Video description
Welcome to this comprehensive course on ethical hacking! This course is focused on the practical side of penetration testing without neglecting the theory behind each attack. Before jumping into penetration testing, you will first learn how to set up a lab and install needed software to practice penetration testing on your own machine. All the attacks explained in this course are launched against real devices in Zaid's lab. The course is structured in a way that will take you through the basics of Linux, computer systems, networks, and how devices communicate with each other. We will start by talking about how we can exploit these systems to carry out a number of powerful attacks. This course will take you from a beginner to a more advanced level and by the time you finish, you will have knowledge about most penetration testing fields. You will also learn how to discover and exploit a number of dangerous vulnerabilities such as SQL injections, XSS vulnerabilities, and so on. At the end of each section you will learn how to detect, prevent and secure your system and yourself from these attacks. All the attacks in this course are practical attacks that work against any computer device, so it does not matter if the device is a phone, tablet, laptop, or whatever. Each attack is explained in a simple way: first you will learn the theory behind each attack and then you will learn how to carry out the attack using Kali Linux.
What You Will Learn
- In this course, you have access to 120 detailed videos about ethical hacking and computer security
- Learn about hacking, ethical hacking, and different types of hackers
- Learn about the different fields of ethical hacking
- Set up a lab environment to practice hacking
- Install Kali Linux - a penetration testing operating system
- Install Windows and vulnerable operating systems as virtual machines for testing
- Learn Linux basics and commands and how to interact with the terminal
- Learn network penetration testing, network basics, how devices interact inside a network, and a number of practical attacks that can be used without knowing the key to the target network
- Control the connections of clients around you without knowing the password
- Create a fake Wi-Fi network with internet connection and spy on clients and much more
Audience
Anybody who is interested in learning ethical hacking or penetration testing; anybody who wants to learn how hackers would attack their computer systems; anybody who wants to learn how to secure their systems from a hacker.
About The Author
Zaid Sabih: Zaid Sabih is an ethical hacker, a computer scientist, and the founder and CTO of zSecurity. He has valuable experience in ethical hacking—he started working as a pentester with iSecurity. In 2013, he started teaching his first network hacking course—which received amazing feedback—leading him to publish a number of online ethical hacking courses, each focusing on a specific topic, all of which are dominating ethical hacking. Now, Zaid has more than 300,000 students worldwide.
Table of contents
- Chapter 1 : Introduction
- Chapter 2 : Setting up The Lab
- Chapter 3 : Linux Basics
- Chapter 4 : Network Penetration Testing
- Chapter 5 : Network Penetration Testing - Pre Connection Attacks
-
Chapter 6 : Network Penetration Testing - Gaining Access (WEP/WPA/WPA2 Cracking)
- Gaining Access Introduction
- WEP Cracking - Theory behind Cracking WEP Encryption
- WEP Cracking - Basic Case
- WEP Cracking - Fake Authentication
- WEP Cracking - ARP Request Replay Attack
- WPA Cracking – Introduction
- WPA Cracking - Exploiting WPS Feature
- WPA Cracking - Theory behind WPA/WPA2 Cracking
- WPA Cracking - How to Capture the Handshake
- WPA Cracking - Creating a Wordlist
- WPA Cracking - Using a Wordlist Attack
- How to Configure Wireless Security Settings to Secure Your Network
-
Chapter 7 : Network Penetration Testing - Post Connection Attacks
- Introduction
- Information Gathering - Discovering Connected Clients using netdiscover
- Gathering More Information Using Autoscan
- 7_4_T
- MITM - ARP Poisoning Theory
- MITM - ARP Spoofing using arpspoof
- MITM - ARP Spoofing Using MITMf
- MITM - Bypassing HTTPS
- MITM - Session Hijacking
- MITM - DNS Spoofing
- MITM - Capturing Screen of Target Injecting a Keylogger
- MITM - Injecting JavaScript/HTML Code
- MITM - Using MITMf against Real Networks
- Wireshark - Basic Overview How to Use It with MITM Attacks
- Wireshark - Sniffing Data Analysing HTTP Traffic
- Wireshark - Capturing Passwords Cookies Entered By Any Device in the Network
- Chapter 8 : Network Penetration Testing - Detection Security
- Chapter 9 : Gaining Access to Computer Devices
-
Chapter 10 : Gaining Access - Server Side Attacks
- Introduction
- Basic Information Gathering Exploitation
- Using a Basic Metasploit Exploit
- Exploiting a Code Execution Vulnerability
- MSFC - Installing MSFC (Metasploit Community)
- MSFC - Scanning Target(s) For Vulnerabilities
- MSFC - Analysing Scan results Exploiting Target System
- Nexpose - Installing Nexpose
- Nexpose - How to Configure Launch a Scan
- Nexpose - Analysing Scan Results Generating Reports
-
Chapter 11 : Gaining Access - Client Side Attacks
- Introduction
- Installing Veil 3
- Veil Overview Payloads Basics
- Generating an Undetectable Backdoor Using Veil 3
- Listening For Incoming Connections
- Using a Basic Delivery Method to Test the Backdoor Hack Windows 10
- Backdoor Delivery Method 1 - Using a Fake Update
- Backdoor Delivery Method 2 - Backdooring Downloads on the Fly
- How to Protect Yourself from the Discussed Delivery Methods
-
Chapter 12 : Gaining Access - Client Side Attacks - Social Engineering
- Introduction
- Maltego Basics
- Discovering Websites, Links Social Networking Accounts Associated With Target
- Discovering Twitter Friends Associated Accounts
- Discovering Emails of the Target's Friends
- Analysing the Gathered Info Building an Attack Strategy
- Backdooring Any File Type (images, pdf's ...etc)
- Compiling Changing Trojan's Icon
- Spoofing .exe Extension to Any Extension (jpg, pdf ...etc)
- Spoofing Emails - Send Emails as Any Email Account You Want
- BeEF Overview Basic Hook Method
- BeEF - hooking targets using MITMf
- BeEF - Running Basic Commands On Target
- BeEF - Stealing Credentials/Passwords Using a Fake Login Prompt
- BeEF - Gaining Full Control over Windows Target
- Detecting Trojans Manually
- Detecting Trojans Using a Sandbox
- Chapter 13 : Gaining Access - Using the Above Attacks outside the Local Network
-
Chapter 14 : Post Exploitation
- Introduction
- Meterpreter Basics
- File System Commands
- Maintaining Access - Basic Methods
- Maintaining Access - Using a Reliable Undetectable Method
- Spying - Capturing Key Strikes Taking Screen Shots
- Pivoting - Theory (What is Pivoting?)
- Pivoting - Exploiting Devices on the Same Network as the Target Computer
- Chapter 15 : Website Penetration Testing
- Chapter 16 : Website Pentesting - Information Gathering
-
Chapter 17 : Website Pentesting - File Upload, Code Execution File Inclusion Vulnerabilities
- Discovering Exploiting File Upload Vulnerabilities
- Discovering Exploiting Code Execution Vulnerabilities
- Discovering Exploiting Local File Inclusion Vulnerabilities
- Remote File Inclusion Vulnerabilities - Configuring PHP Settings
- Remote File Inclusion Vulnerabilities - Discovery Exploitation
- Preventing the Above Vulnerabilities
-
Chapter 18 : Website Pentesting - SQL Injection Vulnerabilities
- What is SQL?
- Dangers of SQL Injection Vulnerabilities
- Discovering SQL injections In POST
- Bypassing Logins Using SQL injection Vulnerability
- Discovering SQL injections in GET
- Reading Database Information
- Finding Database Tables
- Extracting Sensitive Data Such As Passwords
- Reading Writing Files on the Server Using SQL Injection Vulnerability
- Discovering SQL Injections Extracting Data Using SQLmap
- The Right Way to Prevent SQL Injection
- Chapter 19 : Website Pentesting - Cross Site Scripting Vulnerabilities
- Chapter 20 : Website Pentesting - Discovering Vulnerabilities Automatically Using OWASP ZAP
Product information
- Title: Learn Ethical Hacking From Scratch
- Author(s):
- Release date: April 2018
- Publisher(s): Packt Publishing
- ISBN: 9781789340297
You might also like
book
Learn Ethical Hacking from Scratch
Learn how to hack systems like black hat hackers and secure them like security experts Key …
video
Ethical Hacking Masterclass
Security is the foremost concern for all organizations both big and small. Hacking doesn't always mean …
book
Ethical Hacking
A crash course in modern hacking techniques, Ethical Hacking is already being used to prepare the …
video
Ethical Hacking
Ethical hacking, or security testing, is the art and science of finding the flaws in an …