Learn Ethical Hacking From Scratch

Avatar
(0 review)
$195.00 $49.00

BeEF Overview & Basic Hook Method

 

BeEF is a browser exploitation framework that allows us to run a large number of commands on hooked browser.

In this lecture we will have an overview of the interface, how to start the framework and how to create a hook page and hook targets to it.

Welcome to my comprehensive course on Ethical Hacking! In this course, you will start as a beginner with no previous knowledge about penetration testing or hacking. The first thing you will learn is some basic information about ethical hacking and the different fields in penetration testing.

This course is focused on the practical side of penetration testing without neglecting the theory behind each attack. Before jumping into penetration testing, you will first learn how to set up a lab and install needed software to practice penetration testing on your own machine. All the attacks explained in this course are launched against real devices in my lab.

The course is structured in a way that will take you through the basics of linux, computer systems, networks and how devices communicate with each other. We will start by talking about how we can exploit these systems to carry out a number of powerful attacks. This course will take you from a beginner to a more advanced level — by the time you finish, you will have knowledge about most penetration testing fields.

The course is divided into four main sections:

1. Network Penetration Testing – This section will teach you how to test the security of networks, both wired and wireless. First, you will learn how networks work, basic network terminology and how devices communicate with each other. Then it will branch into three sub sections:

  • Pre-connection: in this section, we still don’t know much about penetration testing — all we have is a computer with a wireless card. You will learn how gather information about the networks and computers around you and launch a number of attacks without a password, such as controlling the connections around you (ie: deny/allow any device from connecting to any network). You will also learn how to create a fake access point, attract users to connect to it and capture any important information they enter.
  • Gaining Access: Now that you have gathered information about the networks around you and found your target, you will learn how to crack the key and gain access to your target network. In this section you will learn a number of methods to crack WEP/WPA/WPA2 encryption.
  •  Post Connection: Now you have the key to your target network and you can connect to it. In this section you will learn a number of powerful attacks that can be launched against the network and connected clients. These attacks will allow you to gain access to any account accessed by any device connected to your network and read all the traffic used by these devices (images, videos, audio, passwords …etc).

2. Gaining Access – In this section you will learn two main approaches to gain full control over any computer system:

  • Server Side Attacks:  In this approach you will learn how to gain full access to computer systems without the need for user interaction. You will learn how to gather information about a target computer system such as its operating system, open ports, installed services and discover weaknesses and vulnerabilities. You will also learn how to exploit these weaknesses to gain full control over the target. Finally you will learn how to generate different types of reports for your discoveries.
  • Client Side Attacks – If the target system does not contain any weaknesses then the only way to gain access to it is by interacting with the user. In this approach you will learn how to launch a number of powerful attacks to fool the target user and get them to install a backdoor on their device. This is done by creating fake updates and serving them to the user or by backdoornig downloaded files on the fly. You will also learn how to gather information about the target person and use social engineering to deliver a backdoor to them as an image or any other file type.

3. Post Exploitation – In this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute)maintain your access, spy on the target and even use the target computer as a pivot to hack other computer systems.

4. Web Application Penetration Testing – In this section you will learn how websites work. Then you will learn how to gather information about your target website, such as website owner, server location, used technologies and much more. You will also learn how to discover and exploit a number of dangerous vulnerabilities such as SQL injections, XSS vulnerabilitiesetc.

At the end of each section you will learn how to detect, prevent and secure your system and yourself from these attacks.

All the attacks in this course are practical attacks that work against any computer device, ie: it does not matter if the device is a phone, tablet, laptop, etc. Each attack is explained in a simple way — first you will learn the theory behind each attack and then you will learn how to carry out the attack using Kali Linux.

Requirements

  • Basic IT Skills
  • No Linux, programming or hacking knowledge required.
  • Computer with a minimum of 4GB ram/memory.
  • Operating System: Windows / OS X / Linux.
  • For WiFi cracking (10 lectures ONLY) – Wireless adapter that supports monitor mode (more info provided in the course).

Who this course is for:

  • Anybody who is interested in learning ethical hacking / penetration testing
  • Anybody who wants to learn how hackers hack computer systems
  • Anybody who wants to learn how to secure their systems from hackers

 

NOTE: This course is created for educational purposes only and all the attacks are launched in my own lab or against devices that I have permission to test.

NOTE: This course is totally a product of Zaid Sabih & zSecurity and No other organization is associated for certification exam for the same.

 

Course Features

  • Lectures 139
  • Duration 12.5 hours
  • Skill level All levels
  • Language English
  • Students 90034
  • Assessments Yes
  • Introduction 0/3

  • Setting Up The Lab 0/3

    • Lecture2.1
      Lab Overview & Needed Software
      3m
    • Lecture2.2
      Installing Kali 2019 As a Virtual Machine
      8m
    • Lecture2.3
      Creating & Using Snapshots
      6m
  • Linux Basics 0/2

    • Lecture3.1
      Basic Overview of Kali Linux
      5m
    • Lecture3.2
      The Terminal & Linux Commands
      11m
  • Network Penetration Testing 0/5

    • Lecture4.1
      Network Penetration Testing Introduction
      3m
    • Lecture4.2
      Network Basics
      3m
    • Lecture4.3
      Connecting a Wireless Adapter To Kali
      7m
    • Lecture4.4
      What is MAC Address & How to Change It
      5m
    • Lecture4.5
      Wireless Modes (Managed & Monitor)
      5m
  • Network Penetration Testing - Pre Connection Attacks 0/4

    • Lecture5.1
      Packet Sniffing Basics Using Airodump-ng
      6m
    • Lecture5.2
      WiFi Bands – 2.4Ghz & 5Ghz Frequencies
      30m
    • Lecture5.3
      Targeted Packets Sniffing Using Airodump-ng
      7m
    • Lecture5.4
      Deauthentication Attack (Disconnection Any Device From The Network)
      5m
  • Network Penetration Testing - Gaining Access (WEP/WPA/WPA2 Cracking) 0/12

    • Lecture6.1
      Gaining Access Introduction
      1m
    • Lecture6.2
      WEP Cracking – Theory Behind Cracking WEP Encryption
      3m
    • Lecture6.3
      WEP Cracking – Basic Case
      6m
    • Lecture6.4
      WEP Cracking – Fake Authentication
      6m
    • Lecture6.5
      WEP Cracking – ARP Request Replay Attack
      5m
    • Lecture6.6
      WPA/WPA2 Cracking – Introduction
      2m
    • Lecture6.7
      WPA/WPA2 Cracking – Exploiting WPS Feature
      7m
    • Lecture6.8
      WPA/WPA2 Cracking – How To Capture The Handshake
      5m
    • Lecture6.9
      WPA/WPA2 Cracking – Creating a Wordlist
      6m
    • Lecture6.10
      WPA/WPA2 Cracking – Using a Wordlist Attack
      3m
    • Lecture6.11
      Securing Your Network From The Above Attacks
    • Lecture6.12
      How to Configure Wireless Security Settings To Secure Your Network
      6m
  • Network Penetration Testing - Post Connection Attacks 0/24

    • Lecture7.1
      Introduction
      3m
    • Lecture7.2
      Installing Windows As a Virtual Machine
      3m
    • Lecture7.3
      Information Gathering – Discovering Connected Clients using netdiscover
      3m
    • Lecture7.4
      Gathering More Information Using Zenmap
      11m
    • Lecture7.5
      Gathering Even More Information Using Zenmap
      30m
    • Lecture7.6
      MITM – ARP Poisoning Theory
      6m
    • Lecture7.7
      MITM – ARP Spoofing using arpspoof
      6m
    • Lecture7.8
      MITM – Bettercap Basics
      30m
    • Lecture7.9
      MITM – ARP Spoofing Using Bettercap
      30m
    • Lecture7.10
      MITM – Spying on Network Devices (Capturing Passwords, Visited Websites…etc)
      30m
    • Lecture7.11
      MITM – Creating Custom Spoofing Script
      30m
    • Lecture7.12
      MITM – Understanding HTTPS & How to Bypass it
      30m
    • Lecture7.13
      MITM – Bypassing HTTPS (Preview)
      30m
    • Lecture7.14
      MITM – Bypassing HSTS
      30m
    • Lecture7.15
      MITM – DNS Spoofing
      30m
    • Lecture7.16
      MITM – Injecting Javascript Code
      30m
    • Lecture7.17
      MITM – Installing & Configuring Bettercap GUI
      30m
    • Lecture7.18
      MITM – Doing All of The Above Using a Graphical Interface
      30m
    • Lecture7.19
      Wireshark – Basic Overview & How To Use It With MITM Attacks
      9m
    • Lecture7.20
      Wireshark – Sniffing & Analysing Data
      8m
    • Lecture7.21
      Wireshark – Using Filters, Tracing & Dissecting Packets
      30m
    • Lecture7.22
      Wireshark – Capturing Passwords & Cookies Entered By Any Device In The Network
      5m
    • Lecture7.23
      Creating a Fake Access Point (Honeypot) – Theory
      4m
    • Lecture7.24
      Creating a Fake Access Point (Honeypot) – Practical
      10m
  • Network Penetration Testing - Detection & Security 0/2

  • Gaining Access To Computer Devices 0/1

  • Gaining Access - Server Side Attacks 0/11

    • Lecture10.1
      Installing Metasploitable As a Virtual Machine
      4m
    • Lecture10.2
      Introduction
      4m
    • Lecture10.3
      Basic Information Gathering & Exploitation
      10m
    • Lecture10.4
      Using a Basic Metasploit Exploit
      7m
    • Lecture10.5
      Exploiting a Code Execution Vulnerability
      10m
    • Lecture10.6
      MSFC – Installing MSFC (Metasploit Community)
      6m
    • Lecture10.7
      MSFC – Scanning Target(s) For Vulnerabilities
      3m
    • Lecture10.8
      MSFC – Analyzing Scan Results & Exploiting Target System
      10m
    • Lecture10.9
      Nexpose – Installing Nexpose
      10m
    • Lecture10.10
      Nexpose – How To Configure & Launch a Scan
      9m
    • Lecture10.11
      Nexpose – Analyzing Scan Results & Generating Reports
      8m
  • Gaining Access - Client Side Attacks 0/9

  • Gaining Access - Client Side Attacks - Social Engineering 0/18

    • Lecture12.1
      Introduction
      3m
    • Lecture12.2
      Maltego Basics
      6m
    • Lecture12.3
      Discovering Websites, Links & Social Networking Accounts Associated With The Target
      7m
    • Lecture12.4
      Discovering Twitter Friends & Associated Accounts
      5m
    • Lecture12.5
      Discovering Emails Of The Target’s Friends
      4m
    • Lecture12.6
      Analyzing The Gathered Info & Building An Attack Strategy
      9m
    • Lecture12.7
      Backdooring Any File Type (images,pdf’s …etc)
      5m
    • Lecture12.8
      Compiling & Changing Trojan’s Icon
      6m
    • Lecture12.9
      Spoofing .exe Extension To Any Extension (jpg, pdf …etc)
      8m
    • Lecture12.10
      Spoofing Emails – Setting Up an SMTP Server
      30m
    • Lecture12.11
      Spoofing Emails – Send Emails As Any Email Account You Want
      7m
    • Lecture12.12
      BeEF Overview & Basic Hook Method
      7m
    • Lecture12.13
      BeEF – Hooking Targets Using Bettercap
      3m
    • Lecture12.14
      BeEF – Running Basic Commands On Target
      4m
    • Lecture12.15
      BeEF – Stealing Credentials/Passwords Using A Fake Login Prompt
      2m
    • Lecture12.16
      BeEF – Gaining Full Control Over Windows Target
      4m
    • Lecture12.17
      Detecting Trojans Manually
      5m
    • Lecture12.18
      Detecting Trojans Using a Sandbox
      3m
  • Gaining Access - Using The Above Attacks Outside The Local Network 0/4

    • Lecture13.1
      Overview Of The Setup
      6m
    • Lecture13.2
      Ex1 – Generating a Backdoor That Works Outside The Network
      5m
    • Lecture13.3
      Configuring The Router To Forward Connections To Kali
      7m
    • Lecture13.4
      Ex2 – Using BeEF Outside The Network
      6m
  • Post Exploitation 0/8

    • Lecture14.1
      Introduction
      2m
    • Lecture14.2
      Meterpreter Basics
      6m
    • Lecture14.3
      File System Commands
      5m
    • Lecture14.4
      Maintaining Access – Basic Methods
      5m
    • Lecture14.5
      Maintaining Access – Using a Reliable & Undetectable Method
      7m
    • Lecture14.6
      Spying – Capturing Key Strikes & Taking Screen Shots
      3m
    • Lecture14.7
      Pivoting – Theory (What Is Pivoting)
      7m
    • Lecture14.8
      Pivoting – Exploiting Devices on The Same Network As The Target Computer
      8m
  • Website Hacking 0/2

  • Website Hacking - Information Gathering 0/7

    • Lecture16.1
      Gathering Basic Information Using Whois Lookup
      6m
    • Lecture16.2
      Discovering Technologies Used On The Website
      6m
    • Lecture16.3
      Gathering Comprehensive DNS Information
      6m
    • Lecture16.4
      Discovering Websites On The Same Server
      4m
    • Lecture16.5
      Discovering Subdomains
      5m
    • Lecture16.6
      Discovering Sensitive Files
      7m
    • Lecture16.7
      Analyzing Discovered Files
      4m
  • Website Pentesting - File Upload, Code Execution & File Inclusion Vulns 0/6

    • Lecture17.1
      Discovering & Exploiting File Upload Vulnerabilities
      7m
    • Lecture17.2
      Discovering & Exploiting Code Execution Vulnerabilities
      7m
    • Lecture17.3
      Discovering & Exploiting Local File Inclusion Vulnerabilities
      5m
    • Lecture17.4
      Remote File Inclusion Vulnerabilities – Configuring PHP Settings
      4m
    • Lecture17.5
      Remote File Inclusion Vulnerabilities – Discovery & Exploitation
      6m
    • Lecture17.6
      Preventing The Above Vulnerabilities
      7m
  • Website Pentesting - SQL Injection Vulnerabilities 0/11

    • Lecture18.1
      What is SQL
      6m
    • Lecture18.2
      Dangers of SQL Injection Vulnerabilities
      3m
    • Lecture18.3
      Discovering SQL Injections In POST
      8m
    • Lecture18.4
      Bypassing Logins Using SQL Injection Vulnerability
      5m
    • Lecture18.5
      Discovering SQL Injections In GET
      7m
    • Lecture18.6
      Reading Database Information
      5m
    • Lecture18.7
      Finding Database Tables
      3m
    • Lecture18.8
      Extracting Sensitive Data Such As Passwords
      4m
    • Lecture18.9
      Reading & Writing Files On The Server Using SQL Injection Vulnerability
      6m
    • Lecture18.10
      Discovering SQL Injections & Extracting Data Using SQLmap
      7m
    • Lecture18.11
      The Right Way To Prevent SQL Injection
      5m
  • Website Hacking - Cross Site Scripting Vulnerabilities 0/5

    • Lecture19.1
      Introduction – What is XXS or Cross Site Scripting
      3m
    • Lecture19.2
      Discovering Reflected XSS
      4m
    • Lecture19.3
      Discovering Stored XSS
      3m
    • Lecture19.4
      Exploiting XSS – Hooking Vulnerable Page Visitors To BeEF
      5m
    • Lecture19.5
      Preventing XSS Vulnerabilities
      5m
  • Website Pentesting - Discovering Vulnerabilities Automatically Using OWASP ZAP 0/2

    • Lecture20.1
      Scanning Target Website For Vulnerabilities
      4m
    • Lecture20.2
      Analyzing Scan Results
      4m
Avatar
Zaid Sabih

Ethical Hacker, Pentester & Computer Scientist

My name is Zaid Al-Quraishi, I am an ethical hacker, a computer scientist, and the founder and CTO of zSecurity. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. I studied computer science in University College Dublin, I graduated in may 2016. I have a very good experience in ethical hacking, I started making video tutorials back in 2009 in an ethical hacking community (iSecuri1ty.org), I also worked as a pentester for the same company. In 2013 I started teaching my first course online in Arabic, this course received amazing feedback which motivated me to create an English version of this course. The english course became the most popular and the top paid course in Udemy for almost a year, this motivated me to make more courses on ethical hacking, now I have a number of courses on ethical hacking and more than 200,000 students on Udemy and other teaching platforms such as StackSocial, StackSkills and zSecurity.

Reviews

Average Rating

0
0 rating

Detailed Rating

5 stars
0
4 stars
0
3 stars
0
2 stars
0
1 star
0
$195.00 $49.00