Complete Ethical Hacking Bootcamp

Discover how a virtual machine borrows a host’s hardware to run Linux, Windows, or macOS on one machine. Use virtualization software to safely test, snapshot, and delete VMs.

Explore why Linux is ideal for ethical hacking: open source, free, lightweight, and editable, with Kali Linux and its penetration testing tools, plus building a virtual hacking lab.

Download and install VirtualBox and Kali Linux, select the correct OS package, and save the Kali installer ISO to your desktop to prepare your first virtual machine.

Learn to install VirtualBox, create a Kali Linux virtual machine from a Debian-based ISO, and configure hardware, storage, and bridged networking for a hands-on ethical hacking lab.

Install Kali Linux in a VirtualBox VM using a graphical install, configure language, locale, hostname, user, and password, partition disks, install grub, and verify network connectivity via ping.

Verify full screen mode, install VirtualBox Guest Additions, and test connectivity with ping while switching to bridged adapter to obtain a router IP.

Check Kali Linux with ifconfig for an IP in the network range and ping Google to verify connectivity; if not, switch from bridged adapter to NAT network and reboot.

Outline the five stages of a penetration test—reconnaissance, scanning, gaining access, maintaining access, and covering tracks—emphasizing permission and the importance of information gathering.

Master the Linux terminal in Kali Linux by navigating the filesystem with pwd, cd, and ls, exploring home and documents, and distinguishing directories from files.

Learn to create files and directories in the terminal using touch, nano, and mkdir, then copy, move, and delete with mv, cp, and rm safely.

Learn to use sudo and network commands in Kali to locate ip addresses and mac addresses, copy files with full paths, and perform basic information gathering for penetration testing.

Explore information gathering, first step in penetration testing, detailing active and passive methods, and how Kali Linux helps collect data—IP addresses, technologies, operating systems, programming languages, emails, and phone numbers.

Identify a target by obtaining its IP address and physical address using whois, nslookup, and IP information checks, while performing both active and passive information gathering.

Learn to use WhatWeb to scan websites, identify web technologies and plugins, and leverage stealthy and verbose modes in Kali Linux for readable results.

Use the WhatWeb tool to scan an IP range on network (192.168.1.0 to 192.168.1.255) with aggression level 3, and save results to a file using no-errors to skip offline hosts.

learn to gather emails for a domain using the harvester and hunter.io, including domain search options and multiple sources, and produce results.

Download information gathering tools from GitHub, clone with git, install dependencies, and run in Kali Linux. Test Red Hawk and perform whois, geo-IP, and DNS lookup.

Install and run Sherlock from GitHub using Python3 to search multiple platforms for the same username, uncovering linked accounts on Twitter, Wikipedia, and cash.me while saving results.

Explore a Python 3 email scraper that crawls up to 100 links on a domain, extracts emails with regex, and compares results with Hunter.io and theHarvester, for safe practice.

Advance from information gathering to scanning by identifying open ports and the running software, using tcp and udp packets and the Nmap tool on Kali Linux.

Explore the basics of tcp and udp protocols, including the three-way handshake and reliable in-order data transfer. Contrast udp's speed with tcp's error checking and reliability.

discover how to obtain and install metasploitable, a top vulnerable machine listed by rapid7, using VirtualBox, bridging the network, and logging in with msfadmin to begin scanning practice.

Install metasploitable 2 on m chip macbooks using utm, convert vmdk to qcow2 with qemu-img, and configure bridged networking for a vulnerable virtual machine in a safe lab.

Learn to discover active network hosts with netdiscover and ARP, identify IP and MAC addresses, and map devices like Metasploitable, your laptop, and the router for subsequent scanning.

Learn to perform the first basic Nmap scan to discover hosts, open ports and services on a network, using a range like 192.168.1.1/24 and interpreting results.

Explore common nmap scan types, including TCP SYN (-sS), TCP connect (-sT), and UDP (-sU), and learn how port states, sudo privileges, and the nmap manual shape effective scanning strategies.

Use nmap with the -O option to identify target operating systems by fingerprint comparisons, testing metasploitable, Windows 7 VM, and Windows 10 host, and noting port states and MAC hints.

Discover how to determine the exact software version on an open port with nmap -sV, interpret results, and search for known vulnerabilities, while adjusting version intensity and dash A options.

Master advanced Nmap options by running script-enabled dash A scans, filtering ports with dash P, dash SN, and dash F, and saving results with output files or -oN for reporting.

Learn to use Nmap to bypass firewalls and intrusion detection systems, explore advanced options, and understand network versus host-based firewalls and how ports appear as open, closed, or filtered.

Explore bypassing firewalls with nmap using fragmentation and decoy options, generating tiny packets and random or local IP addresses to evade intrusion detection.

Discover nmap options for security evasion and spoofing, including -S, -Pn, -E, -G, and -sF, and explore timing templates for IDS evasion in practical scans.

Develop a simple port scanner in Python 3 using socket and termcolor on Kali Linux. Scan one or multiple targets across a user-defined port range, printing open ports per target.

Explore how to use nmap scripts for vulnerability analysis, run script groups and single scripts, and identify issues like anonymous ftp login and tomcat credentials on targets.

Perform manual vulnerability analysis by googling exploits for software versions found in a target's version scan, using searchsploit to locate Linux exploits and prepare for Metasploit exploitation.

Install Nessus essentials on Kali Linux by downloading the Debian package, running dpkg, starting the Nessus scanner, and activating with your email and activation code.

Learn to use Nessus for a network scan, with all ports on a local target (up to 16 IP addresses), and review vulnerabilities by severity: critical, high, and information disclosure.

Demonstrates conducting a Nessus scan on an unupdated Windows 7 VM. Reveals four critical and two high vulnerabilities, including MS 14 and the Blue Keep RDP remote code execution.

Review information gathering and port scanning to identify open ports, running software, and the target's operating system, then analyze vulnerabilities with Nessus and Nmap to plan a future exploit.

Master the exploitation process by gathering target data, identifying vulnerabilities, and delivering payloads to gain access with Kali Linux and Metasploit.

Define vulnerability and explain how bugs and open ports enable exploitation and shell access. Show how spoofed emails bypass defenses and highlight CVE, zero-day exploits like EternalBlue and WannaCry.

Learn about reverse shells and bind shells on Kali Linux, how they enable control of a target machine, and why reverse shells reliably connect back, with Metasploit basics.

Explore the Metasploit framework structure, including seven modules—exploits, payloads, auxiliary, encoders, evasion, nops, and post exploitation—and how they work with msfconsole, msfvenom, and Meterpreter to target systems.

Run msfconsole, explore Metasploit modules, list and select exploits and payloads, and configure options like rhosts, rport, lhost, and lport to perform basic exploitation.

Execute the first exploit against vsftpd 2.3.4 on a metasploitable target using Metasploit and Nmap, gaining a root shell and demonstrating post-exploitation access on port 21.

Examine misconfigurations that enable a bind shell without authentication and learn to connect with netcat to port 1524 to gain a root shell on a vulnerable machine.

Exploit telnet information disclosure on a Metasploitable machine by leveraging the banner to obtain msfadmin credentials, log in, and escalate to root via sudo su.

Identify samba version range 3.0.20 to 3.0.25 and exploit ports 139 and 445. Use Metasploit's username map script exploit with a reverse netcat payload to gain root access.

Demonstrate an SSH brute force attack using a username and password list with Metasploit, highlighting weak and default credentials and how to verify access.

Learn hands-on exploitation by locating three vulnerabilities on a Metasploitable target using Nmap, Metasploit, Searchsploit, and other tools, then gain shells and explore meterpreter workflows.

Set up a Windows 7 virtual machine in VirtualBox, configure ram and storage from ISO, and disable the firewall to prepare for exploiting SMB ports 445 and 139.

Exploit the EternalBlue vulnerability on a Windows 7 target with Metasploit, test with the auxiliary module, and gain a Meterpreter shell while noting 64-bit vs 32-bit considerations.

Explore how the EternalBlue-DoublePulsar Windows SMB exploit is run from Linux using wine and Metasploit to gain a Meterpreter shell on a target.

Identify BlueKeep, a remote desktop protocol vulnerability that enables remote code execution on unpatched Windows systems from XP to Windows 7 and Windows Server 2008 with port 3389 open.

Examine the default credentials vulnerability on home routers, including locating gateway IPs, finding default usernames and passwords online, and testing access via telnet and port scans to inspect router settings.

Confront imposter syndrome by embracing deliberate practice and recognizing that expertise comes with time. Share what you've learned on Discord by helping peers in Python topics and reinforcing your growth.

Set up a vulnerable Windows 10 VM (1903 or 1909) to study the SMB Ghost vulnerability, manually find and run an exploit, then redirect the connection to a Linux machine.

Perform a vulnerability scan on Windows 10, check port 445, assess CVE-2020-0796 with Nessus, then crash the target using Python tools.

Demonstrates remotely exploiting a Windows 10 smb ghost vulnerability using a ZecOps tool, calibrating offsets, and establishing a reverse shell to gain a system shell.

Learn to generate a windows 64-bit meterpreter reverse_tcp payload with msfvenom, set lhost and lport, create an exe, and configure a msfconsole handler to listen for the reverse connection.

Create diverse msfvenom payloads across formats and architectures, from exe to python, and test antivirus evasion with encoders and iterations. Evaluate VirusTotal results to gauge detection.

Explore advanced msfvenom usage by using template payloads like putty.exe to bypass antivirus, generate Windows meterpreter shells, and explore payload types across Windows, Linux, and OS X.

Explore veil to generate payloads, select PowerShell payloads, convert bat to exe with bat to exe converter, and test antivirus detections on VirusTotal to compare evasion with msf payloads.

Learn to install and run FatRat for payload creation and backdoor generation. Create and deploy backdoors, like Windows Meterpreter reverse TCP, by configuring LHOST and LPORT in MSF console.

Develop understanding of techniques to bypass antivirus by generating unique payloads and editing binaries. Explore using hex editors, hash variation, and multiple payload types to illustrate detection dynamics.

Explore disguising a payload as an image, converting a png to ico, and packaging it in a hidden sfx archive, then setting up a meterpreter listener to manage the session.