The document outlines a course on practical professional ethical hacking. It covers topics such as reconnaissance and information gathering, scanning networks and systems, network security, web application penetration testing, reverse engineering, exploit development, post-exploitation techniques, Windows hacking, password cracking, wireless cracking, and practice with vulnerable virtual machines. The goal is to teach ethical hacking techniques while maintaining ethical and legal practices.
The document outlines a course on practical professional ethical hacking. It covers topics such as reconnaissance and information gathering, scanning networks and systems, network security, web application penetration testing, reverse engineering, exploit development, post-exploitation techniques, Windows hacking, password cracking, wireless cracking, and practice with vulnerable virtual machines. The goal is to teach ethical hacking techniques while maintaining ethical and legal practices.
Original Description:
Practical Ethical Hacking Course Outlines By Eng. Mohamed Fadel
The document outlines a course on practical professional ethical hacking. It covers topics such as reconnaissance and information gathering, scanning networks and systems, network security, web application penetration testing, reverse engineering, exploit development, post-exploitation techniques, Windows hacking, password cracking, wireless cracking, and practice with vulnerable virtual machines. The goal is to teach ethical hacking techniques while maintaining ethical and legal practices.
The document outlines a course on practical professional ethical hacking. It covers topics such as reconnaissance and information gathering, scanning networks and systems, network security, web application penetration testing, reverse engineering, exploit development, post-exploitation techniques, Windows hacking, password cracking, wireless cracking, and practice with vulnerable virtual machines. The goal is to teach ethical hacking techniques while maintaining ethical and legal practices.
• Introduction • Theory and History • Hacking vs Penetration Testing vs Red Teaming vs Vulnerability assessments • Certifications • Getting Started o Network Basics o Systems Basics o Linux Basics o Virtual Machines o VMware vs VirtualBox o Installing Kali Linux o Linux Commands o Bash Scripting Basics • Reconnaissance an Information Gathering. o Domain Harvesting o WAF detection o Google Hacking o Enumeration and Mapping o Open Source Intelligence o Wireshark • Scanning o Port Scanning using NMAP o Stealth Scans using NMAP o Service Scanning using NMAP o Vulnerability Scanning using Nessus and Nikto • Network Security o Sniffing using Wireshark o Man in The Middle Attack o Metasploit Framework o Payload Creation using MSFvenom o Reverse Shell and Bind Shell o Exploiting Shellshock and Eternal Blue vulnerabilities o Exploiting shares • Web Applications Theory
By Eng. Mohamed Fadel
By Eng. Mohamed Fadel
• Web Application Penetration Testing
o Encoding vs Encryption vs Hashing vs Obfuscation o HTTPS and Certificates overview o Intercepting Proxy o Burp Suite o DVWA o Lost? Then Let’s Recap o Brute Force Using Burp Suite and Python o Command Injection vulnerability o Reflected and Stored XSS (Cross Site Scripting) o CSRF (Cross Site Request Forgery) o Steal cookies using BeeF o File Upload vulnerability o Error Based SQL Injection vulnerability o Blind SQL Injection vulnerability o File Inclusion vulnerability • Learning Reverse Engineering o Introduction to x86 Architecture (32bit architecture) o Studying CPU o Assembly Concepts o Debugging and disassembly • Learning Exploit Development o What is Buffer Overflow? o Windows 32bit Stack Based Buffer Overflow o Immunity debugger o Overwriting EIP o Locating Bad Characters o Endianness o Local Exploitation of Windows Stack Based Buffer Overflow o Remote Exploitation Windows Stack Based Buffer Overflow o Linux 32bit Stack Based Buffer Overflow o GNU Debugger o DEP and ASLR o Stack Canary and SafeSEH • POST Exploitation o Maintain Access
By Eng. Mohamed Fadel
By Eng. Mohamed Fadel
o Local Privilege Escalation
• Windows Hacking o Active Directory o Active Directory Enumeration o Active Directory Authentication o PowerShell for Enumeration • Password Cracking o Service Brute Force via Hydra o John the Ripper Tool • Wireless Cracking o WEP o WPA/WPA2 • Practice o Solving Vulnhub machines!! • Bug Hunting • What now?