Welcome this comprehensive Ethical Hacking course! This course assumes you have NO prior knowledge and by the end of it you’ll be able to hack systems like black-hat hackers and secure them like security experts!
This course is highly practical but it won’t neglect the theory; we’ll start with ethical hacking basics, breakdown the different penetration testing fields and install the needed software (on Windows, Linux and Mac OS X), then we’ll dive and start hacking straight away. You’ll learn everything by example, by analysing and exploiting different systems such as networks, servers, clients, websites …..etc. We’ll never have any boring dry theoretical lectures.
The course is divided into a number of sections, each section covers a penetration testing / hacking field, in each of these sections you’ll first learn how the target system works, the weaknesses of this system, and how to practically exploit theses weaknesses to hack this system.
By the end of the course you will have a strong foundation in most hacking or penetration testing fields and you’ll also learn how to detect, prevent and secure systems and yourself from the discussed attacks.
The course is divided into four main sections:
1. Network Hacking – This section will teach you how to test the security of both wired & wireless networks. First, you will learn network basics, how they work, and how devices communicate with each other. Then it will branch into three sub sections:
•Pre-connection attacks: in this subsection you’ll learn a number of attacks that can be executed without connecting to the target network and without the need to know the network password; you’ll learn how to gather information about the networks around you, discover connected devices, and control connections (deny/allow devices from connecting to networks).
•Gaining Access: Now that you gathered information about the networks around you, in this subsection you will learn how to crack the key and get the password to your target network whether it uses WEP, WPA or even WPA2.
•Post Connection attacks: Now that you have the key, you can connect to the target network, in this subsection you will learn a number of powerful techniques that allow you to gather comprehensive information about the connected devices, see anything they do on the internet (such as login information, passwords, visited urls, images, videos ….etc), redirect requests, inject evil code in loaded pages and much more! All of these attacks work against both wireless and wired networks. You will also learn how to create a fake WiFi network, attract users to connect to it and use all of the above techniques against the connected clients.
2. Gaining Access – In this section you will learn two main approaches to gain full control or hack computer systems:
•Server Side Attacks: In this subsection you will learn how to gain full access to computer systems without user interaction. You will learn how to gather useful information about a target computer system such as its operating system, open ports, installed services, then use this information to discover weaknesses and vulnerabilities and exploit them to gain full control over the target. Finally you will learn how to automatically scan servers for vulnerabilities and generate different types of reports with your discoveries.
•Client Side Attacks – If the target system does not contain any weaknesses then the only way to hack it is by interacting with the users, in this subsection you’ll learn how to get the target user to install a backdoor on their system without even realising, this is done by hijacking software updates or backdooring downloads on the fly. This subsection also teaches you how to use social engineering to hack secure systems, so you’ll learn how to gather comprehensive information about system users such as their social accounts, friends, their mails…..etc, you’ll learn how to create trojans by backdooring normal files (such as an image or a pdf) and use the gathered information to spoof emails so they appear as if they’re sent from the target’s friend, boss or any email account they’re likely to interact with, to social engineer them into running your trojan.
3. Post Exploitation – In this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute), maintain your access, spy on the target (capture key strikes, turn on the webcam, take screenshots….etc) and even use the target computer as a pivot to hack other systems.
4. Website / Web Application Hacking – In this section you will learn how websites work, how to gather information about a target website (such as website owner, server location, used technologies ….etc) and how to discover and exploit the following dangerous vulnerabilities to hack websites:
•File Upload.
•Code Execution.
•Local File Inclusion.
•Remote File Inclusion.
•SQL Injection.
•Cross Site Scripting (XSS).
At the end of each section you will learn how to detect, prevent and secure systems and yourself from the discussed attacks.
All the techniques in this course are practical and work against real systems, you’ll understand the whole mechanism of each technique first, then you’ll learn how to use it to hack the target system. By the end of the course you’ll be able to modify these techniques to launch more powerful attacks, and adopt them to suit different situations and different scenarios.
With this course you’ll get 24/7 support, so if you have any questions you can post them in the Q&A section and we’ll respond to you within 15 hours.
Notes:
•This course is created for educational purposes only, all the attacks are launched in my own lab or against systems that I have permission to test.
•This course is totally a product of Zaid Sabih & zSecurity and no other organisation is associated with it or a certification exam. Although, you will receive a Course Completion Certification from Udemy, apart from that NO OTHER ORGANISATION IS INVOLVED.
