• Post category:StudyBullet-9
  • Reading time:12 mins read


Learn Ethical Hacking and Start your Career in Cyber Security

What you will learn

What is Cyber Security ?

Kali Linux Command Line (CLI)

Wireshark

Passive Information Gathering Techniques

Scanning with Nmap

The Metasploit Framework Essentials

Active Directory Attacks

Basic Linux Commands

Netcat (nc) Essentials

Bash Scripting (Shell Scripting)

Active Information Gathering Techniques

Web Application Attacks

Buffer Overflow

Hands-On Practice Labs

Description

What is ethical hacking?

Ethical hacking involves an authorized attempt to gain unauthorized access to a computer system, application, or data. Carrying out an ethical hack involves duplicating strategies and actions of malicious attackers. This practice helps to identify security vulnerabilities which can then be resolved before a malicious attacker has the opportunity to exploit them.

Also known as “white hats,” ethical hackers are security experts that perform these assessments. The proactive work they do helps to improve an organization’s security posture. With prior approval from the organization or owner of the IT asset, the mission of ethical hacking is opposite from malicious hacking.

What Is A Red Team?

A red team consists of security professionals who act as adversaries to overcome cyber security controls. Red teams often consist of independent ethical hackers who evaluate system security in an objective manner.

They utilize all the available techniques to find weaknesses in people, processes, and technology to gain unauthorized access to assets. As a result of these simulated attacks, red teams make recommendations and plans on how to strengthen an organization’s security posture.

How Does A Red Team Work?

You might be surprised to learn that red teams spend more time planning an attack then they do performing attacks. In fact, red teams deploy a number of methods to gain access to a network.


Get Instant Notification of New Courses on our Telegram channel.


Social engineering attacks, for example, rely on reconnaissance and research to deliver targeted spear phishing campaigns. Likewise, prior to performing a penetration test, packet sniffers and protocol analyzers are used to scan the network and gather as much information about the system as possible.

What Is A Blue Team?

A blue team consists of security professionals who have an inside out view of the organization. Their task is to protect the organization’s critical assets against any kind of threat.

They are well aware of the business objectives and the organization’s security strategy. Therefore, their task is to strengthen the castle walls so no intruder can compromise the defenses.

How Does A Blue Team Work?

The blue team first gathers data, documents exactly what needs to be protected and carries out a risk assessment. They then tighten up access to the system in many ways, including introducing stronger password policies and educating staff to ensure they understand and conform to security procedures.

Monitoring tools are often put in place, allowing information regarding access to the systems to be logged and checked for unusual activity. Blue teams will perform regular checks on the system, for example, DNS audits, internal or external network vulnerability scans and capturing sample network traffic for analysis.

English
language

Content

Introduction

What is Ethical Hacking
Red Team Vs Blue Team
Why Kali Linux ?

Getting Started with Kali Linux

Booting Up Kali Linux
The Linux Filesystem
Basic Linux Commands
Managing Kali Linux Services
Searching, Installing, and Removing Tools

Kali Linux Command Line (CLI)

Environment Variables
Bash History Command
Piping and Redirection
Text Searching and Manipulation
Editing Files
Comparing Files
Managing Processes
File and Command Monitoring
Downloading Files
Customizing the Bash Environment

Netcat (nc) Essentials

Netcat (nc)

Wireshark

What is Wireshark and why should you learn it?
Basics of Computer Networking
OSI model
Install Wireshark
WireShark Getting Started
Sets a conversation filter between two specific IP addresses
Sets a filter to display all http and dns protocols
Sets filters for any TCP packet with a specific source or destination port
displays all TCP packets that contain a certain term
filters all HTTP GET and POST requests
filter out certain types of protocols
Can Wireshark capture passwords?
Plain text network protocols
Capture Insecure Connections (Net Cat)
Capture FTP Passwords
Extract files from FTP using Wireshark
Capture HTTP Passwords
Capture files (images) from HTTP traffic

Bash Scripting (Shell Scripting)

Our First Bash Script
Variables
If, Else, Elif Statements
Loops
Functions

Passive Information Gathering Techniques

What is Passive Information Gathering
Whois Enumeration
Google Hacking
Netcraft
Shodan
Security Headers Scanner
Email Harvesting
Information Gathering Frameworks

Active Information Gathering Techniques

DNS Introduction
DNS Enumeration

Scanning with Nmap

Port Scanners Essentials
What is Nmap
Preparing the Environment
UDP Scan (-sU)
FIN Scan (-sF)
Ping Scan (-sP)
TCP SYN Scan (-sS)
TCP Connect() Scan (-sT)
Version Detection (-sV)
Idle Scan (-sI)
Basic Nmap Scan against IP or host – Hands On
Nmap Ping Scan – Hands On
Scan specific ports or scan entire port ranges – Hands On
Scan multiple IP addresses – Hands On
Scan the most popular ports – Hands On
Scan hosts and IP addresses reading from a text file – Hands On
Save your Nmap scan results to a file – Hands On
Disabling DNS name resolution – Hands On
Scan + OS and service detection with fast execution – Hands On
Detect service/daemon versions – Hands On
Scan using TCP or UDP protocols – Hands On
What is NSE ?
CVE detection using Nmap – Theory
CVE detection using Nmap – Hands On
Launching DOS with Nmap – Hands On
Launching brute force attacks – Hands On
Detecting malware infections on remote hosts – Hands On

Web Application Attacks

Web Application Security
Web Application Assessment Tools – DIRB
Web Application Assessment Tools – Burp Suite
Web Application Assessment Tools – Nikto
Open Web Application Security Project Top 10 (OWASP Top 10)

The Metasploit Framework Essentials

Basics of Metasploit Framework
Metasploit User Interfaces and Setup
Getting Familiar with MSF Syntax
Metasploit Database Access
Auxiliary Modules
Metasploit Payloads – Meterpreter Payloads

Hands-On Practice Lab 1

Hands-On Practice Lab 1 Links
Setup the Environment
Hands-On Practice Lab 1 Walkthrough

Hands-On Practice Lab 2

Hands-On Practice Lab 2 Links
Setup the Environment
Hands-On Practice Lab 2 Walkthrough

Hands-On Practice Lab 3

Hands-On Practice Lab 3 Links
Setup the Environment
Hands-On Practice Lab 3 Walkthrough