developer, you should also have to know how to fix your security. How to protect actively (so in real time) and reactively your linux servers. And this is not an easy task, believe me, I hack websites and servers for living. And at the end of the audit, I have to give a report about how I did it and how to protect against attacks like mine. So wouldn’t be easy if you would really on an actively working Web Application Firewall, Firewall and Intrusion Prevention System. To have an all in one product easily manageable, that would know the attacks and prevent them from being successful?This course is all about this. It is about protecting your server. You will witness different attacks and you will see a product like this in action. This product is called BitNinja and it is an All in one security for Linux Servers. So you can see the attacks but also you will see how to protect against them. It’s very important to know that BitNinja is a commercial, subscription-based product. Hovewer, for this training, you will have an extended free trial so you can test it in your lab environment or even in production. This is a hands-on training based on demos. So a basic knowledge of Linux would be very useful.How BitNinja WorksEasy setup – Enjoy immediate protection on your server. BitNinja is designed to install and work with as little human interaction as possible. Run one line of code and your server is protected from 99% of attacks.All-in-one protection – BitNinja combines the most powerful server security software in one easy-to-use protection suite. You get full-stack protection against XSS, DDoS, malware, scans, script injection, enumeration, brute force and other automated attacks — on all major protocols, not only HTTP(S).Machine learning – Servers protected by BitNinja learn from each attack and inform each other about malicious IPs. This result is a global defense network that counteracts botnet attacks with a shield of protection for all servers running BitNinja, while also reducing the number of false positives each server encounters.
Overview
Section 1: Introduction – the basics
Lecture 1 Promo Video
Lecture 2 Let’s meet
Lecture 3 Lab Setup
Lecture 4 Lab Setup – Login Information and Download Links
Lecture 5 Join Our Online Classroom!
Section 2: Overview of a WordPress attack
Lecture 6 Commands to be used in Section 2
Lecture 7 Scanning for wordpress vulnerabilities
Lecture 8 Exploiting a remote code execution vulnerability
Lecture 9 Uploading a backdoor
Lecture 10 Sending spam
Section 3: Basics
Lecture 11 Commands to be used in Section 3
Lecture 12 Registration and installation
Lecture 13 IP Reputations. IP lists – User vs Global lists. Greylisting, Black/Whitelists
Lecture 14 HTTP CAPTCHA
Lecture 15 SMTP CAPTHCA
Lecture 16 Commands used in SSLTerminating Module Lecture
Lecture 17 SslTerminating Module
Lecture 18 SslTerminating Module – Adding Certs Manually
Section 4: Proactive protection mechanisms
Lecture 19 Commands to be used in this section
Lecture 20 Port Honeypots
Lecture 21 Web Honeypots
Lecture 22 DoS Detection and Protection
Lecture 23 Log Analysis
Lecture 24 WAF – Web Application Firewall
Lecture 25 Demo – Log Analysis and WAF
Section 5: Reactive protection mechanisms
Lecture 26 Malware Detection
Lecture 27 Outbound WAF
Lecture 28 Demo – Malware Detection and Outbound WAF
Lecture 29 Blacklist/Whitelist and Country level blacklist/whitelist
Lecture 30 bitninja-cli
Section 6: The “How To” Section
Lecture 31 How to find the source of an infection
Lecture 32 How to find the source of spamming
Lecture 33 How to find the source of outbound attacks
Lecture 34 Security daily routine
Lecture 35 Attack trend analysis
Section 7: Troubleshooting
Lecture 36 CDN integrations
Lecture 37 Finding a trouble-maker IP
Lecture 38 Further Reading
System administrators,Ethical Hackers,Security Enthusiasts
Course Information:
Udemy | English | 4h 57m | 2.77 GB
Created by: Gabriel Avramescu
You Can See More Courses in the IT & Software >> Greetings from CourseDown.com