Information Gathering : Basic to advance level course

Basic to advance level course for IT Security aspirants
4.5 (11 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
118 students enrolled
$19
$50
62% off
Take This Course
  • Lectures 47
  • Length 1 hour
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 4/2016 English

Course Description

Dear Students,
Welcome to our course on Information Gathering also known as Reconnaissance.
You might have taken a course on Hacking/Penetration testing but have you ever wonder how to initiate an attack as a Penetration tester?
This course forms the basis for anyone who wants to become a real-time penetration tester. Our other courses will have taught you how to perform an attack, but this course will form the foundation on which we teach you how to research and gather information about your target as a security enthusiast without leaving any traces.
In this course, we will teach you how an attacker gathers information about their target (which may be an individual or an organization) in an ethical way. This course helps the participant to understand the various methods and means by which an attacker gathers confidential information before launching an attack.
We have designed this course to enable those aspiring to enter the information security field to learn the basic or the preparation steps that one needs to take care of before jumping into real time attacks. By the end of this course, you will be familiar with how attackers gather various types of information such as Individual, organizational, web based, system based and network based information before launching an attack.
This course has been specifically designed by a team of information security researchers who are acknowledged experts in their field.
This course has been designed to accelerate your learning process through the use of creative animations and easy to understand voice over narratives.
Complex hacking concepts have been broken down into easy to understand modules.
Together, our team will walk you through the entire learning process step by step.
This course is perfect for anybody who is passionate about developing their skills in the field of internet security. No prior training is required to take this course as we will start with the basics. We welcome anyone with a thirst for learning.
We look forward to having you join us. In the meantime, please feel free to take a look at our demo tutorial and exercise before you purchase the full course.

What are the requirements?

  • This course includes all the material required either as video or as a downloadable link hence there is no pre required materials or softwares for this course.
  • No prior training is required to take this course as we will start with the basics.
  • We welcome anyone with a thirst for learning

What am I going to get from this course?

  • Understand how one’s online identity can easily be found and how to protect yourself.
  • Learn how to maintain anonymity online.
  • Learn how an individual’s information can be gathered!
  • Understand how mail based probes can leak sensitive information!
  • Understand how an organisation’s information can be collected!
  • Learn how web based, network based and system based information can be gathered!
  • Learn how Google helps in information gathering
  • Learn how humans are the weakest link in extracting sensitive information.

What is the target audience?

  • This course forms the basis for anyone who wants to become a real-time penetration tester, hence student with no prior knowledge on Information security can opt for this course.
  • This course is perfect for existing system administrators, network architects, network administrators, network security professionals,web designers as well as anybody who is passionate about developing their skills in the field of internet security.
  • We have designed this course to enable those aspiring to enter the information security field to learn the basic or the preparation steps that one needs to take care of before jumping into real time attacks.
  • Very rarely this course consist of software codes, however those codes are explained in a detailed manner. Hence one shouldn't bother about prior coding knowledge.
  • By the end of this course, you will be familiar with how attackers gather various types of information such as Individual, organizational, web based, system based and network based information before launching an attack.

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Introduction to Information Gathering
01:03

Information Gathering, the first phase of Hacking, deals with acquiring a technical blueprint of the target. In this course we will teach you everything you need to know in order to mask your identity as well as various methods of information gathering and hacking processes.

01:03

The process of preparing oneself for attacking the target is called the Information Gathering Phase. This module gives an insight into the scope of information gathering and how it can be accomplished.

Introduction
1 question
Section 2: Masking Identity
01:08

This module gives you an insight into the different methods by which one can hide his identity.

Masking Identity
1 question
03:38

The process of using the SSH protocol to connect to a proxy and initiate the collection of information about the target is called SSH tunnelling and in this module we will explain how to use this to mask your identity.

SSH Tunnelling
2 questions
03:09

The process of using the HTTP protocol to connect to a proxy and initiate collection of information about the target is called HTTP tunnelling and in this module we will explain how to use this to mask your identity.

HTTP Tunnelling
1 question
01:53

TOR or The Onion Routing is one of the best methods to prevent you from being identified while gathering information about the target. This module deals with how this can be done.

TOR
1 question
00:55

This method of hiding oneself uses TOR network to run applications. In this module we will teach you how this can be done.

Proxy Chains
1 question
04:27

In this module, you will learn about the most interesting method, and the best one a black hat hacker follows, is injecting a Trojan horse that would make the infected machine act as a proxy to carry out your Information Gathering.

Proxy Trojans
2 questions
02:00

In this module, we will cover how Virtual Private Network uses multiple protocols to connect to a public network securely and then initiate the information gathering.

Virtual Private Network
1 question
Section 3: Individual Profiling
03:02

Social Profiling of an Individual involves gathering information available on SNS about an individual.

01:13

Having seen how to gather information about the target from publically available information which usually pertains only to his day to day life, it is now time to collect information pertaining to his career. This is called Career Profiling.

Exercise 1-Social and career profiling
Article
Exercise 2-Social and career profiling
Article
01:05

Instead of manually checking for the targets information from publically available resources, this can easily be done using a tool called Maltego.Let us see how this can be done here.

01:06

Obtaining lists of email addresses using various methods is called EMAIL ADDRESS HARVESTING. This allows the attacker to collect the list of email addresses to which he can send fake mails that would lure the victim into revealing sensitive information. In this module we will show you how this is done.

Email Address Harvesting
1 question
02:24

When an attacker is done with email harvesting they might send fake emails to lure the victim, but keeping track of the emails that are being sent is a tedious process. This can be made easier by making use of email tracking automation tools which we will cover in this module.

Email Tracking
1 question
Section 4: Organization Profiling
01:56

CIG or Competitive Intelligence Gathering is done in order to dig deeper into the organisation in order to find their flaws.

02:31

This is an interesting part of information gathering about the organisation because it lets us know human resources is being utilised and the infrastructure under which the organisation is working.

Exercise 1-Organisation Profiling
Article
Exercise 2-Organisation Profiling
Article
Section 5: Web Based Information Gathering
01:17

This is an interesting part of information gathering about the organisation because it lets us know human resources is being utilised and the infrastructure under which the organisation is working.

1 question

State whether the following sites are hosted on a dedicated server or a shared server:

01:59

This module explains the collection of web architecture information such as the plugins and tools used in the website building.

01:48

In this section we will study the infrastructures such as the application framework upon which the website is built.

01:20

The final part of the website information gathering involves gathering the information about the domain which is helpful in carrying out different attacks on the target.

02:13

IP Address or Internet Protocol Address is the unique identification number given to each and every system connected with the internet. This part of the Information Gathering series will tell you how these IP addresses actually work.

IP Addresses
3 questions
Exercise 1-Website Information Gathering
Article
Exercise 2-Website Information Gathering
Article
Section 6: Network Based Information Gathering
01:01

Now, it is time to learn how Information Gathering of an internal network be initiated. This module gives an insight about how an internal network can be gained access of.

01:30

This part of the series will teach you how the network of the target can be mapped once access is gained to the network.

01:17

This part involves learning more about the scan called Ping Sweep which allows you to determine whether the state of the machine is Up or Down.

Network Based Information Gathering
1 question
Section 7: System Based Information Gathering
00:48

Having accumulated enough knowledge on how web based and network based information can be gathered it is now time to concentrate on the most sensitive part – The System. In this section, we will elaborate on that.

02:55

All the attacks which are targeted on a system are based on the ports that are kept open in a system. To know which ports are open, one must first know what a port is and how it is useful in a communication to a system.

In this section, we will help you brush up on the concepts of ports and scans.

03:18

In this part of the series, we will explain how the Transport Layer Protocols are useful in determining the state of the ports in a system.


01:52

In this section, we will explain how a TCP scan and half open scan can be initiated.

01:57

This part explains how an idle scan can be initiated.

01:23

In this section, we will explain how an ACK and FIN scan can be initiated to find out whether a port is behind a firewall or not.

02:05

In this section, we will explain how a NULL and XMAS  scan can be initiated to find out whether a port  is behind a firewall or not.

00:37

This module we will give you an insight into the methods by which the target’s operating system and the Hostnames can be enumerated.

00:58

The process of intruding on the target to find the Operating System is called Active OS fingerprinting which is demonstrated in this section.

01:03

The process of gathering information on the Operating System on which the system is running is called Passive OS fingerprinting which is demonstrated here.

01:00

This method involves collecting OS and Hostname information about the target passively. In this section we will demonstrate how this can be done.

System Based Information Gathering
2 questions
Section 8: The Essential Contents of Hacker's Toolkit
02:39

Google Hacking is not hacking Google itself but using Google for hacking. It can be achieved by using the search engines capability to respond to filters called Google Dorks. The usage of Google Dorks to target an attack is explained here.

Exercise 1-Google Dorking
Article
Exercise 2-Google Dorking
Article
Exercise 3-Google Dorking
Article
01:40

A hacker's tool kit surely consists of shodan and exploit DB and a knowledge of the deep net and the dark web is useful at any point. This part of the series allows you to gain an insight into the above.

01:36

Shoulder Surfing, Dumpster Diving and Social Engineering are the three other ways that involve no technical expertise in order to gain information about the target. You will learn more about these in this module.

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

infySEC is a rapidly growing Information Security Services Organization. Our focus is on three areas: Client Security, Research & Development and Information Security Education. infySEC is committed in providing an innovative set of services that address our client's security needs. infySEC keeps focusing on Research & Development, Vulnerabilities Analysis and Tools Development.

Ready to start learning?
Take This Course