Hello friends! It’s been a while, hasn’t it? Today, I have a small community contribution. I’ve spent the last few weeks very briefly reviewing every video on this post, and I’ve sorted them into various categories as they relate to common penetration testing methodologies. It may not be 100% accurate…but with that stipulation out of the way, I want to chime in my personal thoughts on Phillip Wylie’s Pwn School Project.
I should also take a moment to talk about my relationship with The Pwn School Project.
I’m not funded or sponsored in any way by Phillip Wylie or The Pwn School Project. The information herein is not an official syllabus, and should not be regarded as an authoritative source - or representative of the thoughts of Phillip Wylie or The Pwn School Project in any manner. This is simply something I wanted to do to help out the community, and support Phillip after having met with him on Eric Balardo’s stream in recent times. You can find the link to that stream here: https://www.youtube.com/watch?v=kD70RBD9YuQ
Abstract
The Pwn School Project is effectively a free, professional-level, online training and knowledge sharing channel on Youtube based on penetration testing and ethical hacking:
The Pwn School Project’s Youtube Link: https://www.youtube.com/c/ThePwnSchoolProject
The Pwn School Project was started by Phillip Wylie as a way to help college students further their education in cybersecurity - particularly, in penetration testing methodology, and has now grown to a community of several thousand students spanning from many different backgrounds. If you know me, I’m a huge fan of “stuff/things” that are cheap, but especially things that are free. This is an awesome platform that is inclusive, friendly to newcomers, and has high-quality content…it’s really hard for me to criticize anything about it.
So this pseudo-syllabus is my contribution to you, as well as to The Pwn School Project. If you want to take this from a truly academic approach, I’ve included a short worksheet at the end with some simple questions to ask yourself about each video (think of it as a sort of homework that doesn’t get a grade, and there are no wrong answers).
Please feel free to reach out to me on Twitter if additions/modifications/retractions need to be made, and I’ll be happy to get those taken care of.
Syllabus
Start Here
Welcome To The Pwn School Project
https://www.youtube.com/watch?v=QuiMtiglFYs
About The Pwn School Project - Phillip Wylie
https://www.youtube.com/watch?v=qYkn3tm6-to
The Pentester Blueprint AMA with Kim Crawley and Phillip Wylie - Pwn School Denton April 2021
https://www.youtube.com/watch?v=Bfe6Mvn6sHQ
IT & Cyber Defense Knowledge
“An Introduction to Active Defense & Cyber Deception” by Sheldon “PoppaShell” Carmichael
https://www.youtube.com/watch?v=AkkGE_4fzhY
Chad Graham presents “What do you mean we’ve been hacked?”
https://www.youtube.com/watch?v=VieghHH9s8g
Life in Containers: The Big Picture by Pankaj Mouriya
https://www.youtube.com/watch?v=UwBshgfnAGA
Pwn School Nov. 2019: Defense through Deception - Jared Folkins
https://www.youtube.com/watch?v=wxx-ocbqqwA
Rick Medina presents “Imposter Emails, Scamming the Scammers, or whatever legal allows.”
https://www.youtube.com/watch?v=9cJ_RxC_Jfs
Demystifying Deep Learning: Past, Present and the Future - Dr. Saumitra Das
https://www.youtube.com/watch?v=BCZn0OjSseA
Ransomware on XMAS Day: Ransomware Case Study - Jeff Beley
https://www.youtube.com/watch?v=cxOWhy8m-ug
Talk starts around 5:00
Penetration Testing
Open-Source Intelligence (OSINT)
FunkyCold presents “Intro into OSINT - Feeding your inner stalker, legally of course”.
https://www.youtube.com/watch?v=MJV7hPWrkag
Intro to OSINT, Deep Web, and Darknet by Levitannin - September 2021 Pwn School
Talk starts around 15:00
https://www.youtube.com/watch?v=SgOek7kGVDE
Enumeration
@0xtavian presents “Axiom: A Distributed Hacking Framework for Pentesters and Red Teamers”
https://www.youtube.com/watch?v=z_Bp_SUdaIo
Exploitation
Pwn School Feb. 2019 Jeff Carrel IPv6 Hacking
https://www.youtube.com/watch?v=daMJUdZjxe4
Windows-Specific Or Active Directory
April 2019 Pwn School - What’s zDeal with zBang?! Discover Hidden Risks in AD with zBang.
https://www.youtube.com/watch?v=DARS5w5eMJo
Pwn School Feb 2020: Hacker Tool Talk with Mark Mo
https://www.youtube.com/watch?v=F-EIi__vyeU
Web Exploitation
Cary Hooper presents “Modern Web Application Vulnerabilities (on the perimeter right now)”
https://www.youtube.com/watch?v=QZUrmpYAw50
Exploiting Web APIs by Matt Scheurer - Pwn School Denton July 2020
https://www.youtube.com/watch?v=GPV9Dwbt42I
“API Keys Now What? Taking the Pen Test into the Amazon Cloud” by Jim Shaver
https://www.youtube.com/watch?v=-qSsBVZekzE
Post-Exploitation
“World of C2’s” by Quentin Rhoads-Herrera and Chase Dardaman - Pwn School September 21, 2020
https://www.youtube.com/watch?v=rkdcDZs9aFw
Intro to Cracking Hashes - Micah
https://www.youtube.com/watch?v=S2azOFOCkNM
Reporting
Pwn School Oct. 21, 2020 - Report Writing with Austin Tipton
https://www.youtube.com/watch?v=pQZjqaAFy4I
Rich Mirch - Bug Hunting: An Adventure in Free Time
https://www.youtube.com/watch?v=ajfdAv2nXYM
Full Demo
Proving Ground Walkthrough with Pentester Carlos Gonzales - Pwn School June 2021
https://www.youtube.com/watch?v=uxuD96NXySg
May 2019 Pwn School - TinkerSec “Breach”
https://www.youtube.com/watch?v=e99iQC-dod8
Red Teaming
July 2019 Pwn School Samuel Kimmons “Red Team Tactics for Pentesters”
https://www.youtube.com/watch?v=SmGL241vpMk
Physical Breach
Breaking and Entering with SDR by Redsand
https://www.youtube.com/watch?v=x_PJpRcSw-0
Wirefall presents TeleSploit Open Source
https://www.youtube.com/watch?v=zxT-pxzmCKo
Career
Advice
The Upside Down Ladder - Shane Walker
https://www.youtube.com/watch?v=1ntCBWrolfM
Dallas Hackers Association Panel Discussion - Pwn School Dallas June 2020
Youtube Age-Restricted Content Warning
https://www.youtube.com/watch?v=TzpwXhvEytc&t=1598s
Building Your Brand (Social Media & Resume) - Heath Adams & Zach Hill of TCM Academy
https://www.youtube.com/watch?v=Hi647l0gk_o
Roadmaps
“Hacking And Gaming: How Video Games Can Create the Hacker Mindset” - Davin Jackson
Talk starts at 18:14
https://www.youtube.com/watch?v=kkDiIuz3o0A
Maril Vernon shares her journey into pentesting and red teaming
https://www.youtube.com/watch?v=lwZChiSyrxk
The Student Roadmap to Becoming A Penetration Tester by Jon Helmus - Pwn School August 2020
https://www.youtube.com/watch?v=EfbiH7qpVPs
“From Developer to Security” by Rey Bango - Pwn School Dallas July 2020
https://www.youtube.com/watch?v=Komr3wY8Czw
Making a SOC Analyst by Paul Aronhalt
https://www.youtube.com/watch?v=N57r3szYMWw
Pwn School Dallas - Sept2019 Ross Williams Tech to Exec
https://www.youtube.com/watch?v=ccq0694Zj5M
The Hacker Maker - Parker Daudt
https://www.youtube.com/watch?v=7dMRz3LPdJc
Certification Prep
OSCP Study Tips by Nyte Theme
https://www.youtube.com/watch?v=7xJq-HhDJik
Learning Worksheet
Questions
1. At a high-level, what was this talk about?
2. What are three things I learned from this video?
- Learning takeaway 1
- Learning takeaway 2
- Learning takeaway 3