In order to protect yourself from hackers, you must think as one.
In this course, you will start as a beginner with no previous knowledge about penetration testing or hacking.
You will learn hacking tools, methodologies and techniques. This is a both practical and theoretical step-by-step course.
This course is focused on the practical side of penetration testing without neglecting the theory behind each attack. Before jumping into penetration testing, you will first learn how to set up a lab and install needed software to practice penetration testing on your own machine.
Below are the main topics, both theoretical and practical, of this course:
- Introduction to Ethical Hacking, Footprinting and Reconnaissance
- This section will teach you how to gather information about your target server, you will learn how to discover the DNS server used, open ports and services, un-published directories, sensitive files. This information is very important as it increases the chances of being able to successfully gain access to the target website.
- Scanning Networks, Enumeration and Vulnerabilities and System Hacking
- In this section you will learn how to discover and exploit a large number of vulnerabilities, this section is divided into a number of sub-sections, each covering a specific vulnerability, firstly you will learn what is that vulnerability,then you will learn how to exploit this vulnerability.
- Learn how to capture encrypted and unencrypted data, passwords and such (HTTP, telnet, HTTPS, etc)
- Use This framework to exploit numerous vulnerabilities and crate backdoors
- Trojans, Backdoors, Viruses and Worms
- Penetration testing on Wireless Networks
- Penetration Testing
NOTE: This course is created only for educational purposes and all the attacks are launched in an isolated lab environment.
Senior Information Security Consultant
- I work in the Internet security team, focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
- Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking).
- Make recommendations on security weaknesses and report on activities and findings.
- Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
- Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
- Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
- Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
- Assist with the development of remediation services for identified findings
- Customize, operate, audit, and maintain security related tools and applications
- CEH, ECSA, CHFI from EC-Council
- Cisco CCNA, CCNA Security, Linux Essentials
- CREST Registered Penetration Tester (CRT)
- CHFI (Computer Hacking Forensic Investigator)
- ISO 270001 Lead Auditor
- ECSA (EC-Council Security Analyst)
- CEH (Certified Ethical Hacker)
- CCNA and CCNA Security
- CCNP Routing and CCNP Switching
- Advanced Linux&InfoSEC
- VMWare vSphere Install, Configure, Manage
- Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.
StartScanning and enumeration (8:58)
StartVulnerabilties Identification (8:28)
StartDemo - Installing Nessus Scanner (3:31)
StartDemo - Use Nessus to Discover Vulnerabilities (4:42)
StartDemo - Using Nikto to discover Web Vulnerabilities (4:51)
StartDemo - Using Paros for Vulnerability Discovery (4:49)
StartDemo - Use Dirbuster to brute force sub-directories and filenames (2:50)
StartDo it yourself - Scanning and enumeration, Vulnerability Discovery Exercise