Penetration Testing And Ethical Hacking Complete Hands-On

Ethical Hacking, Penetration Testing (Pentest+), Bug Bounty, Metasploit & Free Hacking Tools as Nmap for ethical hacker

What you'll learn

Ethical hacking involves a hacker agreeing with an organization or individual who authorizes the hacker to levy cyber attacks on a system or network.

In addition to proficiency in basic computer skills and use of the command line, ethical hackers must also develop technical skills related to programming.

Ethical hacking is a good career because it is one of the best ways to test a network. An ethical hacker tries to locate vulnerabilities in the network.

Many hackers use the Linux operating system (OS) because Linux is a free and open-source OS that anyone can modify it. It’s easy to access and customize .

Ethical hacking is legal because the hacker has full, expressed permission to test the vulnerabilities of a system. An ethical hacker operates.

The different types of hackers include white hat hackers who are ethical hackers and are authorized to hack systems.

Whether you want to get your first job in IT security, become a white hat hacker, or prepare to check the security of your own home network.

The Certified Ethical Hacker (CEH) certification exam supports and tests the knowledge of auditors, security officers, site administrators

Passing the Certified Information Security Manager (CISM) exam indicates that the credentialed individual is an expert in the governance of information security

Penetration testing skills make you a more marketable IT tech. Understanding how to exploit servers, networks, and applications.

Penetration testing, or pen testing, is the process of attacking an enterprise's network to find any vulnerabilities that could be present to be patched.

Penetration tests have five different stages. The first stage defines the goals and scope of the test and the testing methods that will be used.

There are many types of penetration testing. Internal penetration testing tests an enterprise's internal network. This test can determine.

With Nmap, you will learn to identify the operating system and running service versions of the target system

Setting Up The Laboratory

Install Kali Linux - a penetration testing operating system

Install Windows & vulnerable operating systems as virtual machines for testing

Discover vulnerable applications

Vulnerability scanning, Exploit, Post Exploit, Payload

Gain control over computer systems using server side attacks

Exploit vulnerabilities to gain control over systems

Gathering password hashes, cracking passwords, taking screenshots, logging keystrokes etc.

Using backdoors to persist on the victim machine

Information Gathering Over the Internet Tools

Web App Hacking Tools

Social Engineering Toolkit (SET) for Phishing

The very latest up-to-date information and methods

ethical hacking

penetration testing

ethical hacking and penetration testing

Requirements

A strong desire to understand hacker tools and techniques

Be able to download and install all the free software and tools needed to practice in hacking

All items referenced in this ethical hacking course are Free

A strong work ethic, willingness to learn and plenty of excitement about the back door of the digital world

Minimum 8 GB RAM for ethical hacking and penetration testing

100 GB Free Harddisk space for ethical hacking course

64-bit processor for ethical hacking and penetration testing course

Nothing else! It’s just you, your computer and your ambition to get started today in penetration testing

Description

Welcome to my "Penetration Testing and Ethical Hacking Complete Hands-on" course.Ethical Hacking, Penetration Testing (Pentest+), Bug Bounty, Metasploit & Free Hacking Tools as Nmap for ethical hackerMy name is Muharrem Aydin (White-Hat Hacker), creator of the three best-selling Ethical Hacking and Penetration Testing courses on Udemy.This time I’ve designed "Penetration Testing and Ethical Hacking Complete Hands-on", for YOU!Whether you want to get your first job in IT security, become a white hat hacker, or prepare to check the security of your own home network, Udemy offers practical and accessible ethical hacking courses to help keep your networks safe from cybercriminals.Penetration testing skills make you a more marketable IT tech. Understanding how to exploit servers, networks, and applications means that you will also be able to better prevent malicious exploitation. From website and network hacking, to pen testing in Python and Metasploit, Udemy has a course for you.My "Penetration Testing and Ethical Hacking Complete Hands-on"  is for everyone! If you don’t have any previous experience, not a problem!  This course is expertly designed to teach everyone from complete beginners, right through to pro hackers. You'll go from beginner to extremely high-level and I will take you through each step with hands-on examples.And if you are a pro Ethical Hacker, then take this course to quickly absorb the latest skills, while refreshing existing ones.Good news is: ★★★★★ All applications and tools recommended are free. So you don’t need to buy any tool or application.My course, just as my other courses on Udemy, is focused on the practical side of penetration testing and ethical hacking but I also will share with you the theory side of each attack. Before jumping into Penetration Testing or other practices with Ethical Hacking tools you will first learn how to set up a lab and install needed software on your machine.   In this course, you will have a chance keep yourself up-to-date and equip yourself with a range of Ethical Hacking skills.When you finish this course you will learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. I am coming from field and I will be sharing my 20 years experience with all of you. So you will also learn tips and tricks from me so that you can win the battle against the wide range of cyber adversaries that want to harm your environment.  Our Student says that: This is the best tech-related course I've taken and I have taken quite a few. Having limited networking experience and absolutely no experience with hacking or ethical hacking, I've learned, practiced, and understood how to perform hacks in just a few days.I was an absolute novice when it came to anything related to penetration testing and cybersecurity. After taking this course for over a month, I'm much more familiar and comfortable with the terms and techniques and plan to use them soon in bug bounties.FAQ regarding Ethical Hacking : What is Ethical Hacking and what is it used for ?Ethical hacking involves a hacker agreeing with an organization or individual who authorizes the hacker to levy cyber attacks on a system or network to expose potential vulnerabilities. An ethical hacker is also sometimes referred to as a white hat hacker. Many depend on ethical hackers to identify weaknesses in their networks, endpoints, devices, or applications. The hacker informs their client as to when they will be attacking the system, as well as the scope of the attack. An ethical hacker operates within the confines of their agreement with their client. They cannot work to discover vulnerabilities and then demand payment to fix them. This is what gray hat hackers do. Ethical hackers are also different from black hat hackers, who hack to harm others or benefit themselves without permission.Is Ethical Hacking a good career?Yes, ethical hacking is a good career because it is one of the best ways to test a network. An ethical hacker tries to locate vulnerabilities in the network by testing different hacking techniques on them. In many situations, a network seems impenetrable only because it hasn’t succumbed to an attack in years. However, this could be because black hat hackers are using the wrong kinds of methods. An ethical hacker can show a company how they may be vulnerable by levying a new type of attack that no one has ever tried before. When they successfully penetrate the system, the organization can then set up defenses to protect against this kind of penetration. This unique security opportunity makes the skills of an ethical hacker desirable for organizations that want to ensure their systems are well-defended against cybercriminals.What skills do Ethical Hackers need to know?In addition to proficiency in basic computer skills and use of the command line, ethical hackers must also develop technical skills related to programming, database management systems (DBMS), use of the Linux operating system (OS), cryptography, creation and management of web applications and computer networks like DHCP, NAT, and Subnetting. Becoming an ethical hacker involves learning at least one programming language and having a working knowledge of other common languages like Python, SQL, C++, and C. Ethical hackers must have strong problem-solving skills and the ability to think critically to come up with and test new solutions for securing systems. Ethical hackers should also understand how to use reverse engineering to uncover specifications and check a system for vulnerabilities by analyzing its code.Why do hackers use Linux?Many hackers use the Linux operating system (OS) because Linux is a free and open-source OS, meaning that anyone can modify it. It’s easy to access and customize all parts of Linux, which allows a hacker more control over manipulating the OS. Linux also features a well-integrated command-line interface, giving users a more precise level of control than many other systems offer. While Linux is considered more secure than many other systems, some hackers can modify existing Linux security distributions to use them as hacking software. Most ethical hackers prefer Linux because it's considered more secure than other operating systems and does not generally require the use of third-party antivirus software. Ethical hackers must be well-versed in Linux to identify loopholes and combat malicious hackers, as it’s one of the most popular systems for web servers.Is Ethical Hacking Legal?Yes, ethical hacking is legal because the hacker has full, expressed permission to test the vulnerabilities of a system. An ethical hacker operates within constraints stipulated by the person or organization for which they work, and this agreement makes for a legal arrangement. An ethical hacker is like someone who handles quality control for a car manufacturer. They may have to try to break certain components of the vehicle such as the windshield, suspension system, transmission, or engine to see where they are weak or how they can improve them. With ethical hacking, the hacker is trying to “break” the system to ascertain how it can be less vulnerable to cyberattacks. However, if an ethical hacker attacks an area of a network or computer without getting expressed permission from the owner, they could be considered a gray hat hacker, violating ethical hacking principles.What is the Certified Ethical Hacker ( CEH ) Certification Exam?The Certified Ethical Hacker (CEH) certification exam supports and tests the knowledge of auditors, security officers, site administrators, security professionals, and anyone else who wants to ensure a network is safe against cybercriminals. With the CEH credential, you can design and govern the minimum standards necessary for credentialing information that security professionals need to engage in ethical hacking. You can also make it known to the public if someone who has earned their CEH credentials has met or exceeded the minimum standards. You are also empowered to reinforce the usefulness and self-regulated nature of ethical hacking. The CEH exam doesn’t cater to specific security hardware or software vendors, such as Fortinet, Avira, Kaspersky, Cisco, or others, making it a vendor-neutral program.What is the Certified Information Security Manager ( CISM ) exam?Passing the Certified Information Security Manager (CISM) exam indicates that the credentialed individual is an expert in the governance of information security, developing security programs and managing them, as well as managing incidents and risk. For someone to be considered “certified,” they must have passed the exam within the last five years, as well as work full-time in a related career, such as information security and IT administration. The exam tests individuals’ knowledge regarding the risks facing different systems, how to develop programs to assess and mitigate these risks, and how to ensure an organization's information systems conform to internal and regulatory policies. The exam also assesses how a person can use tools to help an organization recover from a successful attack.What are the different types of hackers?The different types of hackers include white hat hackers who are ethical hackers and are authorized to hack systems, black hat hackers who are cybercriminals, and grey hat hackers, who fall in-between and may not damage your system but hack for personal gain. There are also red hat hackers who attack black hat hackers directly. Some call new hackers green hat hackers. These people aspire to be full-blown, respected hackers. State-sponsored hackers work for countries and hacktivists and use hacking to support or promote a philosophy. Sometimes a hacker can act as a whistleblower, hacking their own organization in order to expose hidden practices. There are also script kiddies and blue hat hackers. A script kiddie tries to impress their friends by launching scripts and download tools to take down websites and networks. When a script kiddie gets angry at…FAQ regarding Penetration Testing : What is penetration testing?Penetration testing, or pen testing, is the process of attacking an enterprise's network to find any vulnerabilities that could be present to be patched. Ethical hackers and security experts carry out these tests to find any weak spots in a system’s security before hackers with malicious intent find them and exploit them. Someone who has no previous knowledge of the system's security usually performs these tests, making it easier to find vulnerabilities that the development team may have overlooked. You can perform penetration testing using manual or automated technologies to compromise servers, web applications, wireless networks, network devices, mobile devices, and other exposure points.What are the different types of penetration testing?There are many types of penetration testing. Internal penetration testing tests an enterprise's internal network. This test can determine how much damage can be caused by an employee. An external penetration test targets a company's externally facing technology like their website or their network. Companies use these tests to determine how an anonymous hacker can attack a system. In a covert penetration test, also known as a double-blind penetration test, few people in the company will know that a pen test is occurring, including any security professional. This type of test will test not only systems but a company's response to an active attack. With a closed-box penetration test, a hacker may know nothing about the enterprise under attack other than its name. In an open-box test, the hacker will receive some information about a company's security to aid them in the attack.What are the different stages of penetration testing?Penetration tests have five different stages. The first stage defines the goals and scope of the test and the testing methods that will be used. Security experts will also gather intelligence on the company's system to better understand the target. The second stage of a pen test is scanning the target application or network to determine how they will respond to an attack. You can do this through a static analysis of application code and dynamic scans of running applications and networks. The third stage is the attack phase, when possible vulnerabilities discovered in the last stage are attacked with various hacking methods. In the fourth stage of a penetration test, the tester attempts to maintain access to the system to steal any sensitive data or damaging systems. The fifth and final stage of a pen test is the reporting phase, when testers compile the test results.Here is the list of  what you’ll learn by the end of course,    Setting Up The LaboratorySet Up Kali Linux from VMSet Up Kali Linux from ISO FileSet Up a Victim: Metasploitable LinuxSet Up a Victim: OWASP Broken Web ApplicationsSet Up a Victim: Windows SystemPenetration TestPenetration Test TypesSecurity AuditVulnerability ScanPenetration Test Approaches: Black Box to White BoxPenetration Test Phases: Reconnaissance to ReportingLegal Issues Testing StandardsNetwork ScanNetwork Scan TypesPassive Scan With WiresharkPassive Scan with ARP TablesActive Scan with HpingHping for Another Purpose: DDosNmap for Active Network ScanPing Scan to Enumerate Network HostsPort Scan with NmapSYN Scan, TCP Scan, UDP ScanVersion & Operating System DetectionInput & Output Management in NmapNmap Scripting EngineHow to Bypass Security Measures in Nmap ScansSome Other Types of Scans: XMAS, ACK, etc.Idle (Stealth) ScanVulnerability ScanIntroduction to Vulnerability ScanIntroduction to a Vulnerability Scanner: NessusNessus: Download, Install & SetupNessus: Creating a Custom PolicyNessus: First ScanAn Aggressive ScanNessus: Report FunctionExploitationExploitation TerminologiesExploit DatabasesManual ExploitationExploitation FrameworksMetasploit Framework (MSF)Introduction to MSF ConsoleMSF Console & How to Run an ExploitIntroduction to MeterpreterGaining a Meterpreter SessionMeterpreter BasicsPass the Hash: Hack Even There is No VulnerabilityPost-ExploitationPersistence: What is it?Persistence Module of MeterpreterRemoving a Persistence BackdoorNext Generation PersistenceMeterpreter for Post-Exploitation with Extensions: Core, Stdapi, Mimikatz…Post Modules of Metasploit Framework (MSF)Collecting Sensitive Data in Post-Exploitation PhasePassword CrackingPassword Hashes of Windows SystemsPassword Hashes of Linux SystemsClassification of Password CrackingPassword Cracking Tools in Action: Hydra, Cain and Abel, John the Ripper…OSINT (Open Source Intelligent) & Information Gathering Over the InternetIntroduction to Information GatheringUsing Search Engines to Gather InformationSearch Engine Tools: SiteDigger and SearchDiggityShodanGathering Information About the PeopleWeb ArchivesFOCA - Fingerprinting Organisations with Collected ArchivesFingerprinting Tools: The Harvester and Recon-NGMaltego - Visual Link Analysis ToolHacking Web ApplicationsTerms and Standards Intercepting HTTP & HTTPS Traffics with Burp SuiteAn Automated Tool: Zed Attack Proxy (ZAP) in DetailsInformation Gathering and Configuration FlawsInput & Output ManipulationCross Site Scripting (XSS)Reflected XSS, Stored XSS and DOM-Based XSSBeEF - The Browser Exploitation FrameworkSQL InjectionAuthentication FlawsOnline Password CrackingAuthorisation FlawsPath Traversal AttackSession ManagementSession Fixation AttackCross-Site Request Forgery (CSRF)Social Engineering & Phishing AttacksSocial Engineering Terminologies Creating Malware - TerminologiesMSF VenomVeil to Create Custom PayloadsTheFatRat - Installation and Creating a Custom MalwareEmbedding Malware in PDF FilesEmbedding Malware in Word DocumentsEmbedding Malware in Firefox Add-onsEmpire Project in ActionExploiting Java VulnerabilitiesSocial Engineering Toolkit (SET) for PhishingSending Fake Emails for PhishingVoice Phishing: VishingNetwork FundamentalsReference Models: OSI vs. TCP/IP Demonstration of OSI Layers Using WiresharkData Link Layer (Layer 2) Standards & ProtocolsLayer 2: Ethernet - Principles, Frames & HeadersLayer 2: ARP - Address Resolution ProtocolLayer 2: VLANs (Virtual Local Area Networks)Layer 2: WLANs (Wireless Local Area Networks)Introduction to Network Layer (Layer 3)Layer 3: IP (Internet Protocol)Layer 3: IPv4 Addressing SystemLayer 3: IPv4 SubnettingLayer 3: Private NetworksLayer 3: NAT (Network Address Translation)Layer 3: IPv6Layer 3: DHCP - How the Mechanism WorksLayer 3: ICMP (Internet Control Message Protocol)Layer 3: TracerouteIntroduction to Transport Layer (Layer 4)Layer 4: TCP (Transmission Control Protocol)Layer 4: UDP (User Datagram Protocol)Introduction to Application Layer (Layer 5 to 7)Layer 7: DNS (Domain Name System)Layer 7: HTTP (Hyper Text Transfer Protocol)Layer 7: HTTPSNetwork Layer & Layer-2 AttacksCreating Network with GNS3Network Sniffing: The “Man in the Middle” (MitM)Network Sniffing: TCPDumpNetwork Sniffing: WiresharkActive Network Devices: Router, Switch, HubMAC Flood Using MacofARP SpoofARP Cache Poisoning using EttercapDHCP Starvation & DHCP SpoofingVLAN Hopping: Switch Spoofing, Double TaggingReconnaissance on Network DevicesCracking the Passwords of the Services of Network DevicesCompromising SNMP: Finding Community Names Using NMAP ScriptsCompromising SNMP: Write Access Check Using SNMP-Check ToolCompromising SNMP: Grabbing SNMP Configuration Using MetasploitWeaknesses of the Network DevicesPassword Creation Methods of Cisco RoutersIdentity Management in the Network DevicesACLs (Access Control Lists) in Cisco Switches & RoutersSNMP (Simple Network Management Protocol) SecurityNetwork HackingNetwork SecurityethicalEthical Intelligencenmap nessusnmap coursenmap metaspolitComplete nmapKali linux nmapethical hackingpenetration testingbug bountyhackcyber securitykali linuxandroid hackingnetwork securityhackingsecuritysecurity testingnmapmetasploit metasploit frameworkpenetration testingoscpsecurity testingwindows hackingexploitbug bountybug bounty huntingwebsite hackingweb hackingpentest+pentest plusOSINT (Open Source Intelligent )social engineeringphishingsocial engineering tool kitYou'll also get: Lifetime Access to The Course Fast & Friendly Support in the Q&A section Udemy Certificate of Completion Ready for DownloadEnroll now to become professional Ethical Hacker!See you in the Penetration Testing and Ethical Hacking Complete Hands-on course!Ethical Hacking, Penetration Testing (Pentest+), Bug Bounty, Metasploit & Free Hacking Tools as Nmap for ethical hackerIMPORTANT: This course is created for educational purposes and all the information learned should be used when the attacker is authorised.  

Overview

Section 1: Introduction to Complete Ethical Hacking Course

Lecture 1 Introduction to ethical hacking

Lecture 2 FAQ regarding Ethical Hacking on Udemy:

Lecture 3 FAQ regarding Penetration Testing on Udemy:

Section 2: Bug Bounty

Lecture 4 Bug Bounty

Section 3: Setup the Lab

Lecture 5 Setting up the Laboratory

Lecture 6 Virtualisation Platforms

Lecture 7 Enabling Virtualization (VT-x or AMD-V) in BIOS

Lecture 8 Lab's Architecture Diagram

Lecture 9 Using VirtualBox vs VMware

Lecture 10 Installing & Running Oracle VM VirtualBox

Lecture 11 Installing Kali using the VMware Image - Step 1

Lecture 12 Installing Kali using the VMware Image - Step 2

Lecture 13 Installing Kali using the VMware Image - Step 3

Lecture 14 Installing Kali using the ISO file for VMware - Step 1

Lecture 15 Installing Kali using the ISO file for VMware - Step 2

Lecture 16 Installing Kali using the ISO file for VMware - Step 3

Lecture 17 Installing Kali on VirtualBox using the OVA file - Step 1

Lecture 18 Installing Kali on VirtualBox using the OVA file - Step 2

Lecture 19 Installing Kali on VirtualBox using the OVA file - Step 3

Lecture 20 Installing Kali using the ISO file for VirtualBox - Step 1

Lecture 21 Installing Kali using the ISO file for VirtualBox - Step 2

Lecture 22 Installing Kali using the ISO file for VirtualBox - Step 3

Lecture 23 Metasploitable Linux

Lecture 24 Metasploitable for VirtualBox

Lecture 25 OWASP Broken Web Applications

Lecture 26 Free Windows Operating Systems on VMware

Lecture 27 Free Windows Operating Systems on Oracle VM VirtualBox

Lecture 28 Windows Systems as Victim

Lecture 29 Configuring NAT Network for VirtualBox: Revisited

Lecture 30 Connections of Virtual Machines

Section 4: Introduction to Penetration Testing (Pentest +)

Lecture 31 Content of the Penetration Testing

Lecture 32 Definition of "Penetration Test"

Lecture 33 Penetration Test Types

Lecture 34 Security Audits

Lecture 35 Vulnerability Scan

Lecture 36 Terms: Asset, Threat, Vulnerability, Risk, Exploit

Lecture 37 Penetration Test Approaches

Lecture 38 Planning a Penetration Test

Lecture 39 Penetration Test Phases

Lecture 40 Legal Issues & Testing Standards

Section 5: Network Fundamentals

Lecture 41 Attention for Ethical Hackers

Lecture 42 Content of the Network Fundamentals

Lecture 43 Basic Terms of Networking

Lecture 44 Reference Models

Lecture 45 TCP/IP (Networking) Basics

Lecture 46 OSI Reference Model vs. TCP/IP Reference Model

Lecture 47 Network Layers in Real World

Lecture 48 Layer 2 - Data Link Layer

Lecture 49 Layer 2: Ethernet - Principles, Frames & Headers

Lecture 50 Layer 2: ARP - Address Resolution Protocol

Lecture 51 Layer 2: Analysing ARP Packets

Lecture 52 Layer 2: VLANs (Virtual Local Area Networks)

Lecture 53 Layer 2: WLANs (Wireless Local Area Networks)

Lecture 54 Layer 3 - Network Layer

Lecture 55 Layer 3: IP (Internet Protocol)

Lecture 56 Layer 3: IPv4 Addressing System

Lecture 57 Layer 3: IPv4 Packet Header

Lecture 58 Layer 3: Subnetting - Classful Networks

Lecture 59 Layer 3: Subnetting Masks

Lecture 60 Layer 3: Understanding IPv4 Subnets

Lecture 61 Layer 3: IPv4 Address Shortage

Lecture 62 Layer 3: Private Networks

Lecture 63 Layer 3: Private Networks - Demonstration

Lecture 64 Layer 3: NAT (Network Address Translation)

Lecture 65 Layer 3: IPv6, Packet Header & Addressing

Lecture 66 Layer 3: DHCP - How the Mechanism Works

Lecture 67 Layer 3: ICMP (Internet Control Message Protocol)

Lecture 68 Layer 3: Traceroute

Lecture 69 Layer 4 - Transport Layer

Lecture 70 Layer 4: TCP (Transmission Control Protocol)

Lecture 71 Layer 4: TCP Header

Lecture 72 Layer 4: UDP (User Datagram Protocol)

Lecture 73 Layer 5-7 - Application Layer

Lecture 74 Layer 7: DNS (Domain Name System)

Lecture 75 Layer 7: HTTP (Hyper Text Transfer Protocol)

Lecture 76 Layer 7: HTTPS

Lecture 77 Summary of Network Fundamentals

Section 6: Network Scan in Ethical Hacking

Lecture 78 Content of the Section ( network scan in ethical hacking )

Lecture 79 Network Scan Types

Lecture 80 Passive Scan with Wireshark

Lecture 81 Passive Scan with ARP Tables

Lecture 82 Active Scan with Hping

Lecture 83 Hping for Another Purpose: DDoS

Section 7: NMAP: The Network Mapper

Lecture 84 Introduction to Nmap

Lecture 85 Ping Scan

Lecture 86 TCP/IP (Networking) Basics

Lecture 87 TCP/IP Model on an Example

Lecture 88 TCP & UDP Protocols Basics

Lecture 89 Introduction to Port Scan

Lecture 90 SYN Scan

Lecture 91 Details of the Port Scan

Lecture 92 TCP Scan

Lecture 93 UDP Scan

Lecture 94 Version Detection in Nmap

Lecture 95 Operating System Detection

Lecture 96 Input & Output Management in Nmap

Lecture 97 Nmap Scripting Engine: Introduction

Lecture 98 Nmap Scripting Engine: First Run

Lecture 99 Nmap Scripting Engine: First Example

Lecture 100 Nmap Scripting Engine: Second Example

Lecture 101 Nmap Aggressive Scan

Lecture 102 How to Bypass Security Measures in Nmap Scans

Lecture 103 Timing of the Scans

Lecture 104 Some Other Types of Scans: XMAS, ACK, etc.

Lecture 105 Idle (Zombie) Scan

Section 8: Vulnerability Scan and Introduction to Nessus

Lecture 106 Introduction to Vulnerability Scan

Lecture 107 Introduction to Nessus

Lecture 108 Nessus® Home vs Nessus® Essentials

Lecture 109 Nessus: Download

Lecture 110 Nessus: Install & Setup

Lecture 111 Nessus: Creating a Custom Policy

Lecture 112 Nessus: First Scan

Lecture 113 An Aggressive Scan

Lecture 114 Results of an Aggressive Scan

Lecture 115 Results of an Aggressive Scan with Windows Systems

Lecture 116 Nessus: Report Function

Section 9: Exploitation (Gaining Session)

Lecture 117 Content of the Exploitation

Lecture 118 Exploitation Terminologies

Lecture 119 Exploit Databases

Lecture 120 Manual Exploitation

Lecture 121 Exploitation Frameworks

Lecture 122 Metasploit Framework (MSF): Introduction

Lecture 123 Architecture of Metasploit Framework

Lecture 124 Introduction to MSF Console

Lecture 125 MSF Console: Initialisation

Lecture 126 MSF Console: Search Function & Ranking of the Exploits

Lecture 127 MSF Console: Configure & Run an Exploit

Lecture 128 Introduction to Meterpreter

Lecture 129 Running the First Exploit in Meterpreter

Lecture 130 Meterpreter Basics on Linux

Lecture 131 Meterpreter Basics on Windows

Lecture 132 Pass the Hash: Hack Even There is No Vulnerability

Lecture 133 Pass the Hash: Preparation

Lecture 134 Pass the Hash: Gathering Some Hashes

Lecture 135 Pass the Hash: Try Other Assets

Section 10: Post Exploitation (Maintaining Access)

Lecture 136 Introduction to Post-Exploitation

Lecture 137 Persistence: What is it?

Lecture 138 Persistence Module of Meterpreter

Lecture 139 Removing a Persistence Backdoor

Lecture 140 Persist on a Windows 8 Using Meterpreter's Persistence Module

Lecture 141 Another Way of Persistence: Persistence Exe - I

Lecture 142 Another Way of Persistence: Persistence Exe - II

Lecture 143 Meterpreter for Post-Exploitation

Lecture 144 Meterpreter for Post-Exploitation: Core Extension

Lecture 145 Meterpreter for Post-Exploitation: Core Extension - Session Commands

Lecture 146 Meterpreter for Post-Exploitation: Core Extension - Channel Command

Lecture 147 Meterpreter for Post-Exploitation: Core Extension - Migrate Commands

Lecture 148 Meterpreter for Post-Exploitation: Stdapi Extension

Lecture 149 Meterpreter for Post-Exploitation: Stdapi Extension - File System Commands

Lecture 150 Meterpreter for Post-Exploitation: Stdapi Extension - System Commands

Lecture 151 Meterpreter for Post-Exploitation: Stdapi Extension - User Interface Commands

Lecture 152 Meterpreter for Post-Exploitation: Incognito Extension

Lecture 153 Meterpreter for Post-Exploitation: Mimikatz Extension

Lecture 154 Post Modules of Metasploit Framework (MSF)

Lecture 155 Post Modules: Gathering Modules

Lecture 156 Post Modules: Managing Modules

Section 11: Password Cracking in Ethical Hacking

Lecture 157 Introduction to Password Cracking

Lecture 158 Password Hashes of Windows Systems

Lecture 159 Password Hashes of Linux Systems

Lecture 160 Classification of Password Cracking

Lecture 161 Password Cracking Tools

Lecture 162 Hydra: Cracking the Password of a Web App

Lecture 163 Password Cracking with Cain & Abel

Lecture 164 Cain & Abel - Step 1: Install & First Run

Lecture 165 Cain & Abel: Gathering Hashes

Lecture 166 Cain & Abel: Importing Hashes

Lecture 167 Cain & Abel: A Dictionary Attack

Lecture 168 Cain & Abel: A Brute Force Attack

Lecture 169 John the Ripper

Section 12: Information Gathering Over the Internet

Lecture 170 Content of the Section (Information Gathering Over )

Lecture 171 Using Search Engines to Gather Information

Lecture 172 Search Engine Tool: SearchDiggity

Lecture 173 Shodan

Lecture 174 Gathering Information About the People

Lecture 175 Web Archives

Lecture 176 FOCA - Fingerprinting Organisations with Collected Archives

Lecture 177 Fingerprinting Tools: The Harvester and Recon-NG

Lecture 178 Maltego - Visual Link Analysis Tool

Section 13: Web Application Penetration Testing

Lecture 179 Content of the Penetration Testing

Lecture 180 Basic Terminologies - I

Lecture 181 Basic Terminologies - II

Lecture 182 Intercepting HTTP Traffic with Burp Suite

Lecture 183 Intercepting HTTPS Traffic with Burp Suite

Lecture 184 Classification of Web Attacks

Lecture 185 Zed Attack Proxy (ZAP): A Web App Vulnerability Scanner

Lecture 186 ZAP: Installation & Quick Scan

Lecture 187 ZAP: As a Personal Proxy

Lecture 188 ZAP: Intercepting the HTTPS Traffic

Lecture 189 ZAP: An Advanced Scan - Scanning a Website that Requires to Login

Lecture 190 Information Gathering and Configuration Flaws - I

Lecture 191 Information Gathering and Configuration Flaws - II

Lecture 192 Input & Output Manipulation

Lecture 193 XSS (Cross Site Scripting) - Reflected XSS

Lecture 194 XSS (Cross Site Scripting) - Stored and DOM Based XSS

Lecture 195 BeEF - The Browser Exploitation Framework

Lecture 196 SQL Injection - Part I

Lecture 197 SQL Injection - Part II

Lecture 198 SQL Injection - Part III

Lecture 199 Authentication

Lecture 200 Authentication Attacks

Lecture 201 Hydra: Cracking the Password of a Web App

Lecture 202 Authorization Flaws

Lecture 203 Path Traversal Attack Demo

Lecture 204 Session Management

Lecture 205 Session Fixation & Demo

Lecture 206 Cross Site Request Forgery (CSRF)

Section 14: Social Engineering & Phishing Attacks

Lecture 207 Content of the Section ( Social Engineering & Phishing Attacks )

Lecture 208 Social Engineering Terms

Lecture 209 Social Engineering Terminologies - II

Lecture 210 Creating Malware - Terminologies

Lecture 211 MSF Venom - Part I

Lecture 212 MSF Venom - Part II

Lecture 213 Veil to Create Malware

Lecture 214 Veil in Action

Lecture 215 TheFatRat to Create Malware

Lecture 216 TheFatRat in Action

Lecture 217 TheFatRat - Overcoming a Problem

Lecture 218 Embedding Malware in PDF Files

Lecture 219 Embedding Malware in Word Documents

Lecture 220 Embedding Malware in Firefox Add-ons

Lecture 221 Empire Project - Installation

Lecture 222 Empire in Action - Part I

Lecture 223 Empire in Action - Part II

Lecture 224 Exploiting Java Vulnerabilities

Lecture 225 Social Engineering Toolkit (SET) for Phishing

Lecture 226 Sending Fake Emails for Phishing

Lecture 227 Social Engineering by Phone a.k.a. Vishing

Section 15: Network Layer & Layer 2 Attacks

Lecture 228 Content of the Section (Network Layer & Layer 2 Attacks)

Lecture 229 GNS3 - Graphical Network Simulator

Lecture 230 GNS3: Setting Up the First Project

Lecture 231 GNS3: Tool Components

Lecture 232 GNS3: Building the Network

Lecture 233 GNS3: Attaching VMware VMs (Including Kali) to the Network

Lecture 234 GNS3: Configuring Switch & Router (Cisco) and creating VLANs

Lecture 235 Introduction to Network Security

Lecture 236 Sniffing

Lecture 237 Sniffing Network with TCPDump

Lecture 238 TCPDump in Action

Lecture 239 Wireshark to Sniff the Network Traffic

Lecture 240 Wireshark: Following Stream

Lecture 241 Wireshark: Summarise Network

Lecture 242 Active Network Devices: Router, Switch, Hub

Lecture 243 How to Expand Sniffing Space?

Lecture 244 MAC Flood: Switching

Lecture 245 MAC Flood Using Macof

Lecture 246 MAC Flood Countermeasures

Lecture 247 ARP Spoof

Lecture 248 ARP Cache Poisoning using Ettercap

Lecture 249 DHCP Starvation & DHCP Spoofing

Lecture 250 DHCP Mechanism

Lecture 251 DHCP Starvation - Scenario

Lecture 252 DHCP Starvation Demonstration with Yersinia

Lecture 253 VLAN Hopping

Lecture 254 VLAN Hopping: Switch Spoofing

Lecture 255 VLAN Hopping: Double Tagging

Section 16: Penetration Testing & Auditing Active Network Devices

Lecture 256 Reconnaissance: Finding Open Ports & Services Using NMAP

Lecture 257 Password Cracking

Lecture 258 Online SSH Password Cracking With Hydra

Lecture 259 Compromising SNMP: What is SNMP ?

Lecture 260 Compromising SNMP: Finding Community Names Using NMAP Scripts

Lecture 261 Compromising SNMP: Write Access Check Using SNMP-Check Tool

Lecture 262 Compromising SNMP: Grabbing SNMP Configuration Using Metasploit

Lecture 263 Weaknesses of the Network Devices

Lecture 264 Password Creation Methods of Cisco Routers

Lecture 265 Identity Management in the Network Devices

Lecture 266 ACLs (Access Control Lists) in Cisco Switches & Routers

Lecture 267 SNMP Protocol Security

Section 17: Extra

Lecture 268 Penetration Testing and Ethical Hacking Complete Hands-on,

People who want to start from scratch and to move more advanced level,Leaders of incident handling teams,People who want to take their Hacking skills to the next level,People who are cyber security experts,People who want transition to Cyber Security,Incident handlers,System administrators who are on the front lines defending their systems and responding to attacks,Other security personnel who are first responders when systems come under attack,Anyone who wants to learn ethical hacking