Learn Ethical Hacking From Scratch
4.6 (9,276 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
60,020 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Learn Ethical Hacking From Scratch to your Wishlist.

Add to Wishlist

Learn Ethical Hacking From Scratch

Become an ethical hacker that can hack computer systems like black hat hackers and secure them like security experts.
Bestselling
4.6 (9,276 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
60,020 students enrolled
Created by Zaid Sabih
Last updated 7/2017
English
English
Current price: $10 Original price: $180 Discount: 94% off
5 hours left at this price!
30-Day Money-Back Guarantee
Includes:
  • 12.5 hours on-demand video
  • 2 Articles
  • 16 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • 120 detailed videos about ethical hacking & computer security
  • Know what is hacking, ethical hacking and diffirent types of hackers
  • Learn about the different fields of ethical hacking
  • Set up a lab environment to practice hacking
  • Install Kali Linux - a penetration testing operating system
  • Install windows & vulnerable operating systems as virtual machines for testing
  • Learn linux basics
  • Learn linux commands and how to interact with the terminal
  • Learn Network Penetration Testing
  • Network basics & how devices interact inside a network
  • A number of practical attacks that can be used without knowing the key to the target network
  • Control connections of clients around you without knowing the password.
  • Create a fake Wi-Fi network with internet connection & spy on clients
  • Gather detailed information about clients and networks like their OS, opened ports ...etc.
  • Crack WEP/WPA/WPA2 encryptions using a number of methods.
  • ARP Spoofing/ARP Poisonning
  • Launch Various Man In The Middle attacks.
  • Gain access to any account accessed by any client in your network.
  • Sniff packets from clients and analyse them to extract important info such as: passwords, cookies, urls, videos, images ..etc.
  • Discover open ports, installed services and vulnerabilities on computer systems
  • Gain control over computer systems using server side attacks
  • Exploit buffer over flows and code execution vulnerabilities to gain control over systems
  • Gain control over computer systems using client side attacks
  • Gain control over computer systems using fake updates
  • Gain control over computer systems by backdooring downloads on the fly
  • Create undetectable backdoors
  • Backdoor normal programs
  • Backdoor any file type such as pictures, pdf's ...etc.
  • Gather information about people, such as emails, social media accounts, emails and friends
  • Use social engineering to gain full control over target systems
  • Send emails from ANY email account without knowing the password for that account
  • Read, write download, upload and execute files on compromised systems
  • Capture key strikes on a compromised system
  • Use a compromised computer as a pivot to gain access to other computers on the same network
  • Understand how websites & web applications work
  • Understand how browsers communicate with websites
  • Gather sensitive information about websites
  • Discover servers, technologies and services used on target website
  • Discover emails and sensitive data associated with a specific website
  • Find all subdomains associated with a website
  • Discover unpublished directories and files associated with a target website
  • Find all websites hosted on the same server as the target website
  • Exploit file upload vulnerabilities & gain full control over the target website
  • Discover, exploit and fix code execution vulnerabilities
  • Discover, exploit & fix local file inclusion vulnerabilities
  • Discover, fix, and exploit SQL injection vulnerabilities
  • Bypass login forms and login as admin using SQL injections
  • Writing SQL queries to find databases, tables and sensitive data such as usernames ad passwords using SQL injections
  • Read / Write files to the server using SQL injections
  • Learn the right way to write SQL queries to prevent SQL injections
  • Discover reflected XSS vulnerabilities
  • Discover Stored XSS vulnerabilities
  • Hook victims to BeEF using XSS vulnerabilities
  • Fix XSS vulnerabilities & protect yourself from them as a user
View Curriculum
Requirements
  • Basic IT Skills
  • Wireless adapter (for the wifi cracking section ONLY) - like ALFA AWUS036NHA Or anything with an Atheros chipset (more info provided in the course).
Description

This course was last updated on 26/04/2017

Welcome to my comprehensive course on Ethical Hacking! In this course, you will start as a beginner with no previous knowledge about penetration testing or hacking. The first thing you will learn is some basic information about ethical hacking and the different fields in penetration testing.

This course is focused on the practical side of penetration testing without neglecting the theory behind each attack. Before jumping into penetration testing, you will first learn how to set up a lab and install needed software to practice penetration testing on your own machine. All the attacks explained in this course are launched against real devices in my lab.

The course is structured in a way that will take you through the basics of linux, computer systems, networks and how devices communicate with each other. We will start by talking about how we can exploit these systems to carry out a number of powerful attacks. This course will take you from a beginner to a more advanced level -- by the time you finish, you will have knowledge about most penetration testing fields.

The course is divided into four main sections:

1. Network Penetration Testing - This section will teach you how to test the security of networks, both wired and wireless. First, you will learn how networks work, basic network terminology and how devices communicate with each other. Then it will branch into three sub sections:

  • Pre-connection: in this section, we still don't know much about penetration testing -- all we have is a computer with a wireless card. You will learn how gather information about the networks and computers around you and launch a number of attacks without a password, such as controlling the connections around you (ie: deny/allow any device from connecting to any network). You will also learn how to create a fake access point, attract users to connect to it and capture any important information they enter.
  • Gaining Access: Now that you have gathered information about the networks around you and found your target, you will learn how to crack the key and gain access to your target network. In this section you will learn a number of methods to crack WEP/WPA/WPA2 encryption.
  •  Post Connection: Now you have the key to your target network and you can connect to it. In this section you will learn a number of powerful attacks that can be launched against the network and connected clients. These attacks will allow you to gain access to any account accessed by any device connected to your network and read all the traffic used by these devices (images, videos, audio, passwords ...etc).

2. Gaining Access - In this section you will learn two main approaches to gain full control over any computer system:

  • Server Side Attacks:  In this approach you will learn how to gain full access to computer systems without the need for user interaction. You will learn how to gather information about a target computer system such as its operating system, open ports, installed services and discover weaknesses and vulnerabilities. You will also learn how to exploit these weaknesses to gain full control over the target. Finally you will learn how to generate different types of reports for your discoveries.
  • Client Side Attacks - If the target system does not contain any weaknesses then the only way to gain access to it is by interacting with the user. In this approach you will learn how to launch a number of powerful attacks to fool the target user and get them to install a backdoor on their device. This is done by creating fake updates and serving them to the user or by backdoornig downloaded files on the fly. You will also learn how to gather information about the target person and use social engineering to deliver a backdoor to them as an image or any other file type.

3. Post Exploitation - In this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute)maintain your access, spy on the target and even use the target computer as a pivot to hack other computer systems.

4. Web Application Penetration Testing - In this section you will learn how websites work. Then you will learn how to gather information about your target website, such as website owner, server location, used technologies and much more. You will also learn how to discover and exploit a number of dangerous vulnerabilities such as SQL injections, XSS vulnerabilities, etc.

At the end of each section you will learn how to detect, prevent and secure your system and yourself from these attacks.

All the attacks in this course are practical attacks that work against any computer device, ie: it does not matter if the device is a phone, tablet, laptop, etc. Each attack is explained in a simple way -- first you will learn the theory behind each attack and then you will learn how to carry out the attack using Kali Linux.

NOTE: This course is created for educational purposes only and all the attacks are launched in my own lab or against devices that I have permission to test.

NOTE: This course is totally a product of Zaid Sabih and no other organization is associated with it or a certification exam. Although, you will receive a Course Completion Certification from Udemy, apart from that NO OTHER ORGANIZATION IS INVOLVED.

Who is the target audience?
  • Anybody who is interested in learning ethical hacking / penetration testing
  • Anybody who wants to learn how hackers would attack their computer systems
  • Anybody who wants to learn how to secure their systems from hacker
Students Who Viewed This Course Also Viewed
Curriculum For This Course
137 Lectures
12:45:17
+
Introduction
3 Lectures 12:34

Welcome to the course, this lecture will give you a full outline of the structure of the course, and will give you an over view of what you will learn in each section.

Preview 03:15

This is a teaser lecture, in it I show you an example of the things that you'll be able to do at the end of the course, in this lecture I show you how to hack into a Windows 10 machine and turn on its web cam without asking the user to do anything.

As this is a teaser lecture, I won't be going into details about how is this achieved, but don't worry about that as I will break this down to you through out the course and you will understand exactly how to do that.

This is just one example, by the end of the course you'll learn much more attacks and be able to target all operating systems.

Preview 06:10

In this lecture you will learn what is meant by a hacker and what is the difference between white hat, grey hat and a black hat hacker. We will talk about why do we teach/learn hacking, benefits of it and job opportunities.

Preview 03:09
+
Setting up The Lab
5 Lectures 25:39

In this course, we will be using a number of operating systems, Kali for hacking and 2 others as victim or target machines, in this section you will learn how to install all of these machines as virtual machines inside your current operating system, this allow use to use all of the machines at the same time, it also completely isolates these machines from your main machine therefore your main machine will not be affected if anything goes wrong.

This lecture will give you an overview of the lab that we will need to set up for this course.

Preview 03:25

This lecture will give you an overview of what software you need to install for this course, and how it can be installed.

You will also see how to install Kali as a virtual machine.

Installing Kali 2017 As a Virtual Machine
08:32

In this lecture you will learn how to install a vulnerable operating system (Metasploitable) as a virtual machine so we can use it to practice penetration testing in future lectures.

Installing Metasploitable As a Virtual Machine
04:13

In this lecture you will learn how to set up a windows virtual machine so that we can try and hack into it to practice penetration testing.

Installing Windows As a Virtual Machine
03:21

In this lecture, you will learn how to store the current state of the virtual machines and how to use these restore points, this is very useful because it allows you to go back or forward to different configurations of the operating system.

Preview 06:08
+
Linux Basics
3 Lectures 20:53

In this lecture we will have a basic look on Kali linux just to get you comfortable with using it.

You will learn how to use its main applications, browse files, connect to the internet ....etc.

Basic Overview of Kali Linux
07:05

In this lecture you will learn how to interact with the linux terminal and run linux commands.

The Terminal & Linux Commands
09:06

In this lecture you will learn how to install programs on Kali, update the sources and upgrade the system.

Checkout the links in the resources if you face any issues after upgrading.

Updating Sources & Installing Programs
04:42
+
Network Penetration Testing
7 Lectures 28:47

This is an introduction lecture for the network penetration testing section, it will give you an overview of the structure of this section and what you will learn in it

Preview 02:42

Before jumping to network hacking you need to know some basics about networks, in this lecture you will learn how networks work and how devices communicate with each other.

Networks Basics
03:09

This video will teach you how to connect a USB device to Kali, as an example I will be connecting a wireless adapter to it so I can interact with wireless networks and try to hack them form Kali.

Connecting a Wireless Adapter To Kali
07:18

Media Access Control or MAC address is a uniques ID assigned to each network card, in this lecture you shall learn what is it, what does it do and how to change it.

What is MAC Address & How To Change It
04:44

This lecture will clarify why is it possible to capture any packet around us even if it's not directed to our device, you will learn about two wireless modes: monitor and managed mode, you shall learn what is the difference between them, when do we use each of them and how to correctly enable monitor mode on your wireless card.

Wireless Modes (Managed & Monitor)
05:02

This video shows another method that can be used to enable monitor mode just incase the method explained in the previous lecture did not enable it properly for you.

Enabling Monitor Mode Manually (2nd method)
02:36

This video shows another method that can be used to enable monitor mode just incase the method explained in the previous lectures did not enable it properly for you.

Enabling Monitor Mode Using airmon-ng (3rd method)
03:16
+
Network Penetration Testing - Pre Connection Attacks
5 Lectures 31:57

This is the first lecture in the "pre connection section", in this lecture you will learn how to use airodump-ng to see all the access points (WiFi Networks) and associated clients that are within your wireless range and gather information about them.

Packet Sniffing Basics Using Airodump-ng
05:40

In this lecture , we shall learn how to launch airodump-ng on a specific AP , and store all packets in a capture file.

Targeted Packet Sniffing Using Airodump-ng
07:27

Deauthentication attacks allow us to disconnect (disassociate) any client that is connected to any network that is within our wifi range even if the network uses encryption (such as WEP/WPA/WPA2).

Deauthentication Attack (Disconnecting Any Device From The Network)
05:16

Fake access points can be handy in many scenarios , one example is creating an open AP , this will attract a lot of clients , many of which will automatically connect to it. Then we can sniff all the traffic created by the clients that connect to it , and since its open , the traffic will not be encrypted !

This lecture will explain the theory behind creating a fake AP and what do we need to make it work.

Creating a Fake Access Point (Honeypot) - Theory
03:44

In this lecture you will learn how to create a fake AP using a tool called Mana-Toolkit.

PS: run the following command to install Mana

apt-get install mana-toolkit


Creating a Fake Access Point (Honeypot) - Practical
09:50
+
Network Penetration Testing - Gaining Access (WEP/WPA/WPA2 Cracking)
13 Lectures 55:38

Welcome to this section of the course , in this section we shall learn how to break WEP/WPA/WPA2 encryption and determine the network key.

Gaining Access Introduction
01:16

This lecture explains the weaknesses in WEP encryption and how we can use these weaknesses to break it.

WEP Cracking - Theory Behind Cracking WEP Encryption
03:26

In this video we shall learn the basics of cracking WEP encryption , the target is a WEP encrypted network with active clients.

WEP Cracking - Basic Case
06:27

In this lecture we shall learn the theory behind cracking WEP encrypted APs with no or idle clients.

To do this we will inject packets in the traffic, but before we can do that we need to authenticate our wifi card with the target AP so that it does not ignore our requests as AP's only accept packets from associated devices, therefore we shall learn how to fake authenticate our wifi card with the target AP so that it starts accepting packets from us.

WEP Cracking - Fake Authentication
05:59

This method can be used to crack idle or clientless AP's .

In this method , after successfully associating with the target AP , we will wait for an ARP packet , we will then capture this packet and inject it into the traffic , this will force the AP to generate a new ARP packet with a new IV , we capture this new packet and inject into the traffic again , this process is repeated until the number of IV's captured is sufficient enough to crack the key.

WEP Cracking - ARP Request Replay Attack
04:44

This is an introduction to WPA/WPA2 , we shall learn what is the main difference between WPA and WEP and why WPA is more difficult to crack.

WPA Cracking - Introduction
02:03

In this lecture we shall learn how to exploit the WPS feature to crack WPA/WPA2 encrypted AP's without a wordlist attack and without the need to any connected clients.

WPA Cracking - Exploiting WPS Feature
07:17

In this lecture we shall learn the theory behind cracking WPA/WPA2 encryption, why is it more difficult to crack, you will also learn what is a handshake and why do we need it to crack WPA/WPA2.

WPA Cracking - Theory Behind WPA/WPA2 Cracking
02:18

In this lecture we shall learn how to capture the handshake from the target AP.

WPA Cracking - How To Capture The Handshake
04:43

To crack WPA/WPA2 we need to use a wordlist attacks , you can download ready wordlists from the internet or create your own by following this lecture.

WPA Cracking - Creating a Wordlist
06:08

In this lecture we will use the wordlist created in the previous lecture to crack the WPA key using aircrack-ng.

WPA Cracking - Using a Wordlist Attack
02:49

In this lecture you will learn how to secure your network and protect it from the above attacks. 

Securing Your Network From The Above Attacks
02:03

In this lecture you will learn how to access your router's admin panel and configure it correctly to protect it from the above attacks and make it nearly impossible to crack.

How to Configure Wireless Security Settings To Secure Your Network
06:25
+
Network Penetration Testing - Post Connection Attacks
16 Lectures 01:43:25

This lecture is an introduction to the last section of network penetration testing, it will give you an outline of what we shall learn in this section and some important notes.

Preview 02:43

Gathering information is one of the most important steps in penetration testing. In this lecture we will learn how to use netdiscover to discover devices connected to the same network as us, we will be able to find their IP and MAC address.

Information Gathering - Discovering Connected Clients using netdiscover
03:31

In this lecture you will learn how to install autoscan and use it to discover connected devices and gather more information about these devices such as open ports and their operating system.

Gathering More Information Using Autoscan
08:42

In this lecture we shall learn how to use zenmap (the GUI for nmap) to discover all connected devices and gather detailed information about these devices, such as their operating system, open ports and even services using these ports.

Gathering Even More Information Using Zenmap
11:15

In this video we shall learn about one of the most dangerous and effective attacks that you can launch on a network; (ARP Poisonning) , we shall learn the theory behind ARP poisoning, how does it work and how it can be used to redirect the flow of packets and place us in the middle of the connection.

MITM - ARP Poisonning Theory
05:51

In this lecture we will learn how to use arpspoof to do a basic ARP poisoning attack and redirect the flow of packets in the network. 

MITM - ARP Spoofing using arpspoof
05:51

In this lecture we shall have a look on Man In The Middle Framework , how to use it to ARP poison a target client and sniff usernames and passwords from that target.

Basically you will learn how to capture any passwords entered by any device that's connected to the same network as you.

MITM - ARP Spoofing Using MITMf
05:21

In this lecture we shall learn how to bypass HTTPS/SSL so that we can capture passwords entered on HTTPS enabled web pages such as Hotmail and Yahoo.

Preview 04:40

If the user uses the "remember me" feature then we can't sniff the password because they will not enter it , the user will be authenticated using cookies, so in this lecture we shall learn how to sniff these cookies, inject them in the browser and access target user account without having to enter the user name and password.

Basically you will be able to access any account accessed by any user in the same network without having to enter the password.

Note: This only works if the target website does not use HTTPS everywhere, it will work if the target website use HTTPS on the login page only.

MITM - Session Hijacking
06:34

In this lecture we shall learn how to control DNS requests made by the target client, so basically it allows us to redirect requests made by computers on the same network to any other place, this can be very useful as it can be used to redirect computers to fake websites, fake updates, fake logins ...etc. 

MITM - DNS Spoofing
05:10

This lecture will teach you how to capture screenshots of any computer as long as you are the MITM, you will also learn how to inject a keylogger that will log all key strikes entered by the target .

MITM - Capturing Screen Of Target & Injecting a Keylogger
05:12

In this lecture you will learn how to inject HTML or Javascript code into the target browser, this is vey dangerous as it allows us to run a large number of attacks using javascript codes (more on this later), in this lecture we'll focus on injecting a simple javascript code.

MITM - Injecting Javascript/HTML Code
06:43

So far we have been using MITMf against the Windows virtual machine thrugh the virtual Nat Network, in this lecture I will show you how to use MITMf against a real computer that's connected to a real WiFi network, I will also cover a few important points that you need to keep in mind when using it against real devices.

MITM - Using MITMf Against Real Networks
09:08

Wireshark is a network protocol analyser, in this lecture we will have a basic overview on it, you will learn why is it useful and how to use it with MITM attacks or use it to analyse a capture file that contains data that you already sniffed.

Wireshark - Basic Overview & How To Use It With MITM Attacks
09:08

I this lecture you will learn how to use Wireshark to sniff data (traffic) sent/received by any client in your network. You will also learn how to analyse this data, filter HTTP traffic and find useful information such as the websites visited, sent requests and more!

Wireshark - Sniffing Data & Analysing HTTP Traffic
08:00

In this lecture we will continue using Wireshark, you will learn more methods to analyse the captured data, you'll learn how to find packets that contain specific information, how to capture logins (usernames and passwords), and how to capture the cookies if the person has already logged in, we will have examples on Hotmail and Dailymotion.

Wireshark - Capturing Passwords & Cookies Entered By Any Device In The Network
05:36
+
Network Penetration Testing - Detection & Security
2 Lectures 11:02

In this lecture we shall learn two methods to detect ARP poisoning attacks.

Preview 05:11

In this lecture we shall learn how to use Wireshark to detect ARP Poisoning attacks and other suspicious activities in the network, we will also learn how to protect against ARP Poisoning attacks.

Preview 05:51
+
Gaining Access To Computer Devices
1 Lecture 04:14

This is an introduction to the gaining access section which talks about a number of approaches to gain access to any computer device regardless of its type.

Preview 04:14
+
Gaining Access - Server Side Attacks
10 Lectures 01:17:44

Server side attacks allow you to gain access to a target computer without user interaction, in this section you will learn a number of methods to launch server side attacks and gain full control over your target without user interaction.

Preview 04:05

In this lecture we will have a look on a basic example of gaining control over a target computer, we will use Zenmap to gather information and discover the vulnerability, then you'll learn how to research and exploit a mis-configured service.

Basic Information Gathering & Exploitation
10:05

Metasploit is a huge penetration testing framework, in this lecture you will learn  how to use it to exploit a vulnerable target and gain full control over it.

Using a Basic Metasploit Exploit
07:31

In this lecture we will use a more complex vulnerability to gain full access to a vulnerable device using Metasploit.

Exploiting a Code Execution Vulnerability
10:03

This lecture will teach you how to install Metasploit Community.

Metasploit Community is a GUI for Metasploit that can be used to scan targets, discover open ports and services, and map found vulnerabilities to Metasploit modules.

MSFC - Installing MSFC (Metasploit Community)
05:46

In this video you will learn how to scan target(s) using Metasploit Community, this will show open ports, installed services and Metasploit Modules that can be used against the target(s).

MSFC - Scanning Target(s) For Vulnerabilities
03:21

In this video we will analyse the scan result obtained from the previous video and see how to launch a module and exploit the target system using Metasploit Community.

MSFC - Analysing Scan results & Exploiting Target System
09:42

Nexpose is a vulnerability management framework, it allows us to discover, assess and act on discovered vulnerabilities, it also tells us a lot of info about the discovered vulnerabilities, weather they are exploitable and helps us write a report at the end of the assessment.

When downloading Nexpose, you will be asked to enter a company email address, you can use the link in the resources to get a temporary email address which will be accepted by Nexpose.

Nexpose - Installing Nexpose
09:59

This lecture will teach you how to launch a scan using Nexpose, you will learn how to setup your target(s) and configure scan to suit your goals.

Nexpose - How To Configure & Launch a Scan
09:16

In this lecture we will analyse the scan results obtained from the previous video and see how to generate various types of reports.

Nexpose - Analysing Scan Results & Generating Reports
07:56
11 More Sections
About the Instructor
Zaid Sabih
4.6 Average rating
11,566 Reviews
82,116 Students
8 Courses
Ethical Hacker, Pentester & Computer Scientist

My name is Zaid Al-Quraishi , I am an ethical hacker, pentester and a computer scientist. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. 

I have a very good experience in ethical hacking. I started making video tutorials since 2009 in an ethical hacking website (iSecuri1ty), I received very good feedback for my tutorials which lead to promoting me as an editor in the website. I also work in the penetration testing team of iSecur1ty.

In 2013 I started teaching my first course online in the training center in iSecur1ty, again this course received amazing feedback for learners, which motivated me to create an English version of this course.

The english course was the most popular and the top paid course in Udemy for almost a year, again the feedback was amazing, therefore I decided to make more courses on ethical hacking, so I released a number of other courses which are doing just as good as that one.

My method of teaching is mostly by example, so I usually start by explaining the theory behind each technique, then I show you how it actually works in a real life situation.