Welcome to Learn Ethical Hacking & Penetration Testing!
This course will teach you the techniques used by professional penetration testers and ethical hackers world wide. By the end of it, you will have the skills to hack systems and networks in the same ways that a “black-hat” would, as well as the knowledge to secure those same systems against such intrusion.
Whether you are an IT professional or just starting out, this class is for you. No prior knowledge of hacking or coding is required. Everything is laid out and explained step-by-step through practical demonstration. You will not only master the tools of ethical hacking, you will also learn the theory behind their use. The skills you acquire here will give you the foundational knowledge needed to keep up in this ever growing field.
This class is arranged into nine modules, and moves from beginner to advanced subjects. Each lecture is designed to lead into the next, so that students with no prior knowledge will find the flow easy to follow. At the same time, with only a few noted exceptions, each lecture can be treated as being stand-alone by advanced students who already have the prior grounding.
Module One: Setting Up The Lab
* How to install VirtualBox on a Windows operating system.
* How to setup dual booting for Windows and Linux
* How to install Kali Linux on a portable USB device with persistence
* How to install Kali Linux (or the pentesting distro of your choice) on Virtualbox
* A deeper explanation of VirtualBox configurations.
* How to install Metasploitable on VirtualBox to serve as a training target for the development of your skills.
By the end of the first module, you will acquire the knowledge to setup your own hacking lab. Even if you only have a single computer to work with, you will be able to create virtualized systems within your primary operating system. This will give you many options for how to follow along with the lectures in this class, and remove the need to install a second operating system on your main computer if you prefer not to. It will also give you targets that you personally own and control to conduct penetration tests against, allowing you to try out what you learn on your own network without concern!
Module Two: Information Gathering
Any successful penetration test begins with the information gathering phase. Whether your objective is direct network penetration, social engineering, or simply research, knowing a target before you proceed is crucial to victory.
* Learn how to conduct deep research against a target or entity using open source intelligence tools.
* Use OSINT techniques to become your own private investigator!
* Gently transition from fun graphical tools to Linux command-line tools seamlessly.
* Acquire the skills to build detailed profiles of any subject, and establish attack vectors for later exploitation!
* Become familiar with and ultimately master network scanning with tools such as Nmap and Zenmap.
* Learn to identify weaknesses in any system, be it a network or even a corporate structure.
* Get your feet wet with the basics of exploiting a few of these weaknesses in a user friendly GUI environment.
With the skills you learn in this module, you can pretty much become your own Private Eye. Open source intelligence is the way of the future, and the amount of information that is generally available online about any subject is truly staggering. Beginners will find these tools easy to use, and the transition from graphical utilities to the command-line should be both fun and gentle.
Module Three: Vulnerability Analysis
* Go deeper than you have thus far. Use what you have learned already to find vulnerabilities in web-based applications and services!
* Learn the tools and techniques to begin exploiting these vulnerabilities.
* Develop the skills to audit services. Use what you learn here to harden the security of online services that you create and defend.
* Master the very techniques that “black hats” will use against such services.
With a focus on web services, module three continues the transition into command-line based utilities in fun and easy to master steps.
Module Four: Web Vulnerability, Recon, SQL Injection & Database Exploitation
Take the basics you learned in the prior module to the next level!
* Master the art of finding “hard to spot” vulnerabilities in web services and network systems.
* Learn to use the legendary “Burpsuite” in several easy lessons.
* Become skilled with SQL Injection and SQLMAP, and learn how no website or database is truly safe!
* Basic introduction to proxies. Learn the basic concepts that will be expanded upon later for staying safe and anonymous while conducting operations.
* Spider the internet for secrets like a pro, with just a few simple key strokes!
Now that you have learned to spot vulnerabilities, the basics of gaining web access, and how to obtain secure databases, it is time to take your training to a higher stage with what you’ll learn in the following module.
Module Five: Password Cracking
* Take the techniques of “brute forcing” passwords and logins to the next level.
* Create custom wordlists that are intelligently suited for a particular target. Greatly increase the speed and success rate of cracking any given password even on less powerful computer systems.
* Learn all about Hashes and how to crack them. Decode the coded information from any database.
* Gain familiarity with cross-platform tools, allowing you to conduct your cracking operations from any operating system.
* Obtain the knowledge to make use of Rainbow Tables, which will open the door to attacking even the tightest credential security.
* Pick up and use legendary tools like HashCat and John The Ripper with ease.
Progress from the cracking of passwords, logins and database security directly into the sixth module. Here you’ll learn all about hacking WIFI networks, and what you can do once you’ve penetrated the network.
Module six: WIFI Hacking
* Easy-to-learn introduction covers all the basic commands you’ll need to get started.
* All major methods covered, from old to new.
* Identify vulnerable access points (that you have legal permission to test) and watch them fall!
* Learn how to grab the encrypted “handshake” from any router device and crack it.
* Know what to do with network access once you achieve it.
* Learn about Distributed Denial of Service (DDoS) attacks and how to guard against them!
As both a system administrator and ethical hacker, knowing the weaknesses in any Wifi network is essential. Whether you are trying to secure your grandmothers internet connection against the kid next door, or the internal network of a Fortune 500 company, these skills are crucial.
By this point, you’ll have learned all the basics. You’ll know how to scope your targets, gather information, identify vulnerabilities, crack passwords, and achieve access to secure networks. Now the fun begins…
Module Seven: Metasploit
The bread and butter of ethical hacking, this module focuses entirely on the Metasploit framework. While other lectures can treated as “stand-alone”, the videos in this section must be viewed in order from start to finish. You will take everything you have learned so far and translate it into real action.
* Master Metasploit and it’s graphical cousin, Aritmage.
* Take what you have learned so far and use it to penetrate any system.
* Conduct your experiments using your own virtual machines as targets.
* Feel the satisfaction of exploiting all those weaknesses you’ve found against systems you personally own, and the fearful realization that no system is truly secure.
* Use what you learn to harden the security of the systems you protect. Know what to look for to avoid being hacked yourself!
* Learn how to “hook” browsers and take control of the information going through them, without the end-user even being aware that anything is happening!
* Generate your own malware for testing purposes within the Metasploit framework. No prior coding knowledge required!
* Employ “crypters” on your own malware, so that it will evade even the most advanced detection scans.
* Learn how to identify such “disguised” malware when it is employed against you!
* It isn’t enough to simply gain access. Learn how to escalate your privileges once you are inside a penetrated system.
* It isn’t enough to simply become admin. Learn how to establish a long-term presence on a system or network in the form of “persistent access”. Don’t work hard over and over. Work hard once, then reap the benefits of what you now own!
Module 8: Encryption and Anonymity
* Learn how to create encrypted containers to secure important files for both storage and transit.
* Learn how to fully encrypt any Windows operating system, from XP all the way to Windows 10.
* Learn how to create an encrypted Decoy, as well as an encrypted Hidden, Windows operating system. Done correctly, no one will be able to identify and prove the existence of the hidden system!
* Learn how to create an encrypted Decoy, Hidden AND Linux operating system, then boot into whichever one you want. This one isn’t for the faint of heart though!
* Learn how to erase a drive or even an entire system in a secure manner, so that no trace of your activities can be found by even the most determined cyber forensics!
* Master the art of PGP (Pretty Good Encryption). Send and receive communications with military level security. Learn how people remain anonymous while still proving who they are using PGP Public and Private keys.
* Understand how to easily verify any file or communication, making tampering impossible.
* Learn all about the TOR anonymity network, and the Deepweb (aka DarkNet). Ensure secure lines of communication with other penetration testers and ethical hackers across the world.
* Become familiar with the TAILS operating system and how to use it quickly and easily on any computer system through a live boot. Leave no trace of your activities behind on the system once you are done!
* Learn about and implement Virtual Private Network (VPN) security to conceal all that you do online from other hackers and watchful internet service providers. Spoof your IP and Geo Location information with ease. Get around regional blocks and establish secure VPN tunnels through network firewalls.
* Use ProxyChains in Linux to further secure your penetration testing activities.
* Understand the nature of “cryptocurrency” and so-called “Blockchain” technology.
And because no level of security and anonymity is ever truly enough, learn all about virtual private servers in the next module.
Module Nine: Virtual Private Servers
* Learn what a VPS is and how to select one that is suitable to your needs.
* Use what you have learned so far to connect “securely” to a VPS that you have chosen, then conduct your activities from the VPS itself, which may also be made to employ the same connection security methods.
* Learn how Virtual Private Servers can be used as “Command and Control” stations for BotNets, and what to look for as a system administrator who is facing constant attacks.
* Learn about so-called free “community” BotNets so that you can defend against them.
And so much more!
Who this class is for:
*Anyone interested in penetration testing and ethical hacking. This class is designed to assume no prior knowledge or experience in the field. Advanced students need only skip ahead to the material they wish to study.
* Those wishing to advance their career in the field of IT and achieve a better rate of pay.
* Students who plan to freelance online, through resources such as Linked-In. Use what you learn here to create the job you want!
Who this course is for:
- Penetration testers.
- Network administrators.
- Ethical hackers.
- Basic computer skills. It is assumed that students will already know how to boot their machine, use a web browser, and perform simple tasks.
- No prior Linux, programming or hacking knowledge is required.
- Computer with a minimum of 4GB ram.
- Operating system: Windows or Linux. 64-bit is strongly recommended, and may be required for some applications.