Learn Hacking/Penetration Testing using Android From Scratch

Learn how to use Android as an ethical hacking tool to test the security of networks and computer systems.
4.6 (112 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
4,100 students enrolled Bestselling in Android Security
85% off
Take This Course
  • Lectures 48
  • Length 4.5 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works


Find online courses made by experts from around the world.


Take your courses with you and learn anywhere, anytime.


Learn and practice real-world skills and achieve your goals.

About This Course

Published 8/2015 English

Course Description


  • All the videos in this course are downloadable.

Welcome to my comprehensive course on using Android as a penetration testing tool, you will start as a beginner with no previous knowledge about penetration testing. The course will start with you from scratch, from preparing your Android device and computer, installing the needed apps and will finish up with examples of real life scenarios that will give you full control over various computer systems.

This course focuses on the practical side penetration testing without neglecting the theory behind each attack, for each attack you will learn how that attack works and then you will learn how to practically launch that attack, this will give you full understanding of the conditions which allow this attack to be successfully executed, this knowledge will help you to detect and sometimes prevent this attack from happening. The the attacks explained in this course are launched against real devices in my lab.

The Course is Divided into four main sections:

  1. Preparing: this section will take you through the steps of of preparing your computer and installing NetHunter (an Android penetration testing platform) on your Android device. You will also learn how to use the main menus of NetHunter, and as a bonus I added three lectures to teach you how to install Kali Linux (a penetration testing OS) on your computer.
  2. Information Gathering:in this section we still don't know much about penetration testing , all we have is an Android device with NetHunter installed on it, you will learn how to start gathering information about WiFi networks around you, not only that but you will also learn how to map your current networking, displaying the connected devices and information about them such as their IP address, Mac Address, OS, open ports and running services/programs. You will also learn how to connect an external wireless card to your Android device and prepare it to be used to crack WiFi keys.
  3. Spying: In this section you will learn  what is meant by MITM (Man In The Middle) and how to use your Android device to achieve it using three methods. Being the MITM will allow you to gain access to any account accessed by devices in your network, or accounts accessed by the device which your Android device is connected to via USB. You will also learn how to create a fake access point and spy on all the data sent on it. 
  4. Exploitation: In this section we will have a look on a number of exploitation methods that can be used to to gain full control over your target computer weather it runs Windows/Linux/OSX only by connecting your Android device to the target computerYou will also learn why you should never leave your computer locked on a login screen as you will see login screens can be bypassed on both OSX and Windows (ie: you'll be able to login without a password to Windows and OSX machines). Finally you will learn how to make an undetectable backdoor and deliver it to the target computer by replacing files that the target machine downloads or backdooring the downloaded files on the fly.
  5. Detection & Protection: In this section you will learn three methods to detect  ARP Poisoning Attacks, you will also learn how to use Wireshark to detect other suspicious activities in your network. We will also discuss how to protect against these MITM attacks and prevent them from happening. Finally you will learn how to detect backdoors that can bypass antivirus programs and check file integrity to ensure that they have not been backdoored.

NOTE: This course is created for educational purposes only and all the attacks are launched in my own lab or against devices that I have permission to test.

NOTE: This course is totally a product of Zaid Sabih and No other organization is associated for certification exam for the same. Although, you will receive Course Completion Certification from Udemy, apart from that No OTHER ORGANIZATION IS INVOLVED.

What are the requirements?

  • Basic IT skills
  • An Android device preferably a Nexus device or OnePlus One phone

What am I going to get from this course?

  • 45 Lectures to teach you how to use your android device to hack into other computers & networks to test their security
  • Root and unlock your Android device (For nexus devices only)
  • Install NetHunter on your Android Device (For nexus devices only)
  • Install other apps needed for penetration testing
  • Install Kali Linux as a virtual machine inside windows or OSX
  • Discover all wifi networks around you and gather information about them
  • Prepare your Android device to be used to crack Wi-Fi passwords (WEP/WPA/WPA2)
  • Discover devices in the same network & their OS, open ports, running services ...etc
  • Create a fake access point with internet connection & spy on clients
  • Spy on computers wirelessly (ARP Spoofing) or by connecting to them using the USB cable (BadUSB Attack)
  • Carry out a number of man-in-the-middle attacks
  • Analyse packet files using Wireshark
  • Bypass OSX/Windows login screens
  • Setup your android device to execute OS commands as soon as connected to a target computer
  • Gain full control over Windows/OSX/Linux devices as soon as you connect your Android device to them
  • Gain full control over any computer in the same network using a number of methdos
  • Combine a number of methods to represent real life senarios
  • Secure yourself against the discussed attacks

Who is the target audience?

  • Anybody who is interested in hacking/penetration testing
  • Anybody who is interested in learning how to use Android to test the security of computer systems

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.


Section 1: Introduction

This is just an overview of what you will learn in the course, it shows the course outline, main sections of the course and the main subjects of each section.

Section 2: Weaponizing

This lecture explains what you need to do in order to prepare your Android device for penetration testing, it will not go in detail of how to do each step as that is explained in the next lectures.

Installing & Configuring Nexus Root Toolkit
Installing Device Drivers
Unlocking & Rooting The Device
Installing NetHunter

This lecture will just give you a quick view of the home menu of NetHunter, it will also show you the lab that I will be using during this lecture.

Section 3: Installing Kali Linux As Virtual Machine (Optional)

This lecture will give you an overview of what software you need to install for this course, and how it can be installed.

You will also see how to install Kali as a virtual machine.


In this lecture you will learn how to install Kali Linux using the iso image.

Skip this lecture if the method above works for you and you're happy enough with it.


In this lecture we will have a basic look on Kali linux just to get you comfortable with using it.

Section 4: Information Gathering

This lecture will show you how to discover all WiFi networks around you, you will also be able to see important information about these networks and how far they are.


This lecture shows you how to prepare your Android device to be used in cracking WiFi keys.

Once this is done the cracking process is the same weather it is from your phone or laptop, there fore it is not explained in this course as it is not specific to Android devices.

I have a full course explaining how to crack WiFi keys, so if you are interested into learning that please send me a private message and I will give you that course for $10 only.


This lecture will show you how to use Wifi Analyser to discover the connected devices to your network, this is a quick method but will only show basic info about these devices.


In this lecture we will use a new app called Zanti2, we will use it to discover connected devices and show more info about them than the previous method such as the open ports in the discovered devices.


In this lecture, we will use Zanti's advanced scan option which uses nmap to show more info about the connected devices such as the services (programs) that use the open ports we discovered in the previous vidoe.

Section 5: Spying

This lecture will give you an overview of the attacks and concepts that you will learn in this section of the course.

This section will cover a number of attacks to spy on a target and capturing sensitive data such as usernames and passwords.


This lecture will give you a brief description of each MITM (Man In The Middle) attack that you will learn in this section, these attacks will basically place you in the middle of the connection between you and the target, allowing you to capture and read everything the target send or recieve, not only that but you'll also be able to modify the data sent/recieved

Section 6: Spying > MITM Method 1 - Bad USB Attack

This is the first method that you will learn on becoming the man in the middle, this attack works by connecting your device to any computer (MAC/Linux/Windows), once you connect your Android to the target device, the android device will fool the target device that it is a network card forcing all the traffic to be redirected through your device, this means that anything the target person does on the internet (including usernames and passwords) will flow through your Android device which allows you to read/modify this info.


After launching the badUSB attack, the data will flow through the device, in this lecture you will learn how to store this data on file and read it using Wireshark.


In this lecture we shall learn how to bypass HTTPS/SSL so that we can sniff passwords from HTTPS enabled web pages such as hotmail and yahoo.


In this video we shall learn how to control DNS requests made by the target computer. 

This can be very useful in many cases, for example redirect requests from live.com to a fake login page or to a paeg asking them to download a backdoored update.

Section 7: Spying > MITM Method 2 - ARP Poisonning

In this lecture you will learn how ARP Poisoning works, one of the most dangerous and effective MITM attacks.


This video will teach you how to use a tool called arpspoof to arp poison a network and become the man in the middle.


This video show you how to use Zanti2 to do arp poisoning.


This video shows you how to capture downloaded files and replace them with any other file.


Here we will have a look on other attacks that you can do while being the man in the middle like replacing all images loaded by the target person, injecting html code and executing java script at the target computer.

Section 8: Spying > MITM Method 3 - Fake Access Point (Honey Pot)

This is the 3rd method to become the man in the middle, in this method we will create a fake AP with internet connection so that when people connect to it we will automatically be the man in the middle.


In this video we well have a look on Mana-Toolkit (the tool that we will use to create the fake AP) and the setup we need to successfully run a fake access poing.


In this lecture you will learn how to configure mana and start the AP.


In this video you will learn how to store the data sent in the fake AP and analyse it to find sensitive data such as passwords.

Section 9: Detection & Protection

In this lecture we shall learn two methods to detect ARP poisoning attacks.


In this lecture we shall learn how to use Wireshark to detect ARP Poisoning attacks and other suspicious activities in the network, we will also learn how to protect against ARP Poisoning attacks.

Section 10: Exploitation (Gaining Access)

This lecture will give you a quick overview of the methods and attacks that you will learn in this section.

In this section you will learn a number of attacks that will give you full control over the target computer.


In this video you will lean how to set up your Android device so that it can be used to login to Windows and OSX computers without a password.


This video shows you how to bypass Windows and OSX logins using your android device., ie: logging in without a password.


This lecture will teach you how to create an undetectable backdoor.


Here you will learn how to use the metasploit meterpreter after hacking a certain device.

You will learn how to browse the file system, download/upload files, start a key logger and much more!


In this lecture we will use the backdoor we created earlier and replace any downloaded exe with that backdoor.


In this video you will learn how to backdoor exe's as they are being downloaded, this means that the downloaded file will work perfectly but at the same time it will execute your backdoor.


In this lecture you will learn how to program your android device to execute windows commands when it's connected to a Windows computer via USB.


In this lecture we will use the same method as before, but we will gain full access to the target computer using the powersploit option.

Section 11: Exploitation - Rubber Ducky Scripts

This lecture will teach you how to convert rubber ducky scripts to HID Keyboard attack format so that they can be automatically executed as soon as you connect your Android device to a computer via USB


In this video you will learn how to use a download and execute script to download any file and execute it on the target machine when you connect your Android device to that machine.


Here we will use another script that will give us full access to any OSX machine once connected to our Android device.


I this lecture we will use a ducky script to gain full access to Linux machines using the keyboard attack.

Section 12: Detecting Malicious Files

This lecture will teach you how to protect yourself from the backdoor delivery methods & check file integrity to make sure it has not been modified.


This lecture will show you how to use a sandbox to detect the backdoor we created in previous video even though it is not detectable by anti-virus programs.

Section 13: Bonus Section
Bonus Lecture - Discounts On My Full Ethical Hacking Courses

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Zaid Sabih, Ethical Hacker, Pentester & Computer Scientist

My name is Zaid Al-Quraishi , I am an ethical hacker, pentester and a computer scientist. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. 

I have a very good experience in ethical hacking. I started making video tutorials since 2009 in an ethical hacking website (iSecuri1ty), I received very good feedback for my tutorials which lead to promoting me as an editor in the website. I also work in the penetration testing team of iSecur1ty.

In 2013 I started teaching my first course online in the training center in iSecur1ty, again this course received amazing feedback for learners, which motivated me to create an English version of this course.

The english course was the most popular and the top paid course in Udemy for almost a year, again the feedback was amazing, therefore I decided to make more courses on ethical hacking, so I released a number of other courses which are doing just as good as that one.

My method of teaching is mostly by example, so I usually start by explaining the theory behind each technique, then I show you how it actually works in a real life situation.

Ready to start learning?
Take This Course