Kali Linux Wireless Penetration Testing - Novice to Pro!
3.3 (4 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
54 students enrolled

Kali Linux Wireless Penetration Testing - Novice to Pro!

Test your wireless network's security and master the advanced wireless penetration techniques using Kali Linux
3.3 (4 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
54 students enrolled
Created by Packt Publishing
Last updated 8/2018
English
English [Auto-generated]
Current price: $139.99 Original price: $199.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 11 hours on-demand video
  • 1 downloadable resource
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Learn how to increase your wireless security measures and Bluetooth features based on live, real-world hacking ethics.
  • Hack and intercept traffic from Bluetooth-enabled devices.
  • Hack wireless passwords using various techniques.
  • Crack Wireless network access points in the area using services such as AiroDump, John the Ripper, and even Cain & Abel!
  • Perform a Man in the Middle attack
  • Curate a DoS attack on our victim
  • Immerse yourself in the world of active hackers by learning how to perform perfect Social Engineering attacks through techniques such as SET, Physical Location, and even Email Campaigns.
  • Perform a flawless reconnaissance with methods that include NSLookup, WhoIS, NetCraft, the Harvester, and more!
Requirements
  • Basic understanding of the core Kali Linux concepts is assumed.
Description

Kali Linux is rated as the #1 security operating system for hackers. With the Linux operating system and its core structure based on Debian, it comes jam-packed with all the tools you need to penetration-test your websites. Kali Linux has gained popularity over the last few years with the rise of hacker groups (Anonymous, Lizard Squad, Ghost Squad Hackers, and others).

Kali Linux was built for hackers, by hackers. It is a Debian-based Linux distribution designed primarily for Penetration Testing and Digital Forensics. It gives access to a large collection of security-related tools for professional security testing.

This comprehensive 3-in-1 course is a step-by-step approach via real-world attack scenarios to help you master wireless penetration testing techniques. Throughout this course, you’ll explore new products to add to your ethical pen testing tool belt, including antennas, Android devices, and laptops. Learn how to use high-powered antennas to search and reach wireless networks from afar, and then use a variety of tools to find hidden wireless networks and crack passwords.

Contents and Overview

This training program includes 3 complete courses, carefully chosen to give you the most comprehensive training possible.

The first course, Kali Linux 2017 Wireless Penetration Testing for Beginners, covers enhancing your wireless penetration testing skills with Kali Linux 2017. Kali Linux was built for hackers, by hackers. Throughout this course, we will be discussing new products to add to your ethical pen testing tool belt, including antennas, Android devices, and laptops. Use high-powered antennas to search and reach wireless networks from afar, and then utilize a variety of tools to find hidden wireless networks and crack passwords. The end goal of this course is to be able to connect to a wireless network, by utilizing various tools and software programs, and hack into wireless networks, even if they are protected by the WEP/WPS/WPA/WPA2 security protocols.

The second course, Kali Linux Penetration Testing Recipes, covers ethical hacking to penetrate your target. This course covers several great resources within Kali Linux and you'll use them to perform a full website and server vulnerability test, brute-force your way past passwords, search for back-doors, and other tasks. Finally, you'll create a professional report and hand it to your client.

The third course, Kali Linux Advanced Wireless Penetration Testing, covers testing your wireless network's security and mastering advanced wireless penetration techniques using Kali Linux. In this course, you will be discussing the different variety of tools and techniques to find hidden wireless networks and Bluetooth devices. Learn how to enumerate the wireless network, cracking passwords, getting connected to any vulnerable wireless network and Bluetooth device. All the exercise in this course will be hands-on throughout this training. The end goal of this course is to be able to connect, enumerate, and extract information to any wireless-enabled device and network by utilizing various tools and software programs.

By the end of the course, you’ll be able to test your wireless network's security and master the advanced wireless penetration techniques using Kali Linux.

About the Authors

  • Aubrey Love was born and raised in Texas USA, he has achieved several certifications for programming in various languages. He has designed and developed custom websites, set up servers, and secured websites and servers using Nginx/Apache, Fail2Ban, and other Utilities. Working with companies of all shapes and sizes, using WordPress and Custom Sites, it is a fun and fascinating world out there for a programmer! He serves as a freelance programmer by day, and an Author by night.


    A certified website master, avid hacktivist, and active journalist, Aubrey started his programming career on a Commodore Vic-20, on which he built his first Hello World app. He has built several websites, mobile apps, and Windows applications. On his journeys, he has been a Linux system administrator, ethical hacker, website master, mobile developer, application creator, and game developer.


  • Vijay Kumar Velu is a passionate information security practitioner, author, speaker, and blogger. He is currently working as associate director in one of the Big4 based in Malaysia. He has more than 11 years of IT industry experience, is a licensed penetration tester, and has specialized in providing technical solutions to a variety of cyber problems, ranging from simple security configuration reviews to cyber threat intelligence and incident response. He also holds multiple security qualifications, including Certified Ethical Hacker, EC-council Certified Security Analyst, and Computer Hacking Forensics Investigator. Vijay has been invited to speak at the National Cyber Security Summit (NCSS), Indian Cyber Conference (InCyCon), Open Cloud Conference, and other ethical hacking conferences held in India, and he has also delivered multiple guest lectures and training on the importance of information security at various business schools in India. He has authored a book entitled Mobile Application Penetration Testing, and also reviewed Learning Android Forensics, Packt Publishing. For the information security community, Vijay serves as a member of the board in Kuala Lumpur for Cloud Security Alliance (CSA) and the chair member of the National Cyber Defense and Research Center (NCDRC) in India. Outside work, he enjoys playing music and doing charity. Vijay is an early adopter of technology and always listens to any crazy ideas—so if you have an innovative idea, product, or service, do not hesitate to drop him a line.

Who this course is for:
  • People looking for a career in the IT world, more specifically those interested in learning how to perform ethical hacking of wireless devices.
  • IT security professionals, Pentesters and security analysts who have a basic knowledge of Kali Linux and want to utilize advanced penetration testing techniques.
  • Intermediate-level wireless security consultant in Kali Linux and want to be the go-to person for Kali Linux wireless security in your organization.
Course content
Expand all 86 lectures 11:10:26
+ Kali Linux 2017 Wireless Penetration Testing for Beginners
27 lectures 02:49:40

This video provides an overview of the entire course.

Preview 07:00

We will discover the methods and techniques along with some meanings behind the different wireless network signals.           

  • Exploiting and learning about the 2.4GHz Wireless Frequencies

  • Discovering the powers behind the 5.0GHz Wireless Frequencies

Wireless Network Signals
06:05

While using a regular Wireless card will get us by with this  course, we can take a huge advantage of the Wi-Fi Pineapple and discover  some of the powers behind this amazing antenna.

  • Explore Wi-Fi Pineapple

Wi-Fi Pineapple
02:24

Is your target a little out of your wireless cards reach? With a  Yagi antenna, you don’t have that issue… Unless they are extremely far  away. When setup properly, a Yagi antenna can reach up to 1500  kilometres away.

  • Investigate the Yagi Antenna

Yagi Antenna
03:12

Now we have seen some of these awesome tools, we have watched Mr.  Robot at least 100 times, and have seen the Hackers trilogy, it is time  to start learning. What better way to do that than with Kali Linux!

  • Install and set up Kali Linux

Getting Used to Kali
06:57

When we attempt to crack a password (Wireless | Server | Website |  Phone | ETC.) We need Dictionary of Passwords. This will allow us to  insert several different passwords in a text file and use that document  later on in our arguments against our target.

  • Create a custom Password Dictionary

Creating a Password Dictionary
06:34

We know that Wi-Fi networks are connected by either  WEP/WPS/WPA/WPA2, however, do we understand those security protocols?  Don’t worry, in this section we will be learning about each of them.

  • Discover the WEP Security Protocols

  • Learn what WPS Security is

  • Explorethe WPA/WPA2 security protocols

Wireless Security Protocols
03:40

Alright, so we have our Kali Linux installed, and we want to  connect to the internet. But we don’t have any. What should we do? With  Kali, we can scan to see who has internet around us.

  • Use WIFITE to scan for targets around us to connect us to the internet

Scanning for Wireless Networks
09:10

So, we have found our target Wi-Fi, and we have built our own  Password Dictionary, now what? We will now need to see if we can crack  the password for our target.           

  • Crack Wi-Fi Passwords with WIFITE

Cracking Wi-Fi Passwords
07:40

So, we have the password of our network SSID. Now what do we do?  Simply put, we connect to the desired network the same way you would  connect to your home network. Then we can start surfing the internet.

  • Connect to our target SSID with cracked password

Hacking/Cracking Our Way into the Target
03:31

Do you have a hunch about your neighbour? Anything unusual going  on? After connecting to his Wi-Fi network, we can use WireShark to help  us intercept his traffic to see what is going on.

  • Intercept internet traffic connections with WireShark

Exploiting Our Target
06:43

While there are a few different ways we can search for different  wireless networks, we can easily do so with the GUI. This is the typical  way that people search and connect to wireless networks.           

  • Search for Wireless networks

Scanning Airwaves
04:42

Want to feel like a real hacker and read the terminal like a pro?  We can do that by utilizing a script that will allow us to search for  wireless networks on our terminal.           

  • Use WIFITE to search for wireless networks in the terminal

Hunting Down Networks
07:32

So we are connected to our target, what fun can we do? The first  thing we are able to do is perform a MitM attack in which puts us in  between 2 people talking to each other. This allows us to intercept  their conversation to inquire personal information.           

  • Allow network to translate IP to MAC address

  • Watch the network traffic

  • Request all URLs sniffed from HTTP traffic from CLF

MitM Attacks
10:13

But don’t we already have a solid internet connection with our  target? Yes, yes we do. However, our target may also be hosting a  private network (Hidden SSID) that they don’t want the public to know  about. Wonder what is on that network?           

  • Search for hidden SSID networks

Finding Ourselves an Access Point
16:26

Before we crack any wireless network, we must first learn how to  setup our network card to handle the requests and monitor the SSIDS. 

  • Get our network card setup to monitor networks

Setting up Lab
05:01

Now that we have our computer setup, we can start off by searching  for different WEP Networks in the area. This is done by setting our  wireless card to monitor status.

  • Useairodump-ng to set our wireless card to monitor status

  • Scanning for wireless networks in our area

Scanning WEP Networks
12:33

By selecting our target to hack, we can then move onto cracking  their wifi password. This can be done by using either the default  password dictionaries that comes with Kali, or with our own dictionary  we created.

  • Crack WEP passwords with help from airocrack-ng

Cracking WEP Connections
09:04

By utilizing URLSnarf, we can intercept the HTTP connection  requests that are stored inside of the CFL. This will help us understand  who our target is and what they do.

  • Intercept our victims traffic by utilizing URLSnarfer

Intercepting Connections (URLSnarf)
06:23

First thing is first, we need to configure our wireless network  card to monitor the networks. Doing this helps us search for wireless  networks in the area.

  • Set up our computer to start looking for WPS networks

Setting up Our Lab
05:20

So our “Lab” is now setup and ready to start scanning. The first  thing we will be doing is performing a -wps scan using wifite. This will  allow us to scope out only the WPS encrypted networks in our area.

  • Scan for WPS networks using WIFITE

Scanning WPS Networks
04:11

It all comes down to this! We have setup our lab to monitor mode,  and have scoped out our target. We have also created our own Password  Dictionary files. Now we can use WIFITE with AirCrack-NG in order to  brute force our way past the password.

  • UseAirCrack-NG with WIFITE in order to Brute Force the Password

Brute Forcing WPS Connections
05:11

Congratulations! You have now hacked your way into your target’s  Wi-Fi network. Now what? Well, one thing we can do is intercept their  internet connections to see what they do online. We can do this by using  EtterCap.

  • UtilizeEtterCap in order to intercept our targets network connections

Intercepting Connections (EtterCap)
05:36

Like all great hackers, we pave the way of our setup. This means  we will be using a few tools to setup our wireless card in order to  monitor and record our network connections to start the hacking process.

  • Set up our wireless card for monitoring

Setting up Our Lab
02:08

We will begin by performing a simple search using WIFITE in order  to help us scan the area to select our target. By using WIFITE we are  able to see a list of WPA/WPA2 enabled wireless networks within our  area.

  • Search for WPA/WPA2 networks using WIFITE

Search for WPA/WPA2 Networks
03:18

With our password dictionary in place and our aircrack-ng ready to  launch, let’s start cracking this password! With these types of  passwords, often using Uppercase, Lowercase, Numbers, and even Symbols,  we can take a break. Sleep for the night.

  • Hack our way past the WPA/WPA2 Passwords with AirCrack-NG

Brute Forcing WPA/WPA2 Connections
03:41

We are going to be utilizing WireShark in order to help us sniff  out some of the packets that our target is using. By looking at the  packets, and doing some minor recon work, we can see more clearly who  are target is and what they enjoy doing.

  • Sniff our target for any packets using WireShark

Intercepting Connections (WireShark)
05:25
Test your knowledge
5 questions
+ Kali Linux Penetration Testing Recipes
34 lectures 04:17:33

This video will give you an overview about the course.

Preview 07:32

So we don’t have a spare computer laying around to install this  amazing OS on, not a problem. We are going to be looking into installing  a VirtualBox to help us setup a virtual desktop on our computer.                         

  • Install VirtualBox

  • Create a new virtual computer

Installing VirtualBox
06:27

We will now download Kali Linux and install that OS on our virtual  machine we had setup. Once we have Kali installed on our virtual  computer, we will take a look at it and get ourselves accustomed to this  operating system.                         

  • Download and Install Kali Linux

  • Play around with Kali Linux

Installing Kali Linux
12:41

In this video, you will learn about the Penetration testing and will show you how to get started using Kali Linux.                         

  • Update the Kali

  • Explore the terminal

  • View the browser and looking at the menu

Getting Used to Kali
06:34

While we are performing our password attacks, we are going to be  needing a password text file. Instead of utilizing the default password  text file during our testing, we will create our own dictionary of  passwords we can use.                         

  • Create a password dictionary

Password Dictionaries
06:32

Does your target run WordPress? If so we can easily take advantage of different.                         

  • Exploit Usernames associated with our target

  • Crack passwords of the usernames we extracted from our target

  • Log into the WordPress website using the correct credentials we collected

WordPress Vulnerability Testing
14:25

So we have been challenged with a web-based application and need  to test it for vulnerabilities. Not a problem. This section we will  learn how to exploit that web app using Burp Suite.                         

  • Web-Based application testing with Burp Suite

Burp Suite – Web Application Security Testing
07:56

With that web-based application, we will discover how to scan that  web app to see if there are any penetration marks that we can use to  work our way into any possible back-doors, and other information that we  can use to attack our target.                         

  • Pen Testing with XSSER to find vulnerabilities

Web Application Penetration Testing
03:42

While scanning the website is one task that everyone usually tends  to go for, I personally will be showing you my favourite task, viewing  the websites source code. We can either download the website directly to  our computer, or external storage device, or view it live.                         

  • View the source code offline

  • View the source code live

Analysing the Source Code
07:07

Throwing testing packages and viewing the source code is a great  place to start, we will need to check to see if that web-based  application has any open and weak ports that we can use.                         

  • Utilize Wireshark to help us with port snooping

Wireshark – Port Scanning
05:42

While extracting all of this useful information is a great  practice, we will need to learn more about who we are dealing with. This  can be for a personal reason, or maybe we have been asked to learn all  we can about the website owner.                         

  • Use an online service, MXToolBox to help us extract information from our target

Domain Name Information and More
07:24

One of the easiest methods to do is test our targeted server for  any SQL Injection vulnerabilities. This will allow us to throw SQL  Injections to the server for a variety of things.                         

  • Test server with SQLMap for vulnerabilities

  • Search vulnerabilities using SQLNinja

Testing SQL Injections
12:32

Sometimes our servers are vulnerable to JSP Shell attacks, and if  our targeted server is indeed vulnerable to JSP Shell, we should test  and document it for future reference.                         

  • Utilize JBoss-AutoPWN to test for vulnerabilities

Deploying JSP Shell Attacks
03:24

Assuming that our target has open ports for SSH, FTP, or other  types of remote connection, we can attempt to brute force our way past  the login credentials to gain access to the server.                         

  • Brute forcing passwords using Cain and Abel

  • Test Passwords with John the Ripper

Password Testing
06:11

In this video, you will learn how to use the PunkSPIDER.                         

  • Find security measures and weaknesses

  • Highlight every single option available in PunkSPIDER

Security Scanning
02:55

This is extremely important as there are numerous programs that  are target could be running. If there is an outdated software, we can  view the reports on that specific version to see if there are any  vulnerabilities.                         

  • Scan for outdated software using Nikto

Searching for Outdated Software
04:06

This is an attack in which a host with no authority is directing a  domain name server and all of the requests. This allows a hacker to  redirect all of the DNS requests, thus the traffic as well, to another  machine.                         

  • Manipulate DNS Traffic By using Ettercap

DNS Spoofing
07:43

Reconnaissance is a crucial part of our ethical hacking pen  testing. Recon is the process of gathering all of the required  information needed in order to determine the best strategy for hacking  our target.                         

  • Perform a Recon using Sparta

Reconnaissance
05:42

Utilizing a Social Engineering Toolkit (SET), we can create a  false login page and have the credentials stored onto our designated  location. This allows us to steal login details of users.                         

  • Create a login page using SET

  • Deploy Virtual Server

  • Send Login page to victim

False Logins
07:31

One of the hardest methods of SEA is gaining access to the  physical location. Sometimes our clients will ask us to gain physical  access to a section of a building. This can be accomplished, if you have  proper people skills and can read people.                         

  • Learn to read people

  • Figure the best method to talk to someone

  • Gain access to the building

Physical Location
07:39

We have seen on countless hacking movies that the hacker will call  the target to extract some type of information. And still to this day,  that method is frequently used. We will talk about how to carry out this  SEA.                         

  • Discover which person and sector to talk to

Calling
07:02

While many people don’t realize this, but email is one of the  greatest methods of extracting information about a company. An email  contains the IP Address and the MX directory of the companies email  provider. Plus we can use this method to service our SET section.                         

  • View IP Address from email

Emailing
06:34

In this video, you will learn about the Harvester: Social Gathering.                         

  • Find the target

  • Exploit the target by means of emails

  • Extract the data directly from Kali Linux

Social Gathering
05:36

If you are inside of a company, chances are they have their own  hidden wireless network. If they do, that is our golden ticket! We will  learn how to view those hidden networks, and then crack their passwords.                         

  • Search for those hidden SSID’s using ArioDump

Viewing Hidden SSID’s
07:53

So we have a SSID we can connect too, now what? This section we  will learn how to hack those wireless passwords using a few different  techniques. We will be using our created PWD List for this.                         

  • Explore the password hacking

  • Look into the brute forcing application Air-crack

  •   Use ‘pwd.txt’ dictionary

Wireless Password Cracking- Part One
06:53

In this video, you will learn about the John the ripper                         

  • Explore alternate way of brute forcing

  • Pass through dictionaries

Wireless Password Cracking- Part Two
10:17

While connected to our network, we need to do something instead of  Google or Facebook. We are going to learn how to intercept incoming and  outgoing traffic on our connected network.                         

  • Use Wireshark to intercept and read incoming/outgoing traffic

Intercepting Connections
05:16

We have a domain name to test, not an IP. How can we extract the  IP information? We will be utilizing the PING command in order to pull  that information. Then we will perform an NS Look Up test to find out  more information.                         

  • Ping domain name to get IP Address of target

  • Utilize NS Lookup to extract information about our target

IP Address Search
04:49

This is a two part section. We will first dive into the IP WhoIS  report, and then follow up with the domain name WhoIs. This is helpful  to see if the domain admin is the same as the server admin, and we can  extract other forms of information using these techniques.                         

  • Search IP Address WhoIS

  • Search Domain Name WhoIS

WhoIS and Domain Name WhoIS
10:10

Often overlooked, but we will be looking at the websites  background. Much like your background report, we will need to see what  all the creators have done to the website, and when they did it.                         

  • Perform a background history report using Netcraft

Site Background
10:02

Another overlooked aspect, is searching for email accounts and  social media accounts. This will be helpful as we can get an insight to  who works there, and helps us with our SEA.                         

  • Learn how to use the Harvester

Finding Emails and Social Media Accounts
06:51

While performing a Recon, typically our motions are visible to the  website, or servers, admins. In this section, we will learn how to  perform a stealthy approach by using a protected network.                         

  • Protect network using VPN

  • Perform a Stealth Recon using Nmap

Stealth Reconnaissance on Protected Network
07:07

Much like we showed on our wireless intercepting, we will be  looking at incoming and outgoing connections for the targeted website.                         

  • Learn how to intercept website traffic using Wireshark

Intercepting Connections
05:48

Now that we have performed our hacks and attacks, we need to  generate a report to present to our employer. This should give them some  details about your exploits, how you did them, and options on how to  fix them.                         

  • Design the report and adding proper content

Building Our Report
19:30
Test your knowledge
5 questions
+ Kali Linux Advanced Wireless Penetration Testing
25 lectures 04:03:13

This video provides an overview of the entire course.

Preview 08:17

We know that Wi-Fi networks are connected by either  WEP/WPS/WPA/WPA2, however, do we understand those security protocols?  Don’t worry, in this section we will be learning about each of them.           

  • Discover the WEP security protocols

  • Learn what WPS security is

  • Explore the WPA/WPA2 security protocols

Wireless Security Protocols
09:55

Alright, so we have our Kali Linux installed, and we want to  connect to the internet. But we don’t have any. What should we do? With  Kali, we can scan to see who has internet around us.           

  • Use Wifite to scan for targets around us to connect us to the internet

Scanning for Open and Hidden SSID’s
07:44

When we attempt to crack a password (Wireless | Server | Website |  Phone | and so on) We need Dictionary of Passwords. This will allow us  to insert several different passwords in a text file and use that  document later on in our arguments against our target.

  • Create a custom password dictionary

Creating Password Dictionary
10:25

So, we have found our target Wi-Fi, and we have built our own  Password Dictionary, now what? We will now need to see if we can crack  the password for our target. 

  • Crack Wi-Fi Passwords with Wifite

Cracking Wi-Fi Passwords
11:26

We will be focusing on different options that are available in  Wireshark that are extremely useful during a penetration test or during a  forensics analysis.

  • Use Wireshark on a specific adapter and viewing the communications between devices

  • Analyse the network traffic data and harvesting the valuable information

Wireshark – Capturing Traffic
17:06

We will be working towards getting the network miner work on the  kali Linux and also we will look at the options that are available in  windows version of network miner.

  • Install Network miner to Kali Linux

  • Analyse the packets for valuable and sensitive information

NetworkMiner – Extract Files and Data
11:10

How to we analyse the packets and network traffic while performing  the MiTM attacks, we will be exploring the tool DarkStat which pretty  much provides the details that are required for a penetration tester  during the attack.           

  • Run DarkStat

  • Analyse the data from DarkStat to perform further attacks

DarkStat – Analyzing Network Traffic
04:25

So, we have packets how do we analyse the wireless packets without having them go through lots of manual eye ball?           

  • Use Kismet to scan for the wireless network

  • Perform analysis on the wireless network using kismet

  • Store the files from kismet on the local storage to perform further lateral attacks

Wireless Network Detector and Sniffer
09:15

What is the MiTM attacks? How to perform such attacks.           

  • Utilise multiple tools to achieve an objective of sniffing the confidential information in network transit

What is MiTM?
05:13

How do we successfully extrack confidential information from the  victim? Spoofing the devices/services on the network by using ARP.           

  • Perform the Man in The Middle Attacks by poising the network or the gateway

  • Use Ettercap GUI to perform ArpSpoof attack to capture the credentials over the network

ArpSpoof – Setup Between Our Victim and Router
11:06

So we are connected to our target, what fun can we do? The first  thing we are able to do is perform a MitM attack in which puts us in  between 2 people talking to each other. This allows us to intercept  their conversation to inquire personal information.           

  • Use driftnet to capture the wireless network traffic

DriftNet – Displaying Victims Image Traffic
06:59

By utilizing URLSnarf, we can intercept the HTTP connection  requests that are stored inside of the CFL. This will help us understand  who our target is and what they do.           

  • Intercept our victims traffic by utilizing URLSnarfer

URLSnarf – Capturing Website Information/Data
07:49

Today’s easy threat to every organisation or individual is the intentional or unintendedly getting DoS attacks.

  • Learn the different types of DoS

What Is DoS?
08:32

How does a volume based denial of service is performed? How easy it is to launch an attack. The easy way of launching this type of attack is to use the inbuilt kali tools and measured bits per second. 

  • Use hping3 to perform this attack on the target network

  • Perform UDP floods, ICMP floods and Spoofed Packet floods

Volume-Based DoS
17:20

How does a protocol based Denial of Service is different from volume based and how easy is to launch this type of attack.

  • Utilise the inbuilt kali tools we would launch the attacks but measure in packets per second

  • Use hping3 to perform this attack on the target system

  • Launch multiple instances SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS

Protocol-Based DoS
18:43

Application Layer Attacks has been quite often in pretty much every application that is exposed on the internet

  • Perform ALA based DoS by using existing tools in the Kali Linux

  • Use the existing tools in Kali Linux such as DirBuster, Burpsuite we will launch the ALA Based attacks

  • Perform low-and-slow attacks, GET/POST floods

Application Layer Based Attacks - DoS
21:20

First thing is first, we need to understand how does Bluetooth work and what technologies are involved in Bluetooth.

  • Understand the difference between different wireless technologies

Bluetooth Basics
07:04

So now you know how does the Bluetooth works, It is time for us to  explore and find the difference devices that are available within the  range.

  • Scan for Bluetooth devices using Bluelog

BlueLog – Scanning for Bluetooth Devices in the Area
05:07

Unlike brute-forcing or performing a scan on complete IP subnet. What do we do for Bluetooth?

  • Utilise the redFang to identify non discoverable devices

  • Use redFang to perform scan for non-discoverable Bluetooth devices

RedFang – Find Hidden Bluetooth Devices
03:58

Finally, Once we have found out all the available Bluetooth  devices around us, what is next? Spoof your identity and make a  communication to the target.

  • Utilize Spooftooph to change the name and address of the device and hide your identity in plain sight

Spooftooph – Bluetooth Spoofing
12:04

Unlike Denial Of Service attacks, how the attackers smack the Bluetooth devices.

  • Create our own custom script to perform the same

  • Using l2ping to conduct Denial of Service attack called as Bluesmack on the target device

Bluesmack – Bluetooth DoS Script
08:27

We will now begin perform an advanced step of steal the information using Bluetooth.

  • Communicate to the device and then extract the phonebook details

  • Utilise the bluesnarfer in kali linux to perform bluesnarfing attack

Bluesnarfing – Extract Data from Target
08:02

Art of phishing in Computers is achieved by sending one email to  unintended readers and having to wait for them to fill in the details.

  • Use bluejack to perform Bluetooth Phishing by sending

  • BlueJacking our way into all available Bluetooth in range

BlueJacking – Sending a Business Card to Target
03:21

How does the Hackers control information by exploiting vulnerabilities or by planting a backdoor bugs!

  • Learn how to bug a Bluetooth device

  • Download bluebugger and compile it

  • Use bluebugger to extract phonebook and dial numbers

Bluebugging – Taking Control Over Target
08:25
Test your knowledge
3 questions