Network Hacking Continued - Intermediate to Advanced
What you'll learn
- 80+ detailed videos on ADVANCED network hacking
- 2 methods to hack WPA2 enterprise networks
- 3 methods to hack captive portals (hotels & airport networks)
- Steal WPA/WPA2 password using evil twin attack.
- Crack WPA/WPA2 faster using GPU.
- Write custom scripts to implement your attack ideas.
- Bypass router-side security & run ARP spoofing attack without raising alarms.
- Unlock WPS on some routers even if its locked
- Disconnect multiple or all clients from their networks without knowing the key
- Bypass MAC filtering (both black & white lists).
- Discover & connect to hidden networks
- Crack more secure WEP implementation when SKA is used.
- Exploit WPS on more secure routers to get the WPA/WPA2 key.
- Understand how WPA/WPA2 enterprise work.
- Understand how a fake access points work
- Manually create fake access points
- Generate SSL certificates & use it to support HTTPS on apache2.
- Create a fake captive portal that acts exactly like a normal captive portal.
- Use huge wordlists to crack WPA/WPA2 without taking up disk space.
- Save WPA / WPA2 cracking progress.
- Bypass HTTPS & capture data manually.
- Analyse data flows and build own attacks.
- Run attacks against HTTPS websites.
- Inject Javascript / HTML code in HTTPS pages.
- Create trojans - combine any file (image/pdf) with an evil file.
- Replace files downloaded on the network with trojans.
- Write script to replace downloads with trojans on the fly.
Requirements
- Computer with a minimum of 4GB ram/memory
- Operating System: Windows / OS X / Linux
- Finished the networks section of my general ethical hacking course OR
- Finished my network hacking course.
- For the wifi cracking ONLY - Wireless adapter that supports monitor mode (more info provided in the course).
Description
Welcome to this advanced network hacking course, this course is designed to build up on what you already know about network hacking, therefore I recommend finishing the network hacking section of my general ethical hacking course or finishing my network hacking course before starting this one.
Just like all of my other courses, this course is highly practical, but it will not neglect the theory, since this is an advanced course we will be breaking each attack into its smaller components and understand how each of these components work, therefore by the end of the course you will be able to mix these attacks and adopt them to suit different situations and different scenarios, you will also be able to write your own man in the middle scripts to implement your own attacks.
Because this course builds on what you learn in the courses mentioned above, the main sections here have similar titles to the main sections in these courses, but the topics covered here are more advanced.
This course is divided into three main sections:
Pre-Connection Attacks - in this section you will learn how to extend the pre-connection attacks you already know, for example you will learn how to run these attacks against networks and clients that use 5Ghz and extend the deauthentication attack to target multiple clients and multiple networks at the same time.
Gaining Access - In this section you will learn a number of advanced techniques to gain access to various network configurations and various network encryptions. First you will learn how to overcome some security features that would prevent you from even trying any attacks, you will learn how to discover and target hidden networks and bypass mac filtering whether it is implemented using a black-list or a white-list. As you go through all of the lectures in this section, you will learn how to manually configure and create a fake access point, you will understand exactly how it works and the services it relies on, therefore by the end of this section you will be able to create custom fake access points to suit your needs, so you will be able to create fake captive portals, steal WPA/WPA2 passwords or use it to spy on clients that connect to it. This section is divided into a number of subsections each covering a specific topic:
Captive Portals - captive portals are open networks that require users to login after connecting to it, they are usually used in hotels and airports. In this subsection you will learn three methods to hack captive portals.
WEP Cracking - Even though this is an old and weak encryption, this is still used in some networks and you can not call yourself a hacker if you can not crack it, by now you should know how to rack WEP if OPEN authentication is used, in this section you will learn how to gain access to WEP networks that use Shared Key Authentication (SKA) as all of the methods that you learned so far will NOT work against SKA.
WPA & WPA2 cracking - In this section you will learn more advanced techniques to gain access to WPA & WPA2 networks, this section is divided into even smaller subsections:
Exploiting WPS - in this subsection you will learn how to debug reaver's output and exploit the WPS feature on more routers using reaver's advanced options, you will also learn how to unlock some routers if they lock after a number of failed attempts.
Advanced Wordlist Attacks - in this subsection you will learn how to run more advanced wordlist attacks, this will increase your chances of cracking the key; you will learn how to use huge wordlists without wasting storage, save the cracking progress so that you can pause and resume and crack the key much faster using the GPU instead of the CPU.
Evil Twin Attack - Finally if none of the above methods work, the last resort is to use social engineering to get the key, in this subsection you will learn how to get the password for a target WPA/WPA2 network using social engineering, without guessing and without using a wordlist.
WPA & WPA2 Enterprise - These networks are usually used in companies and colleges, these are secure networks that use WPA or WPA2 but also require users to login with a username and password after connecting, in this subsection you will understand how they work and how to hack them.
Post-Connection Attacks - In this section you will learn a number of advanced attacks that you can run after connecting to a network, all of the attacks in this subsection work against WiFi and ethernet networks, you will learn how to manually bypass HTTPS and capture sensitive data, you will be able to use this method regardless of how you became the man in the middle so you will be able to use it with any scenario or situation when interesting data is flowing through your computer, you will also learn how to inject javascript/HTML in HTTPS websites, bypass router-side security and run ARP poisoning attacks without raising any alarms. You will also learn how to manually analyse data flows and build your own MITM attack ideas, not only that but I will also teach you how to write your own scripts to execute your own MITM attacks. By the end of this section you will learn the right methodology of building your own attack, you'll learn how to analyse network flows, run a simple test, translate that into a working script that implements your attack, and finally test that script against a remote computer.
Finally at the end of the course you will learn how to protect yourself and your systems from these attacks.
All the attacks in this course are practical attacks that work against real computers, in each technique you will understand the theory behind it and how it works, then you'll learn how to use that technique in a real life scenario, so by the end of the course you'll be able to modify these techniques or combine them to come up with more powerful attacks and adopt them to different scenarios and different operating systems.
With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 15 hours.
Notes:
This course is created for educational purposes only and all the attacks are launched in my own lab or against devices that I have permission to test.
This course is totally a product of Zaid Sabih & zSecurity, no other organization is associated with it or a certification exam. Although, you will receive a Course Completion Certification from Udemy, apart from that NO OTHER ORGANIZATION IS INVOLVED.
Who this course is for:
- People who want to take their network hacking skills to the next level.
- People who want to have a better understanding of the subject and enhance their skills.
- People who want to be able to run attacks manually & write their own MITM scripts.
Featured review
Instructors
- 4.6 Instructor Rating
- 179,700 Reviews
- 774,909 Students
- 11 Courses
My name is Zaid Al-Quraishi, I am a professional ethical hacker, computer scientist, and the founder and CEO of zSecurity & Bug-Bounty. I am passionate about utilising my skills to improve the security of organisations and individuals by identifying and resolving vulnerabilities in their systems.
I have in-depth knowledge and experience in the fields of ethical hacking & cyber security, and I have helped over 1 million students worldwide on multiple teaching platforms to gain a better understanding of the subject.
My companies, zSecurity & Bug-Bounty, specialise in providing ethical hacking services and managed bug-bounty programs to help organisations identify and remediate vulnerabilities in their systems.
- 4.6 Instructor Rating
- 179,700 Reviews
- 769,832 Students
- 11 Courses
zSecurity is a leading provider of ethical hacking and cyber security training, we teach hacking and security to help people become ethical hackers so they can test and secure systems from black-hat hackers.
Becoming an ethical hacker is simple but not easy, there are many resources online but lots of them are wrong and outdated, not only that but it is hard to stay up to date even if you already have a background in cyber security.
Our goal is to educate people and increase awareness by exposing methods used by real black-hat hackers and show how to secure systems from these hackers.