Information Gathering : Basic to advance level course
4.2 (23 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
219 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Information Gathering : Basic to advance level course to your Wishlist.

Add to Wishlist

Information Gathering : Basic to advance level course

Basic to advance level course for IT Security aspirants
4.2 (23 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
219 students enrolled
Last updated 4/2016
English
Current price: $10 Original price: $50 Discount: 80% off
5 hours left at this price!
30-Day Money-Back Guarantee
Includes:
  • 1 hour on-demand video
  • 9 Articles
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Understand how one’s online identity can easily be found and how to protect yourself.
  • Learn how to maintain anonymity online.
  • Learn how an individual’s information can be gathered!
  • Understand how mail based probes can leak sensitive information!
  • Understand how an organisation’s information can be collected!
  • Learn how web based, network based and system based information can be gathered!
  • Learn how Google helps in information gathering
  • Learn how humans are the weakest link in extracting sensitive information.
View Curriculum
Requirements
  • This course includes all the material required either as video or as a downloadable link hence there is no pre required materials or softwares for this course.
  • No prior training is required to take this course as we will start with the basics.
  • We welcome anyone with a thirst for learning
Description

Dear Students,
Welcome to our course on Information Gathering also known as Reconnaissance.
You might have taken a course on Hacking/Penetration testing but have you ever wonder how to initiate an attack as a Penetration tester?
This course forms the basis for anyone who wants to become a real-time penetration tester. Our other courses will have taught you how to perform an attack, but this course will form the foundation on which we teach you how to research and gather information about your target as a security enthusiast without leaving any traces.
In this course, we will teach you how an attacker gathers information about their target (which may be an individual or an organization) in an ethical way. This course helps the participant to understand the various methods and means by which an attacker gathers confidential information before launching an attack.
We have designed this course to enable those aspiring to enter the information security field to learn the basic or the preparation steps that one needs to take care of before jumping into real time attacks. By the end of this course, you will be familiar with how attackers gather various types of information such as Individual, organizational, web based, system based and network based information before launching an attack.
This course has been specifically designed by a team of information security researchers who are acknowledged experts in their field.
This course has been designed to accelerate your learning process through the use of creative animations and easy to understand voice over narratives.
Complex hacking concepts have been broken down into easy to understand modules.
Together, our team will walk you through the entire learning process step by step.
This course is perfect for anybody who is passionate about developing their skills in the field of internet security. No prior training is required to take this course as we will start with the basics. We welcome anyone with a thirst for learning.
We look forward to having you join us. In the meantime, please feel free to take a look at our demo tutorial and exercise before you purchase the full course.

Who is the target audience?
  • This course forms the basis for anyone who wants to become a real-time penetration tester, hence student with no prior knowledge on Information security can opt for this course.
  • This course is perfect for existing system administrators, network architects, network administrators, network security professionals,web designers as well as anybody who is passionate about developing their skills in the field of internet security.
  • We have designed this course to enable those aspiring to enter the information security field to learn the basic or the preparation steps that one needs to take care of before jumping into real time attacks.
  • Very rarely this course consist of software codes, however those codes are explained in a detailed manner. Hence one shouldn't bother about prior coding knowledge.
  • By the end of this course, you will be familiar with how attackers gather various types of information such as Individual, organizational, web based, system based and network based information before launching an attack.
Students Who Viewed This Course Also Viewed
Curriculum For This Course
47 Lectures
01:09:36
+
Introduction to Information Gathering
2 Lectures 02:06

Information Gathering, the first phase of Hacking, deals with acquiring a technical blueprint of the target. In this course we will teach you everything you need to know in order to mask your identity as well as various methods of information gathering and hacking processes.

Preview 01:03

The process of preparing oneself for attacking the target is called the Information Gathering Phase. This module gives an insight into the scope of information gathering and how it can be accomplished.

Preview 01:03

Introduction
1 question
+
Masking Identity
7 Lectures 17:10

This module gives you an insight into the different methods by which one can hide his identity.

Preview 01:08

Masking Identity
1 question

The process of using the SSH protocol to connect to a proxy and initiate the collection of information about the target is called SSH tunnelling and in this module we will explain how to use this to mask your identity.

Preview 03:38

SSH Tunnelling
2 questions

The process of using the HTTP protocol to connect to a proxy and initiate collection of information about the target is called HTTP tunnelling and in this module we will explain how to use this to mask your identity.

HTTP Tunnelling
03:09

HTTP Tunnelling
1 question

TOR or The Onion Routing is one of the best methods to prevent you from being identified while gathering information about the target. This module deals with how this can be done.

TOR – The Onion Routing
01:53

TOR
1 question

This method of hiding oneself uses TOR network to run applications. In this module we will teach you how this can be done.

Proxy Chains
00:55

Proxy Chains
1 question

In this module, you will learn about the most interesting method, and the best one a black hat hacker follows, is injecting a Trojan horse that would make the infected machine act as a proxy to carry out your Information Gathering.

Proxy Trojans
04:27

Proxy Trojans
2 questions

In this module, we will cover how Virtual Private Network uses multiple protocols to connect to a public network securely and then initiate the information gathering.

VPN
02:00

Virtual Private Network
1 question
+
Individual Profiling
7 Lectures 08:59

Social Profiling of an Individual involves gathering information available on SNS about an individual.

Preview 03:02

Having seen how to gather information about the target from publically available information which usually pertains only to his day to day life, it is now time to collect information pertaining to his career. This is called Career Profiling.

Career Profiling
01:13

Exercise 1-Social and career profiling
00:04

Exercise 2-Social and career profiling
00:04

Instead of manually checking for the targets information from publically available resources, this can easily be done using a tool called Maltego.Let us see how this can be done here.

Automated Tracking of the Target information
01:05

Obtaining lists of email addresses using various methods is called EMAIL ADDRESS HARVESTING. This allows the attacker to collect the list of email addresses to which he can send fake mails that would lure the victim into revealing sensitive information. In this module we will show you how this is done.

Preview 01:06

Email Address Harvesting
1 question

When an attacker is done with email harvesting they might send fake emails to lure the victim, but keeping track of the emails that are being sent is a tedious process. This can be made easier by making use of email tracking automation tools which we will cover in this module.

Email Tracking
02:24

Email Tracking
1 question
+
Organization Profiling
4 Lectures 04:39

CIG or Competitive Intelligence Gathering is done in order to dig deeper into the organisation in order to find their flaws.

Competitive Intelligence Gathering
01:56

This is an interesting part of information gathering about the organisation because it lets us know human resources is being utilised and the infrastructure under which the organisation is working.

Human Resource and Infrastructure Mapping
02:31

Exercise 1-Organisation Profiling
00:04

Exercise 2-Organisation Profiling
00:07
+
Web Based Information Gathering
7 Lectures 08:50

This is an interesting part of information gathering about the organisation because it lets us know human resources is being utilised and the infrastructure under which the organisation is working.

The Website
01:17

State whether the following sites are hosted on a dedicated server or a shared server:

Website Information Gathering
1 question

This module explains the collection of web architecture information such as the plugins and tools used in the website building.

Website Architecture
01:59

In this section we will study the infrastructures such as the application framework upon which the website is built.

Website Infrastructure
01:48

The final part of the website information gathering involves gathering the information about the domain which is helpful in carrying out different attacks on the target.

The Domain
01:20

IP Address or Internet Protocol Address is the unique identification number given to each and every system connected with the internet. This part of the Information Gathering series will tell you how these IP addresses actually work.

IP Address
02:13

IP Addresses
3 questions

Exercise 1-Website Information Gathering
00:06

Exercise 2-Website Information Gathering
00:06
+
Network Based Information Gathering
3 Lectures 03:48

Now, it is time to learn how Information Gathering of an internal network be initiated. This module gives an insight about how an internal network can be gained access of.

Network Based Information Gathering - An introduction
01:01

This part of the series will teach you how the network of the target can be mapped once access is gained to the network.

Mapping the Network
01:30

This part involves learning more about the scan called Ping Sweep which allows you to determine whether the state of the machine is Up or Down.

Checking for Machines to be Up
01:17

Network Based Information Gathering
1 question
+
System Based Information Gathering
11 Lectures 17:56

Having accumulated enough knowledge on how web based and network based information can be gathered it is now time to concentrate on the most sensitive part – The System. In this section, we will elaborate on that.

System Based Information Gathering
00:48

All the attacks which are targeted on a system are based on the ports that are kept open in a system. To know which ports are open, one must first know what a port is and how it is useful in a communication to a system.

In this section, we will help you brush up on the concepts of ports and scans.

Ports – A Brush Up
02:55

In this part of the series, we will explain how the Transport Layer Protocols are useful in determining the state of the ports in a system.


TCP and UDP Headers and Role of Flags
03:18

In this section, we will explain how a TCP scan and half open scan can be initiated.

TCP or Full Open Scan and Half Open Scan
01:52

This part explains how an idle scan can be initiated.

Idle Scan
01:57

In this section, we will explain how an ACK and FIN scan can be initiated to find out whether a port is behind a firewall or not.

ACK and FIN Scan
01:23

In this section, we will explain how a NULL and XMAS  scan can be initiated to find out whether a port  is behind a firewall or not.

NULL and XMAS Scan
02:05

This module we will give you an insight into the methods by which the target’s operating system and the Hostnames can be enumerated.

Targeting the Operating System and Host Names
00:37

The process of intruding on the target to find the Operating System is called Active OS fingerprinting which is demonstrated in this section.

Active OS Fingerprinting
00:58

The process of gathering information on the Operating System on which the system is running is called Passive OS fingerprinting which is demonstrated here.

Passive OS fingerprinting
01:03

This method involves collecting OS and Hostname information about the target passively. In this section we will demonstrate how this can be done.

SMB Versioning:
01:00

System Based Information Gathering
2 questions
+
The Essential Contents of Hacker's Toolkit
6 Lectures 06:08

Google Hacking is not hacking Google itself but using Google for hacking. It can be achieved by using the search engines capability to respond to filters called Google Dorks. The usage of Google Dorks to target an attack is explained here.

Google Hacking
02:39

Exercise 1-Google Dorking
00:06

Exercise 2-Google Dorking
00:03

Exercise 3-Google Dorking
00:04

A hacker's tool kit surely consists of shodan and exploit DB and a knowledge of the deep net and the dark web is useful at any point. This part of the series allows you to gain an insight into the above.

Dark Net/DEEP Web and Shodan HQ/Exploit DB
01:40

Shoulder Surfing, Dumpster Diving and Social Engineering are the three other ways that involve no technical expertise in order to gain information about the target. You will learn more about these in this module.

Non- Technical Attacks
01:36
About the Instructor
Creative Instructor - Director infySEC UK
4.4 Average rating
499 Reviews
2,639 Students
7 Courses
To ReInforce Trust in IT

infySEC is a rapidly growing Information Security Services Organization. Our focus is on three areas: Client Security, Research & Development and Information Security Education. infySEC is committed in providing an innovative set of services that address our client's security needs. infySEC keeps focusing on Research & Development, Vulnerabilities Analysis and Tools Development.