Network Penetration Testing (Ethical Hacking) From Scratch

Name: Network Penetration Testing (Ethical Hacking) From Scratch
Rating: 4.3 (243 reviews)

Learn ethical hacking from scratch from a networking based perspective

Created byTWR Internet Solutions Ltd

Last updated 5/2017

English

What you'll learn

Conduct a basic network penetration test from start to finish from an ethical hackers perspective
Better understand the world of penetration testing
Gain prerequisites to doing certified courses such as CISSP, OSCP (PWK) and CEH

Course content

9 sections • 70 lectures • 7h 20m total length

Course Syllabus6:41
Introduction to Penetration Testing6:37
Master penetration testing by applying real-world attack techniques, focusing on realistic attack vectors and multiple vulnerability paths. Communicate risks to executives with clear, actionable recommendations to improve business resilience.
Reporting For a Client8:46
Craft a client-facing penetration test report with an executive summary, risk ranking, and a strategic roadmap to mitigate vulnerabilities and guide actionable recommendations.
Glossary of Terms - Part 17:13
Glossary of Terms - Part 27:23

Various Tools for Ethical Hacking7:30
Explore Windows-based tools for ethical hacking, including nmap, Wireshark, and PuTTY, and learn to build test labs with virtual machines using VirtualBox, VMware, and Hyper-V.
Setting Up Kali- Part 17:03
Setting Up Kali- Part 27:49
Setting Up Ethical Hacking Tools In Mac OS - Part 14:51
Setting Up Ethical Hacking Tools In Mac OS - Part 25:57
Vulnhub and Metasploitable 27:35
Cloud Services Part 16:21
Cloud Services Part 25:05
Taking Notes For Client Engagements6:14
FTP and SFTP6:38
Running an Apache Web Server and Passing Files Between a Client and Attacker5:40

Cewl - Collecting Information From a Client Website4:01
CeWL spiders a client website to collect words for building password dictionaries, revealing email addresses and metadata while warning about the traffic generated.
Nmap - Scanning a Client Network6:52
Nmap - Using The Scripting Engine8:05
Nikto - Searching for Web Based Vulnerabilities8:34
Openvas - Scanning For Network/Website Related Vulnerabilities8:25
Learn to set up and use OpenVAS on Kali Linux to scan networks and websites for vulnerabilities, view and interpret scan reports, and apply defender-focused remediation guidance.
Dirb/Dirbuster - Brute Forcing Web Directories8:15
Metasploit - Using the Scanning Based Modules - Part 15:41
Metasploit - Using the Scanning Based Modules - Part 24:18
Ncat - Banner Grabbing - Part 14:29
Ncat - Banner Grabbing - Part 24:56
DNS Enumeration - Part 15:23
DNS Enumeration - Part 25:26
SMB Enumeration7:31
Enumerate smb shares and environments using samba and snb techniques across ports 135, 139, and 445. Explore user and share information with nbt scan, net share, smb client, and scripts.

How to Search For Exploits5:40
Metasploit - Exploit7:54
Metasploit - Payload6:06
Explains configuring a metasploit exploit with a java interpreter payload and a reverse tcp connection. Demonstrates managing sessions, interacting with the target, and retrieving system info and password hashes.
MSFvenom - Creating a custom payload6:55
Burpsuite - Web Proxy8:37
Explore how Burp Suite's web proxy intercepts and manipulates web form inputs to test security, inspect requests, and map sites with spider, scanner, intruder, and other tools.
Zap - Web Proxy7:06
SQL Injection - How to7:46
SQL Injection - NoSQL How to5:08
Pret - Exploiting Printers6:54
LFI & RFI - Local File Inclusion & Remote File Inclusion5:47
Veil - Evading Anti Virus - Part 14:04
examine how penetration testers test against antivirus, compare payload encoders, and analyze VirusTotal results to understand what detections look like and how to bypass them.
Veil - Evading Anti Virus - Part 26:06
Using a Reverse Shell - Part 14:45
Differentiate between shells and reverse shells and explore two-way communication between victim and attacking machine using netcat to open a shell and pass commands.
Using a Reverse Shell - Part 24:46
Patator - Password Attacks - Part 17:37
Patator - Password Attacks - Part 24:38
BOF - What is a Buffer Overflow5:20
BOF - Buffer Overflow Demo - Part 17:39
BOF - Buffer Overflow Demo - Part 27:24
Demonstrate a buffer overflow attack by sending junk bytes past a canary, crafting a nop sled, and hijacking execution with a calculated jump to injected code using debuggable Python script.
BOF - Buffer Overflow Demo - Part 35:08

Windows Machine - Part 16:40
Explore Windows post exploitation techniques using command line and wmic to enumerate users, network interfaces, partitions, services, hotfixes, and potential pivot paths across subnets.
Windows Machine - Part 24:55
Explore Windows command-line techniques to enumerate network configurations, dump dhcp and system information, manipulate dns settings, and assess firewall and task statuses in ethical hacking contexts.
Linux Machine Part 16:20
Linux Machine Part 24:21
Mimikatz - Extracting Hashes From Memory8:35
Mimikatz demonstrates extracting credentials and hashes from memory, listing SAM and credential stores, using pass-the-hash to obtain shells, and elevating privileges to access sensitive data.
FGdump - Extracting Password Hashes6:37
Cracking Hashes6:44
Pivoting - Part 17:14
Pivoting - Part 25:19
Persistance - Maintaining Access to a Client Machine9:07
Learn to maintain access on a target by persisting with new administrator accounts, scheduled tasks, and registry or cron entries across Windows and Linux.

Requirements

A basic understanding of networking
Be able to understand the basics of using Linux based operating systems

Description

This course aims to teach student's how to become an ethical hacker/penetration tester from a networking perspective from scratch, therefore prior knowledge of the fundamentals of networking and basic Linux commands would be beneficial but not essential. The course covers the entire process of network based ethical hacking from a professional penetration testers point of view.

The introductory areas cover the ethics and jurisdictional points surrounding penetration testing a client network. The next sections include integral passive and active information gathering functions when conducting a client engagement.

The course then looks into the various exploitation techniques a hacker would use and accompanies detailed demonstrations of how to find and exploit such issues. Once exploited, the course then looks at post exploitation methods. This includes ways in which an attacker can further exploit the client to gain access to other areas of the network as well as maintain access once exploited.

Finally the course focuses on additional techniques an ethical hacker would take once they have already gained control of a client network and therefore use perspectives such as networking tools similar to Wireshark or TCPDump. In addition other entry points would include hardware tools that can be used for exploitation such as WiFi related hacking, which is only covered from a theoretical point of view within this course.

This course is perfect for anyone who is looking for a primer for more expensive ethical hacking certifications such as OSCP, CEH, and the technical element of CISSP.

Who this course is for:

Beginner level students who are interested in the world of ethical hacking and penetration testing

Network Penetration Testing (Ethical Hacking) From Scratch

What you'll learn

Explore related topics

Course content

Introduction5 lectures • 37min

Legal Considerations2 lectures • 11min

Setting up Your Environment11 lectures • 1hr 11min

Passive Information Gathering3 lectures • 14min

Active Information Gathering13 lectures • 1hr 22min

Exploitation20 lectures • 2hr 5min

Phishing - What is Phishing and Tools Used for Phishing1 lecture • 9min

Post Exploitation10 lectures • 1hr 6min

Other Techniques5 lectures • 26min

Requirements

Description

Who this course is for: