Introduction to Penetration Testing and Ethical Hacking

Name: Introduction to Penetration Testing and Ethical Hacking
Rating: 4.6 (239 reviews)

Easy Ethical Hacking for Beginners: Hands-on Demos with Downloadable Lab Manuals and Study Guides for Beginners

Created byRick Crisci

Last updated 8/2025

English

What you'll learn

Learn basic Penetration Testing and Ethical Hacking concepts quickly
Use the Kali Linux to perform basic Ethical Hacking Tasks
Quickly and easily build your own Ethical Hacking lab in the AWS Cloud
Follow the demos or use written PDF lab guides to try these tasks yourself
Complete quizzes at the end of each key lesson to test your knowledge

Course content

2 sections • 29 lectures • 2h 28m total length

Introduction1:13
Legal Stuff1:54
This lesson emphasizes the ethical and legal considerations when engaging in hacking activities, stressing the importance of having explicit permission before attempting to access any system. It provides guidelines for conducting exercises within controlled environments, ensuring compliance with the law and avoiding serious consequences.
Hacking 101 - What is it, and why should I learn it?7:59
This lesson introduces the fundamentals of ethical hacking, emphasizing the importance of penetration testing to identify vulnerabilities in systems before malicious hackers can exploit them. It highlights the ethical framework for hacking, various types of penetration tests, the significance of reducing attack surfaces, and the growing demand for skilled ethical hackers in a rapidly expanding job market.
The CIA Triad6:39
This lesson introduces the CIA triad—Confidentiality, Integrity, and Availability—as a foundational framework for information security. Through practical examples, it highlights the importance of protecting sensitive data, ensuring its accuracy, and maintaining system accessibility while balancing security and usability.
Common Cyber Security Threats8:23
This lesson explores common cybersecurity threats, including malware, phishing attacks, distributed denial-of-service (DDoS) attacks, and insider threats, emphasizing their potential harm and methods of execution. It highlights how penetration testing and ethical hacking can identify and mitigate these vulnerabilities, strengthening system defenses against malicious actors.
Introduction to Penetration Testing7:19
This lesson introduces the fundamentals of penetration testing, emphasizing its role in identifying and mitigating vulnerabilities in networks, applications, and physical security. It explains various types of penetration tests, including network, web application, social engineering, and physical security assessments, highlighting common weaknesses and the importance of employee training in bolstering organizational defenses.
Penetration Testing Frameworks6:29
This lesson highlights essential resources for ethical hacking and penetration testing, including the NIST Cybersecurity Framework, OWASP Top Ten, Penetration Testing Execution Standard (PTES), and the Common Vulnerabilities and Exposures (CVE) database. These tools and guidelines provide structured methodologies, insights into top security risks, and detailed vulnerability information to help enhance cybersecurity practices.
Phases of Ethical Hacking7:45
This lesson outlines the five key phases of ethical hacking: reconnaissance, scanning and enumeration, gaining access, maintaining access, and covering tracks. Each phase is explained with examples, showcasing how ethical hackers simulate real-world attacks to identify and mitigate vulnerabilities while understanding the methods used by malicious actors.
Basic Terms and Definitions2:06

Our Hacking Lab Workshop3:16
Labs Build on Each Other0:36
Testing VMs from your datacenter2:48
This lesson guides users through creating a penetration testing and ethical hacking lab in AWS, including importing on-premises virtual machines as test environments. It explains how to export virtual machines as OVA files, upload them to AWS S3, and deploy them as EC2 instances for secure testing without impacting production systems.
Sign up for an AWS Account5:01
This lesson provides a step-by-step guide to signing up for an AWS account and understanding the AWS Free Tier. It highlights the account creation process, free tier limits, and how to monitor usage to avoid unexpected charges while preparing for upcoming lab exercises.
Enable MFA on Your AWS Account0:58
This lesson emphasizes the importance of securing your AWS account by enabling multi-factor authentication (MFA). It provides a brief guide on configuring MFA to protect against unauthorized access and ensure account security.
Demo: Create a Network in the Cloud (AWS VPC)2:04
This lesson demonstrates how to create a Virtual Private Cloud (VPC) in AWS, providing a controlled network environment for ethical hacking labs. It walks through setting up the VPC using default configurations to simplify the process and prepare for further configurations in subsequent lessons.
Demo: S3 and IAM7:26
This lesson explains how to set up storage in AWS using S3 and configure IAM permissions to enable the creation and management of vulnerable virtual machines for ethical hacking labs. It walks through creating an S3 bucket, setting IAM policies, and establishing roles to facilitate importing and deploying virtual machine images as EC2 instances in the AWS cloud.
Introduction to Kali Linux3:02
This lesson introduces Kali Linux, a popular open-source tool for ethical hacking and penetration testing, emphasizing its pre-installed security tools and versatility. It explains its primary use cases, including penetration testing, network security assessments, digital forensics, and cybersecurity training, while detailing the ease of setting up a Kali Linux virtual machine in AWS for a hacking lab.
Demo: Create a Kali Linux Machine in AWS12:01
This lesson demonstrates how to deploy a Kali Linux virtual machine in AWS, including setting up a security group, configuring the EC2 instance, and enabling tools for remote desktop access. It also guides the installation and configuration of essential Kali Linux packages, preparing the environment for penetration testing and ethical hacking exercises.
Demo: Overview of Kali Linux3:30
This lesson provides an overview of navigating the Kali Linux virtual machine, covering key features like the applications menu, file system, and internet connectivity checks. It also demonstrates managing users, adjusting power settings, and performing basic operations like logging out or shutting down the virtual machine.
Demo: Working with the Kali Linux Terminal5:12
This lesson introduces essential terminal commands and navigation in Kali Linux, focusing on managing files, directories, and exploring command options with tools like nano, cat, and ifconfig. It also covers productivity tips like tab completion, command history navigation, and accessing help or manuals for Linux commands.
Footprinting3:42
This lesson introduces footprinting as a critical step in ethical hacking, focusing on gathering information like IP addresses, open ports, and vulnerabilities to identify weak points in a system. It explores tools like Nmap, WHOIS, Dig, Netcat, and WPScan for reconnaissance, emphasizing their role in mapping, scanning, and probing targets for potential exploitation.
Demo: Use NMAP to Discover Machines9:20
This lesson demonstrates how to use Nmap for network footprinting and port scanning, including discovering hosts, identifying open ports, and detecting operating systems and services. It covers various Nmap commands, including stealth scans, aggressive scans, and saving scan results, while highlighting best practices for managing resources in AWS.
Demo: Deploy a WordPress Server in AWS6:17
This lesson demonstrates how to set up a WordPress server in AWS using a pre-built Amazon Machine Image (AMI) from the AWS Marketplace. It guides users through configuring the EC2 instance, deploying WordPress, and preparing it for security testing with tools like Kali Linux while emphasizing the importance of managing subscriptions and resource usage in AWS.
Demo: Footprint a WordPress Server using Kali Linux and wpscan4:37
This lesson demonstrates how to use WPScan in Kali Linux to footprint a WordPress server by identifying vulnerabilities, enumerating usernames, and detecting plugins. It emphasizes extracting critical details like active usernames and potential weaknesses for further exploitation in subsequent lessons.
Demo: Brute Force Password Attack Using Kali Linux and WordPress3:33
This lesson demonstrates how to use Kali Linux and WPScan to execute a brute force attack on a WordPress server, leveraging a password list to identify valid login credentials. It highlights the importance of prior footprinting to gather usernames, enabling targeted password attempts for ethical hacking and vulnerability assessment.
Use Burp Suite as a Proxy to test Cross-site Scripting (XSS)7:54
This lesson demonstrates how to use Burp Suite to identify and exploit cross-site scripting (XSS) vulnerabilities on a WordPress server. Through intercepting and analyzing HTTP requests, the video showcases how to inject XSS payloads and validate their impact, providing insights into vulnerability testing using this powerful proxy tool.
AWS Lab Clean Up - Important!!!4:47
This lesson covers essential lab cleanup tasks to manage AWS costs by terminating unused instances, canceling unnecessary subscriptions, and stopping running EC2 instances like the WordPress and Kali Linux VMs. It also explains how to create a custom AMI as a backup for the Kali Linux server, enabling easy recreation of the environment in the future.
Demo: Import Vulnerable VMs for Practice7:40
This lesson demonstrates how to import vulnerable virtual machines, such as those from Vulnhub or Metasploitable, into an AWS lab environment using OVAs. The process involves uploading the OVA file to an S3 bucket, creating a JSON file for configuration, importing it as an AMI, and launching it as an EC2 instance for testing and experimentation.
Final Lab Cleanup - Important!!4:45
This lesson walks through the process of thoroughly cleaning up an AWS lab environment to avoid unexpected billing. It covers steps like terminating EC2 instances, deregistering AMIs, deleting snapshots, removing security groups, key pairs, S3 buckets, IAM configurations, and even closing the AWS account if it was created specifically for the lab.

Requirements

You will need an AWS account - I will show you how to create one.

Description

"Rick’s courses are great. He explains the topics and concepts well, and provides additional downloadable content (slides, study guides and lab manuals) to enhance the learning experience for those different types of learners. It’s like always getting the “good teacher” year after year." - Chris

"Good verbal and visual illustrations. Gets straight to the point." - Caleb

Are you curious about ethical hacking but overwhelmed by the complex jargon in most training materials? Whether you're brand new to cybersecurity or just looking for a clear starting point, this beginner-friendly course is designed to make ethical hacking easy to understand — and exciting to learn.

This course breaks down the fundamentals of ethical hacking and penetration testing into plain English — with practical, real-world demos using industry-standard tools. No fluff. No filler. Just the essential knowledge and hands-on skills you need to get started confidently and legally.

In this course, you’ll discover:

What ethical hacking is — and why it's a critical skill in today’s digital world
How to start hacking legally without getting into trouble
What the CIA Triad is and how it forms the backbone of cybersecurity
The most common cyber threats and how they impact systems
The 5 key phases of a penetration test and what each one involves
Essential hacking terminology every beginner must know
How to build your own hacking lab using AWS and Kali Linux
How to use Kali Linux tools to perform real-world hacking tasks
How to run footprinting and vulnerability scans on networks
How to perform brute-force password attacks (ethically and safely)

What makes this course different?

Taught by a top instructor with over 500,000+ students trained
Bite-sized video lessons (5–15 minutes each) designed for busy learners
Step-by-step practical demos using real tools professionals use
No prior experience needed — start from zero and build up your skills

Whether you're an aspiring ethical hacker, an IT professional looking to understand the attacker’s mindset, or someone pursuing a cybersecurity certification, this course will give you the confidence and skills to take your first steps into ethical hacking — the right way.

Ready to start hacking — legally and effectively?

Enroll now and begin your journey into the world of ethical hacking and penetration testing!

Who this course is for:

Anyone who needs to get started with the basic concepts of Penetration Testing and Ethical Hacking

Introduction to Penetration Testing and Ethical Hacking

What you'll learn

Explore related topics

Course content

Introduction9 lectures • 50min

Hands-On Ethical Hacking20 lectures • 1hr 38min

Requirements

Description

Who this course is for: