Complete Penetration Testing and Ethical hacking Bootcamp
4.2 (304 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
2,555 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Complete Penetration Testing and Ethical hacking Bootcamp to your Wishlist.

Add to Wishlist

Complete Penetration Testing and Ethical hacking Bootcamp

Get started from scratch and become job ready penetration Tester. Be an Ethical Hacker and Hunt as a Bug Bounty Hunters
4.2 (304 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
2,555 students enrolled
Last updated 7/2016
English
Current price: $12 Original price: $200 Discount: 94% off
3 days left at this price!
30-Day Money-Back Guarantee
Includes:
  • 11 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion

Training 5 or more people?

Get your team access to Udemy's top 2,000 courses anytime, anywhere.

Try Udemy for Business
What Will I Learn?
  • By the end you will be able to understand all Information Security terminologies
  • You will be able to install and use all pentesting tools, even the new ones too
  • you will be able to hunt bugs and will be able to earn with them by reporting them
  • you will be able to document the pentesting reports
  • You will be able to defend your products and network from intrusion by Hackers
View Curriculum
Requirements
  • A computer (MAC/Windows/Linux) any will work
  • Basics of computer technology
  • NO PROGRAMMING IS REQUIRED
  • Virtual box - FREE (installation covered in the course)
  • NO prerequisites for this course
Description

Welcome to the world’s one of the most advance course on Penetration Testing and Ethical Hacking. Everyone is trying to learn How to design website or how to build networks or products. But you are different from others; you have chosen a path where you will learn to protect those products from intrusion of Hackers. We would like to salute your decision.

Attacks by Hackers are not a new story now days, you hear about it every other day. And the reason is obvious; no one bothers about security. Think about the last web development course that talks about SQL Injection or XSS attack. When you learn about Information security and that too at such a practical level, you can offer your skills to big and small companies get hired there or work as a free lancer. This penetration-testing course also talks about getting payment via BUG BOUNTIES too.

Every major company like Google, Apple, PayPal etc. have a security division which requires security experts like you, not even an official degree is required for it. All they ask for is your skills that this covers up. World require so many security professionals but we are not able to produce even the fractions of requirement.

This course is designed very carefully so that everyone can learn from it, even non-programmers. Also this course is very crisp in covering topics, this means we will not be wasting 3-4 hours just on installation or learning jargon terms.

Mac, Linux or Windows is not at all a problem. We only use tools that are cross platform. Our strategy is to take students from all operating system and merge them on same platform like Kali Linux and Parrot OS, so that it gives best learning experience.

We will introduce you to most advance topics in Pentesting as well as teach you that how you can learn by yourself, without reading any book or taking any course in future. Along with course, we will point you towards dedication and free resources that will make you subject expert.

Also we will install our custom vulnerable test beds and attack on them. This will   washes out the worry of legal issues. Also there are few challenges for you that will push you little hard to use your capabilities at the fullest. 

Jump in the course and Welcome to the world of Information Security, Penetration Testing, Ethical hacking and Bug Bounties

Important note: Support of windows XP is dropped by Microsoft, we have used it in few lectures. Regardless, you can either skip those couple lectures or just watch them, as concept goes same.

Who is the target audience?
  • Individuals looking to earn via BUG BOUNTIES
  • Students looking to expand their knowledge in IT security
  • Become a paid penetration tester
  • Develop secure websites and secure products
Compare to Other Penetration Testing Courses
Curriculum For This Course
72 Lectures
10:58:02
+
Must have basics for a Penetration Tester
6 Lectures 49:20

Before we even jump into the course, let's explore the interface of our learning platform, adjusting the settings and detailed overview of what is about to come


Preview 08:14

Lets be clear on what is pentesting and what is our area of scope. Penetration testing is a formal procedure to find vulnerabilities in the product and fix them.

Preview 04:22

We will not only teach a skill we will also teach you that how you can offer your skills to others and get paid for it. Lets explore the options of bug bounties

Preview 09:57

Lets explore the terms like white hat hacking, black hat hacking, black box testing and white box testing. These terms are the most common terms, so it's a good idea to get friendly with them

White hat, black box and vulnerabilities
05:47

Few more important terms are proxy because we will be installing proxy chains to hide our identity. Also we will be using virtual box to take every user on same page

Proxy, virtual box and OS
07:32

now finally it's time to grab all the tools that we will be needing. Ofcourse this will not be a full list but we can just work with this for a start. If we will need anything else, for sure it will be cross platform and will be informed in advance.

Grabbing the tools
13:28
+
Installation and configuration of lab for pentesting
9 Lectures 01:15:47

Virtual box is a software that allows us to install a complete operating system in just a software, also it can be said that OS in controlled environment. If anything goes wrong then we can simply delete the OS and our original os will be safe

Installation of Virtual Box
05:58

The tools that we will go through will be open source. Although you can install them on any linux but sometimes there is an issue of dependencies. Therefore we will be using a dedicated operating system to make sure that we can focus on learning the rather spending half of the time in just installation.

Installation of attacker - Kali
12:47

UPDATE : A new update for the windows users in installation

windows Update - Installation for windows users
08:36

Now that our Virtual box is installed, we will now take a toor of this new software. We will try to be friendly with all menu items as well as learn the solution of problems such as full screen mode.

Tour to Virtual Box and installing advance settings
10:20

As talked earlier, we might require more tools to proceed, so this movie will help you to grab more tools like metasploitable and few windows trial version in order to practice.

Tools required for labs
05:07

Metasploitable is an intentionally vulnerable machine that is specially designed to practice all the attacks without getting too much worried about the legal issues. Let's learn to install it and crack it down

Installing Metasploitable on Virtual Box
06:10

Finding windows XP is not an easy task but microsoft still gives a few trial and free virtual machines, on which we can practice. Of Course, windows XP is a very good playing platform for exploitation

Windows XP installation in Virtual Box
06:34

Now that our attacker machine AKA Kali linux is installed, its a good idea that we take a little tour to the operating system. there are a few small settings that we need to do, to make sure that scan keeps on with no hurdles.

Tour to our attacker machine
11:33

There are many tools that are installed in the kali, in this movie we will take a tour of these tools. Also we will learn to update the machine. By updating the machine we can be sure that more tools can be easily updated.

Tour to Pentesting tools and updating the machine
08:42
+
UPDATE - optional linux section. Just basics yet important part of all linux
5 Lectures 54:48
Bash shell and navigation in linux
11:13

Files and files permission in linux
10:03

Case study, directories and files with VIM and NANO
12:56

Manipulation of file data
08:30

Grep, piping and sudo in linux
12:06
+
Gathering information to perform pentesting
10 Lectures 01:38:50

Tor or also known as onion browser is known for anonymity. We will learn to install and configure this browser on kali linux. Also we will have a quick look at dark web sites

Up and running with TOR and dark net
09:52

Proxies are a way to hide your location or basically route the entire traffic via a different server. It helps us to improve the anonymity. We will install proxychains and with this we can make n number of stops between the traffic.

Anonymity using proxychains
13:25

MAC address also know as physical address of your ethernet device or wireless device is your main identity over the internet, apart from IP. We will learn to mask or change the current mac address.

Changing your MAC for tests
12:08

there are many methods to gather information of our client, one of them is DNS enumeration. We also take a look on what is open DNS

DNSEnum Information Gathering
15:57

Although, zone transfer vulnerability is very rare to see now a days but still we will look at this vulnerability on a dedicated platform.

Preview 05:51

DIG is another tool that gives more detail information about DNS information. Let's have a look on DIG tool which ships in Kali linux.

Dumping information with dig
04:30

DNStracer is the utility which calculates the path of our request to the server and plots it nicely on graphical interface. We will also have a quick look on wireshark.

DnsTracer and quick look to wireshark
11:53

Dimitry is a built in tool in kali that gather a lots of information about the company like email ID and DNS information but there are many better tools available now.

Is Dimitry still a good option
06:36

Finding email is one of the important part as it can be later used for social engineering. Also we will look at generating reports.

Finding emails, subdomain and generating reports
11:45

Now that we have talked about a lot of tools, here is the time give you a very small and easy assignment. Also let's have a look on recon-ng

Assignment and recon-ng
06:53
+
Learning about Nmap, Nikto, OpenVas and report genrating
7 Lectures 55:07

Some little tweaks are necessary to make our lab good and ready for future exploitation labs. In order to work it is necessary to get ping reply from other virtual machines.

Tweaking our labs for future labs
06:08

Nmap is like the best tool for network mapping and a must known for every pentester. Let's open our wireshark which comes as a default in kali linux and capture some traffic

Nmap study and assignments to evaluate
09:03

In the last movie there was an assignment and in this movie we will solve this assignment. Let's learn to do port scanning in vulnerable machine.

Solution to assignment and port scans
05:58

Ok now we have a knowledge of vulnerability, so it's time to take advantage of that vulnerability and exploit the machine.

Taking advantage of known Vulnerability and metasploit
11:38

Just like other scanning tool, nikto is one more scanning tools available in kali linux. Nikto gives us a bunch of information that we will explore in this movie

Scanning with Nikto
06:00

OpenVas Installation and configuration
08:02

Submitting a report is the final task is the pentesting, there are a lot of tools that generate report and submit it to client. Every company follows their own report format.

Generating and analyzing pentesting reports
08:18
+
Performing a Penetration Testing on a client
6 Lectures 48:14

NDA stands for Non Disclosure Agreement, which is an official document stating that you are authorised to perform penetration testing. Also make sure that if you are not allowed to use particular tool, that is also mentioned in the document

Getting NDA signed, permissions and scope of testing
04:32

After signing NDA, first step is to gather information about client like domain info, emails, servers used and scanning of open port and related services.

Information gathering about client machine
10:58

Now that we have an idea about vulnerabilities, we can now process to exploit those vulnerabilities. We will learn to run the exploits using msfconsole, which we will take in detail later in this course

Attacking the machine with msfconsole
12:20

It is not compulsory that you always get success in exploiting the first vulnerability. Sometimes vulnerability is there but we are not able to get success, in that case search for another one to present prof of concept

Exploiting another vulnerability
03:53

One new thing that we will learn in this movie is to use wireshark to sniff traffic. If the application is not encrypting the traffic then we can even grap username and password.

Sniffing the traffic with wireshark and get the password
05:37

Nmap also allows you to use some basic inbuilt or custom designed scripts too. In this movie we will learn to use one of these scritps for pentesting

Nmap scripting engine and distcc
10:54
+
Web Application Penetration Testing
9 Lectures 01:20:01

Web application pentesting is the most hot topic out there because there are many websites and application are out there, having many potential vulnerability and of course getting hacked everyday. More chances of Bug bounties are here

Getting started with Web Application Pentesting
08:15

There are many test beds that can be installed for learning purpose but we will start from easy ones like DVWA aka Damn Vulnerable Web Application

Installing test bed for web application pentesting
11:12

There are a few important tools and addons that Kali is missing, we will learn to install them and learn a little about their interface

Installing Vega, firefox addons and Brute force attacks
05:51

Our first vulnerability in the test bed is going to be the serious one. Recently this vulnerability was in google cloud based service and was paid with 3000 dollars when reported.

Exploring the command injection Vulnerability
07:10

XSS or cross site scripting is most common with the increasing domination of javascript. Also the impact of XSS is now more aggressive.

Reflected and Stored XSS ie Cross Site scripting
13:03

There is a great one page learning resource for learning about all kind of XSS. This is a trusted resouce and we recommend this resource to all

DOM based XSS and learning resource
09:51

Google has it's own program to reward responsible disclosure of vulnerabilities in their products just like facebook, paypal and several others. 

Google Reward Program that gives 7500 dollars for XSS
06:45

CSRF attack can allow unwanted actions from the user and user may even change their password without knowing about it. Let's take a close look at CSRF

Cross site request forgery Vulnerability
08:44

Yes, there is a great resource to learn more about SQL Injection in detail and that too for free. Watch the video and get started with it. Resource is free and will be free

Reference to further 6 hour free sql injection course, shells and defacing
09:10
+
Automation of Web Application pentesting
5 Lectures 42:02
Web application Pentesting automation with Vega
07:57

SQL map is a python based tools that perform SQL Injection and checks for many injection vulnerability. Best part is tools is completely open source and can be edited for custom usage with little knowledge of python

Automation of SQL Injection Attack with SQLMAP
13:16

Open Web Application Security Project did launched a tool known as Zed Attack proxy, although the name use proxy but it is much more than that.

Automation with OWASP-ZAP
08:33

Present internet scenario says that you will get a lot of pentesting for CMS based site and most popular CMS is Wordpress. We will learn to perform an automated pentesting on such CMS

Scanning Wordpress sites for Vulnerabilities
06:55

usually, we don't recommend paid tools in any of our course, keeping in mind that most of you are starting from scratch but it's always good to show all the options and let you decide, what is best and what is not

Paid options for Automation of Web App Pentesting
05:21
+
Wep App Pentesting Challenge
2 Lectures 15:26

Installation of this test bed is going be biggest challenge of the entire series. If you will solve all these challenges (solutions are already in the test bed, watch next movie for hints) then for sure, your first BUG BOUNTY is not going to be far

A pentesting challenge that will help in getting Bug Bounties
10:11

Here is a quick tip to get started and learn about How to solve the above challenge. Make sure you take a little time to solve this challenge

Hint for solving the challenge
05:15
+
Getting started with metasploit Framework
5 Lectures 58:52

Metasploit is the biggest framework for exploitation in the entire pentesting industry, completely designed in ruby. In this movie we will explore the architecture of the metasploit.

Introduction to metasploit and it's architecture
09:19

msfconsole is the major and most famous way to interact with metasploit framework. Let's explore msfconsole, along with types on exploits.

Msfconsole and Exploits type
11:17

Setting up msf database is easy and makes search operation a lot faster. Also if the database is not set, then we cannot run armitage in next movie

Setting up msf database and meterpreter
10:56

Armitage is a graphical version of msfconsole but don't be mistaken, it is very powerful, automted and easy to easy. Let's look at the interface of Armitage.

Armitage and meterpreter
13:31

SET or Social Engineering Toolkit is a framework that helps you to use your social skills to launch some client side attacks. Let's take a look on client side attacks

Social Engineering toolkit and Client side exploits
13:49
3 More Sections
About the Instructor
Igneus Technologies
4.3 Average rating
3,336 Reviews
81,592 Students
35 Courses
Best Comprehensive Courses

We at Igneus have trained students from IIT's, NIT's and reputed companies. Students from all over the globe have trusted our High quality and affordable trainings from 10+ countries and have opted for our Certification programs.

IGNEUS stands for the Revolutionary and a quality enhanced change that we’ve tried to come up with in the modern world of Internet education. We’ve come up bearing in mind the maximum emphasis on the quality dealing with every new technology which has made us distinguished from the throng at internet. And this revolution of choice will keep continuing. Today IGNEUS Technologies has proudly lifting up the tag of being the world's most trusted provider of myriad of services and training programs aiding constantly in every corner of the globe along with web security aspects, and open source technology.

IGNEUS Technologies Pvt. Ltd is a dream shared and brought up by two computer geniuses to make the society upgraded and aware of the cyber crimes that curb the innocence of environment, thus starting a revolution in favor of cyber security.

Igneus stands for the Revolutionary and a quality enhanced change in every aspect of its touch to internet. Quality dealing with every new technology makes us different from the crowd of internet. The revolution of choice continues. Today Igneus Technologies is the world's most trusted provider of mentioned services and training along with web security aspects, and open source technology.