ARP spoofing &Man In The Middle Attacks Execution &Detection

Learn practical attacks to test the security of clients connected to a network and how to protect against these attacks
4.8 (32 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
747 students enrolled
$19
$50
62% off
Take This Course
  • Lectures 26
  • Length 2.5 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 6/2015 English

Course Description

Notes:

  • All the videos in this course are downloadable.
  • This price is only for the 1st 1000 students, the price will go up after that.

In this course you will start as a beginner with no previous knowledge about penetration testing. The course is structured in a way that will take you through the basics of networking and how clients communicate with each other, then we will start talking about how we can exploit this method of communication to carry out a number of powerful attacks.

This course is focuses on the practical side of wireless penetration testing without neglecting the theory behind each attack, all the attacks explained in this course are launched against real devices in my lap.

The Course is Divided into four main sections:

  1. Networks Basics: in this section you will learn how networks work, how devices communicate with each other and how the information is transferred in a wireless networks. You will also learn about basic terminology, what is a channel ? What is MAC address and how to change it ?
  2. Information Gathering: In this section you will learn how to map the current network, ie: discover all the connected devices (clients), not only that but you will also learn how to gather important information about these clients, such as their MAC address, their IP, Operating system, open ports, programs that are using these ports and maybe even the exact version of the program.
  3. MITM Attacks: in this section you will learn a number of very powerful attacks that you can launch against the network and the connected clients, these attacks will allow you to gain access to any account accessed by any client connected to your network, read all the traffic used by these clients (images , videos , audio passwords, cookies, urls ...etc), and gain full access to any client in your network.
  4. Protection: In this section you will learn how to detect these attacks and protect yourself and your network against them.

All the attacks in this course are practical attacks that work against any device connected to our network, ie: it does not matter if the device is a phone , tablet laptop ...etc. Each attack is explained in a simple way first so that you understand how it actually works, so first you will learn the theory behind each attack and then you will learn how to carry out the attack using Kali Linux.

NOTE: This course is totally a product of Igneus Technologies and No other organization is associated for certification exam for the same. Although, you will receive Course Completion Certification from Udemy, apart from that No OTHER ORGANIZATION IS INVOLVED.

What are the requirements?

  • Basic IT skills
  • Network card (ethernet or Wifi)
  • Kali Linux - Free linux distro that can be downloaded from their official website.

What am I going to get from this course?

  • 21 detailed videos about practical attacks against Wi-Fi networks
  • Learn network basics and how devices interact with each other
  • Map the current network and gather info about connected clients
  • Learn the theory behind ARP poisoning and MITM attacks
  • Change the flow of packets in a network
  • Launch Various Man In The Middle attacks.
  • Gain access to any account accessed by any client in your network.
  • Capture all passwords entered by clients on the same netowrk
  • Bypass HTTPS/SSL
  • Redirect DNS requests (DNS Spoofing)
  • Capture and inject Cookies (to gain access to accounts without a password)
  • Create Fake Login Pages and redirect real pages to the fake one
  • Sniff packets from clients and analyse them to extract important info such as: passwords, cookies, urls, videos, images ..etc.
  • Detect ARP poisoning and protect your self and your network against it.
  • Combine individual attacks to launch even more powerful attacks.

What is the target audience?

  • Anybody who is interested in learning about network penetration testing
  • Anybody interested into learning how to protect networks from hackers.

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

04:55

Welcome to the course, this lecture will give you a full outline of the structure of the course, and will give you an over view of what will you learn in each section.

Section 1: Preparation
08:04

This lecture will give you an overview of what software you need to install for this course, and how it can be installed.

You will also see how to install Kali as a virtual machine.

10:01

In this lecture you will learn how to install Kali Linux using the iso image.

Skip this lecture if the method above works for you and you're happy enough with it.

07:05

In this lecture we will have a basic look on Kali linux just to get you comfortable with using it.

You will also learn how to connect your external wifi card to the virtual machine, this is extremely important for future videos.

Section 2: Network Basics
03:09

In this lecture we shall talk about some basics that we need to understand before we can start learning how to test network's security.

04:44

In this lecture you shall learn what do we mean by MAC address, what are they used for and how to change your MAC address.

Section 3: Information Gathering
03:32

Gathering information is one of the most important steps in penetration testing. In this lecture we will learn how to use netdiscover to discover connected devices to our network.

08:42

In this lecture we shall use autoscan to discover connected devices and gather more information about these devices such as open ports and their operating system.

11:15

In this lecture we shall learn how to use zenmap (the GUI for nmap) to discover all connected devices and gather detailed information about these devices.

Section 4: MITM
05:51

In this video we shall learn about one of the most dangerous and effective attacks that you can launch on a network; (Man In The Middle Attacks) , we shall learn the theory behind ARP poisoning and why it is it so dangerous and effective.

05:51

In this lecture we will learn how to use arpspoof to do a basic ARP poisoning attack and redirect the flow of packets in the network. 

05:21

In this lecture we shall have a look on Man In The Middle Framework , how to use it to ARP poison a target client and sniff usernames and passwords from that target.

04:40

In this lecture we shall learn how to bypass HTTPS/SSL so that we can sniff passwords from HTTPS enabled web pages such as facebook and yahoo.

06:34

If the user uses the "remember me" feature then we can't sniff the password because they will not enter them , the user will be authenticated using cookies, so in this lecture we shall learn how to sniff these cookies, inject them in the browser and access target user account without having to enter the user name and password.

05:10

In this video we shall learn how to control DNS requests made by the target client. This can be very useful in many cases.

05:12

This lecture will teach you how to capture screenshots of any computer as long as you are the MITM, you will also learn how to inject a keylogger that will log all key strikes entered by the target .

06:43

In this lecture you will learn how to inject HTML or Javascript code into the target browser, this is vey dangerous as it allows us to run a large number of attacks using javascript codes.

09:55

BeEF is a browser exploitation framework that allows us to run a large number of commands on hooked browser.

In this lecture we will have an overview of the interface, how to start the framework and how to hook devices in our network to it.

You will also learn how to steal passwords using a fake login screen.

07:44

In this lecture we will have a look on Wireshark and how to use it with ARP poisonning to capture packets from devices in our network.

04:33

In this lecture we will continue using wireshark, we'll see how we can use it to find data entered by devices in out network such as usernames, passwords, urls, cookies ..etc

07:07

In this lecture you will learn how to create a backdoor that is not detectable by antivirus programs, this is very important in client side attacks as we will be using this backdoor in future videos to try and gain control over the target system.

06:40

In this lecture you will learn how to listen for connections coming from the backdoor we generated in the previous lecture.

09:01

In this lecture we are going to use a tool called evil-grade to create a fake update and spoof the url that the target program uses to check for updates and get it to redirect to our machine where we have evil grade running, the target program will tell the user that there is a new update available, and when the user agrees to install the new update we will gain full access to their device.

Section 5: Detection
05:11

In this lecture we shall learn two methods to detect ARP poisoning attacks.

05:51

In this lecture we shall learn how to use Wireshark to detect ARP Poisoning attacks and other suspicious activities in the network, we will also learn how to protect against ARP Poisoning attacks.

Section 6: Bonus Section
Bonus Lecture - Discounts On My Full Ethical Hacking Courses
Article

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Zaid Sabih, Ethical Hacker, Pentester & Computer Scientist

My name is Zaid Al-Quraishi , I am an ethical hacker, pentester and a computer scientist. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. 

I have a very good experience in ethical hacking. I started making video tutorials since 2009 in an ethical hacking website (iSecuri1ty), I received very good feedback for my tutorials which lead to promoting me as an editor in the website. I also work in the penetration testing team of iSecur1ty.

In 2013 I started teaching my first course online in the training center in iSecur1ty, again this course received amazing feedback for learners, which motivated me to create an English version of this course.

The english course was the most popular and the top paid course in Udemy for almost a year, again the feedback was amazing, therefore I decided to make more courses on ethical hacking, so I released a number of other courses which are doing just as good as that one.

My method of teaching is mostly by example, so I usually start by explaining the theory behind each technique, then I show you how it actually works in a real life situation.

Ready to start learning?
Take This Course