In this course you will start as a beginner with no previous knowledge about penetration testing. The course is structured in a way that will take you through the basics of networking and how clients communicate with each other, then we will start talking about how we can exploit this method of communication to carry out a number of powerful attacks.
This course is focuses on the practical side of wireless penetration testing without neglecting the theory behind each attack, all the attacks explained in this course are launched against real devices in my lap.
The Course is Divided into four main sections:
All the attacks in this course are practical attacks that work against any device connected to our network, ie: it does not matter if the device is a phone , tablet laptop ...etc. Each attack is explained in a simple way first so that you understand how it actually works, so first you will learn the theory behind each attack and then you will learn how to carry out the attack using Kali Linux.
NOTE: This course is totally a product of Igneus Technologies and No other organization is associated for certification exam for the same. Although, you will receive Course Completion Certification from Udemy, apart from that No OTHER ORGANIZATION IS INVOLVED.
This lecture will give you an overview of what software you need to install for this course, and how it can be installed.
You will also see how to install Kali as a virtual machine.
In this lecture you will learn how to install Kali Linux using the iso image.
Skip this lecture if the method above works for you and you're happy enough with it.
In this lecture we will have a basic look on Kali linux just to get you comfortable with using it.
You will also learn how to connect your external wifi card to the virtual machine, this is extremely important for future videos.
In this lecture we shall talk about some basics that we need to understand before we can start learning how to test network's security.
In this lecture you shall learn what do we mean by MAC address, what are they used for and how to change your MAC address.
Gathering information is one of the most important steps in penetration testing. In this lecture we will learn how to use netdiscover to discover connected devices to our network.
In this lecture we shall use autoscan to discover connected devices and gather more information about these devices such as open ports and their operating system.
In this lecture we shall learn how to use zenmap (the GUI for nmap) to discover all connected devices and gather detailed information about these devices.
In this video we shall learn about one of the most dangerous and effective attacks that you can launch on a network; (Man In The Middle Attacks) , we shall learn the theory behind ARP poisoning and why it is it so dangerous and effective.
In this lecture we will learn how to use arpspoof to do a basic ARP poisoning attack and redirect the flow of packets in the network.
In this lecture we shall have a look on Man In The Middle Framework , how to use it to ARP poison a target client and sniff usernames and passwords from that target.
In this lecture we shall learn how to bypass HTTPS/SSL so that we can sniff passwords from HTTPS enabled web pages such as facebook and yahoo.
If the user uses the "remember me" feature then we can't sniff the password because they will not enter them , the user will be authenticated using cookies, so in this lecture we shall learn how to sniff these cookies, inject them in the browser and access target user account without having to enter the user name and password.
In this video we shall learn how to control DNS requests made by the target client. This can be very useful in many cases.
This lecture will teach you how to capture screenshots of any computer as long as you are the MITM, you will also learn how to inject a keylogger that will log all key strikes entered by the target .
BeEF is a browser exploitation framework that allows us to run a large number of commands on hooked browser.
In this lecture we will have an overview of the interface, how to start the framework and how to hook devices in our network to it.
You will also learn how to steal passwords using a fake login screen.
Wireshark is a network protocol analyser, in this lecture we will have a basic overview on it, you will learn why is it useful and how to use it with MITM attacks or use it to analyse a capture file that contains data that you already sniffed.
I this lecture you will learn how to use Wireshark to sniff data (traffic) sent/received by any client in your network. You will also learn how to analyse this data, filter HTTP traffic and find useful information such as the websites visited, sent requests and more!
In this lecture we will continue using Wireshark, you will learn more methods to analyse the captured data, you'll learn how to find packets that contain specific information, how to capture logins (usernames and passwords), and how to capture the cookies if the person has already logged in, we will have examples on Hotmail and Dailymotion.
In this lecture you will learn how to create a backdoor that is not detectable by antivirus programs, this is very important in client side attacks as we will be using this backdoor in future videos to try and gain control over the target system.
In this lecture you will learn how to listen for connections coming from the backdoor we generated in the previous lecture.
This lecture will teach you how to gain full access over a target computer by serving it a fake update for an existing program, once the target user installs the update you will gain full access to their computer.
Note: you need to be the man in the middle for this method to work.
Note: The latest version of evilgrade does not work properly, so don't download evilgrade using the git clone command in the installation commands, instead download it from the following link:
In this lecture we shall learn two methods to detect ARP poisoning attacks.
In this lecture we shall learn how to use Wireshark to detect ARP Poisoning attacks and other suspicious activities in the network, we will also learn how to protect against ARP Poisoning attacks.
My name is Zaid Al-Quraishi , I am an ethical hacker, pentester and a computer scientist. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker.
I have a very good experience in ethical hacking. I started making video tutorials since 2009 in an ethical hacking website (iSecuri1ty), I received very good feedback for my tutorials which lead to promoting me as an editor in the website. I also work in the penetration testing team of iSecur1ty.
In 2013 I started teaching my first course online in the training center in iSecur1ty, again this course received amazing feedback for learners, which motivated me to create an English version of this course.
The english course was the most popular and the top paid course in Udemy for almost a year, again the feedback was amazing, therefore I decided to make more courses on ethical hacking, so I released a number of other courses which are doing just as good as that one.
My method of teaching is mostly by example, so I usually start by explaining the theory behind each technique, then I show you how it actually works in a real life situation.