Learn Python & Ethical Hacking From Scratch
4.6 (8,967 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
51,183 students enrolled

Learn Python & Ethical Hacking From Scratch

Start from 0 & learn both topics simultaneously from scratch by writing 20+ hacking programs
4.6 (8,967 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
51,183 students enrolled
Last updated 5/2020
English
English [Auto-generated], Indonesian [Auto-generated], 1 more
  • Italian [Auto-generated]
Current price: $135.99 Original price: $194.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 23.5 hours on-demand video
  • 1 article
  • 12 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Assignments
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • 170+ videos on Python programming & ethical hacking
  • Install hacking lab & needed software (on Windows, OS X and Linux)
  • Learn 2 topics at the same time - Python programming & Ethical Hacking
  • Start from 0 up to a high-intermediate level
  • Write over 20 ethical hacking and security programs
  • Learn by example, by writing exciting programs
  • Model problems, design solutions & implement them using Python
  • Write programs in Python 2 and 3
  • Write cross platform programs that work on Windows, OS X & Linux
  • Have a deep understanding on how computer systems work
  • Have a strong base & use the skills learned to write any program even if its not related to hacking
  • Understand what is Hacking, what is Programming, and why are they related
  • Design a testing lab to practice hacking & programming safely
  • Interact & use Linux terminal
  • Understand what MAC address is & how to change it
  • Write a python program to change MAC address
  • Use Python modules and libraries
  • Understand Object Oriented Programming
  • Write object oriented programs
  • Model & design extendable programs
  • Write a program to discover devices connected to the same network
  • Read, analyse & manipulate network packets
  • Understand & interact with different network layers such as ARP, DNS, HTTP ....etc
  • Write a program to redirect the flow of packets in a network (arp spoofer)
  • Write a packet sniffer to filter interesting data such as usernames and passwords
  • Write a program to redirect DNS requests (DNS Spoofer)
  • Intercept and modify network packets on the fly
  • Write a program to replace downloads requested by any computer on the network
  • Analyse & modify HTTP requests and responses
  • Inject code in HTML pages loaded by any computer on the same network
  • Downgrade HTTPS to HTTP
  • Write a program to detect ARP Spoofing attacks
  • Write payloads to download a file, execute command, download & execute, download execute & report .....etc
  • Use sockets to send data over TCP
  • Send data reliably over TCP
  • Write client-server programs
  • Write a backdoor that works on Windows, OS X and Linux
  • Implement cool features in the backdoor such as file system access, upload and download files and persistence
  • Write a remote keylogger that can register all keystrikes and send them by Email
  • Interact with files using python (read, write & modify)
  • Convert python programs to binary executables that work on Windows, OS X and Linux
  • Convert malware to torjans that work and function like other file types like an image or a PDF
  • Bypass Anti-Virus Programs
  • Understand how websites work, the technologies used and how to test them for weaknesses
  • Send requests towebsites and analyse responses
  • Write a program that can discover hidden paths in a website
  • Write a program that can map a website and discover all links, subdomains, files and directories
  • Extract and submit forms from python
  • Run dictionary attacks and guess login information on login pages
  • Analyse HTML using Python
  • Interact with websites using Python
  • Write a program that can discover vulnerabilities in websites
Course content
Expand all 176 lectures 23:35:48
+ Introduction
9 lectures 01:14:25

This a teaser lecture to give you a taste of what you'll be able to do by the end of the course.

I will show you some of the tools we'll build later on in the course, you'll see how to:

1. Use the arp_spoof and packet_sniffer programs to steal usernames and passwords entered by any computer on the same network.

2. Use the backdoor to remotely hack a Windows machine.

3. Use the vulnerability_scanner program we'll write to discover weaknesses in a website.

Preview 07:29

This lecture will give you an introduction of how the course is structured, the different sections in the course, and what you'll learn in it.

Course Introduction
06:31

This lecture will introduce you to the two main topics of the course, ethical hacking and python programming and will explain why they are related and why you might want to learn both at the same time.

Introduction to Python Programming & Ethical Hacking
06:13

In this course, we will be using a number of operating systems, Kali for hacking and 2 other target machines, in this section you will learn how to install all of these machines as virtual machines inside your current operating system, this allow use to use all of the machines at the same time, it also completely isolates these machines from your main machine therefore your main machine will not be affected if anything goes wrong.

This lecture will give you an overview of the lab that we will need to set up for this course.

Lab Overview & Needed Software
07:48

This lecture will give you an overview of the software you need to for this course, how to install it and how to install Kali Linux as a virtual machine.

Installing Kali 2020 as a virtual Machine
11:13

Kali Linux is an Linux distro that is designed for hackers.

In this lecture we will have a basic look on Kali linux just to get you comfortable with it.

You will learn how to use its main applications, browse files, connect to the internet ....etc.

Basic Overview of Kali Linux
05:10

In this lecture you will learn how to interact with the linux terminal and run linux commands.

The Terminal & Linux Commands
11:21

This lecture will explain the differences between Python 2 and Python 3, you'll also write your first program here.

Python 2 VS Python 3 & Writing Our First Program
09:08

This lecture will teach you how to install a python interactive development environment (IDE), and how to use this IDE to write python programs.

Installing & Using a Python IDE
09:32
+ Writing a MAC Address Changer - Python Basics
13 lectures 01:43:09

MAC address (Media Access Control) - is a unique identifier assigned to network interfaces.

In this lecture you'll learn what is is, how its used, and how to change it using Kali Linux.

Preview 07:41

This lecture will teach you how to use Python modules, as an example you'll learn how to use the subprocess module to execute system commands from Python.

Using Python Modules & Executing System Commands
09:18

In this lecture we'll write a very basic program to change the MAC address.

Implementing a Very Basic MAC Changer
05:16

This lecture will introduce you to Python variables and strings, how initialise them and use them in code.

Variables & Strings
10:12

In this lecture you'll see how to use variables in our mac_changer to set the interface name and use a variable value for the mac address.

Using Variables in MAC Changer
04:36

In this lecture you'll learn how to use python to ask the user to input values, and use this value to initialise a variable.

Getting Input From The User
06:18

In this lecture you'll see how to use values entered by the user in our python program.

Handling User Input
09:40

In this lecture you will learn how to implement command-line arguments in your python program.

Handling Command-line Arguments
09:44

In this lecture you'll learn how to use the arguments given by the user in our python program.

Initialising Variables Based on Command-line Arguments
07:51

A function is a number of statements that does a specific task.

This lecture will introduce you to functions in python.

Python Functions
09:40

In this lecture you'll learn how to return values from functions, and use them in your python program.

Returning Values From Functions
06:55

This lecture will introduce you to decision making in python, you'll learn the different types of if statements that can be used to make decisions at run time and control the program flow.

Decision Making in Python
06:53

In this section you'll see an example of using decision making to control program flow.

Using Conditional Statements in MAC Changer
09:05
+ MAC Changer - Algorithm Design
6 lectures 41:42

An algorithm is a set of instructions to solve a problem.

This lecture will introduce you to algorithm design, as an example we'll design an algorithm to check if the mac address changes after the execution of our program and display an appropriate message to the user.

Introduction to Algorithms
03:15

In this lecture you'll learn how to execute system command and read its result using Python.

Reading Output Returned By System Commands
06:24

Regular expressions are used to define search patters.

This lecture will introduce you to Python Regular Expressions (Regex).

As an example we'll learn how to use regex to extract a substring from a larger string.

Introduction to Regular Expressions (Regex)
08:14

In this lecture you'll learn how to use regex to extract a substring from a larger string.

Extracting a Substring Using Regex
06:39

We'll spend this lecture tidying up our program, making sure its readable and extendable.

Refactoring & Housekeeping
10:59

In this lecture we'll put everything learned in this subsection in practice and implement the algorithm we designed at the first lecture to check if the mac address did change to the one the user requested and display an appropriate message.

Preview 06:11
+ Programming a Network Scanner
14 lectures 01:48:31

This lecture will give you an introduction to this section, explain what we want to achieve, and show you a teaser of a program that we want to mimc.

Introduction & Teaser
10:11

In this lecture you will learn how to set up a windows virtual machine so that we can try and hack into it to practice penetration testing.

Installing Windows as a Virtual Machine
03:32

Address Resolution Protocol (ARP) is used to discover the physical address (link layer address) of devices on the network.

This lecture will introduce you to ARP, how it works and it can be used to discover devices on the network.

Introduction to ARP
09:43

In this lecture we'll use what we learned about ARP to design an algorithm to discover clients connected to the same network.

Designing an Algorithm To Discover Clients on The Same Network
04:00

In this lecture you'll learn how to use Scapy to create an ARP request.

Using Scapy To Create an ARP Request
06:48

This lecture will teach you how to send a broadcast request using Scapy to discover clients connected to the same network.

Combining Frames To Broadcast Packets
09:37

In this lecture you'll learn how to use Scapy in Python to send an ARP packet, and receive its response.

Sending & Receiving Packets
06:57

This lecture will introduce you to the list data structure in Python, as an example you'll learn how to store the discovered clients in a list.

Introduction Lists in Python
08:20

In this lecture you'll learn how to use a loop to iterate over list entries.

Iterating Over Lists & Analysing Packet
10:09

This lecture will teach you how to access values in a list, and use escape characters to display values nicely.

Using Escape Characters To Improve Program Output
06:29

A dictionary is an unordered collection of data in which each element has a key (to access the element) and a value.

In this lecture you'll be introduced to dictionaries and learn how they work and how to use them.

As an example we'll use a dictionary to store data about the discovered clients.

Introduction to Dictionaries in Python
09:37

This lecture will you give you an example of using nested data structures; we'll use a list of dictionaries to organise the discovered clients, and their related information.

Improving the Program Using a List of Dictionaries
08:55

In this lecture you'll learn some programming practices to keep the code clean, readable, and extendable.

Iterating Over Nested Data Structures
07:18
Now that the program is working, I want you to use the optparse library I showed you in the previous section to extend this program and make it take the IP range through a command line argument.
Get IP Range Using Command Line Arguments
1 question

This lecture will highlight some of the changes that you need to be aware of when using Scapy with python 3.

Python 3 Compatibility
06:55
+ Writing an ARP Spoofer
11 lectures 01:17:39

ARP spoofing is a very dangerous attack that allows hackers to intercept the flow of packets in the network, allowing them to spy on any connected device or even modify data on the fly.

In this lecture you'll learn what arp spoofing attack is, why is it possible, and what it can be used to do ?

What is ARP Spoofing?
06:20

In this lecture you'll learn how to run an ARP spoofing attack using Kali Linux.

Intercepting Data in a Network Using arpspoof
05:08

This lecture will teach you how to create an ARP Response using Scapy in Python.

Creating an ARP Response
07:11

This lecture will teach you how to send the responses we created in the previous section, and redirect the flow of packets to flow through our computer.

Sending ARP Responses
05:34

In this lecture you'll learn how to use python extract the MAC address value from ARP Responses.

Extracting MAC Address From Responses
06:59

A loop defines a block of code to run as long as a condition is valid.

This lecture will introduce you to loops in Python.

Introduction to Loops in Python
08:53

In this lecture we'll use an infinite loop to send arp spoofing responses and prominently intercept packets in the network.

More on Loops & Counters
07:56

This lecture will teach you more about printing, strings, and special characters to dynamically print data on screen.

Dynamic Printing
06:54

Exceptions happen when something goes wrong during execution.

This lecture will teach you how to handle exceptions properly in Python.

Exception Handling in Python
05:16

In this lecture we'll implement a restore function to restore the arp table of targets when we quit the program.

Implementing a Restore Function
11:55

In this lecture you'll learn how to invoke the restore function we wrote earlier when the user presses CTRL + C.

Restoring ARP Tables on Exception
05:33
+ Writing a Packet Sniffer
7 lectures 58:18

The goal in this section is to write a packet sniffer, a program that can capture packets and analyse them to extract useful data such as visited websites, usernames, passwords....etc

This lecture will introduce you to this idea, and show you the program in action so you know exactly what's the end product that we are trying to get to.

Preview 04:39

This lecture will teach you how to sniff / capture packets using Scapy in Python.

Sniffing Packets Using Scapy
07:20

This lecture will teach you how to filter sniffed packets and extract data sent over the HTTP layer.

Extracting data From a Specific Layer
06:50

This lecture will teach you how to access specific field values in packet layers.

Analysing Sniffed Packets & Extracting Fields From Layers
12:21

In this lecture you'll learn how to extract data from specific fields, as an example you'll see how to extract sent passwords.

Analysing Fields & Extracting Passwords
11:05

In this lecture we'll continue building our sniffer and you'll learn how to extract urls and display them on screen.

Extracting URLs
08:00

In this lecture we'll use our arp_spoof program to intercept packets, and the sniffer that we programmed in this section to filter the intercepted packets and display usernames, passwords and visited urls.

Capturing Passwords From Any Computer Connected to the Same Network
08:03
+ Writing a DNS Spoofer
7 lectures 57:45

This lecture will teach you how to create a proxy using Python, this allows us to intercepted packets, modify them and then forward them to their destination.

Intercepting Packets - Creating a Proxy
13:00

In this lecture you'll learn how to  convert the intercepted packets to Scapy packets, so we can modify them later on.

Converting Packets to Scapy Packets
09:21

DNS Spoofing allows hackers to redirect requests to domain names (eg: www.google.com) to any destination they want.

This lecture will explain to you what DNS Spoofing is, why is it possible, and how we'll implement a DNS Spoofer in Python.

Introduction to DNS Spoofing
07:20

In this lecture you'll learn how to analyse responses in general, as an example we'll be analysing DNS responses.

Filtering DNS Responses
06:26

In this lecture you'll learn how to create a custom DNS response using Scapy in Python.

Analysing & Creating a Custom DNS Response
07:56

In this lecture we'll modify intercepted DNS responses and replace them with the one we created in the previous lecture.

Modifying Packets On The Fly
07:57

In this lecture we'll use the program we built in this section with the arp_spoofer to redirect requests from bing.com to our own web server!

Preview 05:45
+ Writing a File Interceptor
6 lectures 50:13

The goal of this section is to write a Python program to replace downloads on the network.

This lecture will give you a general idea of what we want to achieve by the end of this section, and it will show you a teaser of the program that we'll build so you understand what we want to achieve by the end of this section.

Preview 04:27

In this lecture you'll learn how to filter Scapy packets based on the port they are sent from/to.

Filtering Traffic Based on the Port Used
09:22

In this lecture, you'll learn how to analyse requests in general, as an example we'll analyse HTTP requests that request a file to download and see how we can exploit these requests to replace files.

Analysing HTTP Requests
05:54

In this lecture you'll learn how to modify HTTP requests on the fly.

Intercepting HTTP Requests
10:19

In this lecture we'll put what we learned so far in practice and use our program to replace downloads on the fly.

Modifying HTTP Responses on The Fly
10:47

In this lecture we'll use the program we wrote to replace files downloaded by any user with any file we want.


Intercepting & Replacing Downloads on The Network
09:24
+ Writing a Code Injector
13 lectures 01:36:30

The goal of this section is to build a Python program to inject code in web pages loaded by computers on the same network.

This lecture will give you a general idea of what we want to achieve by the end of this section, and will show you a teaser of the program we want to build so you have a clear idea of what we want to achieve at the end of this section.

Preview 01:20

In this lecture you'll learn how to analyse HTTP responses to see how to exploit them to inject code.

Analysing HTTP Responses
06:49

In this lecture you'll learn more about regex and how to use it to replace a substring within a bigger string.

Replacing a Substring Using Regex
07:15

Some websites return encoded HTTP responses, in this lecture you'll learn how to decode HTTP responses so we can read them and modify them.

Decoding HTTP Responses
09:48

In this lecture we'll use everything we learned so far to inject a very simple javascript code in HTML pages.

Modifying HTTP Responses & Injecting Javascript Code in HTML Pages
08:50

In this lecture we'll cover some programming practices to keep the code nice and tidy, so that its readable and extendable.

Refactoring & Housekeeping
08:29

In this lecture we'll debug some issues in our code_injector and discuss how they can be fixed.

Debugging Issues in Python
06:01

In this lecture you'll learn even more about regex in Python and how to use none capturing groups.

Using Groups & None-capturing Regex
08:57

In this lecture you'll learn how to re-calculate the content length after modifying the page code.

Recalculating Content Length
11:38

BeEF is a browser exploitation framework that allows us to run a large number of commands on hooked browser.

In this lecture we will have an overview of the interface, how to start the framework and how to create a hook page and hook targets to it.

BeEF Overview & Basic Hook Method
11:41

This lecture will show you how to use the program we made in this section to automatically hook browsers to BeEF.

Hooking Computers Using code_injector
05:37

In this lecture you learn how to run some basic commands on the target machine using beef, you'll learn how to run any Javascript code, get a screenshot of the page they're browsing, redirect them to any page you want and even steal login info using a fake login prompt

Basic BeEF Commands
04:24

This lecture will teach you how to use BeEF to deliver malware to a target using a fake update notification.

Delivering Malware Using BeEF
05:41
+ Bypassing HTTPS
4 lectures 38:24

All the programs we built so far only work with HTTP pages, this is because data sent over HTTPS is encrypted.

This lecture will fix this issue and teach you how to downgrade HTTPS to HTTP.

Preview 10:49

In this lecture you'll learn how to use the packet_sniffer program we wrote earlier to sniff data from HTTPS pages.

Bypassing HTTPS & Sniffing Login Credentials
08:04

This lecture will teach you how to use the replace_downloads program we wrote earlier to replace files downloaded from HTTPS links.

Replacing Downloads on HTTPS Pages
10:56

This lecture will teach you how to use the code_injector program we wrote earlier to inject code in HTML pages that use HTTPS.

Injecting Code in HTTPS Pages
08:35
Requirements
  • Basic IT knowledge
  • No Linux, programming or hacking knowledge required.
  • Computer with a minimum of 4GB ram/memory
  • Operating System: Windows / OS X / Linux
Description

Welcome this great course where you'll learn python programming and ethical hacking at the same time, the course assumes you have NO prior knowledge in any of these topics, and by the end of it you'll be at a high intermediate level being able to combine both of these skills and write python programs to hack into computer systems exactly the same way that black hat hackers do, and use the programming skills you learn to write any program even if it has nothing to do with hacking.

This course is highly practical but it won't neglect the theory, we'll start with basics on ethical hacking and python programming, installing the needed software and then we'll dive and start programming straight away. From here onwards you'll learn everything by example, by writing useful hacking programs, so we'll never have any boring dry programming lectures.

The course is divided into a number of sections, each aims to achieve a specific goal, the goal is usually to hack into a certain system, so we'll start by learning how this system work and its weaknesses, and then you'll lean how to write a python program to exploit these weaknesses and hack the system, as we write the program I will teach you python programming from scratch covering one topic at a time, so by the end of the course you're going to have a number of ethical hacking programs written by yourself (see below) from backdoors, keyloggers, credential harvesters, network hacking tools, website hacking tools and the list goes on. You'll also have a deep understanding on how computer systems work, how to model problems, design an algorithm to solve problems and implement the solution using python.

As mentioned in this course you will learn both ethical hacking and programming at the same time, so here are some of the topics that will be covered in the course:


Programming topics:

  • Writing programs for python 2 and 3.

  • Using modules and libraries.

  • Variables, types ...etc.

  • Handling user input.

  • Reading and writing files.

  • Functions.

  • Loops.

  • Data structures.

  • Regex.

  • Desiccation making.

  • Recursion.

  • Threading.

  • Object oriented programming.

  • Packet manipulation using scapy.

  • Netfilterqueue.

  • Socket programming.

  • String manipulation.

  • Exceptions.

  • Serialisation.

  • Compiling programs to binary executables.

  • Sending & receiving HTTP requests.

  • Parsing HTML.

  • + more!


Hacking topics:

  • Basics of network hacking / penetration testing.

  • Changing MAC address & bypassing filtering.

  • Network mapping.

  • ARP Spoofing - redirect the flow of packets in a network.

  • DNS Spoofing - redirect requests from one website to another.

  • Spying on any client connected to the network - see usernames, passwords, visited urls ....etc.

  • Inject code in pages loaded by any computer connected to the same network.

  • Replace files on the fly as they get downloaded by any computer on the same network.

  • Detect ARP spoofing attacks.

  • Bypass HTTPS.

  • Create malware for Windows, OS X and Linux.

  • Create trojans for Windows, OS X and Linux.

  • Hack Windows, OS X and Linux using custom backdoor.

  • Bypass Anti-Virus programs.

  • Use fake login prompt to steal credentials.

  • Display fake updates.

  • Use own keylogger to spy on everything typed on a Windows & Linux.

  • Learn the basics of website hacking / penetration testing.

  • Discover subdomains.

  • Discover hidden files and directories in a website.

  • Run wordlist attacks to guess login information.

  • Discover and exploit XSS vulnerabilities.

  • Discover weaknesses in websites using own vulnerability scanner.


Programs you'll build in this course:

You'll learn all the above by implementing the following hacking programs

  • mac_changer - changes MAC Address to anything we want.

  • network_scanner - scans network and discovers the IP and MAC address of all connected clients.

  • arp_spoofer - runs an arp spoofing attack to redirect the flow of packets in the network allowing us to intercept data.

  • packet_sniffer - filters intercepted data and shows usernames, passwords, visited links ....etc

  • dns_spoofer - redirects DNS requests, eg: redirects requests to from one domain to another.

  • file_interceptor - replaces intercepted files with any file we want.

  • code_injector - injects code in intercepted HTML pages.

  • arpspoof_detector - detects ARP spoofing attacks.

  • execute_command payload - executes a system command on the computer it gets executed on.

  • execute_and_report payload - executes a system command and reports result via email.

  • download_and_execute payload - downloads a file and executes it on target system.

  • download_execute_and_report payload - downloads a file, executes it, and reports result by email.

  • reverse_backdoor - gives remote control over the system it gets executed on, allows us to

    • Access file system.

    • Execute system commands.

    • Download & upload files

  • keylogger - records key-strikes and sends them to us by email.

  • crawler - discovers hidden paths on a target website.

  • discover_subdomains - discovers subdomains on target website.

  • spider - maps the whole target website and discovers all files, directories and links.

  • guess_login - runs a wordlist attack to guess login information.

  • vulnerability_scanner - scans a target website for weaknesses and produces a report with all findings.


As you build the above you'll learn:

  • Setting up a penetration testing lab to practice hacking safely.

  • Installing Kali Linux and Windows as virtual machines inside ANY operating system.

  • Linux Basics.

  • Linux terminal basics.

  • How networks work.

  • How clients communicate in a network.

  • Address Resolution Protocol - ARP.

  • Network layers.

  • Domain Name System - DNS.

  • Hypertext Transfer Protocol - HTTP.

  • HTTPS.

  • How anti-virus programs work.

  • Sockets.

  • Connecting devices over TCP.

  • Transferring data over TCP.

  • How website work.

  • GET & POST requests.

  • And more!


By the end of the course you're going to have programming skills to write any program even if it has nothing to do with hacking, but you'll learn programming by programming hacking tools!

With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 15 hours.


Notes:

  • This course is created for educational purposes only and all the attacks are launched in my own lab or against devices that I have permission to test.

  • This course is totally a product of Zaid Sabih & zSecurity, no other organisation is associated with it or a certification exam. Although, you will receive a Course Completion Certification from Udemy, apart from that NO OTHER ORGANISATION IS INVOLVED.


Who this course is for:
  • Anybody interested in learning Python programming
  • Anybody interested in learning ethical hacking / penetration testing