Get $1 credit for every $25 spent!

The All-In-One 2021 Super-Sized Ethical Hacking Bundle

Ending In:
Add to Cart - $42.99
Add to Cart ($42.99)
$3,284
98% off
wishlist
Courses
18
Lessons
1,686
Enrolled
1,084

What's Included

Product Details

Access
Lifetime
Content
8.0 hours
Lessons
60

Complete Python 3 Ethical Hacking Course: Zero to Mastery

Learn to Code 10+ Penetration Testing Tools from Scratch

By Aleksa Tamburkovski | in Online Courses

This comprehensive course is not filled with fluff but filled with only the most actionable and latest tips and strategies. You'll start with an overview of Python 3 Ethical Hacking, learn to hack 2 target machines at once, install Virtual Box and Kali Linux. You'll then learn to gather information with Python, like scanning for one port, converting domains to an IP address, scanning multiple targets at once, grabbing banners from open ports, importing Port scanner into a different program, and a lot more!

4.6/5 average rating: ★ ★ ★ ★

  • Access 60 lectures & 8 hours of content 24/7
  • Set up virtual environment for ethical hacking
  • Code your own penetration testing tools
  • Use PyCharm to create your own programs
  • Create 10+ projects with Python
  • Create your own advance backdoor that you can use in your penetration testing
"I'm am VERY impressed with the effort put into this course! I'm about halfway thru, and I give this course FIVE STARS - - that's a first! No build problems, stale libraries, fluff or missing parts!" – Geek Sellers
Aleksa Tamburkovski | Ethical Hacker
4.6/5 Instructor Rating: ★ ★ ★ ★
Aleksa is a Penetration Tester with over 5 years of experience in Ethical Hacking and Cyber Security. As a self-made hacker that started from a young age, he has learned it all from Ethical Hacking and Cyber Security to Online Privacy and How To Become Anonymous Online.

He has worked and discovered vulnerabilities for multiple companies and governments. He also worked as a freelancer that tested private web applications. He believes that Online Security and Privacy is something valuable but also that it doesn't get enough attention as many cyber-attacks are being executed every single day! No System is Safe and that is why we are here to discover vulnerabilities and secure them before the bad guys

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Your First Program
  • Introduction
    • Welcome To Our Python Hacking Course - 2:52
    • Hacking 2 Target Machines At Once - Course Teaser - 5:44
    • Virtual Box Install - 4:29
    • Creating Virtual Machine - 6:18
    • Kali Linux Installation - 5:55
    • Are You New To Kali Linux ?
    • Installing PyCharm - 7:58
  • Portscanner - Gathering Information With Python
    • Needed Libraries & Virtual Environment - 5:52
    • Scanning For One Port - 7:22
    • Adding Timeout Function - 7:00
    • Converting Domain Name To An IP Address - 6:41
    • Scanning Multiple Targets At Once - 11:23
    • Grabbing Banner From Open Ports - 9:56
    • Importing Portscanner Into A Different Program - 12:46
  • Vulnerability Scanner - Finding Vulnerable Ports
    • Creating New Project And Importing Libraries - 4:10
    • Three Things We Need To Run Our Program - 7:09
    • Converting Portscanner To A Class - 17:15
    • Finding Vulnerable Ports - 14:57
    • Vulnerability Scanner Recap - 3:46
  • Threaded SSH Bruteforcer
    • BONUS - Installing Metasploitable - 4:27
    • Establishing SSH Connection With The Target - 7:33
    • Interacting With Passwords File - 5:13
    • Automating SSH Connection - 5:20
    • SSH Dictionary Attack - 10:18
    • Faster Bruteforcing With Threads - 6:40
  • Man in The Middle With Python - Arpspoofer
    • What is ARP Spoofing & How To Craft ARP Packet In Python - 8:31
    • Manually Sending Malicious ARP Packets - 13:58
    • Getting Target Machine & Router MAC Address - 9:16
    • Man In The Middle Attack With Python - 10:31
    • Program Recap & What Do We Use It For ? - 2:31
  • Password Sniffer - Stealing Private Data With Python
    • Starting Password Sniffer & Combining It With Arpspoofer - 5:34
    • Username & Password Fields - 4:11
    • Finding Password Pattern - 7:19
    • Capturing Website Login Information - 6:38
    • Combining ARPSpoofer With Password Sniffer - 5:44
  • Cracking Password Hashes With Python - POSTEXPLOIT Attack
    • Getting Hashed Passwords With SQL Injection - 6:10
    • Building MD5 & SHA1 Cracker - 16:34
    • BONUS - Wireless Bruteforcer - 4:15
  • Keylogger - Capture Keyboard Inputs Using Python
    • Installing Python 3 For Windows & Pyinstaller - 5:38
    • Processing Keyboard Inputs - 6:06
    • Hiding Keylogger And Writing Keyboard Inputs - 12:20
    • Testing Our Keylogger On Windows 10 Target - 12:06
  • Backdoor - Hacking Windows Machines
    • Base Part Of Our Backdoor & Server - 11:41
    • Controlling Target Machine & Executing Commands - 15:20
    • Showing All The Available Backdoor Options - 10:47
    • Implementing Clear Command - 2:11
    • Changing Directories On Target Machine - 5:01
    • Uploading Files To Our Victim - 15:04
    • Downloading FIles From Target System - 5:29
    • Screenshoting Targets Desktop - 9:27
    • Converting Keylogger To Class - 13:01
    • Implementing Keylogger To Our Backdoor - 8:38
    • Hiding Our Backdoor & Adding It To Registry - 15:39
    • BONUS 3 - Trying To Establish Connection Certain Period Of Time - 3:33
    • BONUS 4 - Masking Backdoor Into An Image - 5:30
  • Control Multiple Sessions At Once - BOTNET Simulation
    • Going Over The Command & Control Center Code - 11:38
    • Final Test Of Our Backdoor & Server - 12:20
  • Email Scraper - Gather Target Emails For Future Attack
    • Limiting URL Number - 5:47
    • Finding Emails From The Page Body - 6:07
    • Printing Out All The Scraped Emails - 7:06

View Full Curriculum


Access
Lifetime
Content
26.0 hours
Lessons
328

Complete Ethical Hacking & Penetration Testing Course

Web Hacking, Phishing, NMAP, Password Cracking, Penetration Testing, Metasploit & More

By Oak Academy | in Online Courses

This course is expertly designed to teach everyone from complete beginners right through to pro hackers. You'll go from beginner to extremely high-level, and I will take you through each step with hands-on examples. And if you are a pro-Ethical Hacker, then take this course to absorb the latest skills while refreshing existing ones quickly. This course is focused on the practical side of penetration testing and ethical hacking, but you will also see each attack's theory side. In this course, you will have a chance to keep yourself up-to-date and equip yourself with a range of Ethical Hacking skills.

4.6/5 average rating: ★ ★ ★ ★

  • Access 328 lectures & 26 hours of content 24/7
  • Learn ethical hacking with penetration testing
  • Discover vulnerable applications
  • Exploit vulnerabilities to gain control over systems
  • Gather password hashes, crack passwords, take screenshots, log keystrokes & more
  • Use backdoors to persist on the victim machine
Oak Academy
4.3/5 Instructor Rating: ★ ★ ★ ★
OAK Academy is a group of tech experts who have been in the sector for years and years. Deeply rooted in the tech world, they know that the tech industry's biggest problem is the "tech skills gap" and their online course are their solution. They specialize in critical areas like cybersecurity, coding, IT, game development, app monetization, and mobile. Thanks to their practical alignment, they are able to constantly translate industry insights into the most in-demand and up-to-date courses.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Welcome to Ethical Hacking and White Hat Hackers World
    • Do You Have Any Idea About "Penetration Testing"? - 2:13
    • Let's Learn Penetration Test Types - 0:28
    • Security Audits - 4:41
    • Vulnerability Scan - 2:45
    • Basic Terminologies - 3:08
    • Penetration Test Approaches - 2:44
    • Planning a Penetration Test - 4:23
    • Penetration Test Phases - 7:00
    • Legal Issues & Testing Standards - 4:18
  • Setting Up Lab Environment
    • Installing VirtualBox - 4:21
    • Installing Metasploitable 2 - 4:32
    • Installing Metasploitable 3 Packer - 5:47
    • Installing Metasploitable 3 Vagrant and Plugins - 4:14
    • "Installing Metasploitable 3 VM Creation with Vagrant" - 6:21
    • Lab Connectivity and Taking Snapshots - 2:05
  • Basic Networking
    • Content - 1:07
    • What is “Protocol” - 5:36
    • Reference Models - 0:24
    • OSI Reference Model - 13:43
    • OSI vs TCP/IP - 2:32
    • Demonstration using Wireshark - 7:59
    • Standards & Protocols - 3:50
    • Ethernet: Principles, Frame & Headers - 4:06
    • ARP ( Address Resolution Protocol ) : Mechanism, ARP Tables, ARP Packets - 6:10
    • ARP Hand-On Practices - 3:14
    • VLANs – Virtual Local Area Networks - 4:03
    • WLANs – Wireless Local Area Networks - 7:01
    • Introduction to Network Layer - 1:37
    • Internet Protocol - IP - 2:49
    • IPv4 Adressing System - 1:56
    • IPv4 Packet Header - 2:56
    • IPv4 Subnetting: Classful Networks - 2:35
    • IPv4 Subnetting: Subnet Mask - 2:59
    • IPv4 Subnetting: Understanding - 3:09
    • IPv4 Shortage - 1:41
    • Private Networks - 3:59
    • Private Networks - Demonstration - 3:01
    • NAT – Network Address Translation - 4:30
    • IPv6, Packet Header & Addressing - 8:30
    • DHCP - How the Mechanism Works - 9:23
    • ICMP – Internet Control Message Protocol - 2:02
    • Traceroute - 9:50
    • Introduction to Transport Layer - 2:40
    • TCP – Transmission Control Protocol - 6:59
    • TCP Header - 2:27
    • UDP – User Datagram Protocol - 3:56
    • Introduction to Application Layer - 0:55
    • DNS – Domain Name System - 5:56
    • HTTP ( Hyper Text Transfer Protocol ) - 3:09
    • HTTPS - 1:56
  • Reconnaissance
    • Introduction - 5:24
    • Using Search Engines & Google Hacking to Gather Information - 3:36
    • Search Engine Tools: SiteDigger and SearchDiggity - 3:59
    • Shodan - 2:49
    • Gathering Information About the People - 2:52
    • Web Archives - 1:53
    • FOCA Fingerprinting Organisations with Collected Archives - 7:41
    • The Harvester & Recon-NG - 3:22
    • Maltego - Visual Link Analysis Tool - 4:38
  • Network Scan & Network Attacks
    • Passive Scan - ARP Tables - 6:20
    • Passive Scan - Wireshark - 6:36
    • Wireshark: Following Stream - 2:40
    • Wireshark: Summarise Network - 6:19
    • Active Scan - 8:30
    • MitM: Listening to the traffic - 1:45
    • Sniffing - 1:03
    • TCPDump - 5:23
    • Router, Switch, Hub - 4:44
    • How to Expand Sniffing Space? - 5:13
    • MAC Flood: Switching - 3:55
    • MAC Flood: Using Macof Tool - 7:09
    • MacFlood - Countermeasures - 1:13
    • ARP Spoof - 3:40
    • ARP Cache Poisoning using Ettercap - 10:35
    • DHCP Starvation & DHCP Spoofing - 3:36
    • DHCP Mechanism - 6:15
    • DHCP Starvation - Scenario - 3:59
    • DHCP Starvation Demonstration with Yersinia - 8:33
    • VLAN Hopping - 2:04
    • VLAN Hopping: Switch Spoofing - 1:39
    • VLAN Hopping: Double Tagging - 3:17
  • Nmap
    • What is Nmap? - 3:44
    • What is Subnet? - 4:15
    • Interpretation of Nmap Results - 2:04
    • Scanning Specific IPs or Specific Targets With Nmap - 1:57
    • Nmap IP List Creation - 4:07
    • Nmap Random Scan and Exclude Ips - 4:17
    • Print the Nmap Results to the File - 6:23
    • What is Port? Nmap Port Scan - 3:34
    • Scanning Top 20, Top 100 Ports With Nmap - 4:43
    • Scanning Specific Ports With Nmap - 6:00
    • Nmap Syn Scanning - 3:20
    • Nmap TCP Scan - 2:46
    • Namp UDP Scan - 4:12
    • Nmap ACK Scan - 1:53
    • Nmap Fin-Xmas-Null Scan - 3:26
    • Nmap Fast Scan - 1:12
    • Nmap Open Ports Scan - 1:23
    • Nmap No PORT Scan - 2:15
    • Nmap PING and noPING Scan - 3:19
    • Nmap Verbose Command - 2:14
    • Nmap With Service and Version Detection - 3:52
    • Nmap Operating System Detection - 2:30
    • Nmap Timing Templates - 3:36
    • Bypass of IPS & IDS Systems With Nmap - 10:57
    • Nmap Script Engine (NSE) - 10:59
    • Nmap Script Engine Example - 1 - 2:53
    • Nmap Script Engine Example - 2 - 0:58
    • Writing an NSE Script - 9:52
  • Vulnerability Scan
    • Introduction to Vulnerability Scan - 9:19
    • Introduction to Nessus - 1:57
    • Downloading Nessus - 1:46
    • Installing Nessus - 3:44
    • Creating Policy - 5:39
    • Scanning - 7:06
    • Reporting - 2:20
    • Lab Exercise - 2 - 2:47
    • An Aggressive Scan with Nessus: Start - 4:23
    • An Aggressive Scan with Nessus: Results - 7:17
    • An Aggressive Scan with Nessus: Results with Windows Targets - 2:45
  • Exploitation
    • Exploitation Terminologies - 6:13
    • Exploit Databases - 1:56
    • Manual Exploitation - 5:39
    • Exploitation Frameworks - 3:36
    • Evolution of Metasploit - 4:18
    • Metasploit Filesystem and Libraries - 4:31
    • The Architecture of MSF - 1:43
    • Auxiliary Modules - 4:36
    • Payload Modules - 6:00
    • Exploit Modules - 3:33
    • Encoder Modules - 2:35
    • Post Modules - 3:24
    • Metasploit Editions - 4:02
    • Metasploit Community - 3:08
    • Metasploit Interfaces - 4:50
    • Armitage - 3:16
    • MSFconsole - 4:53
    • MSFConsole Basic Commands 1 - 6:44
    • MSFConsole Basic Commands 2 - 7:59
    • MSFConsole Basic Commands 3 - 3:32
    • Using Databases in MSF 1 - 5:42
    • Using Databases in MSF 2 - 3:14
    • More on Exploits in MSF - 3:14
    • What is Enumeration? - 2:03
    • Nmap Integration and Port Scanning - 6:17
    • SMB and Samba Enumeration - 5:40
    • MySQL Enumeration - 3:40
    • FTP Enumeration - 4:15
    • SSH Enumeration - 2:30
    • HTTP Enumeration - 6:02
    • SNMP Enumeration - 3:43
    • MTP Enumeration - 3:49
    • Using Shodan with MSF - 4:58
  • Post-Exploitation
    • Metasploit as Exploitation Tool - 1:52
    • Distributed Ruby Remote Code Execution (drbremotecodeexec)
    • PHP CGI Argument Injection (phpcgiarg_injection) - 3:08
    • MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption - 3:55
    • Java JMX Server Insecure Configuration Java Code Execution (javajmxserver) - 3:03
    • Elastic Search Dynamic Script Arbitrary Java Execution (scriptmvelrce) - 3:11
    • Sun/Oracle GlassFish Server Authenticated Code Execution (glassfish_deployer) - 5:38
    • Jenkins-CI Script-Console Java Execution (jenkinsscriptconsole) - 5:42
    • WinRM Script Exec Remote Code Execution (winrmscriptexec) - 4:00
    • HTTP Writable Path PUT/DELETE File Access (http_put) - 5:00
    • Exploiting Poorly Configured MySQL Service - 3:08
    • Axis2 / SAP Business Objects Authenticated Code Execution via SOAP - 4:44
    • Using Allports Payload - 6:17
    • Using Resource Files - 6:39
    • Post-Exploitation Meterpreter - 2:18
    • Meterpreter - 3:00
    • Basic Meterpreter Commands 1 - 6:10
    • Basic Meterpreter Commands 2 - 3:33
    • Basic Meterpreter Commands 3 - 4:46
    • Post-Exploitation - 3:28
    • What is “Persistence” - 1:28
    • Meterpreter’s Persistence module - 8:55
    • Removing the Backdoor - 5:00
    • Running Meterpreter’s Persistence Module on Windows 8 - 2:56
    • Next Generation Persistence: Step 1 - 4:40
    • Next Generation Persistence: Step 2 - 4:32
    • Meterpreter for Post - Exploitation - 1:37
    • Meterpreter Core Commands - 1:45
    • Meterpreter Core Extension - Session Command - 2:31
    • Meterpreter Core Extension - Migrate Command - 3:34
    • Meterpreter Core Extension - Channel Command - 2:43
    • Meterpreter Stdapi Extension - 1:05
    • Meterpreter Stdapi Extension - File System Commands - 5:19
    • Meterpreter Stdapi Extension - System Commands - 4:13
    • Meterpreter Stdapi Extension - User Interface & Webcam Commands - 4:08
    • Meterpreter Incognito Extension - 3:26
    • Meterpreter Mimikatz Extension - 3:53
    • Metasploit Post-Exploitation Modules - 2:01
    • Gathering Modules - 1:21
    • Managing Modules - 6:51
    • Enabling Remote Desktop - 5:22
    • Searching for Critical Information - 5:48
    • Packet Sniffing - 6:22
    • Pivoting - 10:02
    • Port Forwarding - 7:45
    • Meterpreter Scripts - 4:25
    • Meterpreter Python / Powershell Extension - 8:06
    • Maintaining Access - 1:58
    • Interacting with the Registry - 6:37
    • Keylogging - 7:04
    • Antivirus Evasion and Cleaning - 2:46
    • MSFvenom - 7:06
    • MSFVenom - 4:12
    • MSFVenom Using Encoders Using Custom Executable Template - 5:31
    • Using Custom Payload Generators - 8:33
    • Cleaning Events and Security Management Logs - 3:35
    • Deceiving File System Using Timestomp - 6:06
  • Creating Malicious Files
    • Creating Malware and Terminologies - 3:36
    • MSFvenom Part 1 - 14:08
    • MSFvenom Part 2 - 2:25
    • Veil Installation - 2:36
    • Veil in Action - 5:12
    • TheFatRat Installation - 4:19
    • TheFatRat in Action - 11:07
    • TheFatRat: Overcoming a Problem - 0:46
    • Embedding Malware in PDF - 4:04
    • Embedding Malware in WORD - 9:21
    • Embedding Malware in Firefox Add-on - 7:02
    • Empire Installation - 4:07
    • Empire in Action Part 1 - 8:12
    • Empire in Action Part 2 - 4:23
    • Exploiting Java Vulnerabilities - 2:24
    • Social Engineering Toolkit - 6:33
    • Sending Fake Emails - Phishing - 1:11
    • Vishing - Voice Phishing - 3:03
  • Password Cracking
    • Pass the Hash: Hack Even There is No Vulnerability - 4:00
    • Pass the Hash: Preparation - 3:50
    • Pass the Hash: Gathering Some Hashes - 2:15
    • Pass the Hash: Try Other Assets - 10:25
    • Collecting Sensitive Data in Post-Exploitation Phase - 6:52
    • Collecting Sensitive Data - Some Real World Examples - 1:40
    • Introduction to Password Cracking - 3:06
    • Password Hashes of Windows Systems - 3:30
    • Password Hashes of Linux Systems - 2:33
    • Classification of Password Cracking - 2:12
    • Password Cracking Tools - 0:08
    • Hydra to Crack a Web App's Password - 10:01
    • Introduction to Cain and Abel - 1:01
    • Cain for Offline Cracking - Step 1: Importing Hash Files - 2:39
    • Cain for Offline Cracking - Step 2: Gathering Hash Dumps - 4:40
    • Cain for Offline Cracking - Step 3: Importing Hash Dumps into Cain - 4:31
    • Cain for Offline Cracking - Step 4: A Dictionary Attack - 4:19
    • Cain for Offline Cracking - Step 5: A Brute Force Attack - 3:32
    • John the Ripper - 7:28
  • Web Hacking
    • Current Issues of Web Security - 8:52
    • Principles of Testing - 5:28
    • Types of Security Testing - 9:43
    • Guidelines for Application Security - 5:57
    • Laws and Ethic - 2:52
    • Requirements and Overview of Lab - 3:54
    • Installing VMware Workstation Player - 7:32
    • Installing Vulnerable Virtual Machine: BeeBox - 8:03
    • Connectivity and Snapshots - 7:17
    • Modern Technology Stack - 3:05
    • Client-Server Architecture - 3:54
    • Running a Web Application - 2:17
    • Core Technologies: Web Browsers - 9:47
    • Core Technologies: URL - 3:05
    • Core Technologies: HTML - 4:37
    • Core Technologies: CSS - 2:18
    • Core Technologies: DOM - 4:07
    • Core Technologies: JavaScript - 3:26
    • Core Technologies: HTTP - 16:43
    • Core Technologies: HTTPS and Digital Certificates - 6:33
    • Core Technologies: Session State and Cookies - 3:34
    • Video_271 - 2:33
    • Video_272 - 7:53
    • Video_273 - 9:37
    • Video_274 - 3:11
    • Video_275 - 3:31
    • Video_276 - 4:19
    • Video_277 - 6:07
    • Detect Applications on The Same Service - 1:09
    • Ports and Services on The Web Server - 8:44
    • Review Technology/Architecture Information - 4:36
    • Extracting Directory Structure: Crawling - 8:16
    • Minimum Information Principle - 2:55
    • Using Search Engines: Google Hacking - 6:10
    • Definition - 2:37
    • Creating a Password List: Crunch - 7:31
    • Differece Between HTTP and HTTPS Traffic: Wireshark - 3:43
    • Attacking Insecure Login Mechanisms - 9:12
    • Attacking Insecure Logout Mechanisms - 4:50
    • Attacking Improper Password Recovery Mechanisms - 5:50
    • Attacking Insecure CAPTCHA Implementations - 8:39
    • Path Traversal: Directory - 6:43
    • Path Traversal: File - 5:41
    • Introduction to File Inclusion Vulnerabilities - 6:23
    • Local File Inclusion Vulnerabilities - 6:11
    • Remote File Inclusion Vulnerabilities - 5:51
    • Http Only Cookies - 7:15
    • Secure Cookies - 3:48
    • Session ID Related Issues - 1:57
    • Session Fixation - 5:37
    • Introduction Cross-Site Request Forgery - 7:08
    • Stealing and Bypassing AntiCSRF Tokens - 7:59
    • Definition - 3:02
    • Reflected Cross-Site Scripting Attacks - 9:42
    • Reflected Cross-Site Scripting over JSON - 6:24
    • Stored Cross-Site Scripting Attacks - 9:56
    • DOM Based Cross-Site Scripting Attacks - 10:04
    • Inband SQL Injection over a Search Form - 14:24
    • Inband SQL Injection over a Select Form - 8:22
    • Error-Based SQL Injection over a Login Form
    • SQL Injection over Insert Statement - 7:07
    • Boolean Based Blind SQL Injection - 6:53
    • Time Based Blind SQL Injection - 5:34
    • Detecting and Exploiting SQL Injection with SQLmap - 11:30
    • Detecting and Exploiting Error Based SQL Injection with SQLmap - 5:10
    • Detecting and Exploiting Boolean and Time Based Blind SQL Injection with SQLmap - 8:02
    • Command Injection Introduction - 5:35
    • Automate Command Injection Attacks: Commix - 5:43
    • XML/XPATH Injection - 14:07
    • SMTP Mail Header Injection - 6:51
    • PHP Code Injection - 6:00
    • Heartbleed Attack - 6:29
    • Attacking HTML5 Insecure Local Storage - 4:58
    • Druppal SQL Injection: Drupageddon (CVE-2014-3704) - 7:49
    • SQLite Manager: File Inclusion (CVE-2007-1232) - 4:52
    • SQLite Manager: PHP Remote Code Injection - 2:55
    • SQLite Manager: XSS (CVE-2012-5105) - 6:44
    • Bypassing Cross Origin Resource Sharing - 9:04
    • XML External Entity Attack - 8:02
    • Attacking Unrestricted File Upload Mechanisms - 7:05
    • Server-Side Request Forgery - 6:35

View Full Curriculum


Access
Lifetime
Content
3.0 hours
Lessons
44

Website Hacking in Practice: Hands-On Course 101

Understand Today's Top Hacking Threats & How to Combat Them

By IT Security Academy | in Online Courses

There's much to learn about ethical hacking, and you'll inevitably need to get some hands-on experience before you throw your hat into the cybersecurity ring. Guiding you through 21 hacking techniques and how they can be used in real-life scenarios, this course takes a practical approach to teach you the ethical hacking essentials. You'll walk through preparing a training environment to work in and get to flexing your cybersecurity muscles with all the essential source code and examples provided.

4.4/5 average rating: ★ ★ ★ ★

  • Access 44 lectures & 3 hours of content 24/7
  • Receive a step-by-step education on website & web application ethical hacking and security
  • Explore the 10 Most Critical Web Application Attacks presented yearly by OWASP (Open Web Application Security Project)
  • Learn how to hack using 21 techniques & see how each of them can be used in a practical, real-life example
  • Familiarize yourself with cross-site scripting, SQL injections, phishing & other attacks
"I found it very valuable considering that I deal with PHP code, and it helped me to understand why some of the new implementations of the PHP language work as far as better security of code and how it could have been broken in the past" – Chris Selby
IT Security Academy
4.1/5 Instructor Rating: ★ ★ ★ ★

IT Security Academy is a company that associates IT Security Professionals. Now it's proud to share its knowledge online. Certified experts (MCSE:MS, CISSP, CEH) have created courses from Beginner to Advanced level. Its goal is to provide the highest quality materials you’ve ever seen online and prepare you not only for passing certification exams, but teach you practical skills.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic IT knowledge

Course Outline

  • Introduction
    • Table of Contents
    • Legal information
  • Environment setup and training system configuration
    • Module 01. Introduction - Download ZIP package with source codes and examples
    • Module 01. Introduction and environment configuration - Video Training - 22:36
  • Basic techniques
    • Module 02. Deep data hiding
    • Module 02. Deep data hiding - Video Training - 5:00
    • Module 03. Brute-force and dictionary attacks
    • Module 03. Brute-force and dictionary attacks - Video Training - 14:23
    • Module 04. Account lockout attack
    • Module 04. Account lockout attack - Video Training - 9:05
  • Lets get deeper - data leaks
    • Module 05. Web parameter tampering
    • Module 05. Web parameter tampering - Video Training - 3:38
    • Module 06. Path and information disclosure
    • Module 06. Path and information disclosure - Video Training - 10:51
    • Module 07. Forced browsing
    • Module 07. Forced browsing - Video Training - 4:38
    • Module 08. Path traversal
    • Module 08. Path traversal - Video Training - 7:19
    • Module 09. Unicode encoding
    • Module 10. Parameter delimiter
    • Module 10. Parameter delimiter - Video Training - 7:59
  • Incjection attacks
    • Module 11. PHP injection
    • Module 11. PHP injection - Video Training - 9:21
    • Module 12. Direct static code injection
    • Module 12. Direct static code injection - Video Training - 8:23
    • Module 13. SQL injection
    • Module 13. SQL injection - Video Training - 18:39
  • XSS related attacks
    • Module 14. XSS - Cross Site Scripting attack
    • Module 14. XSS - Cross Site Scripting attack - Video Training - 10:44
    • Module 14B. XST - Cross Site Tracing attack
    • Module 14B. XST - Cross Site Tracing attack - Video Training - 5:30
    • Module 15. XSRF - Cross Site Request Forgery attack
    • Module 15. XSRF - Cross Site Request Forgery attack - Video Training - 7:49
  • More advanced techniques
    • Module 16. Spying on data with a browser
    • Module 16. Spying on data with a browser - Video Training - 7:27
    • Module 17. Session hijacking
    • Module 17. Session hijacking - Video Training - 6:07
    • Module 18. Session fixation
    • Module 18. Session fixation - Video Training - 4:42
  • Phishing
    • Module 19. Phishing
    • Module 19. Phishing - Video Training - 7:18
  • Security testing in practice
    • Module 20. Automated security testing
    • Module 20. Automated security testing - Video Training - 10:57
  • Summary
    • Summary and references

View Full Curriculum


Access
Lifetime
Content
1.0 hours
Lessons
58

Hacking Wireless Networks: Theory & Practice

Explore the Essentials of Hacking Networks with this Example-Driven Course

By IT Security Academy | in Online Courses

We're living in the middle of a digital arms race. As cybersecurity pros develop better encryption methods, hackers fight back with more sophisticated attacks, making now the best time to jump into this ever-evolving field. This course covers all the important techniques related to WiFi hacking employed by hackers, system administrators, and pen-testers. In addition to netting more than 50 lectures on WiFi hacking, you'll also get access to the Training Operating System, loaded with all the source code and tools needed to develop your hacking skills.

  • Access 58 lectures & 1 hour of content 24/7
  • Download the course handbook as a PDF (180 pages)
  • Explore 25 different wireless network hacking techniques & experiments
  • Access all of the required source code & tools via the included Training Operating System environment
  • Learn how to prepare your training environment so you can safely conduct hacking experiments
  • Get an introduction to wireless networks & security
  • Familiarize yourself with WEP/WPA attacks
IT Security Academy
4.1/5 Instructor Rating: ★ ★ ★ ★

IT Security Academy is a company that associates IT Security Professionals. Now it's proud to share its knowledge online. Certified experts (MCSE:MS, CISSP, CEH) have created courses from Beginner to Advanced level. Its goal is to provide the highest quality materials you’ve ever seen online and prepare you not only for passing certification exams, but teach you practical skills.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Download your Training Operating System v2.0 CE
    • Download the TOS v2.0 CE (CUDA Extension) ISO image
  • Download the whole course Handbook
    • Download the course Handbook in PDF
  • Course overview
    • Table of contents
    • Legal information
  • Introduction to wireless networks
    • Introduction
    • Wireless transmission standards
    • 802.11 wireless network types
    • Encryption and authentication standards
    • Wireless network cards in Linux - overview
    • Wireless network interface cards in Linux - 1:45
  • Wireless security (half) measures: An overview
    • MAC address filtering
    • Changing the MAC address of the wireless network card - 4:24
    • Disabling ESSID broadcast
    • Finding a hidden access point with disabled ESSID broadcast - 4:13
    • Limiting wireless coverage
  • Wireless network attacks independent of used encryption
    • Introduction
    • DoS: RF jamming
    • DoS: CSMA/CA jamming
    • The use of deauthentication attack for jamming network traffic - 4:02
    • DoS: Deauthentication attack
    • Wireless MITM
  • WEP attacks
    • Section outline
    • WEP encryption
    • Chopchop
    • The overview and demonstration of the chop-chop attack - 3:15
    • Keystream reuse
    • Generating packets without knowing the network key - 3:40
    • Interactive packet replay and ARP request replay - 4:52
    • The demonstration of the PTW and KoreK attacks - 2:43
    • Caffe Latte Attack
    • Creating a fake access point – the Caffe Latte attack - 2:07
  • WPA attacks
    • Introduction
    • WPA
    • The dictionary attack on WPA - 2:46
    • WPA2
    • Rainbow tables
    • The dictionary attack on WPA – using hash tables - 2:10
    • Cowpatty attack
    • DoS: Taking advantage of the MIC failure holdoff time
  • CUDA-powered attacks
    • What is CUDA?
    • CUDA – the initial preparation of the environment - 1:29
    • The installation of CUDA-SDK and CUDA-Toolkit - 2:39
    • The compilation and installation of the tools with CUDA support - 5:34
    • The optimization of the parameters of an nVidia video card - 3:56
    • CUDA – preparation for the attack - 2:23
    • CUDA – the attack on WPA - 8:17
    • Generating your own dictionary - 2:13
    • Applications for cracking MD4 and MD5 hashes with the use of CUDA technology - 4:28
    • Wardriving experiment
  • Advanced attacks against WPA
    • WKA TKIP attack
    • WPA TKIP broken
    • Beck-Tews attack enhanced
    • Michael Reset attack
    • Summary
  • Course summary and references
    • Summary
    • References
  • BONUS section
    • Hacking in Practice MEGA Course - WiFi security module 1 - 27:34
    • Hacking in Practice MEGA Course - WiFi security module 2 - 18:35

View Full Curriculum


Access
Lifetime
Content
20.0 hours
Lessons
237

Hacking in Practice: Certified Ethical Hacking Mega Course

Explore Today's Cyber Threats & Shut Them Down with 20+ Hours of Practical Training

By IT Security Academy | in Online Courses

With a few lines of code, cybercriminals can access protected networks, view encrypted files, and even steal identities online—if there's not an ethical hacker standing in their way. This extensive course contains over 20 hours of practical training designed to help you thwart these criminals as a certified professional. You'll start with an introduction to cyber threats and IT security myths. Then you'll move on to security policies, risk management, disaster recovery, and even get a free voucher for the ISA CISS examination when you complete the course, setting you up to validate your skills right away.

4.5/5 average rating: ★ ★ ★ ★

  • Access 237 lectures & 20 hours of content 24/7
  • Follow step-by-step instructions for advanced hacking techniques
  • Familiarize yourself with current cyber threats & hacking trends
  • Explore designing more secure networks
  • Dive into encrypted data, identify spoofing, & windows authorization
IT Security Academy
4.1/5 Instructor Rating: ★ ★ ★ ★

IT Security Academy is a company that associates IT Security Professionals. Now it's proud to share its knowledge online. Certified experts (MCSE:MS, CISSP, CEH) have created courses from Beginner to Advanced level. Its goal is to provide the highest quality materials you’ve ever seen online and prepare you not only for passing certification exams, but teach you practical skills.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Introduction to cyber threats
    • Introduction to Current Cyber Threats - 4:46
    • IT Prehistory - 4:41
    • Let’s look a few years back - 4:42
    • Cyber crimes – an evolution not revolution - 4:25
    • Current Cyber Threats – notes for the examination
  • IT security popular myths
    • Popular myths about IT security – origins - 5:33
    • Myths #1 – you’ll never be hacked - 5:55
    • Myths #2 – you don’t need any protection software or hardware - 5:11
    • Myths #3 – IT security is always a priority - 1:13
    • Popular Myths About Computer System Security – notes for the examination
  • IT security trends
    • Trends in IT Security - 3:44
    • The birth of technology society - 3:16
    • EXERCISE: How much info can you gather? - 3:59
    • Fake identity - 5:03
    • Online privacy - 6:14
    • Analyzing sniffing software - 3:33
    • Cyber War - 8:23
    • Changing IT Security Trends – notes for the examination
  • Data security
    • Objective #1 – Data security – Introduction - 6:58
    • Confidentiality of data - 5:33
    • EXERCISE: Finding confidential data with search engines - 6:05
    • Integrity of data - 7:04
    • Data security – notes for the examination
  • Security policies
    • Security policies – introduction - 1:56
    • What is security? - 3:53
    • Information security - 4:13
    • Information security – level up - 4:04
    • Security issues - 4:50
    • Why are security solutions fallible? - 5:42
    • Security policy issues - 4:50
    • Introduction to threat modelling and classification - 5:14
    • Threat modelling – STRIDE - 4:06
    • STRIDE: Spoofing identity - 5:03
    • STRIDE: Tampering with data - 4:28
    • STRIDE: Denial of Service - 3:51
    • Threat Modelling and Classification – notes for the examination
  • Risk management
    • Introduction to Risk Management - 1:27
    • Attack Methods - 6:42
    • Local attacks - 2:56
    • Target scanning and enumeration techniques #1 - 5:52
    • Target scanning and enumeration techniques #2 - 3:30
    • Passive scanning - 5:36
    • Attack Methodologies – notes for the examination
    • Introduction to risk assessment - 6:20
    • DREAD: Risk assessment model - 4:50
    • DREAD: Exploitability - 5:24
    • EXERCISE: Risk Assessment - 7:17
    • Risk Assessment – notes for the examination
    • Introduction to Social Engineering and rogue software - 4:19
    • Manipulation tactics - 9:01
    • EXERCISE: Social Engineering attacks - 6:44
    • SE with KALI / BackTrack - 7:06
    • Rogue Software - 2:28
    • Fraud tools #1 - 7:10
    • Fraud tools #2 - 6:32
    • Social Engineering and Rogue Software – notes for the examination
  • Defence in depth
    • Introduction to Defence in depth - 1:32
    • How to use Defence in depth model? - 5:45
    • DiD: OS and LAN layers - 6:39
    • DiD: Perimeter and Physical Access Layers - 6:06
    • DiD: Demonstration - 2:48
    • Automated attack targeting a service - 5:23
    • Automated user-targeting attack - 4:31
    • The Defence in Depth Model – notes for the examination
    • Introduction to Immutable laws of security – Law #1 - 4:35
    • Law #2 - 2:56
    • Law #3 - 2:23
    • Law #4 - 1:52
    • Law #5 - 3:28
    • Law #6 - 2:07
    • Law #7 - 1:11
    • Law #8 - 1:43
    • Law #9 - 3:57
    • Law #10 - 0:48
    • Laws for administrators - 5:59
    • Immutable Laws of Security – notes for the examination
  • Disaster recovery
    • Introduction to Disaster Recovery - 1:33
    • How to reduce losses? - 5:24
    • Ensuring continous availability - 4:08
    • Threat discovery #1 - 4:28
    • Threat discovery #2 - 3:40
    • Audit users and keep control accounts - 5:18
    • High risk users - 3:23
    • Collecting and analysing evidence - 7:13
    • Forensics example - 3:52
    • CONFICKER: CASE STUDY - 7:11
    • How to reduce losses – notes for the examination
  • Computer network security - network protocols
    • Network security – introduction - 5:44
    • OSI MODEL #1 – Physical layer - 5:45
    • OSI MODEL #2 – Data link layer - 4:46
    • Threats: MAC spoofing - 5:54
    • Threats: ARP Poisoning - 6:38
    • EXERCISE: Data Link Layer Attack - 7:32
    • OSI MODEL #3 – Network layer - 6:58
    • TCP Tunnelling over ICMP - 7:39
    • Network Protocols – notes for the examination
  • Transport protocols
    • OSI MODEL #4 – Transport Layer - 6:04
    • Threats: Enumerating Remote Computers - 3:40
    • EXERCISE: Transport Layer Attack using METASPLOIT – part 1 - 5:27
    • EXERCISE: Transport Layer Attack using METASPLOIT – part 2 - 5:13
    • OSI MODEL #5 – Session Layer - 3:33
    • Transport Protocols – notes for the examination
  • Application protocols
    • OSI MODEL #6 – Presentation Layer - 6:52
    • OSI MODEL #7 – Application Layer - 3:48
    • EXERCISE: Application Layer Attacks - 6:03
    • KALI / Backtrack: Attack Demonstration - 3:34
    • Man-in-the-Middle and Denial of Service Attacks - 2:49
    • Modifying Transmitted Packets - 4:45
    • Unencrypted protocols - 2:58
    • Application Protocols – notes for the examination
  • Designing secure computer networks
    • Designing Computer Networks – introduction - 2:18
    • Subnetting IPv6 - 3:18
    • Subnetting IPv4 - 7:01
    • IPv6 address notation - 6:46
    • DMZ: DeMilitarized Zone - 6:28
    • Subnetting – notes for the examination
    • Protocols and services: IP SEC - 9:33
    • IP SEC: Phase 1 - 7:27
    • Network Address Translation - 12:18
    • Network access control: RADIUS - 10:04
    • Protocols and Services – notes for the examination
  • Network administration and monitoring
    • Introduction to Monitoring Transmitted Data - 1:07
    • Monitoring Transmitted Data – Basic information - 8:03
    • Intrusion detection systems - 7:43
    • Why are firewalls and NDIS not enough? - 5:41
    • Wireshark – Introduction to network analysis - 6:29
    • How to use Wireshark? - 8:27
    • Analyzing captured data - 5:43
    • How to analyze telnet protocol? - 8:09
    • Intrusion detection - 7:48
    • Scanning computers - 7:47
    • Monitoring transmitted data – notes for the examination
  • Wireless networks security
    • Wireless Networks - 1:16
    • WIFI security solutions – introduction - 5:44
    • WIFI – working principles - 5:48
    • Other wireless technologies - 2:56
    • Threats and risks - 4:38
    • Ineffective solutions - 4:11
    • Authentication methods - 8:31
    • 802.11 WEP - 7:06
    • 802.11 WPA - 6:24
    • Standards and Security Solutions – notes for the examination
    • Threats of WIFI networks - 5:58
    • Client Attacks: Launching a rogue access point - 7:03
    • Client Attacks: Evil twin - 4:51
    • Client Attacks: Denial of service - 9:17
    • EXERCISE: WPA attack - 3:24
    • Wi-Fi Security Threats – notes for the examination
  • Operating systems security
    • Operating systems security – introduction - 9:10
    • Security boundaries - 4:44
    • Three core - 7:15
    • EXERCISE: OS boundaries - 7:54
    • Process isolation - 6:30
    • Kernel Mode Code Signing - 6:24
    • Java Virtual Machine and code access security - 4:17
    • OS Security Boundaries – notes for the examination
    • Malware - 12:09
    • EXERCISE: Vulnerability attacks - 10:26
    • EXERCISE: Identifying suspicious processes - 6:54
    • Demonstration: Process Explorer - 9:13
    • EXERCISE: Removing malware - 8:38
    • Rootkits - 6:14
    • EXERCISE: Detecting rootkits - 11:07
    • EXERCISE: Security evaluation - 6:00
    • Malware – notes for the examination
  • Access control
    • Authentication and authorisation – Introduction - 1:57
    • Authentication - users - 6:56
    • How secure is your password? - 5:03
    • Authentication protocols and services - 8:25
    • LM Hash - 7:02
    • Cached Credentials - 4:29
    • KERBEROS - 11:30
    • Authentication – notes for the examination
    • Identity Theft - 9:13
    • EXERCISE: Offline attacks - 12:22
    • Using online cracking services - 8:41
    • Identity Theft – notes for the examination
  • Windows security
    • Windows Security – what you’ll learn - 1:17
    • User Account Control - 6:22
    • UAC configuration - 8:02
    • Additional Security Features – ASLR and DEP - 11:39
    • PatchGuard - 1:34
    • Techniques and Methods – notes for the examination
    • Encryption – key protection - 9:31
    • Drive encryption - 8:25
    • BitLocker - 7:57
    • BitLocker To Go Reader - 4:43
    • File and folder encryption – EFS - 7:30
    • EXERCISE: EFS - 5:36
    • Encryption – notes for the examination
  • Application security
    • Introduction to Application Security - 8:18
    • Attacks on applications - 10:18
    • SQL Injection - 8:10
    • EXERCISE: Analyze the application - 13:31
    • Blind SQL Injection - 9:33
    • Automated SQL Injection - 11:44
    • Cross-site scripting – XSS - 10:10
    • Program security assessment - 5:10
    • Unsafe applications - 10:11
    • Application Attacks – notes for the examination
    • Program Security Assessment – notes for the examination
  • Application security - Configuration and management
    • Here’s what you’ll learn in this module - 1:05
    • Software updates - 2:39
    • MS Update - 6:53
    • System Center Configuration Manager - 2:46
    • Managing applications - 8:26
    • Blocking applications - 7:35
    • Software restrictions policies - 5:57
    • EXERCISE: Application control rules - 12:11
    • Isolating applications - 6:30
    • How to protect users without interrupting their work – notes for the examination
  • Cryptography
    • Introduction to cryptography - 9:42
    • History of ciphers - 10:57
    • Symmetric and asymmetric ciphers - 6:13
    • Symmetric-key algorithms - 5:49
    • Block ciphers - 6:01
    • Data encryption standard - 6:51
    • DES-X - 7:35
    • Advanced encryption standards - 5:28
    • Block cipher modes - 7:16
    • Stream Ciphers – RC4 - 3:40
    • Asymmetric-key algorithms - 8:11
    • RSA - 5:33
    • ELGAMAL - 2:05
    • HASH functions - 5:56
    • Digital signature - 5:56
    • Hybrid Schemes - 6:24
    • Symmetric and Asymmetric Ciphers – notes for the examination
  • Public Key Infrastructure
    • Introduction to cryptology - 2:12
    • Public key infrastructure - 6:10
    • Implementing public key infrastructure - 5:39
    • What will PKI allow you? - 6:29
    • EXERCISE: Certificates - 8:37
    • Certificate life cycle - 6:24
    • Planning the PKI - 8:33
    • PKI Administration - 7:29
    • Public Key Infrastructure – Trust but verify – notes for the examination

View Full Curriculum


Access
Lifetime
Content
11.0 hours
Lessons
87

Hack People, Systems & Mobile Devices: Advanced Social Engineering

Learn Advanced Social Engineering Techniques to Crack Mobile Devices

By Gabriel Avramescu | in Online Courses

To completely understand computer security, it's vital to think outside the box. It's not just about firewalls, Intrusion Prevention Systems, or antivirus. It's also about tricking people into doing whatever a hacker wishes. A secure system, therefore, is also about informed people. This training is based on a practical approach to day-by-day situations contained in labs based on real environments. The aim is to help you learn ethical hacking techniques and methodology used in penetration systems to protect yourself and those around you better.

4.3/5 average rating: ★ ★ ★ ★

  • Access 87 lectures & 11 hours of content 24/7
  • Cover both theoretical & practical aspects of ethical hacking
  • Work in hands-on labs about hacking systems, networks, wireless, mobile, & websites
  • Understand what social engineering is & how users can be affected
  • Perform social engineering attacks using tools & techniques
"This course gives a good view of what can be done to trick users. It is not a theoretical course: labs show how it works." – Laurent Aufrechter
Gabriel Avramescu | Senior Information Security Consultant | IT Trainer
4.4/5 Instructor Rating: ★ ★ ★ ★
Gabriel Avramescu is a Senior Information Security Consultant and IT Trainer. He works on an Internet security team focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills
  • Basic web security & Linux knowledge

Course Outline

  • Introduction
    • About the intructor - 0:30
    • What to expect - 1:55
    • Techniques and Terms - 3:53
    • Join Our Online Classroom!
  • Introduction to Ethical Hacking. Footprinting and Reconnaissance
    • Introduction to Ethical Hacking. Footprinting and Reconnaissance - 24:55
    • Demo - Information Gathering using Google Dorks and DNS Queris - 4:17
    • Demo - Scanning and Enumeration - 8:58
    • Do it yourself - Information Gathering Exercise
  • Information Gathering
    • Information Gathering using websites - part 1 - 12:59
    • Information Gathering using websites - part 2 - 17:17
    • Introduction to Maltego - 4:58
    • Maltego Demo - 9:16
  • Scanning Networks, Enumeration and Discovering Vulnerabilities
    • Scanning and enumeration - 8:58
    • Vulnerabilities Identification - 8:28
    • Demo - Installing Nessus Scanner - 3:31
    • Demo - Use Nessus to Discover Vulnerabilities - 4:42
    • Demo - Using Nikto to discover Web Vulnerabilities - 4:42
    • Demo - Using Paros for Vulnerability Discovery - 4:48
    • Demo - Use Dirbuster to brute force sub-directories and filenames - 2:50
    • Do it yourself - Scanning and enumeration, Vulnerability Discovery Exercise
  • Social Engineering Toolkit (SET)
    • About Social Engineering Toolkit - 1:50
    • Use SET to get facebook credentials - 6:11
  • System Hacking and Vulnerability Exploitation
    • System hacking - vulnerability exploitation - 5:58
    • Passwords - 11:56
    • Authentication - 6:55
  • Metasploit
    • Metasploit Introduction - 17:08
    • Demo - Exploiting FTP Server Vulnerability using Metasploit - 11:48
    • Demo - Post Exploitation Example - 1:06
    • Demo - Exploiting NFS Vulnerability and exporting SSH Keys to the Victim PC - 10:07
    • Demo - Eploiting Samba Service on Linux using Metasploit - 3:09
    • Do it yourself - Vulnerability Exploitation using Metasploit Exercise
  • Social Engineering using Metasploit
    • Backdoor for Windows - 14:06
    • Android backdoor - 6:58
  • Trojans, Backdoors, Viruses and Worms
    • Trojans and Backdoors - 5:00
    • Computer viruses and worms - 9:14
  • Cryptography
    • Cryptography concepts - 4:56
    • Cryptographic Algorithms - 11:09
    • Cryptography and cryptanalysis tools. Cryptographic attacks - 3:02
    • Demo - Hack SSH passwords using Medusa - 5:14
    • Hack the SSH Password using Hydra - 5:05
    • Hack Linux Passwords using John the Ripper - 3:29
    • Do it yourself - Passwords Protection Exercise
  • Penetration Testing on Wireless Networks
    • Penetration Testing on Wireless Networks - 6:56
    • Do it yourself - WiFi Networks Security - practical approach
    • Case Study – Windows Hosted Network Bug or Feature - 10:42
  • Web Security
    • Core Problems - Why Web Security - 7:33
    • Web Technologies
    • Preparing the Lab Environment - 8:31
  • Sniffing. Attacking Authentication and Session Management - Session Hijacking
    • Sniffing - 15:00
    • Theoretical Overview of Attacking Authentication and Session Management
    • Session Hijacking trough Man In The Middle Attack - 11:05
    • Intercept and access traffic over HTTPS. Get Gmail and Facebook passwords. - 8:56
  • Attacking the users trough websites - XSS and Beef-XSS
    • XSS Basics - 8:27
    • Reflected XSS - 10:29
    • Stored XSS - 6:59
    • Beef-XSS Basics - 16:12
  • Access controls. Data stores and Client-side Controls
    • Access controls. Data stores and Client-side Controls
    • SQL injection - 9:09
    • Exploiting SQLi using Sqlmap and Getting Remote Shell - 10:07
    • Upload and Remote File Execution - 10:43
  • Other vulnerabilities - web and mobile
    • OWASP Top Ten Mobile Vulnerabilities - 13:22
    • Penetration Testing Cheat Sheet - 18:59
    • For Developers - Android Security Guidelines - 1:21
    • Further research - Automatic and Manual Scanning for Vulnerabilities - 18:16
  • Android Development Tools
    • Android Studio - 11:21
    • Android Debug Bridge - 6:23
  • Playing with Android Emulators - practice your social engineering
    • Android emulator or Android Device? - 6:57
    • Android Rooting - 5:43
    • Setting up a proxy in Android - 10:25
    • Installing CA Certificate - 5:41
    • Android Vulnerable Application Setup - 3:43
  • Android Application Review. Reverse Engineering and App Analysis
    • APK file Structure. AndroidManifest XML file - 7:01
    • Reversing to get Source code of the Application - decompiling with dex2jar - 10:53
    • Reversing and Re-compiling With APKTool - 10:55
    • Static vs Dynamic Analysis - 5:58
    • Static Analysis of Android Application using QARK - 13:05
    • Dynamic Analysis of Android Application using Inspeckage and Xsposed - 15:36
    • MobSF - Mobile-Security-Framework - 10:48
    • Automated Security Assessments with Drozer - 8:45
    • Intercept traffic using Wireshark - 5:22
    • Intent Sniffing - 5:23
    • Fuzzing using Burp - Password Brute-Force. Username enumeration - 11:58
  • Bypass Certificate Pinning
    • General Description - 4:10
    • Automatic Bypass of SSL Pinning - 8:51
    • Manual Bypass of SSL Pinning - 31:50
  • Final Words
    • Countermeasures for Social Engineering - 6:48
    • Final words - 0:16

View Full Curriculum


Access
Lifetime
Content
2.0 hours
Lessons
19

Learn Burp Suite for Advanced Web Penetration Testing

Perform Hands-On Security Testing to Master Burp Suite

By Gabriel Avramescu | in Online Courses

Burp Suite is a Java-based software platform of tools for performing security testing. In this hands-on course, you'll learn about different types of web attacks by targeting a test environment based on OWASP Web Goat, a deliberately vulnerable web app used to practice security techniques.

4.3/5 average rating: ★ ★ ★ ★

  • Access 19 lectures & 2 hours of content 24/7
  • Learn the most important features of the Burp Suite
  • Use hands-on exercises to gain practical experience
  • Perform efficient manual web penetration testing
  • Discover how to use Burp to automate certain attacks
"Very good explanation on Burp Suite and the different vulnerabilities that can be exploited using the Burp Suite. Liked the bonus sections on Metasploit, which helps in giving a short and concise introduction to the tool." – Vinod Vijayan
Gabriel Avramescu | Senior Information Security Consultant | IT Trainer
4.4/5 Instructor Rating: ★ ★ ★ ★
Gabriel Avramescu is a Senior Information Security Consultant and IT Trainer. He works on an Internet security team focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Understand how HTTP comunication works
  • Basic knowledge of Web vulnearabilities
  • Basic knowledge of Linux and computer usage

Course Outline

  • Introduction and Setup
    • About Myself - 0:47
    • What is Burp. Course Expectations - 1:55
    • Download Respurces and Setup Environment - 4:35
    • Alternative Setup - Download Burp. Free vs Paid - 1:26
    • Environment Setup. Import Burp Certificate - 10:19
  • Burp Modules and Usage
    • General Concept - 4:23
    • Target Module - 10:21
    • Proxy Module - Part 1 - 11:48
    • Proxy Module - Part 2 - 10:06
    • Spider Module - 6:34
    • Repeater Module - 9:17
    • Sequencer and Scanner Modules - 12:10
    • Decoder Module - 9:09
    • Intruder and Comparer Modules - 14:20
    • BApp Store - 13:26
  • Final Words
    • Burp Proxy Help - Further Documentation - 1:47
    • Burp Alternatives - 1:47
    • Final Words - 0:14
    • Join Our Online Classroom!

View Full Curriculum


Access
Lifetime
Content
5.0 hours
Lessons
40

Learn Server Security with BitNinja

Enjoy Real-Time Protection, Automatic False Positive Handling & Threat Analysis

By Gabriel Avramescu | in Online Courses

Even if you are a penetration tester, security consultant, Linux administrator, or developer, you should also have to know how to fix your security, how to protect actively and reactively your Linux servers. To have an all in one product easily manageable would know the attacks and prevent them from being successful. This course is all about this. It is about protecting your server. You will witness different attacks, and you will see a product like this in action. This product is called BitNinja, and it is all-in-one security for Linux Servers. So you can see the attacks, but also you will see how to protect against them.

4.8/5 average rating: ★ ★ ★ ★

  • Access 40 lectures & 5 hours of content 24/7
  • Scan a website on WordPress & exploit its vulnerabilities
  • Learn about proactive protection mechanisms such as IP Reputation, Port Honeypots, Web Honeypots, DoS Detection, & WAF Modules
  • Understand reactive protection mechanisms such as Malware Detection, Outbound WAF, & see BitNinja-CLI capabilities
  • Learn about troubleshooting & how to find a trouble maker IP
"Clearly presented without grey terminology - everything explained at the lower, non-speciallist level" – Teofil B.
Gabriel Avramescu | Senior Information Security Consultant | IT Trainer
4.4/5 Instructor Rating: ★ ★ ★ ★
Gabriel Avramescu is a Senior Information Security Consultant and IT Trainer. He works on an Internet security team focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic Linux knowledge
  • Basic networking knowledge
  • Basic HTTP knowledge

Course Outline

  • Introduction
    • Promo Video - 2:00
    • About me - 0:54
    • Let's meet - 5:30
    • Lab Setup - 1:46
    • Lab Setup - Login Information and Download Links
    • Join Our Online Classroom!
  • Overview of a Wordpress attack
    • Commands to be used in the next section
    • Scanning for wordpress vulnerabilities - 10:26
    • Exploiting a remote code execution vulnerability - 9:18
    • Uploading a backdoor - 7:36
    • Sending spam - 17:20
  • Basics
    • Registration and Installation - Useful Information
    • Registration and installation - 8:51
    • IP Reputations. IP lists - User vs Global lists. Greylisting, Blacklists, Whitelist - 16:57
    • HTTP CAPTCHA - 8:35
    • SMTP CAPTHCA - 4:27
    • Commands used in SSLTerminating Lecture
    • SslTerminating Module - 32:12
    • SslTerminating Module - Adding Certs Manually - 5:00
  • Proactive protection mechanisms
    • Commands to be used in this section
    • Port Honeypots - 7:57
    • Web Honeypots - 10:11
    • DoS Detection and Protection - 10:53
    • Log Analysis - 3:17
    • WAF - Web Application Firewall - 20:33
    • Demo - Log Analysis and WAF - 8:29
  • Reactive protection mechanisms
    • Malware Detection - 6:57
    • Outbound WAF - 2:04
    • Demo - Malware Detection and Outbound WAF - 11:33
    • Blacklist/Whitelist and Country level blacklist/whitelist - 11:35
    • bitninja-cli - 7:42
  • The "How To" Section
    • How to find the source of an infection - 9:41
    • How to find the source of spamming - 16:38
    • How to find the source of outbound attacks - 10:56
    • Security daily routine - 4:58
    • Attack trend analysis - 4:55
  • Troubleshooting
    • CDN integrations - 4:23
    • Finding a trouble-maker IP - 9:34
    • Further Reading
    • Web Security Core Issues - 7:33

View Full Curriculum


Access
Lifetime
Content
11.0 hours
Lessons
89

All-in-One Hacking Guide: From Zero to Hero

Master Ethical Hacking Techniques & Methodologies Used in Penetration Systems

By Gabriel Avramescu | in Online Courses

To completely understand computer security, it's vital to step outside the fence and to think outside the box. Computer security is not just about firewalls, Intrusion Prevention Systems, or anti-viruses. It's also about tricking people into doing whatever a hacker wishes, for their benefit. A secure system, network, or infrastructure is also about informed people. That's what this course is all about. It will help you learn to master ethical hacking techniques and methodologies that are used in penetration systems. This course covers theoretical and practical aspects and contains hands-on labs about hacking systems, networks, wireless, mobile, and websites.

  • Access 89 lectures & 11 hours of content 24/7
  • Understand Ethical Hacking, Footprinting, & Reconnaissance
  • Scan networks & enumerate and discover vulnerabilities
  • Learn about system hacking & vulnerability exploitation
This course is intended for ethical hackers and those who want to protect against these kinds of attacks. Those are only theoretical examples in a lab environment. Hacking is illegal without explicit permission.
Gabriel Avramescu | Senior Information Security Consultant | IT Trainer
4.4/5 Instructor Rating: ★ ★ ★ ★
Gabriel Avramescu is a Senior Information Security Consultant and IT Trainer. He works on an Internet security team focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Introduction
    • About the intructor - 0:30
    • What to expect - 1:55
    • Techniques and Terms - 3:53
    • Join Our Online Classroom!
  • Introduction to Ethical Hacking. Footprinting and Reconnaissance
    • Introduction to Ethical Hacking. Footprinting and Reconnaissance - 24:55
    • Demo - Information Gathering using Google Dorks and DNS Queris - 4:17
    • Demo - Scanning and Enumeration - 8:58
    • Do it yourself - Information Gathering Exercise
  • Information Gathering
    • Information Gathering using websites - part 1 - 12:59
    • Information Gathering using websites - part 2 - 17:17
    • Introduction to Maltego - 4:58
    • Maltego Demo - 9:16
  • Scanning Networks, Enumeration and Discovering Vulnerabilities
    • Scanning and enumeration - 8:58
    • Vulnerabilities Identification - 8:28
    • Demo - Installing Nessus Scanner - 3:31
    • Demo - Use Nessus to Discover Vulnerabilities - 4:42
    • Demo - Using Nikto to discover Web Vulnerabilities - 4:50
    • Demo - Using Paros for Vulnerability Discovery - 4:48
    • Demo - Use Dirbuster to brute force sub-directories and filenames - 2:50
    • Do it yourself - Scanning and enumeration, Vulnerability Discovery Exercise
  • Social Engineering Toolkit (SET)
    • About Social Engineering Toolkit - 1:50
    • Use SET to get facebook credentials - 6:11
  • System Hacking and Vulnerability Exploitation
    • System hacking - vulnerability exploitation - 5:58
    • Passwords - 11:56
    • Authentication - 6:55
  • Metasploit
    • Metasploit Introduction - 17:08
    • Demo - Exploiting FTP Server Vulnerability using Metasploit - 11:48
    • Demo - Post Exploitation Example - 1:06
    • Demo - Exploiting NFS Vulnerability and exporting SSH Keys to the Victim PC - 10:07
    • Demo - Eploiting Samba Service on Linux using Metasploit - 3:09
    • Do it yourself - Vulnerability Exploitation using Metasploit Exercise
  • Social Engineering using Metasploit
    • Backdoor for Windows - 14:06
    • Android backdoor - 6:58
  • Trojans, Backdoors, Viruses and Worms
    • Trojans and Backdoors - 5:00
    • Computer viruses and worms - 9:14
  • Cryptography
    • Cryptography concepts - 4:56
    • Cryptographic Algorithms - 11:09
    • Cryptography and cryptanalysis tools. Cryptographic attacks - 3:02
    • Demo - Hack SSH passwords using Medusa - 5:14
    • Hack the SSH Password using Hydra - 5:05
    • Hack Linux Passwords using John the Ripper - 3:29
    • Do it yourself - Passwords Protection Exercise
  • Penetration Testing on Wireless Networks
    • Penetration Testing on Wireless Networks - 6:56
    • Do it yourself - WiFi Networks Security - practical approach
    • Case Study – Windows Hosted Network Bug or Feature - 10:42
  • Web Security
    • Core Problems - Why Web Security - 7:33
    • Web Technologies
    • Preparing the Lab Environment - 8:31
  • Sniffing. Attacking Authentication and Session Management - Session Hijacking
    • Sniffing - 15:00
    • Theoretical Overview of Attacking Authentication and Session Management
    • Session Hijacking trough Man In The Middle Attack - 11:05
    • Intercept and access traffic over HTTPS. Get Gmail and Facebook passwords. - 8:56
  • Attacking the users trough websites - XSS and Beef-XSS
    • XSS Basics - 8:27
    • Reflected XSS - 10:29
    • Stored XSS - 6:59
    • Beef-XSS Basics - 16:12
  • Access controls. Data stores and Client-side Controls
    • Access controls. Data stores and Client-side Controls
    • SQL injection - 9:09
    • Exploiting SQLi using Sqlmap and Getting Remote Shell - 10:07
    • Upload and Remote File Execution - 10:43
  • Other vulnerabilities - web and mobile
    • OWASP Top Ten Mobile Vulnerabilities - 13:22
    • Penetration Testing Cheat Sheet - 18:59
    • For Developers - Android Security Guidelines - 1:21
    • Further research - Automatic and Manual Scanning for Vulnerabilities - 18:16
  • Android Development Tools
    • Android Studio - 11:21
    • Android Debug Bridge - 6:23
    • AVD Manager is missing? ADB Connection and Monitor in Android Studio 3.5 and newer
  • Playing with Android Emulators - practice your social engineering
    • Android emulator or Android Device? - 6:57
    • Android Rooting - 5:43
    • Setting up a proxy in Android - 10:25
    • Installing CA Certificate - 5:41
    • Android Vulnerable Application Setup - 3:43
    • Virtual Machine Download
  • Android Application Review. Reverse Engineering and App Analysis
    • APK file Structure. AndroidManifest XML file - 7:01
    • Reversing to get Source code of the Application - decompiling with dex2jar - 10:53
    • Reversing and Re-compiling With APKTool - 10:55
    • Static vs Dynamic Analysis - 5:58
    • Static Analysis of Android Application using QARK - 13:05
    • Dynamic Analysis of Android Application using Inspeckage and Xsposed - 15:36
    • MobSF - Mobile-Security-Framework - 10:48
    • Automated Security Assessments with Drozer - 8:45
    • Intercept traffic using Wireshark - 5:22
    • Intent Sniffing - 5:23
    • Fuzzing using Burp - Password Brute-Force. Username enumeration - 11:58
  • Bypass Certificate Pinning
    • General Description - 4:10
    • Automatic Bypass of SSL Pinning - 8:51
    • Manual Bypass of SSL Pinning - 31:50
  • Final Words
    • Countermeasures for Social Engineering - 6:48
    • Final words - 0:16

View Full Curriculum


Access
Lifetime
Content
6.0 hours
Lessons
23

PenTesting with OWASP ZAP: Mastery Course

Must-Have Tool Mastery for Hackers, PenTesters, Developers, Coders & Experienced Security Professionals

By Atul Tiwari | in Online Courses

The ZAP is a fine-grained tool that every penetration tester, hacker, the developer must have in their arsenal and hence required a solid understanding and training to perform security testing from its core. This course enables you to test web applications, automated testing, manual testing, fuzzing web applications, perform bug hunting, and complete web assessment using ZAP.

3.8/5 average rating: ★ ★ &starf ★; ★

  • Access 23 lectures & 6 hours of content 24/7
  • Uncover hidden bugs & vulnerabilities
  • Know the hidden power of ZAP to assess web applications
  • Use SQLmap, Nmap, Nikto & all tools in kali Linux with and in ZAP UI simultaneously
"An amazing course on how to use OWASP ZAP. It saved me a lot of time, which I would have spent on random YouTube videos otherwise." – Iniyavel S.
Atul Tiwari | Ethical Hacker | Security Evangelist | Penetration Tester
4.2/5 Instructor Rating: ★ ★ ★ ★
Atul Tiwari has more than 7 years of working experience in the information security field. He has trained more than 3,000 students in information security and penetration testing. With his expertise in web application penetration testing, Atul has performed penetration tests, security audits, and security analysis for private enterprises, governments, and security agencies to assist with cyber threats.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Understanding of web applications

Course Outline

  • Intro About the ZAP
    • Things to know about OWASP ZAP - 23:34
    • ZAP course guide
  • Configuration of ZAP
    • Installing ZAP on multi platform - 18:44
    • Six elements of the ZAP - Desktop UI - 12:15
    • ZAP marketplace and add-ons - 9:10
    • Configuration of ZAP - 31:46
    • Scan policy manager - config - 24:49
    • ZAP attack modes - 15:46
  • Attacking the applications with ZAP
    • Automated attack under 5 minutes - 17:56
    • Spidering the target - 24:12
    • Fuzzing targets in action - 23:30
    • Active scanning attacks - 22:11
    • Break points and Requestor - 15:21
    • Setting breakpoints on GET request OWASP ZAP - 8:47
    • Authentication & session management in ZAP - 25:23
    • Forced browsing DIRs and Files using ZAP - 12:22
    • ZAP Scripting attacks & Recording Zest Script, Python, JavaScript - 24:13
    • Invoking applications into ZAP - 16:38
    • Invoking Burp suite into ZAP - Best strategy - 9:24
    • HUD mode - Heads-up display - 17:27
    • ZAP API testing - 15:14
    • Other useful tools add-ons inside zap - 29:02
    • Generating Reports in multiple format - 6:55

View Full Curriculum


Access
Lifetime
Content
8.0 hours
Lessons
32

Mastering Burp Suite Community Edition: Bug Hunters Perspective

Learn Burp Suite Community Edition to Use It Effectively as an Ethical Hacker, Web Security Tester, or Bug Bounty Hunter

By Atul Tiwari | in Online Courses

Bug bounty hunting is on the hype nowadays. Most security researchers are hunting for bugs and earning bounties in day to day life. It becomes crucial to know the right set of rules and know the right methodologies to hunt bugs. In most cases, researchers use the Burp suite community edition that gives fine-grained tools and strategies to assist in hunting and finding bugs on the target platforms. This course is perfectly focused on how Burp suites can be used effectively to enhance the hunter's ability to find more bugs.

4.4/5 average rating: ★ ★ ★ ★

  • Access 32 lectures & 8 hours of content 24/7
  • Walk through the Burp suite basics
  • Intercept proxy & site map configurations
  • Hunt & find bugs on target platforms
  • Enhance your hunter's ability to find more bugs
"Good course, well-presented and learned a lot of new tricks." – Kenneth Nevers
Atul Tiwari | Ethical Hacker | Security Evangelist | Penetration Tester
4.2/5 Instructor Rating: ★ ★ ★ ★
Atul Tiwari has more than 7 years of working experience in the information security field. He has trained more than 3,000 students in information security and penetration testing. With his expertise in web application penetration testing, Atul has performed penetration tests, security audits, and security analysis for private enterprises, governments, and security agencies to assist with cyber threats.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • HTML web applications understanding

Course Outline

  • Module 1
    • Labenvironmentsandburpinstallations - 13:30
    • Burpsuiteversionsandacademy - 6:57
    • BurpCAcertificateforSSLTLS - 8:56
    • Burpsuitewalkthough-Basics - 15:41
    • Interceptingproxyandsitemap_configs - 26:47
    • Interceptingmobiledevice_traffics - 12:15
    • Invisibleproxyingfornon-proxyaware_client - 11:38
    • Authenticationbypassandinformationdisclosure_LABs - 17:58
  • Module 2
    • BurpDashboardandlivetask - 16:20
    • BurpUserOptionsProjectOptionscustomisations - 21:51
    • Repeatermoduletestings - 19:06
    • BurpintruderConfigurations - 15:21
    • BurpIntruderattacktypes-_Attacks - 19:50
    • Usernamesgenerator - 9:30
    • Payloadprocessingand_bruteforcer - 9:07
    • Grep-Match_Grep-extractwithclustorbomb - 26:20
    • SomeBestpayloadstypeusedandhiddenformfields - 13:30
    • Unrestrictedfileupload-exetension_type - 5:30
    • Unrestrictedfileupload-content_type - 6:29
  • Module 3
    • MatchandReplacestrategyfor_automation - 15:47
    • UsingHotKeysforburpsuite - 15:08
    • BurpmacrosandsessionhandlingwithAnti-CSRF_token - 36:21
    • Burpsequenceranticsrftokenanalysis - 20:00
    • ComparingsitemapsforAccess_control - 15:45
    • InvokingBurpsuiteintoZAP-Best_strategy - 9:24
  • Module 4
    • ManualTestingmethods - 6:44
    • TurboIntruder-Knownfor_speed - 16:30
    • Bestusedextensionbyhunters - 15:58
    • Testingmethodlogiesinanutshell-XSS_attacks - 28:26
    • Burp_macros - 36:21
    • Resources for beginer Hunters - XSS Hunters - 15:49
    • Final Quiz MCQs

View Full Curriculum


Access
Lifetime
Content
4.0 hours
Lessons
21

Kali Linux Hacker Tools, Tricks & Techniques

A Beginner Course for Ethical Hackers Who Are New in Kali Linux

By Atul Tiwari | in Online Courses

Kali Linux for newcomers in the cybersecurity field is the most important course for you if you will make your career in cybersecurity. Because Kali Linux is the most advanced and foremost used platform for penetration testers, ethical hackers, security analysts, bug bounty hunters, security administrators, and so on. This course has been structured into several parts to ease understanding and follow the path to becoming an advanced user of Kali Linux. All of the best tools, tips, and techniques have been designed so that even new people to this domain can easily understand it.

New course!

  • Access 21 lectures & 4 hours of content 24/7
  • Learn basic information & internals of Kali Linux
  • Navigate Kali Linux internal tools & commands
  • Work with commands & shortcuts in hacker style
  • Find & locate hidden files and manage processes
  • Learn the best tools, tips & techniques
Atul Tiwari | Ethical Hacker | Security Evangelist | Penetration Tester
4.2/5 Instructor Rating: ★ ★ ★ ★
Atul Tiwari has more than 7 years of working experience in the information security field. He has trained more than 3,000 students in information security and penetration testing. With his expertise in web application penetration testing, Atul has performed penetration tests, security audits, and security analysis for private enterprises, governments, and security agencies to assist with cyber threats.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Be able to understand hackers terminologies
  • Ethical hacking understanding

Course Outline

  • Kali 101
    • Kali linux setup and virtual box settings - 17:00
    • Kali first boot - 2:34
    • Kali linux walkthrough in detail - 14:59
    • Kali grant root privilege - root access to kali - 6:02
    • Kali terminal command basics - 11:55
    • Kali terminal shortcuts - hacker's style - 19:11
    • Kali UnderCover Mode - 3:42
  • Kali files directories and permissions
    • Workspace and panel customizations - 8:33
    • Creating Directories and files - 11:51
    • Finding and locating files and directories - 11:41
    • More Commands and Man page - 13:48
    • Linux file permissions and hidden files - 14:18
    • Linux process manage and kill - 18:22
  • Kali Advanced commanding
    • HTOP extended commands - 6:44
    • ATOP extended commands - 6:19
    • Searching lines head-and-tails-wc-history - 11:45
    • Persistent aliases and real world cases - 14:50
    • Command-line web downloader - 9:07
    • Bash shell scripting - 20:52
    • Boolean expressions AND OR operator - 9:37
    • Working with grep and cut to sort the results - 9:31

View Full Curriculum


Access
Lifetime
Content
6.0 hours
Lessons
151

Bug Bounty: Web Hacking

Get Paid to Legally Hack The World's Biggest Web Apps

By Amit Huddar | in Online Courses

Did you know you can make money identifying and fixing bugs on some of the biggest web apps on earth? Last year, Facebook paid $5 million to independent hackers while Google paid over $6 million as part of their bug bounty programs. And they're far from alone. In this course, you'll learn how to legally hack major companies like Facebook, Google, and PayPal and get paid to do it.

  • Access 151 lectures & 6 hours of content 24/7
  • Learn how to get paid for hacking & disclosing bugs to major companies
  • Get familiar with Burp Suite, browser plugins, & Kali Linux
  • Explore types of vulnerability such as SQL, XSS, CSRF injection, & more
  • Discover the methodology for performing bug bounty
Amit Huddar
Scientist | Engineer | Android Developer | Trainer | CEO

Amit Huddar is an Internet Entrepreneur and Software Engineer. He runs his own software company "Softdust," which develops products for new technologies like wearables and other gadgets. He opted for computer science engineering in 2013 at SSIT and started his software company in his first year of engineering.

His skills include Android app development, HTML, CSS, PHP, C, C++, JAVA, Linux, Building Custom Linux OS, Cloud Computing. Penetration testing, Kali Linux and Hacking.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Let's Get Started
    • Introduction - 1:14
    • Disclaimer - 0:38
    • Make Kali Linux Bootable - 3:50
    • Set up Kali Linux in Vmware - 2:25
    • Kali Linux Latest Version - 3:41
    • Setting up Metasploitable - 1:29
    • Github - 2:53
    • Free VPN to hide your location - 2:11
    • DVWA installation in windows - 4:30
  • Tools
    • Vega - 5:50
    • Setting up Atmosphere - 3:06
    • Nikto - 5:13
    • Sub Domain - 5:24
    • Recon ng - 9:14
    • knockpy - 3:04
    • Nmap - 5:59
    • NMAP Banner script - 2:17
    • NMAP http-enum script - 2:03
    • NMAP http-header - 1:45
    • Hacking Website Through Open Ports - 4:49
    • Open port Hackerone reports - 1:27
    • LFIsuite installation - 1:35
    • Exploitation of LFI - 2:01
    • Burp Suite - 4:35
    • Burpsuite Crawling - 2:13
    • Spider - 6:36
    • Scanner - 6:52
    • Intruder - 6:08
    • Authorization - 4:14
    • BWap - 5:22
    • wapplayzer - 4:38
    • Firebug - 2:55
    • Hack bar - 3:30
    • User agent Switcher - 2:27
    • Repeater - 3:44
    • Sequencer - 4:14
    • Analyzing Sequencer Data - 3:44
    • Decoder - 1:52
    • Comparer - 1:57
    • Save and Restore - 3:31
    • Sublist3r - 3:31
    • Hydra - Online password attacks - Kali Linux - 2:35
    • Bruteforce password vulnerability - 1:43
  • WordPress Hacking
    • WP Scan - 4:40
    • WP Scan Codex - 4:48
    • WP Scan Template Monster - 7:34
    • WP Scan theme - 3:21
    • WP Scan User - 1:04
    • CMS Map - 2:35
  • Cross-site Scripting(XSS)
    • XSS Demo - 2:54
    • Manual building xss vector 1 - 3:00
    • Manual building xss vector 2 - 2:34
    • Manual building xss vector 3 - 2:32
    • Exploitation of XSS Phishing Through XSS - 2:16
    • XSS Through Filter Bypassed XSS payloads on Lab - 3:21
    • XSS Lenovo Yahoo - 1:30
    • XSS Uber - 2:38
    • XSS Paypal - 1:38
    • XSS WhatsApp Facebook - 1:45
    • Counter Measures for XSS - 2:21
  • SQL Injection(SQLi)
    • SQL Drupal - 2:33
    • Facebook SQL Injection - 1:45
    • Scanning for SQL injection using nmap - 2:04
    • Counter Measures for SQL - 2:48
    • Template Injection - 1:39
    • Template Injection similar Reports - 0:59
    • Checking vulnerable website - 2:03
    • Manipulating Parameters - 1:53
  • Clickjacking
    • Clickjacking - 2:37
    • Clickjacking Report - 1:16
    • Clickjacking Injection Similar Report - 1:12
    • IFrame Demo - 0:48
  • Open Redirect Vulnerablility
    • Open Redirect Report - 2:20
    • Open Redirect Similar Report - 1:05
  • Cross-site Request Forgery(CSRF)
    • CSRF(change password) demo - 1:23
    • CSRF Injection - 1:58
    • CSRF Townwars - 0:56
    • CRF Badoo - 1:52
    • CRLF Injection Similar Report - 1:17
    • Shellshock - 1:08
    • SSRF - 1:26
    • SSRF Similar Report - 1:33
  • Full Path Disclosure
    • Full Path Disclosure - 2:01
    • Full Path Disclosure Report - 0:59
    • Full Path Disclosure Similar Report - 0:54
    • Insecure Cryptographic Storage - 1:51
    • Insecure Direct object References - 2:10
  • Broken Authentication and Session Management
    • Autorize - 4:32
    • Broken Auth - Insecure Login Forms Demo - 1:17
    • Broken authentication logout management - 1:21
    • Privilege - 1:46
    • Privilege Bookfresh - 1:26
    • Testing for Privilege Manipulation - 1:50
    • Session Mgmt - Administrative Portals - 0:41
    • Session Report - 2:51
    • Application logic report - 1:56
    • Application logic similar report - 1:20
  • HTML Injection
    • HTML Injection Detection - 2:56
    • HTML Injection Report - 2:34
    • HTML Injection similar Report - 1:05
    • HTML Injection Demo - 2:10
    • XML External entity - 1:38
    • XXE similar Reports - 1:09
  • Sub Domain take Over
    • Sub Domain Take Over - 3:21
    • Sub Domain Take over Report - 3:06
    • Remote file Insulation - 1:25
  • Remote code Execution
    • Remote Code Execution - 1:51
    • Remote Code Execution Similar Reports - 0:57
    • Cookies - 3:27
    • crt.sh - 1:25
    • Sensitive Data Exposure - 1:57
    • Buffer overflow - 3:33
    • Buffer overflow Similar Report - 1:22
    • IDOR - 1:35
    • IDOR Similar Report - 1:08
    • DNS misconfiguration - 2:14
    • DNS misconfiguration Similar Reports - 1:21
  • Denail of Service (DoS)
    • Denail of Service(DoS) - 2:33
    • DOS report - 1:45
    • Bruteforce - 3:12
    • DOS Similar report - 1:15
    • Finding Report using Google - 4:08
    • Searching similar Reports - 1:57
    • HTTP Parameter Pollution - 1:31
    • OSINT - 1:43
  • Miscellaneous
    • DVWA Security Setup - 1:34
    • Command Injection On Lab - 4:38
    • Detecting and Exploiting File Upload Vulnerabilities - 3:42
    • Using ZAP to Scan Target Website For Vulnerabilities - 2:46
    • Analysing Scan Result - 2:04
    • SPF Record Validation - 2:42
    • Code Disclosure on Lab - 4:12
    • where you can find vulnerabilities - 3:25
    • Information Disclosure - Robots File - 3:07
    • Unrestricted File Upload - 3:04
  • Methodology
    • Methodology - 5:01
    • 02 Analyze the Application - 1:42
    • 03 Test client-side Controls - 2:07
    • 04 Authentication Mechanism - 2:34
    • 05 Test Session - 3:32
    • 06 Test Access Control - 1:47
    • 07 Test for Input-based vulnerabilities - 2:47
    • 08 Test for function - 3:44
    • 09-Test for Logic Flaws - 2:03
    • 10-Test for Shared Hosting Vulnerabilities - 1:08
    • 11-Test for Application Server Vulnerabilities - 4:15
    • 12-Miscellaneous Checks - 3:02
    • 13-Follow Up Any Information Leakage - 2:01
    • Reporting Vulnerability 1 - 4:14
    • Reporting Vulnerability 2 - 3:28
  • Quiz
    • QUIZ

View Full Curriculum


Access
Lifetime
Content
4.0 hours
Lessons
122

Learn Network Attacks & Security

Explore Different Types of Network Attacks & Secure Yourself From Them

By Amit Huddar | in Online Courses

This hands-on course focuses on Network attacks' practical side without neglecting the theory behind each attack. For each attack, you will learn how that attack works and then practically launch the attack. This will give you a full understanding of the conditions which allow this attack to be successfully executed; this knowledge will help you to detect and sometimes prevent this attack from happening. By completing this course, you will be able to troubleshoot basic security issues.

  • Access 122 lectures & 4 hours of content 24/7
  • Understand what network security is
  • Know the different types of network attacks
  • Learn about password, URL & image sniffing
  • Crack Wi-Fi password using different tools
  • Perform de-authentication attacks on any Wi-Fi networks
Amit Huddar
Scientist | Engineer | Android Developer | Trainer | CEO

Amit Huddar is an Internet Entrepreneur and Software Engineer. He runs his own software company "Softdust," which develops products for new technologies like wearables and other gadgets. He opted for computer science engineering in 2013 at SSIT and started his software company in his first year of engineering.

His skills include Android app development, HTML, CSS, PHP, C, C++, JAVA, Linux, Building Custom Linux OS, Cloud Computing. Penetration testing, Kali Linux and Hacking.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Basics of Network Security
    • Introduction - 1:18
    • Disclaimer - 0:38
    • Make Kali Linux Bootable - 3:50
    • Set up Kali Linux in Vmware - 2:25
    • Kali Linux Latest Version - 3:41
    • Setting Up Metasploitable - 1:29
    • Nmaping - 1:43
    • Nmap Stealth Scanning - 1:23
    • Email Spoofing - 1:03
    • Spoof MAC Address - 2:24
    • Dashlane Installation - 1:23
    • Password management - 1:49
    • Wireshark Installation - 1:46
    • Introduction of tshark - 1:56
    • Two way Handshaking - 2:08
    • DNS tools - 4:26
    • DNS flooding - 1:26
    • Host command for querying dns lookups - Kali Linux - 2:43
    • Wireshark ARP and DNS - 2:44
    • SSLScan - 1:49
    • SSLyze - 2:15
    • Inspector - Secure Kali Linux - 1:49
    • Firewall Bypassing & Penetration Testing - 2:03
    • SMTP Enumeration - 2:09
    • Hakku Framework get any Website Details - 2:22
    • Trity tool- Website info and Query Info - 2:42
    • Quick Scan - Pentmenu - 1:06
    • show IP and Ping Sweep - pentmenu - 1:26
    • Discovering hosts with ARP ping scans - 2:03
    • Details of any Website -- Katana Framework - 1:33
  • DOS and DDOS Attacks
    • Synflood DOS attack - 2:37
    • Synflood DOS on Website - 3:32
    • udp Flooding DOS Attack - 2:08
    • UDP flood - Pentmenu Tool - 1:29
    • HTTP Flood SSL - 1:28
    • SSL DOS - Pentmenu tool - 1:23
    • ICMP flood attack - 1:57
    • Smurf Attack - 3:31
    • xerxes dos attack - 2:01
    • DOS Attack - Siege tool - 2:12
    • Pentmenu - DOS (Slowloris) - 2:36
    • Pentmenu - TCP SYN flood - 1:24
    • THC-SSL-DOS attack - 1:07
    • Stop Internet access of Victim - Kickthemout tool - 2:33
    • Kick all devices from LAN - kickthemout tool - 2:14
    • Kick Two More many Devices from LAN - Kickthenout tool(Demo) - 1:30
    • DOS attack by using ETTERCAP - 2:03
    • DoS Website using GoldenEye Tool - 2:30
    • DDOS any Website with Android Phone - 2:01
    • DOS Attack using Hakku Framework Tool - 3:17
    • DHCP Denial Of Service using Hakku Frameworks - 2:00
    • Network_kill - Hakku Framework - 1:46
    • TCP Attack - Hakku Framework - 1:27
    • TCP Attack on Website - Websploit - 1:59
    • Web D.O.S Attack in LAN - Katana Framework - 1:54
    • Slowhttptest - DOS Attack - 3:32
    • DDOS - HULK - 1:37
    • DOS Attack - Hammer tool - 2:24
    • Tors-hammer DDOS - 2:33
    • TORSHAMMER DOS in windows - 1:55
    • Inviteflood - 1:44
    • T50 Stress Testing Tool in Kali linux - 3:22
    • How To DoS Websites - Slowloris in windows - 1:50
    • How To DoS Websites - Slowloris using Kali Linux - 2:53
    • Slowhttptest Dos Attack Part2 - 4:30
    • UDP FLood DOS attack - Pentmenu - 1:29
    • Smurf Attack - 3:31
  • Sniffing and Spoofing, MITM
    • Kali Linux Sniffing and Spoofing - 2:46
    • SSLStrip -KAli Linux -Sniffing and Spoofing - 2:22
    • Jhon the Ripper Password Crack - 3:18
    • L0phtCrack 6 password Auditor - 2:01
    • password sniffing using wireshark - 1:21
    • Password Hacking By Chromepass and PasswordfoxNew Lecture - 1:33
    • Eavesdropping by Driftnet - 2:52
    • DNS Spoofing - 4:06
    • Phishing Attack - 2:10
    • SSLStrip MIM Attack - 3:23
    • How To Sniff Encrypted Data MITMf - 3:01
    • MITMf Replace All Images - 3:17
    • MITMf - Flip the victimes Images Upside Down - 2:24
    • MITMf - Spoof & Inject HTML File - 2:41
    • Man-In-The-Middle Attack (driftnet) using Hakku Framework tool - 3:01
    • DNS spoof using a Hakku Framework - 2:37
    • Sniff Victim links using a Hakku Framework - 2:11
    • HTTP Sniffer - Katana Framework - 2:55
    • MITM attack sniff URL's - Websploit - 2:51
    • MITM attack(sniff images) - Websploit - 2:26
    • Urlsnarf - 1:06
    • How To Sniff Everyone [LAN] - Ettercap - 3:02
    • How to hack any Android Phone with Kali Linux - 3:01
    • How to hack any pc browser using kali linux XEROSPLOIT - 2:18
    • Hack any Android Phone with Ezsploit tool - 4:43
    • Clone Website + Keylogger Morpheus - 2:30
    • Bettercap MITM sniffing Traffing - 2:18
    • Password sniffing - Ettercap - 1:49
    • Sniff Password Router -Ettercap - 1:18
    • Redirect browser traffic - to Google Sphere - 2:31
    • Sniff browser traffic (http) - Capture Pictures - 1:11
    • Wirespy - Wireless Hacking Toolkit - Kali Linux - 4:45
  • Wireless Attack
    • Airmon-ng and Airodump-ng - 2:42
    • crunch password generating tool - 2:56
    • Block Connection Between Victim and Router - Gerix tool - 2:51
    • WiFi jammer using Websploit - 2:45
    • Remove Device from Wi - Fi - 2:45
    • Perform a DoS Attack on WiFi network using (MDK3) - 1:48
    • Beacon flooding using mdk3 - 1:09
    • Disconnect all near network - NETATTACK 2 - 3:22
    • Disconnect Multiple Network - NETATTACK 2 - 1:28
    • Disconnect ONE Network - Netttack 2 - 1:10
    • Kick ALL users off your Network (except you) - 1:21
    • Kick MULTIPLE users off your Network - 1:20
    • WiFijammer - 1:42
    • wifi hacking using wifite tool - 3:09
    • Wi-Fi password crack using FLUXION - 2:54
    • WiFi Password hack using WiFi Phisher - 3:18
    • Hostapd-wpe Hacking Password - 2:46
    • Wifi hacking using reaver - 4:02
    • WPA2 Password Crack - Gerix WiFi Cracker - 3:43
    • Cracking WiFi WPAWPA2 passwords using Pyrit Cowpatty - 2:43
    • Cracking-WPA2-PSK-Passwords-with-Genmpk - 2:43
    • Cracking WPAWPA2 with Hashcat - 2:37
    • QUIZ

View Full Curriculum


Access
Lifetime
Content
4.0 hours
Lessons
110

Master in Hacking with Metasploit

Hack Almost All Operating System

By Amit Huddar | in Online Courses

After 9 successful courses on ethical hacking, Amit Huddar is back with the 10th course, "Master in Hacking with Metasploit," Metasploit is an exploitation framework, group of tools, and utilities put together to make exploit development and system administration. Basically, the attacker launches several payloads to the victim's computer, exploiting the vulnerabilities to exploit data. Metasploit is a powerful tool, and it has 458 payloads, 1604 exploits module, 913 auxiliary modules, 275 post-exploitation modules. In this course, all tricks and techniques are 100% working and tested.

  • Access 110 lectures & 4 hours of content 24/7
  • Exploit XP with SMB server
  • Hack Windows 7 using backdoor exe
  • Hack Apple Mac OS X
  • Hack all Windows XP, Vista, 7, 8, 8.1 & 10
  • Download documents, create remote users & take screen captures from exploited Linux and Windows servers.
  • Be capable to protect your system from metasploit exploits
Amit Huddar
Scientist | Engineer | Android Developer | Trainer | CEO

Amit Huddar is an Internet Entrepreneur and Software Engineer. He runs his own software company "Softdust," which develops products for new technologies like wearables and other gadgets. He opted for computer science engineering in 2013 at SSIT and started his software company in his first year of engineering.

His skills include Android app development, HTML, CSS, PHP, C, C++, JAVA, Linux, Building Custom Linux OS, Cloud Computing. Penetration testing, Kali Linux and Hacking.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Introduction
    • Introduction - 1:40
    • Disclaimer - 0:38
    • Make Kali Linux Bootable - 3:50
    • Kali Linux VMWare Setup - 2:25
    • Kali Linux Latest Version - 3:41
    • setting-up metasploitable - 1:35
    • Metaslpoit Basics command part 1 - 2:17
    • Metaslpoit Basics command part 2 - 3:57
    • Connect command - Metasploit - 2:10
    • Host command Metasploit - 2:07
    • Importing Nmap Results into Metasploit - 2:17
    • Installing and Configuring PostgreSQL in Kali Linux - 3:26
    • route Command - Metasploit - 2:22
    • Search targets in Metasploit - 2:31
    • Exploring and Auditing a Network Using Nmap 1 - 2:14
    • Exploring and Auditing a Network Using Nmap 2 - 2:56
    • Exploring and Auditing a Network Using Nmap 3 - 1:30
    • Create Your Own Profile in Zenmap - 1:33
    • Zenmap Scanning - 2:07
  • Auxiliary Module Metasploit
    • Simple Network Management Protocol Sweeping - Metasploit - 3:41
    • arp_sweep - Scanner Discovery Auxiliary Modules - Metasploit - 2:09
    • Autopwn - auxiliary Module - Metasploit - 4:20
    • PDF authbypass - Metasploit - 1:56
    • DoS attack module - Metasploit - 1:31
    • Password Sniffing - Metasploit - 2:08
    • Email harvesting with metasploit - 3:26
    • Finding Deleted Webpages - Metasploit - 2:22
    • Detecting SSH versions with the SSH version Scanner - Metasploit - 1:25
    • distcc_exec - Unintentional Backdoors - Metasploit - 1:50
    • endpoint_mapper - Scanner DCERPC Auxiliary Modules - Metasploit - 1:29
    • enum_wayback - HTTP Auxiliary Scanner - Metasploit - 1:57
    • FTP Brute Login Metasploit - 2:07
    • FTP server Anonymous - Metasploit - 1:40
    • FTP Version Scanning - Metasploit - 1:41
    • Imap Banner Grabber Auxiliary Model - Metasploit - 2:27
    • ipv6_neighbor - Scanner Discovery Auxiliary Modules - Metasploit - 2:54
    • Metasploit Providing a Fake DHCP Server Auxiliary Module - 1:43
    • nbname - Scanner NetBIOS Auxiliary Module - Metaspolit - 2:24
    • pop3 Login - Scanner POP3 Auxiliary Modules - Metasploit - 1:37
    • scanner auxiliary modules - Mysql Brute force Attack - Metasploi - 1:50
    • sipinvitespoof - Impersonation attack - Metasploit - 2:08
    • smb_version Auxiliary Module - Metasploit - 2:47
    • smtp_enum - Scanner SMTP Auxiliary Modules - Metasploit - 2:27
    • smtp_version - Scanner SMTP Auxiliary Modules - Metasploit - 1:56
    • SSH Bruite force login - Metasploit - 2:32
    • SSL certificate - Information Gathering - Metasploit - 1:23
    • Testing VNC server password for login - Metasploit - 2:45
    • TCP Idle Scan - Metasploit - 3:32
    • TCP Stream Showing a Bind Shell - Metasploit - 1:57
    • Tcp syn Port Scanning - Metasploit - 2:57
    • tcpdcerpcauditor - Metasploit - 1:55
    • telnet Brute force login - Metasploit - 3:21
    • udp_sweep Scanner Discovery Auxiliary Module - Metasploit - 1:49
    • VNC Authentication - Vulnerability Scanning - Metasploit - 2:46
    • vncnoneauth - Scanner VNC Auxiliary Modules - Metasploit - 1:51
    • Web Crawler - MetasploitWeb Crawler - 1:27
    • Windows Patch Enumeration - Metasploit - 1:53
    • wordpressloginenum - Auxiliary Module - Metasploit - 2:30
    • Wordpress_scanner - Auxiliary Module - Metasploit - 1:22
  • Backdoor Tools and Payloads
    • Msfvenom - Metasploit Framework - 4:46
    • Payload, Backdoor for hacking servers - Metasploit - 2:21
    • Persistent netcat Backdoor - meterpreter - 3:56
    • Remote Windows PC using PSploitGen - Metsploit - 3:47
  • Exploitation Moudule Metadsploit
    • Capture VNC Session of Remote PC using SetToolkit - Metasploit - 2:20
    • bypassuac - bypass Windows UAC - Metasploit - 2:39
    • Writing Meterpreter Scripts - Metasploit - 3:54
    • Client Side Exploitation - 4:24
    • Create SSL Certified Meterpreter Payload using MPM - Metasploit - 4:10
    • Exploiting XP Service Pack II - Metasploit - 3:47
    • Exploiting the Module Structure - Metasploit - 5:17
    • File format-based exploitation - Metasploit - 3:24
    • Get Shell Using Shellcode In Macro - Metasploit - 2:34
    • Hack Linux Using Python file Maintaining Access - Metasploit - 2:17
    • Hack Mac-mini using Python script - Metasploit - 3:39
    • Hack Remote Windows or Linux PC using MPC - Metasploit - 4:11
    • hack windows 7,8,8.1,10 using shikataganai encoder - Metasploit - 2:47
    • Hack windows 7.8 & 10 with HTA web server exploit
    • Hack Windows Using EFS Server Exploit - Metasploit - 2:56
    • Hack windows using New Media Center Exploit - Metasploit - 2:31
    • Microsoft Word RTF Stack BufferOverflow - Metasploit - 3:53
    • LNK Code Execution Vulnerability Metasploit Module - 3:54
    • Powersploit Web Delivery For Windows - Metasploit - 2:33
    • Run OS Command against Multiple Session - Metasploit - 2:07
    • Samba - Privilege Escalation - Metasploit - 2:39
    • Unrestricted file Uploading PHP payload - Metasploit - 4:30
    • VSFTP Exploit - 2:43
  • Post Exploitation Module
    • arp_scanner and checkvm - Metasploit Post Exploitation Modules - 2:05
    • Broadcast YouTube Video in Remote PC - Metasploit - 1:40
    • enumapplications and enumloggedonusers - Metasploit Post Exploitation Module - 1:18
    • How to use Keylogger in Meterpreter - Metasploit - 2:26
    • HTTP Remote Host Server Information Gathering - 1:45
    • killav.rb script to disable antivirus programs - 3:03
    • localexploitsuggester - Post Exploitation Modules - Metasploit - 2:03
    • Meterpreter architecture migration exploit - Metasploit - 1:52
    • metsvc exploitation - Meterpreter - 2:47
    • Portfwd - Metasploit - 4:30
    • RouteAdd - Post exploitation module - Metasploit - 2:42
    • Set New Password of Victim PC Remotely - Metasploit - 1:49
    • The getdesktop and keystroke sniffing - 4:08
    • usbhistory and enumshares - Metasploit Post Exploitation Modules - 1:24
    • Using the database to store the penetration testing results - Metasploit - 2:05
    • WLAN Information and Geolocation of Remote Windows - Metasploit - 1:46
  • Armitage Tool
    • Starting up Armitage - 2:22
    • Descovery Scan in Armitage - 1:25
    • Nmap port Scanning using Armitage - 2:06
  • Ruby is heart of Metasploit
    • Defining Methods in Ruby - 3:03
    • ruby introduction and first program with ruby - 2:39
  • Counter Measures
    • How to detect meterpreter session using Antimeter - 1:41
    • How Can I Protect My Android Device - 2:51
    • Starting the W4SP ARP MITM Attack - Metasploit - 1:50

View Full Curriculum


Access
Lifetime
Content
4.0 hours
Lessons
68

Introduction to Python & Hacking with Python

Create Your Own Hacking Scripts

By Amit Huddar | in Online Courses

This course has 2 advantages: first, you will be capable of learning python and also you will be able to create your own hacking tool using python, this is a complete basics course, you can enroll even if you know nothing about Python. Trying particular injection manually everywhere is very much difficult. You need one kind of software, but you get nowhere such software to do such injection the way you want it. By creating your python script, you can save a lot of your time. The instructor has included password hacking, web hacking, wireless hacking, and many more. The basics are explained in brief, and it's straightforward to follow; you will get to download all the scripts used in this course, and the instructor is available for support.

  • Access 68 lectures & 4 hours of content 24/7
  • Learn the basics of Python
  • Do network scanning, password hacking, encoding & decoding with Python
  • Sniif & spoof data
  • Try wireless hacking & penetration testing
Amit Huddar
Scientist | Engineer | Android Developer | Trainer | CEO

Amit Huddar is an Internet Entrepreneur and Software Engineer. He runs his own software company "Softdust," which develops products for new technologies like wearables and other gadgets. He opted for computer science engineering in 2013 at SSIT and started his software company in his first year of engineering.

His skills include Android app development, HTML, CSS, PHP, C, C++, JAVA, Linux, Building Custom Linux OS, Cloud Computing. Penetration testing, Kali Linux and Hacking.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Introduction
    • Introduction - 2:21
    • Disclaimer - 0:38
    • Installing Python For Windows - 1:53
    • Install PyCharm ( Python IDE ) on Windows 7 and onwards - 2:11
    • Make Kali Linux Bootable
    • Set up Kali Linux in Vmware - 2:33
    • Kali Linux Latest Version - 3:41
    • Installing Python on Kali Linux - 2:07
    • First Python Program - 2:05
    • How to embed Python code in C program - 6:45
    • Python program used in course
  • Basics of Python
    • Global and Local Variables - 2:59
    • Data Types and type conversion - 2:30
    • Identifiers - 2:17
    • Python Operators - 6:27
    • Date and Time - 2:34
    • Pandas Basics - 2:40
  • Tuple
    • Tuple - 2:25
    • Tuple Methods and Operations - 2:56
  • Dictionary
    • Python Directory and Files Management - 2:49
  • List
    • Lists - 5:28
  • Python Exceptions
    • Catching Specific Exceptions in Python Raising Exceptions and finally statements - 4:08
    • Exceptions and Catching Exceptions in Python - 3:44
    • Python Errors and Built-in Exceptions - 2:37
    • Python Custom Exceptions - 4:03
  • Inheritance
    • Multi Level Inheritance - 2:12
    • Python Multiple Inheritance - 3:07
  • Loops and Decision Making
    • Loop Control Statements - 5:21
    • Python Decision Making - 4:58
  • Class and Object
    • Python Class - 2:20
    • Creating an Object in Python - 2:43
  • Functions
    • Constructors in Python - 3:16
    • Method Overridding and Method Overloading - 5:25
  • Modules
    • Python Modules - 2:25
  • Python Information Gathering
    • FTP Banner Grabber python - 2:10
  • Network Scanning with python
    • Socket port scanning - 4:20
    • Nmap Integration - 4:47
  • Password Hacking with python
    • Generate Random Passwords - 3:38
    • Wifi Password Recovery - 4:11
    • Wordlist Generator - 1:48
    • Qr Code Generator Python Script - 3:45
    • Brute-force ZIP File Password cracker - 2:42
    • ftpbruteforce - 6:24
  • Encoding and Decoding with Python
    • Encoding and Decoding Base64 using python script - 4:06
    • Encryption of text using Transposition - 3:50
  • Python Web Hacking
    • Web Hacking Basic python - 3:24
    • Web HomePage Cloning - 3:06
    • Scrapy in python - 3:30
  • SQL Injection Using python
    • SQL injection basic - 6:07
    • SQL Injection Bypass - 5:32
    • SQL Injection Scanner - 4:43
  • Python DOS attack
    • Dos Attack Overview - 9:08
    • UDP Flooding script DOS Attack - 6:11
    • Socket DOS Attack - 3:14
  • Anonymous Python Hacking
    • Anonymouse Mail Sending By python - 10:00
    • FTP Anonymous - 1:58
  • Data Sniffing/Spoofing using python
    • Packet Sniffing in Windows and Linux Using Python - 7:18
    • Generate Random MAC Address for spoofing - 2:19
    • IP address Spoofing - 3:32
    • Extracting MAC address using Python - 2:24
    • TCP Client - 3:54
  • Wireless Hacking and Pentesting
    • Introduction to python-wifi 0.6.1 - 1:31
    • setup_monitormode - 2:47
    • Search Nearest WiFi AP using python your own script - 1:56
  • Python Exploitation
    • Python Creating backdoor using msfvenom - 3:11
    • Multi_handler Listener with metasploit - 2:24
  • Python Miscellaneous Hacking
    • Convert any python file to executable file - 3:00
    • How to Send an Email With Python - 4:08

View Full Curriculum


Access
Lifetime
Content
7.0 hours
Lessons
152

Ethical Hacker Certification Course

Hack Windows, Linux, Android, & All Kinds of Operating Systems!

By Amit Huddar | in Online Courses

In this course, you will learn from A to Z on ethical hacking; you can even write certification exams! This course is for beginners as it covers all sorts of topics such as web hacking, remote hacking (Metasploit), and wireless hacking. Most of the ethical hacking courses cost more than $500, but this course is cheaper to help out students like you! This course is more practical than theoretical. You'll learn ethical hacking by doing it yourself.

  • Access 152 lectures & 7 hours of content 24/7
  • Hack Windows, Linux, Android & all kinds of operating systems
  • Learn attacks such as XSS, SQL injection, DOS, & DDOS attack
  • Learn about wireless hacking
Amit Huddar
Scientist | Engineer | Android Developer | Trainer | CEO

Amit Huddar is an Internet Entrepreneur and Software Engineer. He runs his own software company "Softdust," which develops products for new technologies like wearables and other gadgets. He opted for computer science engineering in 2013 at SSIT and started his software company in his first year of engineering.

His skills include Android app development, HTML, CSS, PHP, C, C++, JAVA, Linux, Building Custom Linux OS, Cloud Computing. Penetration testing, Kali Linux and Hacking.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Introduction
    • Introduction - 1:15
    • Disclaimer - 0:38
    • Make Kali Linux Boot able - 3:50
    • Set up Kali Linux in Vmware - 2:25
    • Kali Linux Latest Version - 3:41
    • Setting up metasploitable - 1:29
    • Xamp installation - 1:43
    • Installation Wamp - 6:04
    • bWAPP installation - 5:22
    • Burp Suite Installation - 4:03
    • Burp Suite crawling - 2:13
    • Basic Linux Commands - 11:30
  • Information Gathering Tools
    • dnsenum Information Gathering Tool Kali Linux - 3:20
    • DNS tools - 4:26
    • netmask-Information-Gathering-Kali-Linux - 1:34
    • Netdiscover & ARP to Find Internal IP and MAC Addresses - 3:14
    • whois web information gathering tool - 2:15
    • knock Subdomain Scanner - Information Gathering Tool - Kali Linux - 1:50
    • Quiz
  • Enumeration
    • Enumeration Introduction
    • Enumeration Introduction - 1:15
    • Enumerating the System Using Hyena - 1:41
    • SuperScan Tool for Enumerating NetBIOS - 1:34
    • Enumerating a Network Using SoftPerfect Network Scanner - 1:15
  • Scanning Network
    • NMAP in kali - 5:49
    • Installing NMAP in windows - 1:57
    • Exploring and Auditing a Network Using Nmap1 - 2:14
    • Exploring and Auditing a Network Using Nmap2 - 2:56
    • Exploring and Auditing a Network Using Nmap3 - 1:30
    • Fingerprinting Open Ports Using the Amap - 1:38
    • Dnmap - 2:13
    • Angry IP Scanner Script - 2:00
    • Scanning System and Network Resources Using Advanced IP Scanner - 1:52
    • Monitoring TCPIP Connections Using the Currports Tool - 2:09
  • Metasploit
    • Metasploit Introduction - 3:04
    • Metasploit Basic Commands Part1 - 2:12
    • Metasploit basic commands Part2 - 3:52
    • Search targets in metasploit - 2:26
    • Windows hacking - 2:42
    • Hacking android - 2:17
    • Quiz
  • Social Engineering Attack
    • Gathering a Information about a Person - 4:22
    • Gather Email Info - Maltego tool - 3:10
    • Discovering Domain info Emails associated with Target - 1:53
    • Email Spoofing - 1:03
    • Mass Mailer Attack to Single Email - 3:31
    • Mass Mailer Attack to Multiple Emails - 3:18
    • SocialFish - The Ultimate Phishing Tool(Ngrok Integration) - 2:29
    • Detecting Phishing Page Using PhishTank - 1:34
    • Credential Harvest Attack Using Settoolkit - 2:28
    • Create a Payload and Listener -Social Engineering Toolkit - 7:07
    • Hack Remote PC using HTA attack in SET Toolkit - 2:36
    • MAC address Spoofing with MACChanger - 3:19
    • Quiz
  • Web Applicaton Hacking
    • Web Applicaton Haking Introduction - 4:36
    • Cross site Request Forgery Combined with curl - Web application Hacking - 4:14
    • DVWA Upload and Use cpp php Backdoor shell - 9:18
    • Striker - vulnerability scanner - 2:40
    • Webcruiser - Web Application Scanner - 4:09
    • XAttacker - Website vulenarbility Scanner - 2:44
  • XSS
    • XSS Introduction - 2:05
    • Cross Site Scripting(XSS) Introduction
    • Types of Cross-Site Scripting Attacks - 4:12
    • XSS Basics demonstration - 1:39
    • finding XSS websites - 1:42
    • Finding reflected XSS vulenarabilities - 1:51
    • XSS Stored Low - 3:48
    • XSS Stored Medium - 1:57
    • XSS Stored High - 1:24
    • Becon flooding using mdk3 - 3:52
    • Extracting SAM Hashes Using PWDump7 Tool - 2:54
    • Manipulating Parameters - 1:53
    • QUIZ
  • SQL Injection
    • SQL Injection Introduction
    • SQL Injection Introduction - 3:42
    • Havij - SQL Injection Exploitation - 6:09
    • Bypass Login page SQL Injection - 3:34
    • Boolean Blind SQL Injection Explotiting - 4:15
    • DVWA Security Setup - 1:34
    • Setting up DVWA1 - 3:45
    • Setting up DVWA2 - 5:33
    • Checking sql vulnerability - 2:03
    • Extracting data through Union Statement Theory - 4:40
    • Extracting data through Union Statement1 - 2:44
    • Extracting data through Union Statement2 - 2:10
    • Extracting data through Union Statement3 - 4:18
    • Extracting data through Union Statement4 - 2:50
    • Quiz
  • Footprinting
    • Any Who - 2:06
    • Spokeo online tool - 1:22
  • Web Server Hacking
    • HTTrack Web Site Copier Tool - 1:49
    • Footprinting a Webserver using IDServe - 3:00
    • Footprinting Webserver using Httprecon Tool - 3:17
    • Web Data Extractor - 2:05
  • DOS and DDOS
    • DOS Introduction
    • DOS Attack With LOIC - Mac pc - 2:39
    • How to detect DOS attack - 1:58
    • How to DOS Websites - Slowloris in windows - 2:03
    • How To Detect DDOS Attack - 2:08
    • How to DOS Websites - Slowloris using kali linux - 2:40
    • Performing a DOS Attck with Anonymous DoSer - 1:06
    • SlowHTTPtest DOS Attack Tool Kali Linux - 4:15
    • Quiz
  • Password Cracker
    • Hydra - Online Password Attacks - 3:39
    • Crunch Password Generating Tool - 2:56
    • John the ripper tool to crack passwords - 2:54
    • Quiz
  • Session Hijacking
    • DVWA BURP SUITE Session Hijacking - 2:44
    • Session hijacking arps - 1:39
    • Stealing cookies - 3:37
  • Sniffing(Man In the Middle Attack)
    • Sniffing Passwords Using ETTERCAP - 1:54
    • Sniffing Passwords Using Wireshark - 2:25
    • Spoofing MAC Address Using SMAC - 4:01
    • Sniffing a network using the WINARPAtacker Tool - 3:29
    • Wireshark installation - 2:44
    • Introduction Of Tshark - 1:56
    • Wireshark Overview - 2:22
    • IP Address smart scanning whois - 1:45
    • Sniffing the Network Using the Omnipeek Network Analyzer - 2:57
    • Quiz
  • Trojan Horse and Backdoor
    • Trojan Horse Introduction
    • Installing FatRat - 3:17
    • Generating backdoor for linux - FatRat - 4:04
    • Hack Android with FatRat - 5:06
  • Virus and Worms
    • Create a virus using JPS Virus Tool(Z) - 2:52
    • Virus Analysis Using IDA Pro - 2:54
    • Virus Analysis Using OllyDbg - 2:44
    • Virus Analysis Using Virus Total - 1:09
    • Quiz
  • Wireless Hacking
    • Airmon-ng and Airodump-ng - 2:47
    • Breaking a WPS PIN to Get the Password with Bully - 5:48
    • Hacking WPS wifi using reaver kali linux - 5:10
    • WiFi password hack using WiFi phisher - 3:18
    • WEP hacking - 6:38
  • Buffer Overflow
    • Buffer overflow introduction
    • Basic buffer overflow example - 1:55
    • Basic buffer overflow attack using C - 6:07
    • QUIZ
  • Cryptography
    • Cryptography Introduction
    • Basic Data Encripting Using Cryptool - 3:33
    • Data Encrypting Using Advanced Encryption Package - 3:28
    • Data Encrypting Using Hashcalc Tool - 4:15
    • Data Encrypting Using MD5 Calculator - 2:21
    • Quiz
  • Evading IDS, Firewalls and Honeypots
    • HTTP Tunneling Using HTTPort - 8:38
  • System Hacking
    • System Hacking Introduction
    • Hiding files using the Stealth Files Tool - 5:14
    • System Monitoring Using RemoteExec - 5:58
    • BeEF Overview and Basic Hook Method - 3:30
    • Haking Linux Using Fake Update -BeEF - 4:13
  • Last Section
    • Certificate - 3:38
    • EHC last video - 4:23

View Full Curriculum


Access
Lifetime
Content
2.0 hours
Lessons
45

Complete NMAP: Learn Ethical Hacking with NMAP

Become an Ethical Hacker & Cyber Security Expert with NMAP

By Oak Academy | in Online Courses

In this complete NMAP course, you will discover the secrets of ethical hacking and network discovery using NMAP. You’ll learn all the NMAP details, which is the most known and de facto network scanning tool. After downloading and installing NMAP by hands-on lessons, you will be able to use it as an IP port scanner, open port tester, and checking for devices' operating systems and other features.

4.7/5 average rating: ★ ★ ★ ★

  • Access 45 lectures & 2 hours of content 24/7
  • Learn ethical hacking with NMAP
  • Use NMAP
  • Learn NMAP basic & advanced techniques
  • Identify the operating system & running service versions of the target system
  • Learn options for bypassing firewall, IPS, & IDS systems
  • Scan without getting caught in IPS & IDS systems
"Excellent course on basics on NMAP with a practical guide how to deploy your own lab and scan networks within it" – Denys Bazarnyi
Oak Academy
4.3/5 Instructor Rating: ★ ★ ★ ★
OAK Academy is a group of tech experts who have been in the sector for years and years. Deeply rooted in the tech world, they know that the tech industry's biggest problem is the "tech skills gap" and their online course are their solution. They specialize in critical areas like cybersecurity, coding, IT, game development, app monetization, and mobile. Thanks to their practical alignment, they are able to constantly translate industry insights into the most in-demand and up-to-date courses.

Important Details

  • Length of time users can access this course: lifetime
  • Access options: desktop & mobile
  • Certificate of completion included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Updates included
  • Experience level required: beginner

Requirements

  • Basic computer skills

Course Outline

  • Complete NMAP: Learn Ethical Hacking with NMAP
    • 1 - What We Covered In Ethical Hacking with NMAP? - 2:31
  • Setting Up the Laboratory
    • 2 - Virtualbox Download and Install - 4:46
    • 3 - Kali ISO Download - 1:43
    • 4 - Kali ISO Install - 7:21
    • 5 - Kali VirtualBox Image Download and Install - 2:37
    • 6 - Metaspoiltable Download and Install - 3:43
    • 7 - Ubuntu Desktop Download and Install - 4:30
    • 8 - Windows7 Image Download and Install - 2:58
    • 9 - Nat Network Create and Settings - 3:14
    • 10 - Connection Test - 6:36
  • Nmap
    • 11 - What is Nmap? - 3:44
  • Nmap First Scan
    • 12 - Nmap First Scan - 4:47
  • Subnet
    • 13 - What is Subnet? - 4:15
  • Interpretation of Nmap Results
    • 14 - Interpretation of Nmap Results - 2:04
  • Scanning Specific IPs or Specific Targets With Nmap
    • 15 - Scanning Specific IPs or Specific Targets With Nmap - 1:57
  • Nmap IP List Creation
    • 16 - Nmap IP List Creation - 4:07
  • Nmap Random Scan and Exclude Ips
    • 17 - Nmap Random Scan and Exclude Ips - 4:17
  • Print the Nmap Results to the File
    • 18 - Print the Nmap Results to the File - 6:23
  • Check In - 1
    • 19 - Check In -1 - 0:47
  • OSI Model
    • 20 - What Is the OSI Model and How Does It Work? - 5:18
  • TCP-IP
    • 21 - What Is TCP-IP - 8:57
  • Domain Name System Service-DNS
    • 22 - Domain Name System Service-DNS - 4:19
  • Port
    • 23 - What is Port? Nmap Port Scan - 3:34
    • 24 - Scanning Top 20, Top 100 Ports With Nmap - 4:43
    • 25 - Scanning Specific Ports With Nmap - 6:00
    • 26 - Nmap Syn Scanning - 3:20
    • 27 - Nmap TCP Scan - 2:46
    • 28 - Namp UDP Scan - 4:12
    • 29 - Nmap ACK Scan - 1:53
    • 30 - Nmap Fin-Xmas-Null Scan - 3:26
    • 31 - Nmap Fast Scan - 1:12
    • 32 - Nmap Open Ports Scan - 1:23
    • 33 - Nmap No PORT Scan - 2:15
  • Nmap PING and noPING Scan
    • 34 - Nmap PING and noPING Scan - 3:19
  • Check - 2
    • 35 - Check-2 - 1:13
  • Nmap Verbose Command
    • 36 - Nmap Verbose Command - 2:14
  • Nmap With Service and Version Detection
    • 37 - Nmap With Service and Version Detection - 3:52
  • Nmap Operating System Detection
    • 38 - Nmap Operating System Detection - 2:30
  • Nmap Timing Templates
    • 39 - Nmap Timing Templates - 3:36
  • Bypass of IPS & IDS Systems With Nmap
    • 40 - Bypass of IPS & IDS Systems With Nmap - 10:57
  • Nmap Script Engine (NSE)
    • 41 - Nmap Script Engine (NSE) - 10:59
    • 42 - Nmap Script Engine Example - 1 - 2:53
    • 43 - Nmap Script Engine Example - 2 - 0:58
    • 44 - Writing an NSE Script - 9:52
  • The Check - 3
    • 45 - The Check-3 - 0:22

View Full Curriculum



Terms

  • Unredeemed licenses can be returned for store credit within 30 days of purchase. Once your license is redeemed, all sales are final.