Full Ethical Hacking & Penetration Testing Course | Ethical

BY
Udemy

Enrich your understanding of ethical hacking and penetration testing through the Udemy-offered course.

Mode

Online

Fees

₹ 599 4099

Quick Facts

particular details
Medium of instructions English
Mode of learning Self study
Mode of Delivery Video and Text Based

Course overview

Full Ethical Hacking & Penetration Testing Course | Ethical is a short certificate created by Oak Academy to assist the student to enter the realm of ethical hacking and penetration testing. By enrolling in this online course, the learners will be able to become professional ethical hackers and find better career opportunities in the industry. The curriculum of the Full Ethical Hacking & Penetration Testing Course | Ethical Online Programme will cover various aspects of ethical hacking and penetration testing such as cybersecurity, Nmap, Maltego, Wi-Fi  Hacking, Network Attack, and the like. 

Full Ethical Hacking & Penetration Testing Course | Ethical Certification, offered by Udemy, will coach the candidates on network scan types, types of Penetration Testing, Nmap Integration, Social Engineering Toolkit, Port Scanning, and a lot more. By providing the fee of Rs 3,499, the learners can join the programme. 

The highlights

  • Online course
  • Downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of completion
  • English videos
  • 30-Day Money-Back Guarantee

Course and certificate fees

Fees information
₹ 599  ₹4,099
certificate availability

Yes

certificate providing authority

Udemy

What you will learn

Ethical hacking

After the Full Ethical Hacking & Penetration Testing Course | Ethical Online Certification, the students will have the opportunity to study web hacking, Metasploit, Web Application Penetration Testing, Virtual Lab Environment, Web Application Hosting, and many more. 

The syllabus

Ethical Hacking - Setting Up the Laboratory

  • Virtualbox Download and Install
  • FAQ regarding Ethical Hacking
  • FAQ regarding Penetration Testing on Udemy:
  • Kali ISO Download
  • Kali ISO Install
  • Kali VirtualBox Image Download and Install
  • Installing Metasploitable 2
  • Installing Metasploitable 3: Packer
  • Installing Metasploitable 3: Vagrant and Plugins
  • Installing Metasploitable 3: VM Creation with Vagrant
  • Downloading and Installing Free Windows 7 and Windows 10
  • Nat Network Create and Settings
  • Connection Test
  • Updates for Kali Linux 2021.3

Passive Information Collection

  • Passive Scan - ARP Tables

Information Gathering Through the Internet

  • Introduction
  • Using Search Engines & Google Hacking to Gather Information
  • Search Engine Tool: SearchDiggity
  • Shodan
  • Gathering Information About the People
  • Web Archives
  • FOCA Fingerprinting Organisations with Collected Archives
  • The Harvester & Recon-NG

Active Information Collection ( Nmap

  • What is Nmap?
  • Nmap First Scan
  • What is Subnet?
  • Interpretation of Nmap Results
  • Scanning Specific IPs or Specific Targets With Nmap
  • Nmap IP List Creation
  • Nmap Random Scan and Exclude Ips
  • Print the Nmap Results to the File
  • Check In -1
  • What Is the OSI Model and How Does It Work?
  • What Is TCP-IP
  • Domain Name System Service-DNS
  • What is Port? Nmap Port Scan
  • Scanning Top 20, Top 100 Ports With Nmap
  • Scanning Specific Ports With Nmap
  • Nmap Syn Scanning
  • Nmap TCP Scan
  • Namp UDP Scan
  • Nmap ACK Scan
  • Nmap Fin-Xmas-Null Scan
  • Nmap Fast Scan
  • Nmap Open Ports Scan
  • Nmap No PORT Scan
  • Nmap PING and noPING Scan
  • Check-2
  • Nmap Verbose Command
  • Nmap With Service and Version Detection
  • Nmap Operating System Detection
  • Nmap Timing Templates
  • Bypass of IPS & IDS Systems With Nmap
  • Nmap Script Engine (NSE)
  • Nmap Script Engine Example - 1
  • Nmap Script Engine Example - 2
  • Writing an NSE Script
  • The Check-3

Using Nessus

  • Introduction to Nessus
  • Downloading Nessus
  • Installing Nessus
  • Creating Policy
  • Scanning
  • Reporting
  • Lab Exercise - 2
  • An Aggressive Scan with Nessus: Start
  • An Aggressive Scan with Nessus: Results
  • An Aggressive Scan with Nessus: Results with Windows Targets

Using Maltego

  • Maltego - Visual Link Analysis Tool

Social Engineering

  • Terminologies Part 1
  • Terminologies Part 2
  • Creating Malware and Terminologies
  • MSFvenom Part 1
  • MSFvenom Part 2
  • Veil Installation
  • Veil in Action
  • TheFatRat Installation
  • TheFatRat in Action
  • TheFatRat: Overcoming a Problem
  • Embedding Malware in PDF
  • Embedding Malware in WORD
  • Embedding Malware in Firefox Add-on
  • Empire Installation
  • Empire in Action Part 1
  • Empire in Action Part 2
  • Exploiting Java Vulnerabilities
  • Social Engineering Toolkit
  • Sending Fake Emails - Phishing
  • Vishing - Voice Phishing

Network Attacks

  • What is “Protocol”
  • Reference Models
  • OSI Reference Model
  • OSI vs TCP/IP
  • Demonstration using Wireshark
  • Standards & Protocols
  • Ethernet: Principles, Frame & Headers
  • ARP ( Address Resolution Protocol ) : Mechanism, ARP Tables, ARP Packets
  • ARP Hand-On Practices
  • VLANs – Virtual Local Area Networks
  • WLANs – Wireless Local Area Networks
  • Introduction to Network Layer
  • Internet Protocol - IP
  • IPv4 Adressing System
  • IPv4 Packet Header
  • IPv4 Subnetting: Classful Networks
  • IPv4 Subnetting: Subnet Mask
  • IPv4 Subnetting: Understanding
  • IPv4 Shortage
  • Private Networks
  • Private Networks - Demonstration
  • NAT – Network Address Translation
  • IPv6, Packet Header & Addressing
  • DHCP - How the Mechanism Works
  • ICMP – Internet Control Message Protocol
  • Traceroute
  • Introduction to Transport Layer
  • TCP – Transmission Control Protocol
  • TCP Header
  • UDP – User Datagram Protocol
  • Introduction to Application Layer
  • DNS – Domain Name System
  • HTTP ( Hyper Text Transfer Protocol )
  • HTTPS
  • Checklist - What We Have Learned
  • What is Covered?
  • Setting Up the Laboratory
  • Download & Install OWASPBWA
  • Download & Install
  • Setting Up the First Project
  • GNS3 Environment
  • Building GNS3 Network
  • Attach Kali (or another VM) to the GNS3 Network
  • Configuring Switch & Router (Cisco) and creating VLANs
  • MitM: Listening to the traffic
  • Sniffing
  • TCPDump
  • Wireshark: Capturing the Traffic
  • Wireshark: Following Stream
  • Wireshark: Summarise Network
  • Router, Switch, Hub
  • How to Expand Sniffing Space?
  • MAC Flood: Switching
  • MAC Flood: Using Macof Tool
  • MacFlood - Countermeasures
  • ARP Spoof
  • ARP Cache Poisoning using Ettercap
  • DHCP Starvation & DHCP Spoofing
  • DHCP Mechanism
  • DHCP Starvation - Scenario
  • DHCP Starvation Demonstration with Yersinia
  • VLAN Hopping
  • VLAN Hopping: Switch Spoofing
  • VLAN Hopping: Double Tagging
  • Reconnaissance: Finding Open Ports & Services Using NMAP
  • Password Cracking
  • Compromising SNMP: What is SNMP ?
  • Compromising SNMP: Finding Community Names Using NMAP Scripts
  • Compromising SNMP: Write Access Check Using SNMP-Check Tool
  • Compromising SNMP: Grabbing SNMP Configuration Using Metasploit
  • Weaknesses of network devices
  • Password Creation Methods of Cisco Routers
  • Identity Management
  • ACL – Access Control Lists
  • SNMP Security

Wifi Hacking and Tools

  • Hardware and Software Requiments
  • Wi-Fi Adapter Settings
  • IEE-802.11
  • Basic Terminologies and Concepts
  • Wireless Operating Modes
  • MAC Frame Structure
  • Wireless Packet Types
  • Wireshark: Analysing Packet Types
  • Wi-Fi Network Interaction
  • Wireless Encryption Protocols: WEP vs. WPA
  • WPA 4-Way Handshake
  • WPA2 Personal and Enterprise
  • Wireshark: WEP and WPA
  • Wi-Fi Protected Setup (WPS)
  • Wireless Recon with Bettercap
  • Wardriving with Kismet: Configuration
  • Wardriving with Kismet: Mapping
  • Airbase-ng
  • Evil Twin Attack
  • Wifi Pumpkin 3
  • Fluxion: Installation
  • Fluxion: Handshake Snooper Attack
  • Fluxion: Captive Portal Attack
  • WEP Cracking - Preparing Attacks
  • WEP Cracking - Fake Authentication Attack
  • WEP Cracking - Deauthentication Attack
  • WEP Cracking - Deauthentication Attack with Bettercap
  • WEP Cracking - ARP Request Replay Attack
  • WEP Cracking - Fragmentation Attack
  • WEP Cracking - ChopChop Attack
  • WPA/WPA2 Cracking - Introduction
  • WPA/WPA2 Cracking - Aircrack-ng
  • WPA/WPA2 Cracking - John The Ripper
  • WPA/WPA2 Cracking - CoWPAtty
  • WPA/WPA2 Cracking - Wifite 2
  • WPA/WPA2 Cracking with GPUs : Hashcat
  • WPA/WPA2 Cracking - Key Reinstallation Attack (KRACK)
  • WPS Cracking - Wifite 2: PIN Attack

Using Metasploit Framework

  • What is a Penetration Test?
  • Why Metasploit Framework? AKA: MSF
  • Importance of Penetration Testing
  • Basics of Penetration Testing
  • Types of Penetration Testing
  • Penetration Testing Execution Standard
  • Requirements ( Like Storage. Processor )
  • Lab Connectivity and Taking Snapshots
  • Evolution of Metasploit
  • Metasploit Filesystem and Libraries
  • The Architecture of MSF
  • Auxiliary Modules
  • Payload Modules
  • Exploit Modules
  • Encoder Modules
  • Post Modules
  • Metasploit Editions
  • Metasploit Community
  • Metasploit Interfaces
  • Armitage
  • MSFconsole
  • MSFConsole Basic Commands 1
  • MSFConsole Basic Commands 2
  • MSFConsole Basic Commands 3
  • Using Databases in MSF 1
  • Using Databases in MSF 2
  • More on Exploits in MSF
  • What is Enumeration?
  • Nmap Integration and Port Scanning
  • SMB and Samba Enumeration
  • MySQL Enumeration
  • FTP Enumeration
  • SSH Enumeration
  • HTTP Enumeration
  • SNMP Enumeration
  • SMTP Enumeration
  • Using Shodan with MSF
  • Intro to Vulnerability Scanning
  • Downloading and Installing Nessus Home
  • Vulnerability Scanning with Nessus Home
  • Integrating Nessus into MSF
  • Metasploit as Exploitation Tool
  • Distributed Ruby Remote Code Execution (drb_remote_codeexec)
  • PHP CGI Argument Injection (php_cgi_arg_injection)
  • MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
  • Java JMX Server Insecure Configuration Java Code Execution (java_jmx_server)
  • Elastic Search Dynamic Script Arbitrary Java Execution (script_mvel_rce)
  • Sun/Oracle GlassFish Server Authenticated Code Execution (glassfish_deployer)
  • Jenkins-CI Script-Console Java Execution (jenkins_script_console)
  • WinRM Script Exec Remote Code Execution (winrm_script_exec)
  • HTTP Writable Path PUT/DELETE File Access (http_put)
  • Exploiting Poorly Configured MySQL Service
  • Axis2 / SAP Business Objects Authenticated Code Execution via SOAP
  • Using Allports Payload
  • Using Resource Files
  • Privilege Escalation
  • Extracting Password Hashes
  • John the Ripper Module
  • Pass The Hash with Metasploit
  • Token Impersonation
  • Extracting Cleartext Passwords
  • Visual Interaction with the Target
  • Enabling Remote Desktop
  • Searching for Critical Information
  • Packet Sniffing
  • Pivoting
  • Port Forwarding
  • Maintaining Access
  • Interacting with the Registry
  • Keylogging
  • Antivirus Evasion and Cleaning
  • MSFvenom
  • MSFVenom: Using Encoders
  • MSFVenom: Using Custom Executable Template
  • Using Custom Payload Generators
  • Cleaning Events and Security Management Logs
  • Deceiving File System Using Timestomp

Using Meterpeter

  • Meterpreter
  • Meterpreter Basics on Linux
  • Meterpreter Basics on Windows
  • Basic Meterpreter Commands 1
  • Basic Meterpreter Commands 2
  • Basic Meterpreter Commands 3
  • Meterpreter Scripts
  • Meterpreter for Post-Exploitation
  • Incognito Extension of Meterpreter
  • Post-Exploitation - Meterpreter
  • Meterpreter Python / Powershell Extension
  • Meterpreter Backdoor and Persistency Modules
  • Mimikatz in Meterpreter

Web Attacks

  • Current Issues of Web Security
  • Principles of Testing
  • Types of Security Testing
  • Guidelines for Application Security
  • Laws and Ethic
  • Installing Vulnerable Virtual Machine: BeeBox
  • Connectivity and Snapshots
  • Modern Web Applications
  • Client-Server Architecture
  • Running a Web Application
  • Core Technologies: Web Browsers
  • Core Technologies: URL
  • Core Technologies: HTML
  • Core Technologies: CSS
  • Core Technologies: DOM
  • Core Technologies: JavaScript
  • Core Technologies: HTTP
  • Core Technologies: HTTPS and Digital Certificates
  • Core Technologies: Session State and Cookies
  • Attack Surfaces
  • Introduction to Burp: Downloading, Installing and Running
  • Introduction to Burp: Capturing HTTP Traffic and Setting FoxyProxy
  • Introduction to Burp: Capturing HTTPS Traffic
  • Intro to Reconnaissance
  • Extract Domain Registration Information: Whois
  • Identifying Hosts or Subdomains Using DNS: Fierce & Theharvester
  • Detect Applications on The Same Service
  • Ports and Services on The Web Server
  • Review Technology/Architecture Information
  • Extracting Directory Structure: Crawling
  • Minimum Information Principle
  • Using Search Engines: Google Hacking
  • Definition
  • Creating a Password List: Crunch
  • Differece Between HTTP and HTTPS Traffic: Wireshark
  • Attacking Insecure Login Mechanisms
  • Attacking Insecure Logout Mechanisms
  • Attacking Improper Password Recovery Mechanisms
  • Attacking Insecure CAPTCHA Implementations
  • Path Traversal: Directory
  • Path Traversal: File
  • Introduction to File Inclusion Vulnerabilities
  • Local File Inclusion Vulnerabilities
  • Remote File Inclusion Vulnerabilities
  • Http Only Cookies
  • Secure Cookies
  • Session ID Related Issues
  • Session Fixation
  • Introduction Cross-Site Request Forgery
  • Stealing and Bypassing AntiCSRF Tokens
  • Definition
  • Reflected Cross-Site Scripting Attacks
  • Reflected Cross-Site Scripting over JSON
  • Stored Cross-Site Scripting Attacks
  • DOM Based Cross-Site Scripting Attacks
  • Inband SQL Injection over a Search Form
  • Inband SQL Injection over a Select Form
  • Error-Based SQL Injection over a Login Form
  • SQL Injection over Insert Statement
  • Boolean Based Blind SQL Injection
  • Time Based Blind SQL Injection
  • Detecting and Exploiting SQL Injection with SQLmap
  • Detecting and Exploiting Error Based SQL Injection with SQLmap
  • Detecting and Exploiting Boolean and Time Based Blind SQL Injection with SQLmap
  • Command Injection Introduction
  • Automate Command Injection Attacks: Commix
  • XML/XPATH Injection
  • SMTP Mail Header Injection
  • PHP Code Injection
  • Heartbleed Attack
  • Attacking HTML5 Insecure Local Storage
  • Druppal SQL Injection: Drupageddon (CVE-2014-3704)
  • SQLite Manager: File Inclusion (CVE-2007-1232)
  • SQLite Manager: PHP Remote Code Injection
  • SQLite Manager: XSS (CVE-2012-5105)
  • Bypassing Cross Origin Resource Sharing
  • XML External Entity Attack
  • Attacking Unrestricted File Upload Mechanisms
  • Server-Side Request Forgery

Extra

  • Full Ethical Hacking & Penetration Testing Course | Ethical

Trending Courses

Popular Courses

Popular Platforms

Learn more about the Courses

Download the Careers360 App on your Android phone

Regular exam updates, QnA, Predictors, College Applications & E-books now on your Mobile

Careers360 App
150M+ Students
30,000+ Colleges
500+ Exams
1500+ E-books