Learn essential ethical hacking terms such as attack, vulnerability, exploit, payload, malware, backdoor, zero day attack, daisy chaining, doxing, bot, and hack value.

Explore hacking fundamentals by examining black hat, white hat, gray hat, script kiddie, green hat, red hat, blue hat, suicide hackers, hacktivist, activist, cyber terrorists, plus related defender roles.

Explore the five phases of hacking—reconnaissance, scanning, gaining access, maintaining access, and clearing tracks—along with techniques such as social engineering and dumpster diving.

Examine the CIA triad: confidentiality, integrity, and availability, and how digital safeguards protect personal data, accurate records, and reliable access in online systems.

Identify, quantify, and prioritize vulnerabilities through vulnerability assessment within VAPT, then simulate real-world attacks via penetration testing, and document remediation with metrics like SLE and ALE.

Explore the cyber kill chain, a Lockheed Martin intelligence-driven defense framework mapping seven stages—reconnaissance, weaponization, delivery, exploitation, installation, command and control, and action—to identify and prevent cyber intrusions.

Explore tactics, techniques, and procedures as high-level goals, specific moves, and detailed steps in cyber security, illustrating how attackers plan and execute, while defenses stay ahead.

Explore the Mitre ATT&CK framework as a map of adversary tactics, techniques, and procedures across attack phases, and compare blue team defenders with red team hackers testing and strengthening defenses.

Explore major information security standards and laws, including PCI DSS, HIPAA, ISO/IEC 27001, SOX, DMCA, FISMA, and the IT Act, and their security requirements and compliance.

Explore passive information gathering in ethical hacking, including footprinting, reconnaissance, and public data, and prepare for active reconnaissance while upholding ethical and legal practices.

Explore the domain name system and its DNS records—A, TXT, MX, AAA, CNAME, NS, and SRV—that translate domain names into IP addresses.

Explore essential DNS records such as A, AAAA, TXT, MX, CNAME, CAA, NS, SRV, and DMARC, and how they map domains, route email, and aid information gathering with common tools.

Learn how regional internet registries allocate IPv4/IPv6 and AS numbers across ARIN, RIPENCC, APNIC, LACNIC, and AFRINIC, provide WHOIS/RDAP registry services, and support open policy development and bottom-up governance.

Vapelizer identifies a website’s technologies, including WordPress, PHP, and MySQL, plus analytics and ads, helping cybersecurity professionals spot weaknesses, simulate attacks, and automate reconnaissance.

Learn how the Wayback machine, part of the internet archive, preserves historical web content and aids cybersecurity through threat intelligence, incident response, domain-change tracking, and phishing site analysis.

Learn to gather employee email information using the Harvester tool on Kali or Parrot, using version 4.0.3. Run scans with a limit and Google as source, then review emails found.

Explore Google hacking using advanced search operators to uncover sensitive data and vulnerabilities, finding exposed files, misconfigured sites, or login portals with responsible, hands-on practice.

Explore the Google hacking database (GHDB), an index of search queries that reveals sensitive information, and learn to use filters and categories for ethical hacking and risk assessment.

Explains subdomains as prefixes of a main domain, why enumeration matters for ethical hackers and bug bounty hunters, and demonstrates using subfinder on kali or parrot to gather subdomain data.

Explore how a demilitarized zone (DMZ) buffers the internal network from the internet with two firewalls and predefined rules, hosting public services in isolation.

Install Maltego Community Edition on Kali, Parrot, or Linux via .deb package and sudo dpkg -i. Launch Maltego CE, register and activate, paste target and run transforms to analyze.

Explore metadata and how data about data can reveal sensitive information, and learn to use Metagophil to extract data from public files like PDF, DOC, and Excel for security testing.

Explore active information gathering to assess networks, including private vs public IP concepts, using Nmap for host discovery, port and service scanning, OS detection, and vulnerability assessment.

Practice active nmap scanning techniques on Metasploitable with Parrot, including single IP scans, range scans, and OS detection, using NAT networking for safe lab setup.

Explore how TCP full scans reveal open and closed ports by analyzing SYN, ACK, and RST flags during the three-way handshake, using Wireshark and Nmap.

Analyze tcp full scan results by open, closed, and filtered ports using syn-ack, rst-ack, or destination-unreachable responses. The method provides accurate, full-handshake insight but is slower and easily detectable.

Demonstrates how to perform a tcp full scan with nmap on a Parrot OS and Metasploitable lab, analyze open ports, and observe tcp flags in Wireshark.

Learn how stealth scans, also known as tcp syn scans, probe open ports faster and stealthier than full tcp connect scans using sudo nmap -sS and tcp flags.

Evaluate the stealth scan, aka tcp sense scan, highlighting its advantages: faster and less detectable by firewalls and ids, but requires root privileges and yields limited service data.

Explore inverse tcp scans, including null, fin, and xms scans, which yield open filtered responses as closed ports send rst in legacy os environments.

Identify UDP ports by sending UDP packets to target ports and interpreting replies as open, closed, or filtered; UDP scans reveal services unseen by TCP scans and aid firewall evasion.

Identify whether ports are filtered or unfiltered by analyzing ack scan responses and rst flags, with hands-on labs on Parrot OS and Metasploitable and Wireshark.

Learn how fragmentation scans bypass firewalls by splitting packets into fragments, and compare standard and smart firewalls, using Nmap timing options from t5 to t0 in a lab setup.

Explore the Nmap script engine (NSE) to automate network discovery and vulnerability detection, using scripts found in /usr/share/nmap/scripts and practicing at least five NSE scripts such as ftp-anon.nse.

Explore enumeration as advanced information gathering inside a LAN, extracting routing information, DNS, SNMP, DNS zone transfer, DNS queries, user and group data, and NetBIOS via NBT scan and Metasploit.

Demonstrates NetBIOS enumeration with nbt scan on a metasploitable host, using nmap for port and os discovery, and revealing readable service details with verbose output.

Learn NetBIOS enumeration with the MSF console in the Metasploit framework, an open source tool by Rapid7, and review exploits such as EternalBlue, web, wireless, client-side, and social engineering.

Navigate the metasploit framework on Parrot OS, explore auxiliary, encoders, and exploits, then perform NetBIOS enumeration with msf console by setting rhost and rport and running the module.

Launch msfconsole, explore metasploit modules, and perform net bios enumeration with the nbname scanner by setting the target host to 10.10.1.9 and running the module.

learn to enumerate SNMP, a simple network management protocol using UDP port 161, covering SNMP manager, SNMP agent, MIB, OID, and traps; then perform enumeration via Metasploit on Windows 7.

Perform snmp enumeration with msf console against a Windows 7 target. Use nmap for detection, configure snmp, load module, set rhost, and run to reveal users, network info, and storage.

Learn the gaining, maintaining, and clearing logs and tracks phases of system hacking, focusing on open and closed port exploitation, payload delivery, and Windows lab exercises with a network mapper.

Explore open port exploitation on a Windows system by using nmap to identify ports, exploit SMB with MS17-010 eternal blue via metasploit, and gain unauthorized access for file manipulation.

Learn hands-on open port exploitation by scanning a Windows host with Nmap, exploiting SMB via Metasploit to gain a Meterpreter session, access files, and clear logs.

Practice open port exploitation on Unix using Kali Linux or Parrot OS and Metasploit to scan with Nmap, exploit vsftpd 2.3.4, gain access, and manage post-exploitation tasks.

practice open port exploitation on unix lab by scanning with nmap, identifying vsftpd 2.3.4, gaining a shell with msfconsole, maintaining access, and preparing for closed port exploitation with a payload.

Demonstrate closed port exploitation by generating a msf venom payload and delivering a Windows exe to trigger a reverse tcp meterpreter session via an Apache hosted download.

Generate a Windows meterpreter payload with msfvenom, host it on Apache, deliver venomfire.exe to a Windows victim, and establish a reverse TCP meterpreter session.

Learn to run clear-ev to delete application log files and understand admin versus normal user effects, then use ngrok port forwarding to craft and deliver a payload for demo network.

Explore what malware is and the main types: virus, Trojan, worm, spyware, ransomware, adware, rootkit, and keylogger, and learn how they spread and how to prevent infections.

Learn to spot malware indicators such as slowdowns, crashes, high CPU/memory/disk usage, unusual network activity, and file access logs, and examine AppData paths where malicious programs may auto-execute.

Identify boot sector and macro viruses, including master boot record infection and spread. Explore how logic bombs, polymorphic and metamorphic viruses evade detection and persist.

Explore malware basics through batch-based scripts that create and delete folders, examine system impact, and reinforce safe, virtual-machine practice for malware analysis and ethical hacking.

Open a pcap with Wireshark, filter http requests, and identify malware; verify file types via magic bytes in a hex editor, then analyze with VirusTotal in a VM.

Explore dynamic malware analysis using Anyrun and Cuckoo Sandbox, upload malicious files or URLs, review network connections, and generate reports with cloud-based sandbox options and a 60-second free trial.

Create a malware payload and evaluate its detection on virus total, then apply invoke stealth to obfuscate and reduce detection by vendors.

Learn how sniffing monitors and captures network traffic, identify vulnerable protocols like HTTP, SMTP, FTP, and explore passive vs active sniffing with examples such as ARP spoofing and DNS spoofing.

Learn how ARP maps IP addresses to MAC addresses and builds the ARP table with requests and replies on a network switch, including ARP spoofing as active sniffing.

Learn how ARP spoofing, or ARP poisoning, floods forged ARP requests and replies to overwhelm a switch, enabling an attacker to intercept traffic by poisoning ARP caches.

Examine ARP poisoning threats such as packet sniffing, session hijacking, MITM attacks, VOIP tapping, data manipulation, data interception of IP/MAC/VLANs, connection hijacking, and DOS.

Learn how DHCP works by tracing the client, relay agent, and server through discover, unicast requests, offers, and a final unicast ack with the IP configuration.

Explain how a DHCP starvation attack exhausts IP addresses and causes denial of service, while rogue DHCP servers provide bogus IP addresses to yield compromised network access.

Explore denial of service and distributed denial of service attacks, how attackers overwhelm server bandwidth, and how firewalls can block abusive IPs to protect services.

Explore dos and ddos attack techniques, including udp flood, icmp flood, syn flood, ping of death, smurf, slow loris, fragmentation attacks, https get post, multi-vector attacks, and ddos variants.

Explore how organized cyber crime operates in a hierarchical, revenue-sharing network, from a criminal boss to managers and affiliation network, distributing a trojan horse virus and stolen data for resale.

Explore how a syn flood attack exploits the tcp three-way handshake by sending syn requests from fake IP addresses, creating half-open connections in the listen queue.

Learn HTTP get and post attack methods, where time-delayed headers exhaust server resources in get attacks and incomplete message bodies stall servers in post attacks, denying legitimate users access.

Explore slow loris attack, where partial HTTP requests tie up a server by opening multiple connections and denying legitimate users, with a practical Perl-based demonstration.

Understand botnets as scripts or compromised zombies that receive and execute hackers' commands. Learn central source, back chaining, and autonomous propagation of attack toolkits across vulnerable machines.

Explore common botnet trojans and ddos tools, then learn counter measures like activity profiling, header analysis, tcp/icmp session monitoring, load balancing, wavelet analysis, and qsum-based change detection to mitigate attacks.

Perform a syn flood using metasploit against the 10.10.1.9 target, set rhost, run the exploit, and observe with wireshark to show how legitimate users experience a busy server.

Learn to perform a SYN flood with hping3 in a controlled lab using Parrot OS and a Windows target, and observe CPU impact via the Windows task manager.

Demonstrate a Slowloris attack in a hands-on lab using Parrot OS and Metasploitable, showing how the DVWA site becomes unresponsive as server bandwidth is consumed.

Learn how ethical hackers perform web penetration testing to reveal vulnerabilities in web applications, including input validation, SQL injection, and buffer overflows, across black, gray, and white box testing.

Explore the three core penetration testing types—black box, grey box, and white box—and understand how tester knowledge, access, and assessment depth differ.

Explore web application penetration testing phases, from planning and test plan creation to execution with different roles, and post-execution reporting with CVSS scores, remediation, and retesting.

An overview of the OWASP top 10 web application security risks, highlighting the 2021 update with three new risks and items like broken access control, cryptographic failures, and SSRF.