Full Ethical Hacking & Penetration Testing Course

Ethical Hackers are in demand.Learn Web Application Penetration testing, Wi-Fi Hacking, Web Hacking, Metasploit & more!

(50 ratings)

569 students

Created by Oak Academy

Last updated 2/2021

English

English [Auto]

30-Day Money-Back Guarantee

What you'll learn

Full Ethical Hacking & Penetration Testing Course
Advanced Web Application Penetration Testing
Terms, standards, services, protocols and technologies
Setting up Virtual Lab Environment
Modern Web Applications
Web Application Hosting
Discovering Web applications on the Same Server
Learn Nmap Basic and Advanced Scanning Techniques
Learn about network scan types
With Nmap, you will learn to identify the operating system and running service versions of the target system
You will learn options for bypassing firewall, IPS & IDS systems with Nmap
How to scan without getting caught in IPS & IDS systems
What is Port ? What is TCP/UDP port ?
How to scan TCP or UDP services?
Importance of Penetration Testing
Types of Penetration Testing
Metasploit Filesystem and Libraries
Nmap Integration and Port Scanning
SMB and Samba Enumeration
Exploitation and Gaining Access
Post-exploitation-Meterpreter
Meterpreter Python/Powershell Extension
Antivirus Evasion and Cleaning
The very latest up-to-date information and methods
During the course you will learn both the theory and how to step by step setup each method
Learn how to create undetectable malware using MSFvenom, Veil, TheFatRat, Empire Project, etc
Learn embedding malware in pdf and doc files
Learn the working mechanism of Social Engineering Toolkit
Learn social engineering techniques and terminologies
Learn how to collect information about people by using OSINT (Open Source Intelligence)
Learn how to use FOCA, Web Archieve, The Harvester & Recon-NG
Wireshark: Sniffing the Network Traffic
Hping for Active Scan and DDoS Attacks
Ping Scan to Enumerate Network Hosts
Exploitation Tool: Metasploit Framework (MSF)
Information Gathering Over the Internet Tools
Wi-Fi Adapter Settings
Wi-Fi Network Fundamentals,IEEE 802.11
Wireless Operating Modes : Ad-hoc, Infrastructure, Monitor modes.
Wi-Fi Network Interaction, Authentication Methods

Requirements

Minimum 8 GB RAM
100 GB Free Harddisk space
64-bit processor
Wi-Fi Adapter(for Wi-Fi Hacking Sections)
Microsoft Windows 7, 8, 10 or Apple Mac OS X 10.12 and later versions
Enable virtualization technology on BIOS settings, such as “Intel-VTx”
A strong desire to understand hacker tools and techniques
Be able to download and install all the free software and tools needed to practice
A strong work ethic, willingness to learn and plenty of excitement about the back door of the digital world
Nothing else! It’s just you, your computer and your ambition to get started today

Description

Welcome to the "Full Ethical Hacking & Penetration Testing Course" course.

68% of business leaders say cybersecurity risks are increasing. As threats rise, companies are trying hard to attract and retain more IT security talent.

But filling IT security roles is proving difficult. Many businesses are facing serious recruitment challenges. There are not enough qualified candidates to fill the roles needed.

The industry faces a skills gap which looks set to increase as cyber threats rise. It is predicted that there will be 3.5 million unfilled cybersecurity roles by 2021. If you are considering a career move, the skills gap represents an excellent opportunity. This course is a great start for you.

This course starts at beginner levels so you don’t need to have previous knowledge of Ethical Hacking. In this course, we will also cover the topic of Wi-Fi Hacking because Wi-Fi hacking is easier than hacking a device connected to that WiFi. There are many free tools that can hack the less secure Wi-Fi router. Apart from this, there are also advanced tools that work on backtrack and can even hack Wi-Fi router with high security.

We are going to start by figuring out what the security issues are that are currently in the field and learn testing methodologies and types. Then we are going to build a lab environment for you to apply what you get from the course and of course, the lab is gone cost you nothing. Then we are going to start with some theory, you know, you should have the philosophy so we can always stay on the same page.

Basic web and internet technologies such as HTML, HTTP, Document Object Model, and so on, these are absolutely needed so that we can complete the testing experience. And then we are gonna cover the reconnaissance section, we will gather information about the target and how to use that information to model an attack. After that, we will tackle the user management issues. Apart from that, we will also try to expose the session management problems.

In the input validation section, we are gonna show why data validation is absolutely important for web applications. So attacks such as Cross-Site Scripting, SQL Injection, and many more we are gonna examine the whole bunch of different types. We also have a cryptography section with some basic attacks. After that, we will discuss some known web application attacks (such as Drupal SQL injection aka Druppageddon).
In this course I tried to show the importance of using free tools and platforms, so you don’t need to buy any tool or application.

By registering the course you will have lifetime access all resources, practice videos, and will be able to ask questions about related topics whenever you want.

A step by step approach will help you to track your progress on the go and learn needed skills gradually at your own pace. At the end of this course, you will both have the knowledge and a practical skillset about using network scanning, finding vulnerabilities on systems, and learning the general competencies of ethical hackers.

Here’s just some of what you’ll learn by the end of the course,

Understand the main terminology of Network Scanning and Finding Vulnerabilities in devices in a network
Using Nmap with full knowledge and experience
How to scan a network for scripts
Learn about network scan types
Learn how to use Hping
Wireless Operating Modes: Ad-hoc, Infrastructure, Monitor modes.
Wireless Packet Types
Analysing Packet Types with Wireshark
Wi-Fi Network Interaction, Authentication MethodsWEP vs WPA/WPA2
What is the TCP/IP model and how does it work
What is OSI model? How does it work
What is Port? What is the TCP/UDP port
How to scan TCP or UDP services
How active services are detected
How to scan without getting caught in IPS & IDS systems
How to interpret Nmap outputs
Nmap scripting (NSE) and more
WPA/WPA2 Cracking using GPUs with Hashcat
Key Reinstallation Attacks (KRACK)
WPS PIN Attacks and more...
How open source intelligence (OSINT) can be gathered and used for hacking into systems
How to send fake emails
Learn about vishing (Voice Phishing) tools and techniques
How to use Empire Project, MSFvenom, Veil, and TheFatRat
Testing Methodologies and Types,
Basic Web and Internet Technologies such as HTML, HTTP, Document Object Model and so on,
To Gather Information About the Target and Use This Information to Model an Attack.
User Management Issues.
Exposing The Session Management Problems.
Data Validation
Wardriving with Kismet, Mapping with Google Earth
Rogue Access Points with Airbase-ng, Wifi Pumpkin 3, Fluxion
Handshake Snooper and Captive Portal Attack with Fluxion
Attacks such as Cross-Site Scripting, SQL Injection and many more
Some Basic Attacks in Cryptography
Web Application Attacks Such As Drupal SQL injection ( aka Druppageddon )
And More to Enrich Your Penetration Testing Skills.

And much, much more... We have also added practical lab sessions in our course for sharping up your skills.

Fresh content

It’s no secret how technology is advancing at a rapid rate. New tools are released every day, and it’s crucial to stay on top of the latest knowledge for being a better security specialist.

Video and Audio Production Quality

All our videos are created/produced as high-quality video and audio to provide you the best learning experience.

You will be,

Seeing clearly
Hearing clearly
Moving through the course without distractions

You'll also get:

Lifetime Access to The Course
Fast & Friendly Support in the Q&A section
Udemy Certificate of Completion Ready for Download

Dive in now!

We offer full support, answering any questions.

See you in the course!

IMPORTANT: This course is created for educational purposes and all the information learned should be used when the attacker is authorized.

Who this course is for:

People who are willing to make a career in Cyber Security
Cyber Security Consultants who support / will support organizations for creating a more secure environment
Anyone who want to do a Penetration Testing against Wi-Fi networks.
Anyone who are the System administrators and want to audit their Wi-Fi network configuration.
Anyone who wants to be a White Hat Hacker
Anyone who wants to learn how to crack password hashes
Those who want to start from scratch and move forward
People who want to take their hacking skills to the next level

13 sections • 369 lectures • 30h 15m total length

Preview04:51
Preview01:43
Kali ISO Install
07:21
Kali VirtualBox Image Download and Install
02:37
Installing Metasploitable 2
04:32
Installing Metasploitable 3: Packer
05:47
Installing Metasploitable 3: Vagrant and Plugins
04:14
Installing Metasploitable 3: VM Creation with Vagrant
06:21
Downloading and Installing Free Windows 7 and Windows 10
02:57
Nat Network Create and Settings
03:15
Connection Test
06:36

Preview03:44
Nmap First Scan
04:47
What is Subnet?
04:15
Interpretation of Nmap Results
02:04
Scanning Specific IPs or Specific Targets With Nmap
01:57
Nmap IP List Creation
04:07
Nmap Random Scan and Exclude Ips
04:17
Print the Nmap Results to the File
06:23
Check In -1
00:47
What Is the OSI Model and How Does It Work?
05:18
What Is TCP-IP
08:57
Domain Name System Service-DNS
04:19
What is Port? Nmap Port Scan
03:34
Scanning Top 20, Top 100 Ports With Nmap
04:43
Scanning Specific Ports With Nmap
06:00
Nmap Syn Scanning
03:21
Nmap TCP Scan
02:46
Namp UDP Scan
04:12
Nmap ACK Scan
01:54
Nmap Fin-Xmas-Null Scan
03:26
Nmap Fast Scan
01:13
Nmap Open Ports Scan
01:23
Nmap No PORT Scan
02:15
Nmap PING and noPING Scan
03:19
Check-2
01:13
Nmap Verbose Command
02:15
Nmap With Service and Version Detection
03:52
Preview02:30
Nmap Timing Templates
03:36
Bypass of IPS & IDS Systems With Nmap
10:57
Nmap Script Engine (NSE)
10:59
Nmap Script Engine Example - 1
02:53
Nmap Script Engine Example - 2
00:58
Writing an NSE Script
09:52
The Check-3
00:22

Terminologies Part 1
05:19
Terminologies Part 2
06:08
Creating Malware and Terminologies
03:36
MSFvenom Part 1
14:08
MSFvenom Part 2
02:25
Veil Installation
02:36
Veil in Action
05:12
TheFatRat Installation
04:19
TheFatRat in Action
11:08
TheFatRat: Overcoming a Problem
00:46
Embedding Malware in PDF
04:04
Embedding Malware in WORD
09:21
Embedding Malware in Firefox Add-on
07:02
Empire Installation
04:07
Empire in Action Part 1
08:12
Empire in Action Part 2
04:23
Exploiting Java Vulnerabilities
02:24
Social Engineering Toolkit
06:34
Sending Fake Emails - Phishing
01:11
Vishing - Voice Phishing
03:41

What is “Protocol”
05:37
Reference Models
00:24
OSI Reference Model
14:32
OSI vs TCP/IP
02:32
Demonstration using Wireshark
07:59
Standards & Protocols
03:50
Ethernet: Principles, Frame & Headers
04:06
ARP ( Address Resolution Protocol ) : Mechanism, ARP Tables, ARP Packets
06:10
ARP Hand-On Practices
03:14
VLANs – Virtual Local Area Networks
04:03
WLANs – Wireless Local Area Networks
07:01
Introduction to Network Layer
01:37
Internet Protocol - IP
02:49
IPv4 Adressing System
01:56
IPv4 Packet Header
02:56
IPv4 Subnetting: Classful Networks
02:35
IPv4 Subnetting: Subnet Mask
02:59
IPv4 Subnetting: Understanding
03:09
IPv4 Shortage
01:41
Private Networks
03:59
Private Networks - Demonstration
03:01
NAT – Network Address Translation
04:30
IPv6, Packet Header & Addressing
08:30
DHCP - How the Mechanism Works
09:23
ICMP – Internet Control Message Protocol
02:02
Traceroute
09:51
Introduction to Transport Layer
02:40
TCP – Transmission Control Protocol
06:59
TCP Header
02:27
UDP – User Datagram Protocol
03:56
Introduction to Application Layer
00:55
DNS – Domain Name System
05:56
HTTP ( Hyper Text Transfer Protocol )
03:09
HTTPS
01:56
Checklist - What We Have Learned
01:26
What is Covered?
01:15
Setting Up the Laboratory
01:29
Download & Install OWASPBWA
04:34
Download & Install
03:30
Setting Up the First Project
07:57
GNS3 Environment
02:56
Building GNS3 Network
15:45
Attach Kali (or another VM) to the GNS3 Network
06:31
Configuring Switch & Router (Cisco) and creating VLANs
05:14
MitM: Listening to the traffic
01:45
Sniffing
01:03
TCPDump
05:23
Wireshark: Capturing the Traffic
08:34
Wireshark: Following Stream
02:40
Wireshark: Summarise Network
06:19
Router, Switch, Hub
04:44
How to Expand Sniffing Space?
05:13
MAC Flood: Switching
03:55
MAC Flood: Using Macof Tool
07:09
MacFlood - Countermeasures
01:13
ARP Spoof
03:40
ARP Cache Poisoning using Ettercap
10:35
DHCP Starvation & DHCP Spoofing
03:36
DHCP Mechanism
06:15
DHCP Starvation - Scenario
03:59
DHCP Starvation Demonstration with Yersinia
08:33
VLAN Hopping
02:05
VLAN Hopping: Switch Spoofing
01:39
VLAN Hopping: Double Tagging
03:17
Reconnaissance: Finding Open Ports & Services Using NMAP
05:15
Password Cracking
02:07
Compromising SNMP: What is SNMP ?
05:44
Compromising SNMP: Finding Community Names Using NMAP Scripts
03:06
Compromising SNMP: Write Access Check Using SNMP-Check Tool
02:18
Compromising SNMP: Grabbing SNMP Configuration Using Metasploit
05:53
Weaknesses of network devices
03:15
Password Creation Methods of Cisco Routers
07:49
Identity Management
00:52
ACL – Access Control Lists
05:12
SNMP Security
04:15

Hardware and Software Requiments
07:02
Wi-Fi Adapter Settings
06:17
IEE-802.11
03:54
Basic Terminologies and Concepts
04:50
Wireless Operating Modes
06:11
MAC Frame Structure
02:58
Wireless Packet Types
05:22
Wireshark: Analysing Packet Types
06:33
Wi-Fi Network Interaction
05:03
Wireless Encryption Protocols: WEP vs. WPA
03:58
WPA 4-Way Handshake
05:45
WPA2 Personal and Enterprise
03:16
Wireshark: WEP and WPA
01:10
Wi-Fi Protected Setup (WPS)
03:49
Wireless Recon with Bettercap
03:34
Wardriving with Kismet: Configuration
06:45
Wardriving with Kismet: Mapping
04:50
Airbase-ng
05:46
Evil Twin Attack
06:42
Wifi Pumpkin 3
07:30
Fluxion: Installation
02:50
Fluxion: Handshake Snooper Attack
04:54
Fluxion: Captive Portal Attack
05:28
WEP Cracking - Preparing Attacks
02:49
WEP Cracking - Fake Authentication Attack
03:50
WEP Cracking - Deauthentication Attack
02:59
WEP Cracking - Deauthentication Attack with Bettercap
01:32
WEP Cracking - ARP Request Replay Attack
04:15
WEP Cracking - Fragmentation Attack
05:09
WEP Cracking - ChopChop Attack
03:47
WPA/WPA2 Cracking - Introduction
05:13
WPA/WPA2 Cracking - Aircrack-ng
03:57
WPA/WPA2 Cracking - John The Ripper
04:09
WPA/WPA2 Cracking - CoWPAtty
02:52
WPA/WPA2 Cracking - Wifite 2
02:20
WPA/WPA2 Cracking with GPUs : Hashcat
03:52
WPA/WPA2 Cracking - Key Reinstallation Attack (KRACK)
07:12
WPS Cracking - Wifite 2: PIN Attack
03:50

What is a Penetration Test?
03:19
Why Metasploit Framework? AKA: MSF
05:33
Importance of Penetration Testing
03:15
Basics of Penetration Testing
02:18
Types of Penetration Testing
03:38
Penetration Testing Execution Standard
05:39
Requirements ( Like Storage. Processor )
02:44
Lab Connectivity and Taking Snapshots
02:05
Evolution of Metasploit
04:18
Metasploit Filesystem and Libraries
04:31
The Architecture of MSF
01:43
Auxiliary Modules
04:36
Payload Modules
06:00
Exploit Modules
03:33
Encoder Modules
02:35
Post Modules
03:24
Metasploit Editions
04:02
Metasploit Community
03:08
Metasploit Interfaces
04:50
Armitage
03:16
MSFconsole
04:53
MSFConsole Basic Commands 1
06:44
MSFConsole Basic Commands 2
07:59
MSFConsole Basic Commands 3
03:32
Using Databases in MSF 1
05:42
Using Databases in MSF 2
03:14
More on Exploits in MSF
03:14
What is Enumeration?
02:03
Nmap Integration and Port Scanning
06:17
SMB and Samba Enumeration
05:40
MySQL Enumeration
03:40
FTP Enumeration
04:15
SSH Enumeration
02:30
HTTP Enumeration
06:02
SNMP Enumeration
03:43
MTP Enumeration
03:49
Using Shodan with MSF
04:58
Intro to Vulnerability Scanning
03:50
Downloading and Installing Nessus Home
05:42
Vulnerability Scanning with Nessus Home
06:56
Integrating Nessus into MSF
04:40
Metasploit as Exploitation Tool
01:52
Distributed Ruby Remote Code Execution (drb_remote_codeexec)
03:14
PHP CGI Argument Injection (php_cgi_arg_injection)
03:08
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
03:55
Java JMX Server Insecure Configuration Java Code Execution (java_jmx_server)
03:03
Elastic Search Dynamic Script Arbitrary Java Execution (script_mvel_rce)
03:11
Sun/Oracle GlassFish Server Authenticated Code Execution (glassfish_deployer)
05:38
Jenkins-CI Script-Console Java Execution (jenkins_script_console)
05:42
WinRM Script Exec Remote Code Execution (winrm_script_exec)
04:00
HTTP Writable Path PUT/DELETE File Access (http_put)
05:00
Exploiting Poorly Configured MySQL Service
03:08
Axis2 / SAP Business Objects Authenticated Code Execution via SOAP
04:44
Using Allports Payload
06:17
Using Resource Files
06:40
Privilege Escalation
08:23
Extracting Password Hashes
04:59
John the Ripper Module
01:33
Pass The Hash with Metasploit
05:46
Token Impersonation
05:45
Extracting Cleartext Passwords
09:47
Visual Interaction with the Target
03:47
Enabling Remote Desktop
05:22
Searching for Critical Information
05:48
Packet Sniffing
06:22
Pivoting
10:02
Port Forwarding
07:45
Maintaining Access
01:58
Interacting with the Registry
06:37
Keylogging
07:04
Antivirus Evasion and Cleaning
02:46
MSFvenom
07:06
MSFVenom: Using Encoders
04:12
MSFVenom: Using Custom Executable Template
05:31
Using Custom Payload Generators
08:33
Cleaning Events and Security Management Logs
03:35
Deceiving File System Using Timestomp
06:06

Oak Academy

LONG LIVE TECH KNOWLEDGE

4.3 Instructor Rating
3,595 Reviews
24,926 Students
151 Courses

Hi there,

By 2024, there will be more than 1 million unfilled computing jobs and the skills gap is a global problem. This was our starting point.

At OAK Academy, we are the tech experts who have been in the sector for years and years. We are deeply rooted in the tech world. We know the tech industry. And we know the tech industry's biggest problem is the “tech skills gap” and here is our solution.

OAK Academy will be the bridge between the tech industry and people who

-are planning a new career

-are thinking career transformation

-want career shift or reinvention,

-have the desire to learn new hobbies at their own pace

Because we know we can help this generation gain the skill to fill these jobs and enjoy happier, more fulfilling careers. And this is what motivates us every day.

We specialize in critical areas like cybersecurity, coding, IT, game development, app monetization, and mobile. Thanks to our practical alignment we are able to constantly translate industry insights into the most in-demand and up-to-date courses,

OAK Academy will provide you the information and support you need to move through your journey with confidence and ease.

Our courses are for everyone. Whether you are someone who has never programmed before, or an existing programmer seeking to learn another language, or even someone looking to switch careers we are here.

OAK Academy here to transforms passionate, enthusiastic people to reach their dream job positions.

If you need help or if you have any questions, please do not hesitate to contact our team.

Full Ethical Hacking & Penetration Testing Course

What you'll learn

Requirements

Description

Who this course is for:

Course content

Setting Up the Laboratory11 lectures • 50min

Passive Information Collection1 lecture • 6min

Information Gathering Through the Internet8 lectures • 32min

Active Information Collection35 lectures • 2hr 18min

Using Nessus10 lectures • 40min

Using Maltego1 lecture • 5min

Social Engineering20 lectures • 1hr 47min

Network Attacks75 lectures • 5hr 36min

Wi-Fİ Hacking And Tools38 lectures • 2hr 52min

Using Metasploit Framework77 lectures • 6hr 2min

Instructor