Learn Ethical Hacking From Scratch

Become an ethical hacker that can hack computer systems like black hat hackers and secure them like security experts.

What you'll learn

135+ ethical hacking & security videos.

Start from 0 up to a high-intermediate level.

Learn ethical hacking, its fields & the different types of hackers.

Install a hacking lab & needed software (on Windows, OS X and Linux).

Hack & secure both WiFi & wired networks.

Understand how websites work, how to discover & exploit web application vulnerabilities to hack websites.

Use 30+ hacking tools such as Metasploit, Aircrack-ng, SQLmap…..etc.

Discover vulnerabilities & exploit them to hack into servers.

Hack secure systems using client-side & social engineering.

Secure systems from all the attacks shown.

Install & use Kali Linux - a penetration testing operating system.

Learn linux basics.

Learn linux commands & how to interact with the terminal.

Learn Network Hacking / Penetration Testing.

Network basics & how devices interact inside a network.

Run attacks on networks without knowing its key.

Control Wi-Fi connections without knowing the password.

Create a fake Wi-Fi network with internet connection & spy on clients.

Gather detailed information about networks & connected clients like their OS, ports …etc.

Crack WEP/WPA/WPA2 encryptions using a number of methods.

ARP Spoofing / ARP Poisoning.

Launch various Man In The Middle attacks.

Access any account accessed by any client on the network.

Sniff network traffic & analyse it to extract important info such as: passwords, cookies, urls, videos, images ..etc.

Intercept network traffic & modify it on the fly.

Discover devices connected to the same network.

Inject Javascript in pages loaded by clients connected to the same network.

Redirect DNS requests to any destination (DNS spoofing).

Secure networks from the discussed attacks.

Edit router settings for maximum security.

Discover suspicious activities in networks.

Encrypt traffic to prevent MITM attacks.

Discover open ports, installed services and vulnerabilities on computer systems.

Hack servers using server side attacks.

Exploit buffer over flows & code execution vulnerabilities to gain control over systems.

Hack systems using client side attacks.

Hack systems using fake updates.

Hack systems by backdooring downloads on the fly.

Create undetectable backdoors.

Backdoor normal programs.

Backdoor any file type such as pictures, pdf's …etc.

Gather information about people, such as emails, social media accounts, emails and friends.

Hack secure systems using social engineering.

Send emails from ANY email account without knowing the password for that account.

Analyse malware.

Manually detect undetectable malware.

Read, write download, upload and execute files on compromised systems.

Capture keystrokes on a compromised system.

Use a compromised computer as a pivot to hack other systems.

Understand how websites & web applications work.

Understand how browsers communicate with websites.

Gather sensitive information about websites.

Discover servers, technologies & services used on target website.

Discover emails & sensitive data associated with a specific website.

Discover subdomains associated with a website.

Discover unpublished directories & files associated with a target website.

Discover websites hosted on the same server as the target website.

Exploit file upload vulnerabilities to gain control over target website.

Discover, exploit and fix code execution vulnerabilities.

Discover, exploit & fix local file inclusion vulnerabilities.

Discover, exploit & fix SQL injection vulnerabilities.

Bypass login forms and login as admin using SQL injections.

Exploit SQL injections to find databases, tables & sensitive data such as usernames, passwords…etc

Read / Write files to the server using SQL injections.

Learn the right way to write SQL queries to prevent SQL injections.

Discover reflected XSS vulnerabilities.

Discover Stored XSS vulnerabilities.

Hook victims to BeEF using XSS vulnerabilities.

Fix XSS vulnerabilities & protect yourself from them as a user.

Discover MITM & ARP Spoofing attacks.

Requirements

Basic IT Skills

No Linux, programming or hacking knowledge required.

Computer with a minimum of 4GB ram/memory.

Operating System: Windows / Apple Mac OS / Linux.

For WiFi cracking (10 lectures ONLY) - Wireless adapter that supports monitor mode (more info provided in the course).

Description

Welcome this comprehensive Ethical Hacking course! This course assumes you have NO prior knowledge and by the end of it you'll be able to hack systems like black-hat hackers and secure them like security experts!This course is highly practical but it won't neglect the theory; we'll start with ethical hacking basics, breakdown the different penetration testing fields and install the needed software (on Windows, Linux and Mac OS X), then we'll dive and start hacking straight away. You'll learn everything by example, by analysing and exploiting different systems such as networks, servers, clients, websites …..etc. We'll never have any boring dry theoretical lectures.The course is divided into a number of sections, each section covers a penetration testing / hacking field, in each of these sections you'll first learn how the target system works, the weaknesses of this system, and how to practically exploit theses weaknesses to hack this system.By the end of the course you will have a strong foundation in most hacking or penetration testing fields and you'll also learn how to detect, prevent and secure systems and yourself from the discussed attacks.  The course is divided into four main sections:   1. Network Hacking - This section will teach you how to test the security of both wired & wireless networks. First, you will learn network basics, how they work, and how devices communicate with each other. Then it will branch into three sub sections:   Pre-connection attacks: in this subsection you'll learn a number of attacks that can be executed without connecting to the target network and without the need to know the network password; you'll learn how to gather information about the networks around you, discover connected devices, and control connections (deny/allow devices from connecting to networks). Gaining Access: Now that you gathered information about the networks around you, in this subsection you will learn how to crack the key and get the password to your target network whether it uses WEP, WPA or even WPA2.Post Connection attacks: Now that you have the key, you can connect to the target network, in this subsection you will learn a number of powerful techniques that allow you to gather comprehensive information about the connected devices, see anything they do on the internet (such as login information, passwords, visited urls, images, videos ….etc), redirect requests, inject evil code in loaded pages and much more! All of these attacks work against both wireless and wired networks. You will also learn how to create a fake WiFi network, attract users to connect to it and use all of the above techniques against the connected clients.2. Gaining Access - In this section you will learn two main approaches to gain full control or hack computer systems:Server Side Attacks:  In this subsection you will learn how to gain full access to computer systems without user interaction. You will learn how to gather useful information about a target computer system such as its operating system, open ports, installed services, then use this information to discover weaknesses and vulnerabilities and exploit them to gain full control over the target. Finally you will learn how to automatically scan servers for vulnerabilities and generate different types of reports with your discoveries.Client Side Attacks - If the target system does not contain any weaknesses then the only way to hack it is by interacting with the users, in this subsection you'll learn how to get the target user to install a backdoor on their system without even realising, this is done by hijacking software updates or backdooring downloads on the fly. This subsection also teaches you how to use social engineering to hack secure systems, so you'll learn how to gather comprehensive information about system users such as their social accounts, friends, their mails…..etc, you'll learn how to create trojans by backdooring normal files (such as an image or a pdf) and use the gathered information to spoof emails so they appear as if they're sent from the target's friend, boss or any email account they're likely to interact with, to social engineer them into running your trojan.3. Post Exploitation - In this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute), maintain your access, spy on the target (capture key strikes, turn on the webcam, take screenshots….etc) and even use the target computer as a pivot to hack other systems.4. Website / Web Application Hacking - In this section you will learn how websites work, how to gather information about a target website (such as website owner, server location, used technologies ….etc) and how to discover and exploit the following dangerous vulnerabilities to hack websites:File Upload.Code Execution.Local File Inclusion.Remote File Inclusion.SQL Injection.Cross Site Scripting (XSS).At the end of each section you will learn how to detect, prevent and secure systems and yourself from the discussed attacks.  All the techniques in this course are practical and work against real systems, you'll understand the whole mechanism of each technique first, then you'll learn how to use it to hack the target system. By the end of the course you'll be able to modify these techniques to launch more powerful attacks, and adopt them to suit different situations and different scenarios.With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 15 hours.   Notes: This course is created for educational purposes only, all the attacks are launched in my own lab or against systems that I have permission to test.This course is totally a product of Zaid Sabih & zSecurity and no other organisation is associated with it or a certification exam. Although, you will receive a Course Completion Certification from Udemy, apart from that NO OTHER ORGANISATION IS INVOLVED.

Overview

Section 1: Introduction

Lecture 1 Teaser - Hacking a Windows 11 Computer & Accessing Webcam

Lecture 2 Course Introduction & Overview

Lecture 3 What Is Hacking & Why Learn It ?

Section 2: Setting up a Hacking Lab

Lecture 4 Lab Overview

Lecture 5 Initial Preparation

Lecture 6 Installing Kali Linux as a VM on Windows

Lecture 7 Installing Kali Linux as a VM on Apple Mac OS

Lecture 8 Installing Kali Linux as a VM on Linux

Section 3: Linux Basics

Lecture 9 Basic Overview of Kali Linux

Lecture 10 The Terminal & Linux Commands

Section 4: Network Hacking

Lecture 11 Introduction to Network Penetration Testing / Hacking

Lecture 12 Networks Basics

Lecture 13 Connecting a Wireless Adapter To Kali

Lecture 14 What is MAC Address & How To Change It

Lecture 15 Wireless Modes (Managed & Monitor)

Section 5: Network Hacking - Pre Connection Attacks

Lecture 16 Packet Sniffing Basics

Lecture 17 WiFi Bands - 2.4Ghz & 5Ghz Frequencies

Lecture 18 Targeted Packet Sniffing

Lecture 19 Deauthentication Attack (Disconnecting Any Device From The Network)

Section 6: Network Hacking - Gaining Access - WEP Cracking

Lecture 20 Gaining Access Introduction

Lecture 21 Theory Behind Cracking WEP Encryption

Lecture 22 WEP Cracking Basics

Lecture 23 Fake Authentication Attack

Lecture 24 ARP Request Replay Attack

Section 7: Network Hacking - Gaining Access - WPA / WPA2 Cracking

Lecture 25 Introduction to WPA and WPA2 Cracking

Lecture 26 Hacking WPA & WPA2 Without a Wordlist

Lecture 27 Capturing The Handshake

Lecture 28 Creating a Wordlist

Lecture 29 Cracking WPA & WPA2 Using a Wordlist Attack

Section 8: Network Hacking - Gaining Access - Security

Lecture 30 Securing Your Network From Hackers

Lecture 31 Configuring Wireless Settings for Maximum Security

Section 9: Network Hacking - Post Connection Attacks

Lecture 32 Introduction to Post-Connection Attacks

Section 10: Network Hacking - Post-Connection Attacks - Information Gathering

Lecture 33 Installing Windows As a Virtual Machine

Lecture 34 Discovering Devices Connected to the Same Network

Lecture 35 Gathering Sensitive Info About Connected Devices (Device Name, Ports….etc)

Lecture 36 Gathering More Sensitive Info (Running Services, Operating System….etc)

Section 11: Network Hacking - Post Connection Attacks - MITM Attacks

Lecture 37 What is ARP Poisoning ?

Lecture 38 Intercepting Network Traffic

Lecture 39 Bettercap Basics

Lecture 40 ARP Spoofing Using Bettercap

Lecture 41 Spying on Network Devices (Capturing Passwords, Visited Websites…etc)

Lecture 42 Creating Custom Spoofing Script

Lecture 43 Bypassing HTTPS

Lecture 44 Bypassing HSTS

Lecture 45 Bypassing HSTS Recap - Firefox

Lecture 46 Bypassing HSTS Recap - Chrome

Lecture 47 DNS Spoofing - Controlling DNS Requests on The Network

Lecture 48 Injecting Javascript Code

Lecture 49 Doing All of The Above Using a Graphical Interface

Lecture 50 Wireshark - Basic Overview & How To Use It With MITM Attacks

Lecture 51 Wireshark - Sniffing & Analysing Data

Lecture 52 Wireshark - Using Filters, Tracing & Dissecting Packets

Lecture 53 Wireshark - Capturing Passwords & Anything Sent By Any Device In The Network

Lecture 54 Creating a Fake Access Point (Honeypot) - Theory

Lecture 55 Creating a Fake Access Point (Honeypot) - Practical

Section 12: Network Hacking - Detection & Security

Lecture 56 Detecting ARP Poisoning Attacks

Lecture 57 Detecting suspicious Activities In The Network

Lecture 58 Preventing MITM Attacks - Method 1

Lecture 59 Preventing MITM Attacks - Method 2

Section 13: Gaining Access To Computers

Lecture 60 Gaining Access Introduction

Section 14: Gaining Access - Server Side Attacks

Lecture 61 Installing Metasploitable As a Virtual Machine

Lecture 62 Introduction to Server-Side Attacks

Lecture 63 Basic Information Gathering & Exploitation

Lecture 64 Hacking a Remote Server Using a Basic Metasploit Exploit

Lecture 65 Exploiting a Code Execution Vulnerability to Hack into a Remote Server

Lecture 66 Nexpose - Installing Nexpose

Lecture 67 Nexpose - Scanning a Target Server For Vulnerabilities

Lecture 68 Nexpose - Analysing Scan Results & Generating Reports

Lecture 69 Server-Side Attacks Conclusion

Section 15: Gaining Access - Client Side Attacks

Lecture 70 Introduction to Client-Side Attacks

Lecture 71 Installing Veil Framework

Lecture 72 Veil Overview & Payloads Basics

Lecture 73 Generating An Undetectable Backdoor

Lecture 74 Listening For Incoming Connections

Lecture 75 Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10

Lecture 76 Hacking Windows 10 Using Fake Update

Lecture 77 Backdooring Downloads on The Fly to Hack Windows 10

Lecture 78 How to Protect Yourself From The Discussed Delivery Methods

Section 16: Gaining Access - Client Side Attacks - Social Engineering

Lecture 79 Introduction to Social Engineering

Lecture 80 Maltego Basics

Lecture 81 Discovering Websites, Links & Social Accounts Associated With Target

Lecture 82 Discovering Twitter Friends & Associated Accounts

Lecture 83 Discovering Emails Of The Target's Friends

Lecture 84 Analysing The Gathered Info & Building An Attack Strategy

Lecture 85 Backdooring Any File Type (images, pdf's …etc)

Lecture 86 Compiling & Changing Trojan's Icon

Lecture 87 Spoofing .exe Extension To Any Extension (jpg, pdf …etc)

Lecture 88 Spoofing Emails - Setting Up an SMTP Server

Lecture 89 Email Spoofing - Sending Emails as Any Email Account

Lecture 90 Email Spoofing - Method 2

Lecture 91 BeEF Overview & Basic Hook Method

Lecture 92 BeEF - Hooking Targets Using Bettercap

Lecture 93 BeEF - Running Basic Commands On Target

Lecture 94 BeEF - Stealing Passwords Using A Fake Login Prompt

Lecture 95 BeEF - Hacking Windows 10 Using a Fake Update Prompt

Lecture 96 Detecting Trojans Manually

Lecture 97 Detecting Trojans Using a Sandbox

Section 17: Gaining Access - Using The Above Attacks Outside The Local Network

Lecture 98 Overview of the Setup

Lecture 99 Ex1 - Generating a Backdoor That Works Outside The Network

Lecture 100 Configuring The Router To Forward Connections To Kali

Lecture 101 Ex2 - Using BeEF Outside The Network

Section 18: Post Exploitation

Lecture 102 Introduction to Post Exploitation

Lecture 103 Meterpreter Basics

Lecture 104 File System Commands

Lecture 105 Maintaining Access - Basic Methods

Lecture 106 Maintaining Access - Using a Reliable & Undetectable Method

Lecture 107 Spying - Capturing Key Strikes & Taking Screen Shots

Lecture 108 Pivoting - Theory (What is Pivoting?)

Lecture 109 Pivoting - Using a Hacked System to Hack Into Other Systems

Section 19: Website Hacking

Lecture 110 Introduction - What Is A Website ?

Lecture 111 How To Hack a Website?

Section 20: Website Hacking - Information Gathering

Lecture 112 Gathering Basic Information Using Whois Lookup

Lecture 113 Discovering Technologies Used On The Website

Lecture 114 Gathering Comprehensive DNS Information

Lecture 115 Discovering Websites On The Same Server

Lecture 116 Discovering Subdomains

Lecture 117 Discovering Sensitive Files

Lecture 118 Analysing Discovered Files

Section 21: Website Hacking - File Upload, Code Execution & File Inclusion Vulns

Lecture 119 Discovering & Exploiting File Upload Vulnerabilities To Hack Websites

Lecture 120 Discovering & Exploiting Code Execution Vulnerabilities To Hack Websites

Lecture 121 Discovering & Exploiting Local File Inclusion Vulnerabilities

Lecture 122 Remote File Inclusion Vulnerabilities - Configuring PHP Settings

Lecture 123 Remote File Inclusion Vulnerabilities - Discovery & Exploitation

Lecture 124 Preventing The Above Vulnerabilities

Section 22: Website Hacking - SQL Injection Vulnerabilities

Lecture 125 What is SQL?

Lecture 126 Dangers of SQL Injection Vulnerabilities

Lecture 127 Discovering SQL injections In POST

Lecture 128 Bypassing Logins Using SQL injection

Lecture 129 Discovering SQL injections in GET

Lecture 130 Reading Database Information

Lecture 131 Discovering Database Tables

Lecture 132 Extracting Sensitive Data From The Database (Such As Passwords, User info…etc)

Lecture 133 Reading & Writing Files On The Server Using SQL Injection Vulnerability

Lecture 134 Discovering SQL Injections & Extracting Data Using SQLmap

Lecture 135 The Right Way To Prevent SQL Injection Vulnerabilities

Section 23: Website Hacking - Cross Site Scripting Vulnerabilities

Lecture 136 Introduction to Cross Site Scripting?

Lecture 137 Discovering Reflected XSS

Lecture 138 Discovering Stored XSS

Lecture 139 Exploiting XSS - Hooking Vulnerable Page Visitors To BeEF

Lecture 140 Preventing XSS Vulnerabilities

Section 24: Website Hacking - Discovering Vulnerabilities Automatically

Lecture 141 Automatically Scanning Target Website For Vulnerabilities

Lecture 142 Analysing Scan Results

Lecture 143 Website Hacking / Penetration Testing Conclusion

Lecture 144 Writing a Pentest Report

Lecture 145 4 Ways to Secure Websites & Apps

Section 25: Bonus Section

Lecture 146 Bonus Lecture - Discounts

Anybody interested in learning ethical hacking / penetration testing,Anybody interested in learning how hackers hack computer systems,Anybody interested in learning how to secure systems from hackers