PETEP - Tutorial (TCP Proxy for Hacking)

Описание: Full tutorial for using PETEP (PEnetration TEsting Proxy) for hacking of vulnerable TCP server-client application. Both PETEP and vulnerable server-client application are available as open-source on GitHub. PETEP is also used in combination with Zaproxy and Burp Suite in the video.

Written tutorial can be found here: https://petep.warxim.com/methodology/ (including sources for automatic length fixing etc.)
PETEP: https://petep.warxim.com/
Vulnerable Client-Server Application: https://vucsa.warxim.com/

0:00 Creating a Project
1:27 Setting up a Proxy
2:39 Analysing Communication
6:40 Creating Scripts
10:39 SQL Injection Challenge
12:49 Buffer Over-read Challenge
15:30 Command Execution Challenge
16:33 XML Challenge
18:00 Vertical Access Control Challenge
21:39 Horizontal Access Control Challenge (Zaproxy for TCP communication)
28:04 Enumeration Challenge (Burp Suite for TCP communication)

About
-------------------------------
PETEP (PEnetration TEsting Proxy) is open-source Java application for network communication proxying for the purpose of penetration testing. It can be used for hacking ATMs, thick clients and other applications that use non-HTTP protocols (TCP, UDP). There is also support for extending PETEP to add custom intercepting functionality and custom proxies (with custom protocol support).

Links
-------------------------------
Website: https://petep.warxim.com/
Methodology: https://petep.warxim.com/methodology/
User guide: https://petep.warxim.com/user-guide/
GitHub: https://github.com/Warxim/petep
Author: Michal Válka (https://warxim.com/)