-
SupremeEthan2708
Hacking
Great course by Zaid. Course explains deeply on each topic and covers things the average user would not be able to find. So glad I wondered upon the zsecurity Youtube page. Without it I don't think I would of ever gotten an interest in hacking and cyber security. -
Pierpaolo
Nice course
course explained very well, it is not a waste of money.
Curriculum
-
Introduction
-
Setting up a Hacking Lab
-
Linux Basics
-
Network Hacking
-
Network Hacking - Pre Connection Attacks
-
Network Hacking - Gaining Access - WEP Cracking
-
Network Hacking - Gaining Access (WEP/WPA/WPA2 Cracking)
-
Network Hacking - Gaining Access - WPA / WPA2 Cracking
-
Network Hacking - Gaining Access - Security
-
Network Hacking - Post Connection Attacks
-
Network Hacking - Post-Connection Attacks - Information Gathering
- Installing Windows As a Virtual Machine
- Installing Windows as a Virtual Machine on Apple Silicon Computers
- Discovering Devices Connected to the Same Network
- Gathering Sensitive Info About Connected Devices (Device name, Ports…etc)
- Gathering More Sensitive Info (Running Services, Operating System…etc)
-
Network Hacking - Post Connection Attacks - MITM Attacks
- What is ARP Poisoning ?
- Intercepting Network Traffic
- Bettercap Basics
- ARP Spoofing Using Bettercap
- Spying on Network Devices (Capturing Passwords, Visited Websites…etc)
- Creating Custom Spoofing Script
- Bypassing HTTPS
- Bypassing HSTS
- Bypassing HSTS Recap – Firefox
- Bypassing HSTS Recap – Chrome
- DNS Spoofing – Controlling DNS Requests on The Network
- Injecting Javascript Code
- Doing All the Above using a Graphical Interface
- Wireshark – Basic Overview & How To Use It With MITM Attacks
- Wireshark – Sniffing & Analysing Data
- Wireshark – Using Filters, Tracing & Dissecting Packets
- Wireshark – Capturing Passwords & Cookies Entered By Any Device In The Network
- Creating a Fake Access Point (Honeypot) – Theory
- Creating a Fake Access Point (Honeypot) – Practical
-
Network Hacking - Detection & Security
50
-
Gaining Access To Computer Devices
-
Gaining Access - Server Side Attacks
- Installing Metasploitable As a Virtual Machine
- Introduction to Server-Side Attacks
- Basic Information Gathering & Exploitation
- Hacking a Remote Server Using a Basic Metasploit Exploit
- Exploiting a Code Execution Vulnerability to Hack into a Remote Server
- Nexpose – Installing Nexpose
- Nexpose – Scanning a Target Server For Vulnerabilities
- Nexpose – Analyzing Scan Results & Generating Reports
- Server-Side Attacks Conclusion
-
Gaining Access - Client Side Attacks
- Introduction to Client-Side Attacks
- Installing Veil Framework
- Veil Overview & Payloads Basics
- Generating An Undetectable Backdoor
- Listening For Incoming Connections
- Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10
- Hacking Windows 10 Using a Fake Update
- Backdooring Downloads on The Fly to Hack Windows 10
- How to Protect Yourself From The Discussed Delivery Methods
-
Gaining Access - Client Side Attacks - Social Engineering
- Introduction to Social Engineering
- Maltego Basics
- Discovering Websites, Links & Social Networking Accounts Associated With The Target
- Discovering Twitter Friends & Associated Accounts
- Discovering Emails Of The Target’s Friends
- Analyzing The Gathered Info & Building An Attack Strategy
- Backdooring Any File Type (images,pdf’s …etc)
- Compiling & Changing Trojan’s Icon
- Spoofing .exe Extension To Any Extension (jpg, pdf …etc)
- Spoofing Emails – Setting Up an SMTP Server
- Email Spoofing – Sending Emails as Any Email Account
- Email Spoofing – Method 2
- BeEF Overview & Basic Hook Method
- BeEF – Hooking Targets Using Bettercap
- BeEF – Running Basic Commands On Target
- BeEF – Stealing Credentials/Passwords Using A Fake Login Prompt
- BeEF – Hacking Windows 10 Using a Fake Update Prompt
- Detecting Trojans Manually
- Detecting Trojans Using a Sandbox
-
Gaining Access - Using The Above Attacks Outside The Local Network
-
Post Exploitation
-
Website Hacking
-
Website Hacking - Information Gathering
-
Website Pentesting - File Upload, Code Execution & File Inclusion Vulns
- Discovering & Exploiting File Upload Vulnerabilities To Hack Websites
- Discovering & Exploiting Code Execution Vulnerabilities To Hack Websites
- Discovering & Exploiting Local File Inclusion Vulnerabilities
- Remote File Inclusion Vulnerabilities – Configuring PHP Settings
- Remote File Inclusion Vulnerabilities – Discovery & Exploitation
- Preventing The Above Vulnerabilities
-
Website Pentesting - SQL Injection Vulnerabilities
- What is SQL
- Dangers of SQL Injection Vulnerabilities
- Discovering SQL Injections In POST
- Bypassing Logins Using SQL injection
- Discovering SQL Injections In GET
- Reading Database Information
- Finding Database Tables
- Extracting Sensitive Data From The Database (Such As Password, User Info…etc)
- Reading & Writing Files On The Server Using SQL Injection Vulnerability
- Discovering SQL Injections & Extracting Data Using SQLmap
- The Right Way To Prevent SQL Injection
-
Website Hacking - Cross Site Scripting Vulnerabilities
-
Website Pentesting - Discovering Vulnerabilities Automatically
-
Bonus Section