Buying for a Team? Gift This Course
Wishlisted Wishlist

Please confirm that you want to add ARP spoofing &Man In The Middle Attacks Execution &Detection to your Wishlist.

Add to Wishlist

ARP spoofing &Man In The Middle Attacks Execution &Detection

Learn practical attacks to test the security of clients connected to a network and how to protect against these attacks
4.7 (37 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
886 students enrolled
Created by Zaid Sabih
Last updated 12/2016
English
$10 $50 80% off
1 day left at this price!
30-Day Money-Back Guarantee
Includes:
  • 3 hours on-demand video
  • 1 Article
  • 1 Supplemental Resource
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Have a coupon?
What Will I Learn?
21 detailed videos about practical attacks against Wi-Fi networks
Learn network basics and how devices interact with each other
Map the current network and gather info about connected clients
Learn the theory behind ARP poisoning and MITM attacks
Change the flow of packets in a network
Launch Various Man In The Middle attacks.
Gain access to any account accessed by any client in your network.
Capture all passwords entered by clients on the same netowrk
Bypass HTTPS/SSL
Redirect DNS requests (DNS Spoofing)
Capture and inject Cookies (to gain access to accounts without a password)
Create Fake Login Pages and redirect real pages to the fake one
Sniff packets from clients and analyse them to extract important info such as: passwords, cookies, urls, videos, images ..etc.
Detect ARP poisoning and protect your self and your network against it.
Combine individual attacks to launch even more powerful attacks.
View Curriculum
Requirements
  • Basic IT skills
  • Network card (ethernet or Wifi)
  • Kali Linux - Free linux distro that can be downloaded from their official website.
Description

Notes:

  • All the videos in this course are downloadable.
  • This price is only for the 1st 1000 students, the price will go up after that.

In this course you will start as a beginner with no previous knowledge about penetration testing. The course is structured in a way that will take you through the basics of networking and how clients communicate with each other, then we will start talking about how we can exploit this method of communication to carry out a number of powerful attacks.

This course is focuses on the practical side of wireless penetration testing without neglecting the theory behind each attack, all the attacks explained in this course are launched against real devices in my lap.

The Course is Divided into four main sections:

  1. Networks Basics: in this section you will learn how networks work, how devices communicate with each other and how the information is transferred in a wireless networks. You will also learn about basic terminology, what is a channel ? What is MAC address and how to change it ?
  2. Information Gathering: In this section you will learn how to map the current network, ie: discover all the connected devices (clients), not only that but you will also learn how to gather important information about these clients, such as their MAC address, their IP, Operating system, open ports, programs that are using these ports and maybe even the exact version of the program.
  3. MITM Attacks: in this section you will learn a number of very powerful attacks that you can launch against the network and the connected clients, these attacks will allow you to gain access to any account accessed by any client connected to your network, read all the traffic used by these clients (images , videos , audio passwords, cookies, urls ...etc), and gain full access to any client in your network.
  4. Protection: In this section you will learn how to detect these attacks and protect yourself and your network against them.

All the attacks in this course are practical attacks that work against any device connected to our network, ie: it does not matter if the device is a phone , tablet laptop ...etc. Each attack is explained in a simple way first so that you understand how it actually works, so first you will learn the theory behind each attack and then you will learn how to carry out the attack using Kali Linux.

NOTE: This course is totally a product of Igneus Technologies and No other organization is associated for certification exam for the same. Although, you will receive Course Completion Certification from Udemy, apart from that No OTHER ORGANIZATION IS INVOLVED.

Who is the target audience?
  • Anybody who is interested in learning about network penetration testing
  • Anybody interested into learning how to protect networks from hackers.
Students Who Viewed This Course Also Viewed
Curriculum For This Course
Expand All 27 Lectures Collapse All 27 Lectures 02:53:40
+
Introduction & Course Outline
1 Lecture 04:55

Welcome to the course, this lecture will give you a full outline of the structure of the course, and will give you an over view of what will you learn in each section.

Preview 04:55
+
Preparation
3 Lectures 25:10

This lecture will give you an overview of what software you need to install for this course, and how it can be installed.

You will also see how to install Kali as a virtual machine.

Preview 08:04

In this lecture you will learn how to install Kali Linux using the iso image.

Skip this lecture if the method above works for you and you're happy enough with it.

Option 2 - Installing Kali Using IOS Image
10:01

In this lecture we will have a basic look on Kali linux just to get you comfortable with using it.

You will also learn how to connect your external wifi card to the virtual machine, this is extremely important for future videos.

Kali Linux Overview
07:05
+
Network Basics
2 Lectures 07:53

In this lecture we shall talk about some basics that we need to understand before we can start learning how to test network's security.

Network Basics
03:09

In this lecture you shall learn what do we mean by MAC address, what are they used for and how to change your MAC address.

What is MAC Address & How To Change It
04:44
+
Information Gathering
3 Lectures 23:29

Gathering information is one of the most important steps in penetration testing. In this lecture we will learn how to use netdiscover to discover connected devices to our network.

Discovering Connected Clients using netdiscover
03:32

In this lecture we shall use autoscan to discover connected devices and gather more information about these devices such as open ports and their operating system.

Gathering More information using Autoscan
08:42

In this lecture we shall learn how to use zenmap (the GUI for nmap) to discover all connected devices and gather detailed information about these devices.

Even More detailed information gathering using nmap
11:15
+
MITM
15 Lectures 01:40:49

In this video we shall learn about one of the most dangerous and effective attacks that you can launch on a network; (Man In The Middle Attacks) , we shall learn the theory behind ARP poisoning and why it is it so dangerous and effective.

Preview 05:51

In this lecture we will learn how to use arpspoof to do a basic ARP poisoning attack and redirect the flow of packets in the network. 

MITM - ARP Poisonning Using arpspoof
05:51

In this lecture we shall have a look on Man In The Middle Framework , how to use it to ARP poison a target client and sniff usernames and passwords from that target.

MITM - ARP Poisonning Using MITMf
05:21

In this lecture we shall learn how to bypass HTTPS/SSL so that we can sniff passwords from HTTPS enabled web pages such as facebook and yahoo.

MITM - Bypassing HTTPS
04:40

If the user uses the "remember me" feature then we can't sniff the password because they will not enter them , the user will be authenticated using cookies, so in this lecture we shall learn how to sniff these cookies, inject them in the browser and access target user account without having to enter the user name and password.

MITM - Session Hijacking
06:34

In this video we shall learn how to control DNS requests made by the target client. This can be very useful in many cases.

Preview 05:10

This lecture will teach you how to capture screenshots of any computer as long as you are the MITM, you will also learn how to inject a keylogger that will log all key strikes entered by the target .

MITM - Capturing Screen Of Target & Injecting a Keylogger
05:12

In this lecture you will learn how to inject HTML or Javascript code into the target browser, this is vey dangerous as it allows us to run a large number of attacks using javascript codes.

MITM - Injecting Javascript/HTML Code
06:43

BeEF is a browser exploitation framework that allows us to run a large number of commands on hooked browser.

In this lecture we will have an overview of the interface, how to start the framework and how to hook devices in our network to it.

You will also learn how to steal passwords using a fake login screen.

MITM - Hooking Clients To Beef & Stealing Passwords
09:55

Wireshark is a network protocol analyser, in this lecture we will have a basic overview on it, you will learn why is it useful and how to use it with MITM attacks or use it to analyse a capture file that contains data that you already sniffed.

Wireshark - Basic Overview & How To Use It With MITM Attacks
09:08

I this lecture you will learn how to use Wireshark to sniff data (traffic) sent/received by any client in your network. You will also learn how to analyse this data, filter HTTP traffic and find useful information such as the websites visited, sent requests and more!

Wireshark - Sniffing Data & Analysing HTTP Traffic
08:00

In this lecture we will continue using Wireshark, you will learn more methods to analyse the captured data, you'll learn how to find packets that contain specific information, how to capture logins (usernames and passwords), and how to capture the cookies if the person has already logged in, we will have examples on Hotmail and Dailymotion.

Wireshark - Capturing Passwords & Cookies Entered By Any Device In The Network
05:36

In this lecture you will learn how to create a backdoor that is not detectable by antivirus programs, this is very important in client side attacks as we will be using this backdoor in future videos to try and gain control over the target system.

Creating An Undetectable Backdoor
07:07

In this lecture you will learn how to listen for connections coming from the backdoor we generated in the previous lecture.

Listening For Incoming Connections
06:40

This lecture will teach you how to gain full access over a target computer by serving it a fake update for an existing program, once the target user installs the update you will gain full access to their computer.

Note: you need to be the man in the middle for this method to work.

-------------

Note: The latest version of evilgrade does not work properly, so don't download evilgrade using the git clone command in the installation commands, instead download it from the following link:

https://drive.google.com/file/d/0B2MwPqNtdQRKbGdZR2Y4MXFtTzA/view?usp=sharing

Creating a Fake Update & Hacking Any Device In The Network
09:01
+
Detection
2 Lectures 11:02

In this lecture we shall learn two methods to detect ARP poisoning attacks.

Detecting ARP Poisoning Attacks
05:11

In this lecture we shall learn how to use Wireshark to detect ARP Poisoning attacks and other suspicious activities in the network, we will also learn how to protect against ARP Poisoning attacks.

Detecting Suspicious Activities using Wireshark
05:51
+
Bonus Section
1 Lecture 00:39
Bonus Lecture - Discounts On My Full Ethical Hacking Courses
00:39
About the Instructor
4.5 Average rating
5,150 Reviews
49,684 Students
7 Courses
Ethical Hacker, Pentester & Computer Scientist

My name is Zaid Al-Quraishi , I am an ethical hacker, pentester and a computer scientist. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. 

I have a very good experience in ethical hacking. I started making video tutorials since 2009 in an ethical hacking website (iSecuri1ty), I received very good feedback for my tutorials which lead to promoting me as an editor in the website. I also work in the penetration testing team of iSecur1ty.

In 2013 I started teaching my first course online in the training center in iSecur1ty, again this course received amazing feedback for learners, which motivated me to create an English version of this course.

The english course was the most popular and the top paid course in Udemy for almost a year, again the feedback was amazing, therefore I decided to make more courses on ethical hacking, so I released a number of other courses which are doing just as good as that one.

My method of teaching is mostly by example, so I usually start by explaining the theory behind each technique, then I show you how it actually works in a real life situation.

Report Abuse