Learn The Basics of Ethical Hacking and Penetration Testing
3.4 (533 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
47,689 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Learn The Basics of Ethical Hacking and Penetration Testing to your Wishlist.

Add to Wishlist

Learn The Basics of Ethical Hacking and Penetration Testing

You don’t have to be perfect to be a hacker. Or the smartest person in the room. Or a type-A personality.
3.4 (533 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
47,689 students enrolled
Created by Mohamed Ramadan
Last updated 10/2013
English
English
Current price: $10 Original price: $200 Discount: 95% off
4 days left at this price!
30-Day Money-Back Guarantee
Includes:
  • 17 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • You will be able to gather information about your target
  • You will learn how to find open ports your target
  • You will learn how to find vulnerabilities in your target infrastructure
  • You will learn how to exploit Windows and Linux Systems
  • You will learn windows and linux Tactical Post Exploitation Techniques
  • You will learn how to find and exploit Web Application Vulnerabilities
  • You will learn how to Develop Windows Exploits
View Curriculum
Requirements
  • Basic IT skills
  • Basic knowledge of Linux and Windows
  • Basic knowledge of networking
Description

Become a Master Computer Security Expert by Learning How to Use Ethical Hacking to Reveal Potential Vulnerabilities in Information Systems.

This course is a great place to start your journey towards becoming a computer security expert. Gain the valuable skills you need to identify important weaknesses and provide effective computer security techniques that are important for any sized system.

In this course, students interested in learning ethical hacking techniques and penetration testing and who have basic IT skills, knowledge of Linux and Windows, and a basic knowledge of networking, can learn to find vulnerabilities and exploit systems as an ethical hacker.

Get started with this course today to be on your way towards finding real-world computer security solutions.

  • Gather Information Intelligence
  • Find Security Vulnerabilities
  • Develop Exploits
  • Scan and Produce Vulnerability Assessments
  • Learn Network Attacking Techniques

Ethical Hacking for Computer Security
Ethical hackers are computer security experts who focus on penetration testing and weaknesses in an organization’s information systems.

Using the same destructive techniques of intruders, ethical hackers are able to produce security evaluations with information about vulnerabilities and recommend potential solutions.

Contents and Overview
With 55 lectures and over 17 hours of content this course is perfect for beginning to understand ethical hacking and penetration testing from scratch.

Students will be shown how to gather information intelligence, find web application and system security vulnerabilities, how to scan using Nmap and bypass IDS protected targets, how to hack clients using modern web browsers and how to collect important information once a system has been hacked into.

This course is ideal for web developers, IT security professionals, network engineers, Windows and Linux administrators, security engineers, database administrators and webmasters as well as anyone interested in learning basic ethical hacking techniques.

Upon completion, students will be able to apply ethical hacking practices to identify potential weaknesses, and understand the moves hackers would make to attempt to exploit a system. Students will also have the knowledge to recommend security measures that will make systems more impenetrable to hackers.

Who is the target audience?
  • You
  • Anyone want to learn how to hack
  • Web developers
  • IT security professionals
  • Network engineers
  • Windows and Linux Administrators
  • Security engineers
  • Database administrators
  • Webmasters
Students Who Viewed This Course Also Viewed
Curriculum For This Course
55 Lectures
17:14:24
+
Solid Introduction to Ethical Hacking and Penetration Testing
10 Lectures 47:45

Hacking vs Ethical Hacking
03:25

Who is a Hacker ?
02:14

Types of Hackers
10:28

Hacktivism
02:30

Computer Crimes
05:11

Important Terms 1
06:19

Important Terms 2
06:52

Why Penetration Testing ?
02:45

Penetration Testing Types
04:39
+
Real World Information Intelligence Techniques
21 Lectures 02:38:18
Introduction to Information Intelligence Techniques
03:34

organizing information during a penetration test
06:01

how to locally copying company websites
05:50

newsgroups and list-servers
05:11

online job listing
03:26

the power of social media websites
03:36

harvesting a company emails
09:15

how to generate a targeted wordlist for password cracking
03:13

information intelligence with Maltego
04:06

Google Search Techniques for penetration testers
16:50

other search engines for penetration testers
04:12

Enumerating Internal Network From Outside
05:51

gather information using WhatWeb, HttpRecon and SSL SCAN
09:25

Whois Lookups, finding other Web Sites Hosted on a Web Server
04:18

IP Address Geolocation
04:08

finding subdomains, extracting exif data and finding hidden web dirs
10:15

ShodanHQ for fun and profit
06:57


DNS Enumerating for penetration testers
26:37

Mail Server Enumeration for penetration testers
07:36

References and Sources:

  • http://www.debianhelp.co.uk/dnsrecords.htm
  • http://en.wikipedia.org/wiki/Domain_Name_System

  • Google Basic Guide to DNS: http://www.google.com/support/a/bin/answer.py?answer=48090#G
  • Zone Transfer Explanation: http://en.wikipedia.org/wiki/DNS_zone_transfer
  • SPF Explanation: http://en.wikipedia.org/wiki/Sender_Policy_Framework
  • DNS Record Type: http://en.wikipedia.org/wiki/List_of_DNS_record_types
  • Using nslookup, dig and host: http://docsrv.sco.com/NET_tcpip/dnsC.nslook.html
  • Using nslookup in Windows: http://support.microsoft.com/kb/200525
Intel Gathering Methodology for penetration testers
02:22
+
Scanning and vulnerability Assessment
6 Lectures 02:07:58


References and Sources:

  • SuperScan: http://www.mcafee.com/us/downloads/free- tools/superscan3.aspx
  • Angry IP Scanner: http://www.angryip.org/w/Home
  • Scanrand: http://it.toolbox.com/wiki/index.php/Scanrand
  • Xprobe2: http://sourceforge.net/news/?group_id=30984
Network Enumeration and Mapping Techniques
09:24

References and Sources:


  • Online Port Scanners

  • http://www.t1shopper.com/tools/port-scan/
  • http://nmap-online.com
  • http://www.hashemian.com/tools/port-scanner.php
  • Nmap: http://nmap.org/
  • Scanning Types: http://nmap.org/book/man-port-scanning- techniques.html
  • Scanning Performance: http://nmap.org/book/man- performance.html
  • Version Scanning: http://nmap.org/book/vscan-technique.html
  • OS Fingerprinting: http://nmap.org/book/osdetect.html#osdetect-intro
Network scanning techniques
47:35

References and Sources:

  • NSE Script Repository: http://nmap.org/nsedoc/index.html
  • NSE Guide: http://nmap.org/book/nse.html
  • NSE Usage: http://nmap.org/book/nse-usage.html#nse-categories

  • Nexpose: http://www.rapid7.com/products/vulnerability-management.jsp

    Nessus: http://www.tenable.com/products/nessus

    Ncircle: http://www.ncircle.com/index.php?s=products_ip360

Vulnerability Identification and Assessment techniques
31:22

References and Sources:

  • Nmap Evasion Guide: http://nmap.org/book/man-bypass- firewalls-ids.html
  • Loose Source Routing Discussion: http://www.synacklabs.net/OOB/LSR.html
  • LSRTunnel: http://www.synacklabs.net/projects/lsrtunnel/
  • LSRScan: http://www.synacklabs.net/projects/lsrscan/
Practical Evasion and avoidance Techniques
19:37
+
Network Attacking Techniques
1 Lecture 49:21

References and Sources:

  • Man in the Middle:
  • https://www.owasp.org/index.php/Man-in-the-middle_attack• http://it.toolbox.com/wiki/index.php/Man-in-the-Middle_Attack
  • http://www.schneier.com/blog/archives/2008/07/maninthemiddle_1.html

  • ARP Poisoning Attack:
  • http://www.watchguard.com/infocenter/editorial/135324.asp • http://www.osischool.com/protocol/arp/arp-spoofing•
  • http://news.hitb.org/content/guide-arp-spoofing
  • Tools:

Cain & Abel:

http://www.oxid.it/cain.htmlDsniff: http://www.monkey.org/~dugsong/dsniff/

Ettercap:

http://ettercap.sourceforge.net/Karmetasploit:

https://community.rapid7.com/docs/DOC-1284

SSLStrip:

http://www.thoughtcrime.org/software/sslstrip/

Password cracking, MITM, Sniffing SSL and RDP Attacks
49:21
+
Windows and Linux Attacking Techniques
4 Lectures 02:10:23

Refrences and Sources:

Inside Windows UAC: http://technet.microsoft.com/en- us/magazine/2007.06.uac.aspx

Windows Wikipedia Entry: http://en.wikipedia.org/wiki/Microsoft_Windows

Windows NT Wikipedia Entry: http://en.wikipedia.org/wiki/Windows_NT

Windows 2000 Wikipedia Entry: http://en.wikipedia.org/wiki/Windows_2000

Windows Security Overview for Penetration Testers
34:54

Linux Security Overview for Penetration Testers
20:20

Attacking and Hacking Windows
58:32

Attacking and Hacking Linux
16:37
+
Windows and Linux Post-Exploitation Techniques
3 Lectures 01:31:45

References and Sources:

http://commandwindows.com http://www.computerhope.com/batch.htm http://www.robvanderwoude.com/

http://www.microsoft.com/resources/documentation/windo ws/xp/all/proddocs/en-us/batch.mspx?mfr=true

http://www.room362.com/blog/2011/9/6/post-exploitation- command-lists.html

Windows post exploitation techniques
01:04:51

Linux post exploitation techniques
23:51

Data mining techniques
03:03
+
Web Exploitation Techniques
8 Lectures 04:58:36

References and Sources:

  • http://www.w3schools.com/
  • https://www.owasp.org/index.php/Category: OWASP_Top_Ten_Project
Web Application Primer
28:33

Web Application Scanning and Mapping
20:34

Exploiting SQL Injection to Full System Access (MYSQL)
01:02:02


Exploiting Blind SQL Injection to Full System Access (MYSQL)
13:50

Exploiting Blind SQL Injection to Full System Access (MSSQL)
48:58


Exploiting XSS ( Reflected and Stored ) and CSRF to Full System Access
01:01:13
+
Windows Exploit Development
1 Lecture 02:05:59

Special Thanks to Dino Dai Zovi and Saumil Shah

References and Sources:

  • http://www.slideshare.net/saumilshah/operat ing-systems-a-primer
  • http://www.slideshare.net/saumilshah/how- functions-work-7776073
  • http://www.slideshare.net/saumilshah/introd uction-to-debuggers
  • http://cryptocity.squarespace.com/files/exploi tation/2011/memory_corruption_101.pdf
Using Immunity Debugger and Metasploit to develop a windows exploit
02:05:59
+
The end but it is not the end :)
1 Lecture 04:19
The end
04:19
About the Instructor
Mohamed Ramadan
3.4 Average rating
533 Reviews
47,689 Students
1 Course
Cyber Security Expert. Awarded by Facebook and Google

Mohamed Ramadan is a Security Ninja with over 7 Years experience in Ethical Hacking, Penetration Testing, Malware Reverse Engineering, Forensics, Securing Websites and Servers.

He is a featured guest in many popular TV Shows and in many popular news websites.

He Found and Reported Many Security Vulnerabilities in Google, Facebook, Twitter, Microsoft, Nokia, Adobe, Apple, AT&T, RedHat, SoundCloud, GitHub, Etsy, Nokia Siemens, Zynga and Constant Contact.


Honors & Awards:


Listed in Facebook WhiteHats ( 2014 )

Listed in Facebook WhiteHats ( 2013 )

Listed in Facebook WhiteHats ( 2012 )

Listed in Twitter Top Hackers

Listed in Microsoft WhiteHats

Listed in Google Wall of Fame ( Reward Recipients )

Listed in Google Hall of Fame ( Honorable Mention )

Listed in Adobe Security Acknowledgments

Listed in Apple Responsible Disclosure

Listed in Etsy Responsible Disclosure

Listed in RedHat Vulnerability Acknowledgements

Listed in Nokia Siemens Networks Hall of fame as a Prime Reporter!

Listed in AT&T Hall of Fame

Listed in GitHub White Hat

Listed in Zynga WHITEHATS

Listed in SoundCloud Responsible Disclosure

Listed in Constant Contact Responsible Disclosure

Listed in Soldierx Hacker Database