Welcome this comprehensive Ethical Hacking course! This course assumes you have NO prior knowledge! It starts with you from scratch and takes you step-by-step teaching you how to hack systems like black-hat hackers and secure them like security experts!
This course is highly practical but it won’t neglect the theory; we’ll start with ethical hacking basics, breakdown the different penetration testing fields and install the needed software (on Windows, Linux and Apple Mac OS), then we’ll dive and start hacking straight away. You’ll learn everything by example, by analysing and exploiting different systems such as networks, cloud servers, clients, websites, etc. No boring dry lectures.
The course is divided into a number of sections, each section covers a penetration testing / hacking field, in each of these sections you’ll first learn how the target system works, the weaknesses of this system, and how to practically exploit theses weaknesses to hack this system. As we do this I will also introduce you to different hacking and security concepts, tools and techniques. Everything will be taught through examples and hands-on practicals, there will be no useless or boring lectures!
All the techniques in this course are practical and work against real systems, you’ll understand the whole mechanism of each technique first, then you’ll learn how to use it to hack the target system . By the end of the course you’ll be able to modify these techniques to launch more powerful attacks, and adopt them to suit different situations and different scenarios .
By the end of the course you will have a strong foundation in most hacking or penetration testing fields and you’ll also learn how to detect, prevent and secure systems and yourself from the discussed attacks.
The course is divided into four main sections:
1. Network Hacking – This section will teach you how to hack and secure both wired & wireless networks. First, you will learn network basics, how they work, and how devices communicate with each other. Then it will branch into three sub sections:
- Pre-connection attacks: in this subsection you’ll learn a number of attacks that can be executed without connecting to the target network and without the need to know the network password; you’ll learn how to gather information about the networks around you, discover connected devices, and control connections (deny/allow devices from connecting to networks).
- Gaining Access: Now that you gathered information about the networks around you, in this subsection you will learn how to crack the key and get the password to your target network whether it uses WEP, WPA or even WPA2 .
- Post Connection attacks: Now that you have the key, you can connect to the target network, in this subsection you will learn a number of powerful techniques that allow you to gather comprehensive information about the connected devices, see anything they do on the internet (such as login information, passwords, visited urls, images, videos, etc.), redirect requests, inject evil code in loaded pages and much more! You will also learn how to create a fake WiFi network or a honeypot, attract users to connect to it and use all of the above techniques against the connected clients.
2. Gaining Access – In this section you will learn two main approaches to gain remote access or hack computer systems:
- Server Side Attacks: In this subsection you will learn how to gain full access to computer systems without user interaction. You will learn how to gather useful information about a target system such as the operating system, open ports, installed services, then use this information to discover weaknesses / vulnerabilities and exploit them to gain full control over the target. Finally you will learn how to automatically scan servers for vulnerabilities and generate different types of reports with your discoveries.
- Client Side Attacks – If the target system does not contain any weaknesses then the only way to hack it is by interacting with the users, in this subsection you’ll learn how to get the target user to install a backdoor on their system without even realising, this is done by hijacking software updates or backdooring downloads on the fly. This subsection also teaches you how to use social engineering to hack secure systems, so you’ll learn how to gather comprehensive information about system users such as their social accounts, friends, their mails, etc. You’ll learn how to create trojans by backdooring normal files (such as an image or a pdf) and use the gathered information to spoof emails so they appear as if they’re sent from the target’s friend, boss or any email account they’re likely to interact with, to social engineer them into running your trojan.
3. Post Exploitation – In this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute), maintain your access, spy on the target (capture key strikes, turn on the webcam, take screenshots, etc.) and even use the target computer as a pivot to hack other systems.
4. Website / Web Application Hacking – In this section you will learn how websites work, how to gather information about a target website (such as website owner, server location, used technologies, etc.) and how to discover and exploit the following dangerous vulnerabilities to hack websites:
- Information Disclosure.
- File Upload.
- Code Execution.
- Local File Inclusion.
- Remote File Inclusion.
- SQL Injection.
- Cross Site Scripting (XSS).
Throughout the course you’ll learn how to use use the following tools to achieve the above:
- VMware.
- Kali Linux
- Nmap.
- Bettercap.
- Wireshark.
- OWASP Zap.
- Metasploit.
- Nexpose.
- SQLmap.
- Maltego.
- Veil Framework.
- Crunch.
- Netdiscover.
- Zenmap.
- arpspoof.
- Evilgrade.
- The Backdoor Factory.
- BeEF.
- Dirb.
- Knockpy.
- Netcat.
- Aircrack-ng suite .
- Airmon-ng .
- Airodump-ng .
- Aireplay-ng .
- Aircrack-ng .
At the end of each section you will learn how to detect, prevent and secure systems and yourself from the discussed attacks.
Checkout the curriculum and the course teaser for more info!
With this course you’ll get 24/7 support, so if you have any questions you can post them in the Q&A section and we’ll respond to you within 15 hours.
Notes:
- This course is created for educational purposes only, all the attacks are launched in my own lab or against systems that I have permission to test.
- This course is totally a product of Zaid Sabih & zSecurity and no other organisation is associated with it or a certification exam. Although, you will receive a Course Completion Certification from Udemy, apart from that NO OTHER ORGANISATION IS INVOLVED.
Setting up a Hacking Lab
-
1Teaser - Hacking Windows 11 & Accessing the Webcam
This is a teaser lecture, in it I show you an example of the things you'll be able to do at the end of the course, in this lecture I show you how to hack into a Windows 10 machine and turn on its web cam without asking the user to do anything.
As this is a teaser, I won't be going into details about how this is achieved, but don't worry about that as I will break this down to you through out the course and you will understand exactly how to do it.
This is just one example, by the end of the course you'll learn much more attacks and you'll be able to target all operating systems.
-
2Course Introduction & Overview
Welcome to the course, this lecture will give you a full outline of the structure of the course, and will give you an over view of what you will learn in each section.
-
3What Is Hacking & Why Learn It ?
In this lecture you will learn what is meant by a hacker and what is the difference between white hat, grey hat and a black hat hacker. We will talk about why do we teach/learn hacking, benefits of it and job opportunities.
Linux Basics
-
4Lab Overview
In this course, we will be using a number of operating systems, Kali for hacking and 2 others as target machines, in this section you will learn how to install all of these machines as virtual machines inside your current operating system, this allows us to use all of the machines at the same time, it also completely isolates these machines from your main machine therefore your main machine will not be affected if anything goes wrong.
Everything shown here will work on Windows, Linux and OS X.
-
5Initial Preparation
This lecture will introduce you to the hacking operating system that we will be using throughout the course; Kali Linux. You will learn what it is, how to download it, and how to enable virtualisation on your system to run it as a virtual machine.
-
6Installing Kali Linux as a VM on Windows
This lecture will teach you how to install Kali Linux as a virtual machine in VMware Workstation Player on Windows.
VMware is the software that we will use to install different operating systems inside our current operating system as virtual machines. This will be very useful as you can use it to test and practice what you learn in this course. -
7Installing Kali Linux as a VM on Apple Computers (Intel & Apple Silicon)
This lecture will teach you how to install Kali Linux as a virtual machine in VMware Fusion on Mac OS.
VMware is the software that we will use to install different operating systems inside our current operating system as virtual machines. This will be very useful as you can use it to test and practice what you learn in this course. -
8Installing Kali Linux as a VM on Linux
This lecture will teach you how to install Kali Linux as a virtual machine in VMware Workstation Player on Linux.
VMware is the software that we will use to install different operating systems inside our current operating system as virtual machines. This will be very useful as you can use it to test and practice what you learn in this course.
Network Hacking
-
9Basic Overview of Kali Linux
In this lecture we will have a basic look on Kali linux just to get you comfortable with using it.
You will learn how to use its main applications, browse files, connect to the internet ....etc.
-
10The Terminal & Linux Commands
In this lecture you will learn how to interact with the linux terminal and run linux commands.
Network Hacking - Pre Connection Attacks
-
11Introduction to Network Hacking / Penetration Testing
This is an introduction lecture for the network penetration testing section, it will give you an overview of the structure of this section and what you will learn in it
-
12Networks Basics
Before jumping to network hacking you need to know some basics about networks, in this lecture you will learn how networks work and how devices communicate with each other.
-
13Connecting a Wireless Adapter To Kali
This video will teach you how to connect a USB device to Kali, as an example I will be connecting a wireless adapter to it so I can interact with wireless networks and try to hack them form Kali.
-
14What is MAC Address & How To Change It
MAC address (Media Access Control) - is a unique identifier assigned to network interfaces.
In this lecture you'll learn what is is, how its used, and how to change it using Kali Linux.
-
15Wireless Modes (Managed & Monitor)
This lecture will clarify why is it possible to capture any packet around us even if it's not directed to our device, you will learn about two wireless modes: monitor and managed mode, you shall learn what is the difference between them, when do we use each of them and how to correctly enable monitor mode on your wireless card.
Network Hacking - Gaining Access - WEP Cracking
-
16Packet Sniffing Basics
This is the first lecture in the "pre connection section", in this lecture you will learn how to use airodump-ng to see all the access points (WiFi Networks) and associated clients that are within your wireless range and gather information about them.
-
17WiFi Bands - 2.4Ghz & 5Ghz Frequencies
In this lecture you will learn what are the 2 bands used on WiFi networks and how to use airodump-ng to capture data sent over these bands
-
18Targeted Packet Sniffing
In this lecture , we shall learn how to launch airodump-ng on a specific AP , and store all packets in a capture file.
-
19Deauthentication Attack (Disconnecting Devices From Networks)
Deauthentication attacks allow us to disconnect (disassociate) any client that is connected to any network that is within our wifi range even if the network uses encryption (such as WEP/WPA/WPA2) and even if we do not know the encryption key (the WiFi password).
Network Hacking - Gaining Access - WPA / WPA2 Cracking
-
20Gaining Access Introduction
In this section we shall learn how to break WEP/WPA/WPA2 encryption and determine the network key.
-
21Theory Behind Cracking WEP Encryption
This lecture explains the weaknesses in WEP encryption and how we can use these weaknesses to break it and hack Wi-Fi networks that use it.
-
22WEP Cracking Basics
In this video we shall learn the basics of cracking WEP encryption and you'll learn how to hack an active Wi-Fi network that uses WEP.
-
23Fake Authentication Attack
In this lecture we shall learn the theory behind cracking WEP encrypted APs with no or idle clients.
To do this we will inject packets in the traffic, but before we can do that we need to authenticate our wifi card with the target AP so that it does not ignore our requests as AP's only accept packets from associated devices, therefore we shall learn how to fake authenticate our wifi card with the target AP so that it starts accepting packets from us.
-
24ARP Request Replay Attack
This method can be used to crack idle or clientless AP's .
In this method , after successfully associating with the target AP , we will wait for an ARP packet , we will then capture this packet and inject it into the traffic , this will force the AP to generate a new ARP packet with a new IV , we capture this new packet and inject into the traffic again , this process is repeated until the number of IV's captured is sufficient enough to crack the key.
Network Hacking - Gaining Access - Security
-
25Introduction to WPA and WPA2 Cracking
This is an introduction to WPA/WPA2 cracking , we shall learn the main difference between WPA2 and WEP and why WPA2 is more difficult to crack.
-
26Hacking WPA & WPA2 Without a Wordlist
In this lecture we shall learn how to exploit the WPS feature to crack WPA and WPA2 encrypted AP's without a wordlist attack and without the need to any connected clients.
-
27Capturing The Handshake
In this lecture we shall learn how to capture the handshake from the target AP.
-
28Creating a Wordlist
To crack WPA/WPA2 we need to use a wordlist, you can download ready wordlists from the internet or create your own as shown in this lecture.
-
29Cracking WPA & WPA2 Using a Wordlist Attack
In this lecture we will use the wordlist created in the previous lecture to crack the WPA2 key using aircrack-ng.
Network Hacking - Post Connection Attacks
-
30Securing Your Network From Hackers
In this lecture you will learn how to secure your network and protect it from the above attacks.
-
31Configuring Wireless Settings for Maximum Security
In this lecture you will learn how to access your router's admin panel and configure it correctly to protect it from the above attacks and make it nearly impossible to hack.
Network Hacking - Post-Connection Attacks - Information Gathering
Network Hacking - Post Connection Attacks - MITM Attacks
-
33Installing Windows As a Virtual Machine
In this lecture you will learn how to set up a virtual Windows machine to try and hack into it to practice penetration testing.
-
34Installing Windows as a Virtual Machine on Apple Silicon
-
35Discovering Devices Connected to the Same Network
Information gathering is one of the most important steps in penetration testing. In this lecture we will learn how to use netdiscover to discover devices connected to the same network as us, we will be able to find their IP and MAC address.
-
36Gathering Sensitive Info About Connected Devices (Device Name, Ports, etc.)
In this lecture we shall learn how to use zenmap (the GUI for nmap) to discover all connected devices and gather detailed information about these devices, such as their operating system, open ports and even services using these ports.
-
37Gathering More Sensitive Info (Running Services, Operating System, etc.)
In this lecture you'll learn how to use Zenmap to gather even more information such as exact programs running on each open port, the operating system and more!
Network Hacking - Detection & Security
-
38What is ARP Poisoning ?
In this video we shall learn about one of the most dangerous and effective attacks that you can launch on a network; (ARP Spoofing) , we shall learn the theory behind ARP poisoning, how does it work and how it can be used to redirect the flow of packets and place us in the middle of the connection.
-
39Intercepting Network Traffic
In this lecture we will learn how to use arpspoof to do a basic ARP poisoning attack and redirect the flow of packets in the network.
-
40Bettercap Basics
This video shows you how to properly install bettercap on Kali Linux, and gives you a basic overview on how to start it and interact with it.
-
41ARP Spoofing Using Bettercap
In this lecture you will learn how to configure and use modules in bettercap.
As an example you'll learn how to ARP poison a target client using the arp spoof module.
-
42Spying on Network Devices (Capturing Passwords, Visited Websites...etc)
In this lecture you'll learn how to configure and use the sniff module in bettercap to spy on devices connected to the same network, so you'll learn how to see all urls they load, images, usernames, passwords and more!
-
43Creating Custom Spoofing Script
In this lecture you'll learn how to create your own MITM scripts, also known as bettercap caplets, in this example you'll learn how to create a caplet to automatically spoof clients on your network to place you in the middle of the connection and start a sniffer to spy on these clients and see all the data they send/receive including usernames and passwords.
-
44Bypassing HTTPS
In this lecture you'll learn how to use the caplet you configured in the previous lecture to bypass HTTPS, this'll allow you to capture passwords entered on HTTPS enabled web pages such as Linkedin and Stackoverflow.
-
45Bypassing HSTS
Really big websites such as Facebook and Twitter use Strict Transport Security (HSTS), modern browsers come with a list of websites that use HSTS and therefore when we use the method shown in previous lectures the browser will either refuse to load HSTS websites OR load them over HTTPS.
In this lecture you'll learn how to use a custom version of the hstshijack caplet to partially bypass HSTS, this will allow you to capture data sent to and from websites that use HSTS such as Facebook.
-
46Bypassing HSTS Recap - Firefox
This lecture zooms in to cover the little tiny details to help you understand how to bypass HSTS if the target uses Firefox.
-
47Bypassing HSTS Recap - Chrome
This lecture zooms in to cover the little tiny details to help you understand how to bypass HSTS if the target uses Chrome browser.
-
48DNS Spoofing - Controlling DNS Requests on The Network
In this lecture we shall learn how to control DNS requests, this allows us to redirect requests to any other location, this can be very useful as it can be used to redirect computers to fake websites, fake updates, fake logins ...etc.
-
49Injecting Javascript Code
In this lecture you will learn how to inject Javascript code into the target browser, this is vey dangerous as it allows us to run a large number of attacks using javascript codes (more on this later), in this lecture we'll focus on injecting a simple javascript code.
-
50Doing All of The Above Using a Graphical Interface
This video teaches you how to run all of the attacks shown above using a graphical user interface that is easy and intuitive to use.
-
51Wireshark - Basic Overview & How To Use It With MITM Attacks
Wireshark is a network protocol analyser, in this lecture we will have a basic overview on it, you will learn why is it useful and how to use it with MITM attacks or use it to analyse a capture file that contains data that you already sniffed.
-
52Wireshark - Sniffing & Analysing Data
I this lecture you will learn how to use Wireshark to sniff & analyse data (traffic) sent/received by any client in your network.
-
53Wireshark - Using Filters, Tracing & Dissecting Packets
In this lecture we will continue using Wireshark, you will learn how to analyse the captured data, trace packets and read details of each.
-
54Wireshark - Capturing Passwords & Anything Sent By Any Device In The Network
In this lecture you'll learn how to filter sniffed data and extract useful information such as usernames and passwords.
-
55Creating a Fake Access Point (Honeypot) - Theory
Fake access points can be handy in many scenarios , one example is creating an open AP , this will attract a lot of clients , many of which will automatically connect to it. Then we can sniff all the traffic created by the clients that connect to it , and since its open , the traffic will not be encrypted !
This lecture will explain the theory behind creating a fake AP and what do we need to make it work.
-
56Creating a Fake Access Point (Honeypot) - Practical
In this lecture you will learn how to create a fake AP using a tool called Mana-Toolkit.
Gaining Access To Computers
-
57Detecting ARP Poisoning Attacks
In this lecture we shall learn two methods to detect ARP poisoning attacks.
-
58Detecting suspicious Activities In The Network
In this lecture we shall learn how to use Wireshark to detect ARP Poisoning attacks and other suspicious activities in the network, we will also learn how to protect devices from ARP Poisoning attacks.
-
59Preventing MITM Attacks - Method 1
This video teaches you an easy and free method to protect yourself from the MITM attacks shown earlier.
-
60Preventing MITM Attacks - Method 2
This video goes one step further and shows you how to take your security to the next level by teaching you how to encrypt all the data that you send and receive to fully protect yourself from MITM attacks.
Gaining Access - Server Side Attacks
Gaining Access - Client Side Attacks
-
62Installing Metasploitable As a Virtual Machine
In this lecture you will learn how to install a vulnerable operating system (Metasploitable) as a virtual machine so we can use it to practice penetration testing in future lectures.
-
63Introduction to Server-Side Attacks
Server side attacks allow you to gain access to a target computer without user interaction, in this section you will learn a number of methods to launch server side attacks and gain full control over your target without user interaction.
-
64Basic Information Gathering & Exploitation
In this lecture we will have a look on a basic example of hacking a target computer, we will use Zenmap to gather information and discover the vulnerability, then you'll learn how to research and exploit a mis-configured service to hack the target.
-
65Hacking a Remote Server Using a Basic Metasploit Exploit
Metasploit is a huge penetration testing framework, in this lecture you will learn how to use it to exploit a vulnerable target and gain full control over it.
-
66Exploiting a Code Execution Vulnerability to Hack Remote Server
In this lecture we will use a more complex vulnerability to gain full access to a vulnerable device using Metasploit.
-
67Nexpose - Installing Nexpose
Nexpose is a vulnerability management framework, it allows us to discover, assess and act on discovered vulnerabilities, it also tells us a lot of info about the discovered vulnerabilities, weather they are exploitable and helps us write a report at the end of the assessment.
-
68Nexpose - Scanning a Target Server For Vulnerabilities
This lecture will teach you how to launch a scan using Nexpose, you will learn how to setup your target(s) and configure scan to suit your goals.
-
69Nexpose - Analysing Scan Results & Generating Reports
In this lecture we will analyse the scan results obtained from the previous video and see how to generate various types of reports.
-
70Server-Side Attacks Conclusion
In this lecture we'll formalise everything we done so far and go over the general server-side attacks methodology.
Gaining Access - Client Side Attacks - Social Engineering
-
71Introduction to Client-Side Attacks
This section will teach you a number of methods to gain control over target computer using client side attacks.
Client side attacks require user interaction, this means the target user has to do something for our attack to work, for example install an update or download a file.
-
72Installing Veil Framework
In this lecture you will learn how to download and install Veil Framework.
-
73Veil Overview & Payloads Basics
This lecture will give you an overview on Veil Framework and its basic commands.
You will also learn what is a payload and the different types of payloads that can be generated with Veil.
-
74Generating An Undetectable Backdoor
In this lecture you will learn how to create a backdoor that is not detectable by antivirus programs, this is very important in client side attacks as we will be using this backdoor in future videos to try and gain control over the target system.
-
75Listening For Incoming Connections
In this lecture you will learn how to listen for connections coming from the backdoor we generated in the previous lecture.
-
76Hacking Windows 10
Finally we will test the backdoor that we generated on a Windows machine and make sure that it works as expected.
-
77Backdooring Downloads on The Fly to Hack Windows 10
In this lecture you will learn how to backdoor executables downloaded by any computer in your network on the fly, so when the target user runs the downloaded program, the program that they expect will run, but at the same time our backdoor will run in the background.
Note: you need to be the man in the middle for this method to work.
-
78How to Protect Yourself From The Discussed Delivery Methods
This lecture will teach you how to protect yourself from the backdoor delivery methods explained in the previous videos.