Learn The Basics of Ethical Hacking and Penetration Testing

You don’t have to be perfect to be a hacker. Or the smartest person in the room. Or a type-A personality.
209 reviews
TAUGHT BY
  • Mohamed Ramadan Hacker, Trainer and TV Guest. Thanked by Facebook and Google

    Mohamed Ramadan is a Security Ninja with over 7 Years experience in Ethical Hacking, Penetration Testing, Malware Reverse Engineering, Forensics, Securing Websites and Servers.

    He is a featured guest in many popular TV Shows and in many popular news websites.

    He Found and Reported Many Security Vulnerabilities in Google, Facebook, Twitter, Microsoft, Nokia, Adobe, Apple, AT&T, RedHat, SoundCloud, GitHub, Etsy, Nokia Siemens, Zynga and Constant Contact.


    Honors & Awards:


    Listed in Facebook WhiteHats ( 2014 )

    Listed in Facebook WhiteHats ( 2013 )

    Listed in Facebook WhiteHats ( 2012 )

    Listed in Twitter Top Hackers

    Listed in Microsoft WhiteHats

    Listed in Google Wall of Fame ( Reward Recipients )

    Listed in Google Hall of Fame ( Honorable Mention )

    Listed in Adobe Security Acknowledgments

    Listed in Apple Responsible Disclosure

    Listed in Etsy Responsible Disclosure

    Listed in RedHat Vulnerability Acknowledgements

    Listed in Nokia Siemens Networks Hall of fame as a Prime Reporter!

    Listed in AT&T Hall of Fame

    Listed in GitHub White Hat

    Listed in Zynga WHITEHATS

    Listed in SoundCloud Responsible Disclosure

    Listed in Constant Contact Responsible Disclosure

    Listed in Soldierx Hacker Database


WHAT'S INSIDE
  • Lifetime access to 55 lectures
  • 17+ hours of high quality content
  • Closed captioning enabled
  • A community of 35000+ students learning together!
  • 160+ discussions
SHARE

Learn The Basics of Ethical Hacking and Penetration Testing

You don’t have to be perfect to be a hacker. Or the smartest person in the room. Or a type-A personality.
209 reviews

HOW UDEMY WORKS?

Discover courses made by experts from around the world.

Take your courses with you and learn anytime, anywhere.

Learn and practice real-world skills and achieve your goals.

COURSE DESCRIPTION

Become a Master Computer Security Expert by Learning How to Use Ethical Hacking to Reveal Potential Vulnerabilities in Information Systems.

This course is a great place to start your journey towards becoming a computer security expert. Gain the valuable skills you need to identify important weaknesses and provide effective computer security techniques that are important for any sized system.

In this course, students interested in learning ethical hacking techniques and penetration testing and who have basic IT skills, knowledge of Linux and Windows, and a basic knowledge of networking, can learn to find vulnerabilities and exploit systems as an ethical hacker.

Get started with this course today to be on your way towards finding real-world computer security solutions.

  • Gather Information Intelligence
  • Find Security Vulnerabilities
  • Develop Exploits
  • Scan and Produce Vulnerability Assessments
  • Learn Network Attacking Techniques

Ethical Hacking for Computer Security
Ethical hackers are computer security experts who focus on penetration testing and weaknesses in an organization’s information systems.

Using the same destructive techniques of intruders, ethical hackers are able to produce security evaluations with information about vulnerabilities and recommend potential solutions.

Contents and Overview
With 55 lectures and over 17 hours of content this course is perfect for beginning to understand ethical hacking and penetration testing from scratch.

Students will be shown how to gather information intelligence, find web application and system security vulnerabilities, how to scan using Nmap and bypass IDS protected targets, how to hack clients using modern web browsers and how to collect important information once a system has been hacked into.

This course is ideal for web developers, IT security professionals, network engineers, Windows and Linux administrators, security engineers, database administrators and webmasters as well as anyone interested in learning basic ethical hacking techniques.

Upon completion, students will be able to apply ethical hacking practices to identify potential weaknesses, and understand the moves hackers would make to attempt to exploit a system. Students will also have the knowledge to recommend security measures that will make systems more impenetrable to hackers.

    • Basic IT skills
    • Basic knowledge of Linux and Windows
    • Basic knowledge of networking
    • Over 55 lectures and 17 hours of content!
    • You will be able to gather information about your target
    • You will learn how to find open ports your target
    • You will learn how to find vulnerabilities in your target infrastructure
    • You will learn how to exploit Windows and Linux Systems
    • You will learn windows and linux Tactical Post Exploitation Techniques
    • You will learn how to find and exploit Web Application Vulnerabilities
    • You will learn how to Develop Windows Exploits
    • You
    • Anyone want to learn how to hack
    • Web developers
    • IT security professionals
    • Network engineers
    • Windows and Linux Administrators
    • Security engineers
    • Database administrators
    • Webmasters

THE UDEMY GUARANTEE

30 day money back guarantee
Lifetime access
Available on Desktop, iOs and Android
Certificate of completion

CURRICULUM

  • SECTION 1:
    Solid Introduction to Ethical Hacking and Penetration Testing
  • 1
    About the course
    03:22
  • 2
    Hacking vs Ethical Hacking
    03:25
  • 3
    Who is a Hacker ?
    02:14
  • 4
    Types of Hackers
    10:28
  • 5
    Hacktivism
    02:30
  • 6
    Computer Crimes
    05:11
  • 7
    Important Terms 1
    06:19
  • 8
    Important Terms 2
    06:52
  • 9
    Why Penetration Testing ?
    02:45
  • 10
    Penetration Testing Types
    04:39
  • SECTION 2:
    Real World Information Intelligence Techniques
  • 11
    Introduction to Information Intelligence Techniques
    03:34
  • 12
    organizing information during a penetration test
    06:01
  • 13
    how to locally copying company websites
    05:50
  • 14
    newsgroups and list-servers
    05:11
  • 15
    online job listing
    03:26
  • 16
    the power of social media websites
    03:36
  • 17
    harvesting a company emails
    09:15
  • 18
    how to generate a targeted wordlist for password cracking
    03:13
  • 19
    information intelligence with Maltego
    04:06
  • 20
    Google Search Techniques for penetration testers
    16:50
  • 21
    other search engines for penetration testers
    04:12
  • 22
    Enumerating Internal Network From Outside
    05:51
  • 23
    gather information using WhatWeb, HttpRecon and SSL SCAN
    09:25
  • 24
    Whois Lookups, finding other Web Sites Hosted on a Web Server
    04:18
  • 25
    IP Address Geolocation
    04:08
  • 26
    finding subdomains, extracting exif data and finding hidden web dirs
    10:15
  • 27
    ShodanHQ for fun and profit
    06:57
  • 28
    Web Application Firewall Detection, HTTP and DNS load balancer detection
    15:35
  • 29
    DNS Enumerating for penetration testers
    26:37
  • 30
    Mail Server Enumeration for penetration testers
    07:36
  • 31
    Intel Gathering Methodology for penetration testers
    02:22

    References and Sources:

    • http://www.debianhelp.co.uk/dnsrecords.htm
    • http://en.wikipedia.org/wiki/Domain_Name_System

    • Google Basic Guide to DNS: http://www.google.com/support/a/bin/answer.py?answer=48090#G
    • Zone Transfer Explanation: http://en.wikipedia.org/wiki/DNS_zone_transfer
    • SPF Explanation: http://en.wikipedia.org/wiki/Sender_Policy_Framework
    • DNS Record Type: http://en.wikipedia.org/wiki/List_of_DNS_record_types
    • Using nslookup, dig and host: http://docsrv.sco.com/NET_tcpip/dnsC.nslook.html
    • Using nslookup in Windows: http://support.microsoft.com/kb/200525
  • SECTION 3:
    Scanning and vulnerability Assessment
  • 32
    packet Crafting and Manipulating with Scapy
    13:41
  • 33
    port scanning with scapy
    06:19
  • 34
    Network Enumeration and Mapping Techniques
    09:24

    References and Sources:

    • SuperScan: http://www.mcafee.com/us/downloads/free- tools/superscan3.aspx
    • Angry IP Scanner: http://www.angryip.org/w/Home
    • Scanrand: http://it.toolbox.com/wiki/index.php/Scanrand
    • Xprobe2: http://sourceforge.net/news/?group_id=30984
  • 35
    Network scanning techniques
    47:35

    References and Sources:


    • Online Port Scanners

    • http://www.t1shopper.com/tools/port-scan/
    • http://nmap-online.com
    • http://www.hashemian.com/tools/port-scanner.php
    • Nmap: http://nmap.org/
    • Scanning Types: http://nmap.org/book/man-port-scanning- techniques.html
    • Scanning Performance: http://nmap.org/book/man- performance.html
    • Version Scanning: http://nmap.org/book/vscan-technique.html
    • OS Fingerprinting: http://nmap.org/book/osdetect.html#osdetect-intro
  • 36
    Vulnerability Identification and Assessment techniques
    31:22

    References and Sources:

    • NSE Script Repository: http://nmap.org/nsedoc/index.html
    • NSE Guide: http://nmap.org/book/nse.html
    • NSE Usage: http://nmap.org/book/nse-usage.html#nse-categories

    • Nexpose: http://www.rapid7.com/products/vulnerability-management.jsp

      Nessus: http://www.tenable.com/products/nessus

      Ncircle: http://www.ncircle.com/index.php?s=products_ip360

  • 37
    Practical Evasion and avoidance Techniques
    19:37

    References and Sources:

    • Nmap Evasion Guide: http://nmap.org/book/man-bypass- firewalls-ids.html
    • Loose Source Routing Discussion: http://www.synacklabs.net/OOB/LSR.html
    • LSRTunnel: http://www.synacklabs.net/projects/lsrtunnel/
    • LSRScan: http://www.synacklabs.net/projects/lsrscan/
  • SECTION 4:
    Network Attacking Techniques
  • 38
    Password cracking, MITM, Sniffing SSL and RDP Attacks
    49:21

    References and Sources:

    • Man in the Middle:
    • https://www.owasp.org/index.php/Man-in-the-middle_attack• http://it.toolbox.com/wiki/index.php/Man-in-the-Middle_Attack
    • http://www.schneier.com/blog/archives/2008/07/maninthemiddle_1.html

    • ARP Poisoning Attack:
    • http://www.watchguard.com/infocenter/editorial/135324.asp • http://www.osischool.com/protocol/arp/arp-spoofing•
    • http://news.hitb.org/content/guide-arp-spoofing
    • Tools:

    Cain & Abel:

    http://www.oxid.it/cain.htmlDsniff: http://www.monkey.org/~dugsong/dsniff/

    Ettercap:

    http://ettercap.sourceforge.net/Karmetasploit:

    https://community.rapid7.com/docs/DOC-1284

    SSLStrip:

    http://www.thoughtcrime.org/software/sslstrip/

  • SECTION 5:
    Windows and Linux Attacking Techniques
  • 39
    Windows Security Overview for Penetration Testers
    34:54

    Refrences and Sources:

    Inside Windows UAC: http://technet.microsoft.com/en- us/magazine/2007.06.uac.aspx

    Windows Wikipedia Entry: http://en.wikipedia.org/wiki/Microsoft_Windows

    Windows NT Wikipedia Entry: http://en.wikipedia.org/wiki/Windows_NT

    Windows 2000 Wikipedia Entry: http://en.wikipedia.org/wiki/Windows_2000

  • 40
    Linux Security Overview for Penetration Testers
    20:20
  • 41
    Attacking and Hacking Windows
    58:32
  • 42
    Attacking and Hacking Linux
    16:37
  • SECTION 6:
    Windows and Linux Post-Exploitation Techniques
  • 43
    Windows post exploitation techniques
    01:04:51

    References and Sources:

    http://commandwindows.com http://www.computerhope.com/batch.htm http://www.robvanderwoude.com/

    http://www.microsoft.com/resources/documentation/windo ws/xp/all/proddocs/en-us/batch.mspx?mfr=true

    http://www.room362.com/blog/2011/9/6/post-exploitation- command-lists.html

  • 44
    Linux post exploitation techniques
    23:51
  • 45
    Data mining techniques
    03:03
  • SECTION 7:
    Web Exploitation Techniques
  • 46
    Web Application Primer
    28:33

    References and Sources:

    • http://www.w3schools.com/
    • https://www.owasp.org/index.php/Category: OWASP_Top_Ten_Project
  • 47
    Web Application Scanning and Mapping
    20:34
  • 48
    Exploiting SQL Injection to Full System Access (MYSQL)
    01:02:02
  • 49
    Exploiting SQL Injection to Full System Access (MSSQL)
    28:20
  • 50
    Exploiting Blind SQL Injection to Full System Access (MYSQL)
    13:50
  • 51
    Exploiting Blind SQL Injection to Full System Access (MSSQL)
    48:58
  • 52
    Exploiting RFI, Local File include, File Uploads and RCE
    35:06
  • 53
    Exploiting XSS ( Reflected and Stored ) and CSRF to Full System Access
    01:01:13
  • SECTION 8:
    Windows Exploit Development
  • 54
    Using Immunity Debugger and Metasploit to develop a windows exploit
    02:05:59

    Special Thanks to Dino Dai Zovi and Saumil Shah

    References and Sources:

    • http://www.slideshare.net/saumilshah/operat ing-systems-a-primer
    • http://www.slideshare.net/saumilshah/how- functions-work-7776073
    • http://www.slideshare.net/saumilshah/introd uction-to-debuggers
    • http://cryptocity.squarespace.com/files/exploi tation/2011/memory_corruption_101.pdf
  • SECTION 9:
    The end but it is not the end :)
  • 55
    The end
    04:19

UDEMY BY THE NUMBERS

5,200,000
Hours of video content
19,000,000
Course Enrollments
5,800,000
Students

RATING

  • 127
  • 31
  • 10
  • 13
  • 28
AVERAGE RATING
NUMBER OF RATINGS
209

REVIEWS

  • Ralph Tyler
    The Instructor's Use of the English Language is Very Bad

    It is extremely hard to understand the material the instructor is pronouncing, and while the close captions help a little it seems the instructor was ill prepared to give the course. Please re-record the course with someone who is a native English speaker. Any native English speaker, British, Australian, South Africa, or American.

  • Rajshree
    Very disappointed with this course

    The author has no regard for audience. First of all has huge accent problem. Most of the time I couldn't make it out what the instructor is trying to say. The quality of content is very poor. The command screen presented are transparent overcasting the background so I can't make what is being typed on the screen. I won't recommend anybody wasting money on this course.

  • Aly Abdelghany
    Speaker Accent

    All respect for you and your knowledge, but please don't teach in English again till you improve your accent.

  • Robert Graves
    The instructor is good and the content is good. You get a lot for your money!

    Some seem to have a problem with his accent but I did not. The instructor really wowed me with some of the practical demonstrations. Really, I think with a little polish this course could be stellar! I've read in the comments that he is working on a new version of this course and I will certainly revisit it and recommend it. I give it an A- and would give it an A+ with a downloadable PowerPoint presentation or PDF for the entire course. Good work! Pros: Great content and practical examples showing real world Pentesting. Cons: Fair image quality, course PowerPoint or PDF not fully available for download. Sounds in the background can be distracting but not overly so.

  • Mark Guy Valerius Tyson
    Terrible

    Very bad use of English, hardly understandable. Little structure to the videos.

  • 30 day money back guarantee!
  • Lifetime Access. No Limits!
  • Mobile Accessibility
  • Certificate of Completion