
Explore the five main hacking types—network, website, computer, password, and email hacking—and see how each targets systems, with examples like Telnet, Nslookup, ping, and Tracert.
Explore three hacker types: black hat, white hat, and gray hat; compare goals, legality, and permissions. Test security with authorization by white hats; gray hats blend black and white approaches.
Discover VirtualBox, a free open source cross-platform tool to create and run virtual machines on Windows, download from Oracle VM VirtualBox, and install it, enabling various operating systems.
Download Kali Linux from the official site, choose the 64-bit VirtualBox option, and start the torrent download to set up a Kali Linux virtual machine.
Download metasploitable 2, an intentionally vulnerable Ubuntu Linux virtual machine for testing security tools, from SourceForge via Windows, downloading the metasploitable Linux zip (800 MB) and README.txt.
Set up and boot metasploitable 2 VM in VirtualBox, allocate 512 mb RAM, load metasploit disk, log in as msf admin to obtain IP 10.0.2.15; next, install OWASP BWA.
Install and boot OWASP BWA in a VirtualBox VM on Kali Linux within a metasploitable setup, log in as root, and note the VM IP address for ethical testing.
Master Linux terminal basics, navigate directories, and run programs using simple commands in Kali Linux. Discover how the command prompt and SSH enable quick, text-based pentest actions on target systems.
Explore how to use the man command to access command manuals and view options, and learn basics of clearing the screen and accessing help across Linux and Windows terminals.
Learn how to create directories from the Kali Linux terminal using mkdir, and navigate with cd and ls to organize folders, laying groundwork for practical penetration testing tasks.
Explore network penetration testing by detailing pre-connection, gaining, and post-connection attacks, including cracking wifi keys on WPA/WPA2 and intercepting credentials and data over wifi or wired networks.
Explore the basics of networks, where devices connect via physical or wireless links to share data and resources, with packets and MAC addresses guiding traffic.
Explore wireless standards, the Wi‑Fi Alliance's role in interoperability, and how 802.11 uses 2.4/5 GHz channels, with modulation like direct sequence and OFDM.
Compare 2.4 GHz and 5 GHz frequencies by range, bandwidth, and speed: 2.4 GHz covers longer range but slower, while 5 GHz is faster with less penetration and coverage.
Explore wireless adapter modes, including monitor and master modes, their roles in traffic capture and evil twin setup via a virtual access point, and how to verify adapter support.
Configure a wifi adapter for Kali Linux in VirtualBox by adding a USB filter, then use lsusb and iwconfig to confirm the connection for network penetration testing.
Explore the reconnection attack as the first phase of network penetration testing, covering network discovery, device profiling, monitor mode setup, airodump ng usage, and disconnecting a target device.
Connect a wireless USB adapter to Kali Linux in VirtualBox and switch the interface into monitor mode by disabling it, killing interfering processes, and enabling monitor mode.
Learn to use airodump-ng to target a specific wifi network, identify the access point, channel, and interface, and interpret terms like station, power, rate, loss, and frames.
Explore how a deauthentication attack disconnects any device from a wireless network within range by spoofing MAC addresses and using tools like aireplay-ng and airodump-ng.
Learn how to gain access to networks through wired or wireless connections, sniff unencrypted data, and decrypt encrypted traffic using WPA and WPA2 handshakes, wordlists, and cracking techniques.
Explore how WEP, the oldest wireless security standard, uses RC4 encryption and a 24-bit initialization vector, exposing keystreams and enabling vulnerability through statistical attacks with aircrack-ng.
Learn to crack WEP networks by collecting many IVs and using aircrack-ng to derive the keystream and WEP key. Set up monitor mode and use airodump-ng to capture packets.
Examine Wi-Fi protected access encryption, focusing on per-packet unique keys, and compare WPA and WPA2, noting CCMP/CMP encryption and statistical attacks.
Explore how WPA handshakes secure connections by exchanging four packets and using a unique temporary key, then capture the handshake and test passwords with a wordlist via aircrack.
Capture the WPA handshake with airodump-ng in monitor mode, then deauthenticate a client with aireplay-ng to capture the handshake and crack the key with a wordlist.
Learn to create a word list for WPA key cracking using crunch, generating password candidates from a defined min and max length, character set, and optional pattern saved for aircrack-ng.
The lecture shows cracking WPA and WPA2 passwords using aircrack-ng with a handshake file and a word list, including the required commands and process.
Explore post-connection attacks after joining a network, whether wireless or wired, using net discover and Zenmap to gather information and plan targeted attacks.
Discover how netdiscover and airodump-ng map connected devices, IP addresses, MACs, vendors, and router details for network vulnerability assessment in a /24 scan.
Explore server side vulnerability by information gathering, identifying installed services and misconfigurations, and scanning with Zenmap and Nmap to detect backdoors and remote access risks.
Demonstrate using the Metasploit framework from Rapid7 to exploit the vsftpd 2.3.4 backdoor, configure msf console with set options, and verify a compromised ftp target.
Explore what system hacking entails, including hacking desktops, laptops, and tablets, and how hackers exploit weaknesses, malware, social engineering, and vulnerabilities to access and misuse data.
Install and launch the Veil vision framework, then explore its evasion tool with 41 payloads to create backdoors and shellcode for exploitation.
Examine how antivirus databases use signature matching to detect malware and learn the fundamentals of backdoor payload generation within an ethical hacking framework.
Set up a listener for backdoor connections using msf console and multi handler, configure a windows meterpreter reverse https payload with lhost and lport, and start listening for incoming connections.
Upload and host a backdoor on an Apache server, direct the target to download it, and establish a listening backdoor to study post-exploitation techniques.
Welcome to Learn Ethical Hacking / Pen testing & Bug Bounty Hunting A:Z
This Ethical Hacking tutorial provides basic and advanced concepts of Ethical Hacking. Our Ethical Hacking tutorial is developed for beginners and professionals.
Ethical hacking tutorial covers all the aspects associated with hacking. Firstly, we will learn how to install the needed software. After this, we will learn the 4 type of penetration testing section which is network hacking, gaining access, post exploitation, website hacking.
In network hacking section, we will learn how networks work, how to crack Wi-Fi keys and gain access the Wi-Fi networks. In Gaining access section, we will learn how to gain access to the servers and personal computers. In the post-exploitation section, we will learn what can we do with the access that we gained in the previous section. So we learn how to interact with the file system, how to execute a system command, how to open the webcam. In the website hacking section, we will learn how the website works, how to gather comprehensive information about website. In the end, we will learn how to secure our system from the discussed attacks.
The course is divided into four main sections so let's see what we are going to learn:
Network Penetration Testing
Network penetration testing is the first penetration testing that we are going to cover in this section. Most of the systems and computers are connected to a network. If a device is connected to the internet, that means the device is connected to the network because the internet is a really big network. Therefore, we need to know that how devices interact with each other in a network, as well as how networks works.
Gaining access
Gaining access attack is the second part of the network penetration testing. In this section, we will connect to the network. This will allow us to launch more powerful attacks and get more accurate information. If a network doesn't use encryption, we can just connect to it and sniff out unencrypted data. If a network is wired, we can use a cable and connect to it, perhaps through changing our MAC address. The only problem is when the target use encryption like WEP, WPA, WPA2. If we do encounter encrypted data, we need to know the key to decrypt it, that's the main purpose of this section.
Post-Connection Attacks
All the attacks that we performed in the pre-connection and gaining access section, we weren't connected to a network. In this section, we are going to be talking about post-connection attack that means the attacks that we can do after connecting to the network. Now, it doesn't matter that the network is a wireless or a wired network and it doesn't matter that the target was using the WEP or WPA key, we can launch all of the attacks that we're going to talk about in this section.
Website / Web Application Hacking
In this section you will learn how websites work, how to gather information about a target website (such as website owner, server location, used technologies ....etc) and how to discover and exploit the dangerous vulnerabilities to hack into websites.
Who this course is for:
Anyone interested in learning ethical hacking
Anyone interested in how hackers hack computer systems
Anyone interested in how to secure systems from hackers
Notes:
This course is created for educational purposes only, all the attacks are launched in my own lab or against systems that I have permission to test.