Get $1 credit for every $25 spent!

The Super-Sized Ethical Hacking Bundle

Ending In:
Add to Cart - $43
Add to Cart ($43)
$1,080
96% off
wishlist
(309)
Courses
9
Lessons
667
Enrolled
3,086

What's Included

Product Details

Access
Lifetime
Content
5.5 hours
Lessons
72

Bug Bounty: Web Hacking

Get Paid to Legally Hack The World's Biggest Web Apps

By Amit Huddar | in Online Courses

Did you know you can make money identifying and fixing bugs on some of the biggest web apps on earth? Last year, Facebook paid $5 million to independent hackers while Google paid over $6 million as part of their bug bounty programs. And they're far from alone. In this course, you'll learn how to legally hack major companies like Facebook, Google, and PayPal and get paid to do it.

  • Access 72 lectures & 5.5 hours of content 24/7
  • Learn how to get paid for hacking & disclosing bugs to major companies
  • Get familiar w/ Burp Suite, browser plugins, & Kali Linux
  • Explore types of vulnerability such as SQL, XSS, CSRF injection, & more
  • Discover the methodology for performing bug bounty
Amit Huddar is an Internet Entrepreneur and Software Engineer. He runs his own software company "Softdust," which develops products for new technologies like wearables and other gadgets. He opted for computer science engineering in 2013 at SSIT and started his software company in his first year of engineering.

His skills include: Android app development, HTML, CSS, PHP, C, C++, JAVA, Linux, Building Custom Linux OS, Cloud Computing. Penetration testing, Kali Linux and Hacking.

Details & Requirements

  • Length of time users can access this course: lifetime
  • Access options: web streaming, mobile streaming
  • Certification of completion not included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Experience level required: all levels

Compatibility

  • Internet required

Course Outline

  • Let's Get Started
    • Introduction (1:14)
    • Github (2:53)
  • Tools
    • Vega (5:50)
    • Setting up Atmosphere (5:11)
    • Nikto
    • Sub domain (5:39)
    • Recon ng (9:29)
    • knockpy (3:04)
    • Nmap (5:59)
    • Burp Suite Cont. (4:50)
    • spider (6:51)
    • scanner (7:07)
    • Intruder (6:23)
    • Authorization (4:29)
    • BWap (5:37)
    • wapplayzer (4:53)
    • firebug (3:10)
    • Hack bar (3:45)
    • User agent Switcher (2:42)
    • Sublist3r (3:46)
    • Repeater (3:59)
    • Sequencer (4:29)
    • Analyzing Sequencer Data (3:59)
    • Decoder (2:07)
    • Comparer (2:13)
    • Save and Restore (3:46)
  • WordPress Hacking
    • WP Scan (4:40)
    • WP Scan Codex (5:03)
    • WP Scan Template Monster (7:49)
    • WP Scan User (1:19)
    • CMS Map (2:50)
  • Cross-site Scripting(XSS)
    • XSS Demo (2:54)
    • XSS Lenovo Yahoo (1:45)
    • XSS Uber (2:53)
    • XSS Paypal (1:53)
    • XSS Whatsapp Facebook (1:56)
    • Counter Measures for XSS (2:36)
  • SQL Injection(SQLi)
    • SQL Drupal (2:33)
    • Facebook SQL Injection (2:00)
    • Counter Measures for SQL (3:02)
    • Template Injection (1:54)
  • Clickjacking
    • Clickjacking (2:37)
    • Clickjacking Report (1:31)
    • Clickjacking Injection Similar Report (1:27)
    • IFrame Demo (1:03)
  • Open Redirect Vulnerablility
    • Open Redirect Report (2:20)
    • Open Redirect Similar Report (1:20)
  • Cross-site Request Forgery(CSRF)
    • CSRF(change password) demo (1:23)
    • CSRF Injection (2:13)
    • CSRF Townwars (1:11)
    • CRF Badoo (2:07)
    • CRLF Injection Similar Report (1:32)
    • Shellshock (1:23)
    • SSRF (1:42)
    • SSRF Similar Report (1:48)
  • Full Path Disclosure
    • Full Path Disclosure (2:01)
    • Full Path Disclosure Report (1:14)
    • Full Path Disclosure Similar Report (1:09)
    • Insecure Cryptographic Srorage (2:06)
    • Insecure Direct object References (2:25)
  • Broken Authentication and Session Management
    • Autorize (4:32)
    • Broken Auth - Insecure Login Forms Demo (1:32)
    • Privilege (2:01)
    • Privilege Bookfresh (1:42)
    • Testing for Privilege Manipulation (2:03)
    • Session Mgmt - Administrative Portals (0:56)
    • Session Report (3:06)
    • Application Logic Report (2:11)
    • Application Logic Similar Report (1:35)
  • HTML Injection
    • HTML Injection Report (2:34)
    • HTML Injection similar Report (1:20)
    • HTML Injection Demo (2:25)
    • XML External Entity (1:53)
    • XXE Similar Reports (1:24)
  • Sub Domain take Over
    • Sub Domain Take Over (3:21)
    • Sub Domain Take over Report (1:59)
    • Remote file Insulation (1:40)
  • Remote code Execution
    • Remote Code Execution (1:51)
    • Remote Code Execution Similar Reports (1:12)
    • Cookies (3:42)
    • crt.sh (1:40)
    • Sensitive Data Exposure (2:12)
    • Buffer overflow (3:48)
    • Buffer overflow Similar Reports (1:33)
    • IDOR (1:50)
    • IDOR Similar Report (1:23)
    • DNS Miconfiguration (2:29)
    • DNS Misconfiguration Similar Reports (1:37)
  • Denail of Service (DoS)
    • Denail of Service(DoS) (2:33)
    • DOS Report (2:00)
    • DOS Similar Reports (1:37)
    • Finding Report using Google (4:23)
    • Searching Similar Reports (2:12)
    • HTTP Parameter Pollution (1:46)
    • OSINT (1:58)
  • Methodology
    • Methodology (5:01)
    • 02 Analyze the Application (1:57)
    • 03 Test Client-side Controls (2:22)
    • 04 Authentication Mechanism (2:49)
    • 05 Test Session (3:47)
    • 06 Test Access Control (2:02)
    • 07 Test for Input-based Vulnerabilities (3:02)
    • 08 test Access Control (3:59)
    • 09 Test for Logic Flaws (2:18)
    • 10 Test for Logic Flaws (1:23)
    • 11 Test for Application Server Vulnerabilities (4:30)
    • 12 Miscellaneous Checks (3:17)
    • 13 Follow up Any information Leakage (2:16)
    • Reporting Vulnerability 1 (4:29)
    • Reporting Vulnerability 2 (3:43)

View Full Curriculum


Access
Lifetime
Content
10.5 hours
Lessons
67

CompTIA Security + Exam Preparation

Study to Pass the CompTIA Security+ Certification Exam

By Mohamed Atef | in Online Courses

This course is targeted towards aspiring information security professionals who aren't sure where to start. Beginning with basic security fundamentals, this course elevates through more advanced topics, ultimately providing you with the knowledge you need to pass the globally-recognized CompTIA Security+ certification exam.

  • Access 67 lectures & 10.5 hours of content 24/7
  • Cover basic security fundamentals, threats, & vulnerabilities
  • Explore network security
  • Dive into host & application security
  • Discuss risk management & business continuity planning
  • Study to ace the CompTIA Security+ certification exam on the first attempt
Mohamed Atef is an ICT Consultant, Senior Penetration tester and certified instructor with more than 20 years of experience in professional and academic courses and 2 books published.

  • Certified Information System Security Professional (CISSP) ID #517943
  • Microsoft Certified Trainer (MCT) ID #3022752
  • EC Council Certified Instructor (CEI) ID #ECC51750391761
  • CEH: Certified Ethical Hacking ID #ECC64515022319
  • Certified Cisco System Instructor (CCSI)
  • Microsoft Certified System Engineer (MCSE)
  • Microsoft Certified IT Professional (Windows Server Administration 2008)
  • CompTIA Certified (Network +) ID #
  • CompTIA Certified (Server +)
  • CompTIA Certified (Linux +)
  • CompTIA Certified (Security +)
  • Cisco Certified Network Associate (CCNA)ID #CSCO11273248
  • Cisco Certified Network Professional (CCNP)
  • Project Management Professional (PMP) )ID #1772374

Details & Requirements

  • Length of time users can access this course: lifetime
  • Access options: web streaming, mobile streaming
  • Certification of completion not included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Experience level required: all levels

Compatibility

  • Internet required

Course Outline

  • Introduction
    • Introduction (12:17)
  • Security Fundamentals
    • Information Security Life Cycle 1 (14:09)
    • Information Security Control (5:00)
    • Access Control Introduction (6:45)
    • Authentication (18:46)
    • Access Control (19:19)
    • Cryptography Fundamentals (1:37)
    • Information Security Life Cycle 2 (6:49)
    • Asymetric Encryptian (13:47)
    • Cryptography (16:26)
    • Symetric Encryptian (12:39)
    • Steganography (7:51)
    • Hashing (6:05)
    • Policy (2:38)
  • Identifying Security Threats and Vulnerabilities
    • Social Engineering (12:19)
    • Fake Email (6:13)
    • Phising Credential Harvest (13:11)
    • Security Awarness (6:37)
    • Maleware (12:30)
    • Types of Malicious Code (14:51)
    • Software attack (4:24)
    • Password guessing and cracking (15:09)
    • Rambow table technique (19:20)
    • Application Attack (4:42)
    • What is SQL Injection Attack (14:05)
    • XSS Introduction (2:58)
    • Network Basic (12:02)
    • Network Attack (3:34)
    • IP (16:07)
    • OSI Model Part 1 (14:39)
    • OSI Model Part 2 (14:10)
    • What is Scanning (2:17)
    • Sniffiring 1 (15:19)
    • Sniffiring 2 (14:53)
    • Man in the Middle attack (11:59)
    • Wireless Threats (2:41)
    • Wireless Attack (2:34)
    • Wireless Network (7:15)
    • WEP cracking (20:48)
  • Managing Data, Application, and Host Security
    • Managing Data Security (12:32)
    • Permissions (4:28)
    • Data Policies (6:23)
    • Manage Application security (8:53)
    • Validate application input (4:26)
    • Managing devices and host security (4:36)
    • Operating System (10:34)
    • Trused Computing base (9:17)
    • Logging (3:12)
    • Microsoft Baseline Security Analyizer (4:44)
    • Mobile device security (4:33)
  • Implementing Network Security
    • Implementing Network Security (4:04)
    • IDS (6:53)
    • Firewall (10:38)
  • Implementing Compliance and Operational Security
    • Physical Security (5:31)
    • Lialibilty (3:52)
    • Security awarness (4:22)
  • Risk Managment
    • Introduction to Risk (6:17)
    • Asset Evaluation (18:28)
    • Vulnerability Assessment Tools (Nessus) (13:45)
  • Troubleshooting and Managing Security Incidents
    • Incident Report Form (5:29)
    • Information Security Incident Managment (10:06)
  • Business Continuity and Disaster Recovery Planning
    • BCP (14:32)
    • BIA (10:09)
    • MTD-RTO-RPO (11:39)
    • DRP (3:29)
    • Alternative Sites (8:05)

View Full Curriculum


Access
Lifetime
Content
8.5 hours
Lessons
80

Ethical Hacking Using Kali Linux From A to Z

Discover the Power of Kali Linux, One of the Most Popular Ethical Hacking Tools

By Mohamed Atef | in Online Courses

To break into the world of professional penetration testing, you'll need to be an ace with Kali Linux. This course will introduce you to the latest ethical hacking tools and techniques with Kali Linux, using a testing lab for practicing different types of attacks. Across the course, you'll simulate an entire penetration test from beginning to end, giving you verifiable hands-on experience.

  • Access 80 lectures & 8.5 hours of content 24/7
  • Get comfortable w/ Kali Linux & learn the penetration testing phases
  • Manage Kali Linux HTTP & SSH services
  • Discover essential tools like Netcat & WireShark
  • Gather passive & active information
  • Explore how to perform & defend against a variety of attacks
  • Receive monthly virtual machines as a hacking challenge
Mohamed Atef is an ICT Consultant, Senior Penetration tester and certified instructor with more than 20 years of experience in professional and academic courses and 2 books published.

  • Certified Information System Security Professional (CISSP) ID #517943
  • Microsoft Certified Trainer (MCT) ID #3022752
  • EC Council Certified Instructor (CEI) ID #ECC51750391761
  • CEH: Certified Ethical Hacking ID #ECC64515022319
  • Certified Cisco System Instructor (CCSI)
  • Microsoft Certified System Engineer (MCSE)
  • Microsoft Certified IT Professional (Windows Server Administration 2008)
  • CompTIA Certified (Network +) ID #
  • CompTIA Certified (Server +)
  • CompTIA Certified (Linux +)
  • CompTIA Certified (Security +)
  • Cisco Certified Network Associate (CCNA)ID #CSCO11273248
  • Cisco Certified Network Professional (CCNP)
  • Project Management Professional (PMP) )ID #1772374

Details & Requirements

  • Length of time users can access this course: lifetime
  • Access options: web streaming, mobile streaming
  • Certification of completion not included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Experience level required: all levels

Compatibility

  • Internet required

Course Outline

  • Introduction
    • Kali Linux Course Introduction (11:31)
  • Setup Your Lab
    • Setting up your virtual lab (14:30)
    • Build your lab (3:58)
    • Setting up your workspace (3:39)
  • Getting Comfortable with Kali Linux
    • Penetration Testing Phases (4:51)
    • Kali Linux (8:18)
    • Finding Your Way Around Kali (4:41)
    • Update / Upgrade Kali Packages (3:38)
    • Find, Locate (6:35)
  • Managing Kali Linux Services
    • HTTP Service (3:59)
    • SSH Service (3:30)
  • Essential Tools
    • Netcat (7:55)
    • Grabing the baneer (2:19)
    • Transfering Files using Netcat (4:55)
    • Remote Adminitration using Netcat (2:42)
    • WireShark (4:41)
    • Analysis WireShark traffic in a simple way (5:51)
    • Another WireShark Example (4:10)
  • Passive Information Gathering
    • Gather Passive Information (5:35)
    • Easy Way to get crtical information (5:54)
    • Passive Information 1 (11:28)
    • Gathering Personal Information (7:34)
    • Maltego (1:48)
    • Using Maltego (8:09)
    • Related Entities in Maltego (3:47)
    • More Maltego (6:01)
    • Google Hacking (6:54)
    • Google Search Operator (4:15)
  • Active Information Gathering
    • NMAP (10:15)
    • Sweeping the network (4:10)
    • Get more details about the victim (7:11)
    • NMAP NSE Scripts (1:35)
    • Zenmap (5:39)
    • SMB Enumeration (6:14)
    • DNS Enumeration (2:22)
    • SMB Null Session (6:48)
    • DNS Zone Transfer (6:14)
    • Enum4Linux (3:01)
  • Password Attacks
    • Final Word about Password attack (2:21)
    • Password attack (5:59)
    • Ncrack (8:40)
    • SSH Cracking (3:24)
    • Ncrack Different OS (4:02)
    • XHydra (7:28)
    • Use The right Wordlist (4:28)
    • The Most amazing and effective Wordlist (6:18)
    • Crunch (5:59)
  • Web Application Attacks
    • SQL Injection Introduction (2:23)
    • What is SQL Injection (9:48)
    • Setup your web application lab (9:50)
    • Is The site infected with SQLI (4:42)
    • The Amazing SQLMAP (10:22)
    • Live Example (6:59)
  • Network Attacks
    • Introduction to Network Attacks (9:28)
    • Enable Routing (3:32)
    • MITM attack using ettercap (8:08)
    • Start Xplico (1:41)
    • Ettercap and Xplico attack (9:29)
    • WireShark and Xplico (10:00)
    • DNS Spoofing (10:56)
    • DNS Spoofing attack (10:02)
  • Social Engineering
    • Social Engineering Introduction (5:11)
    • Spoofed Email (7:07)
    • Social Engineering Toolkit (5:03)
    • Fixing Set (5:08)
    • Credential Harvest (11:10)
    • Another-SET-Attack-1 (8:12)
    • Another-SET-Attack-2 (5:38)
    • Meterpreter Sessions (6:57)
  • Working with Exploit
    • Working with exploit (4:31)
    • Metasploit (7:29)
    • Meterpreter Session (3:23)
    • Armitage (2:44)
    • Fixing armitage (4:38)
    • Armitage in Action (7:43)
    • Different Armitage usage (9:52)
    • Armitage Example 2 (7:33)
    • Network Penetration using Armitage (2:14)
  • Remote attacks
    • Port Forwarding (9:24)
    • Hacking Remotely Deonstration (11:39)

View Full Curriculum


Access
Lifetime
Content
16 hours
Lessons
89

Ethical Hacking From Scratch to Advanced Techniques

Get Paid to Hack Computer Networks When You Become a Certified Ethical Hacker

By Mohadmed Atef | in Online Courses

You hear about it all the time: companies getting hacked, having their websites shut down or their customers' data compromised. When that happens, it's time to call in ethical hackers to break into network systems, evaluate their security, and propose solutions. After this course you'll be well on your way to being one of these hackers, paid generously to hack networks, apps, emails, social media accounts, and more!

  • Access 89 lectures & 16 hours of content 24/7
  • Understand how to bypass different security layers after getting proper approval
  • Learn how to compromise computers, crack passwords, crash systems & compromise applications
  • Run a buffer overflow from scratch
  • Stride towards a career in this fast-growing IT profession
Mohamed Atef is an ICT Consultant, Senior Penetration tester and certified instructor with more than 20 years of experience in professional and academic courses and 2 books published.

  • Certified Information System Security Professional (CISSP) ID #517943
  • Microsoft Certified Trainer (MCT) ID #3022752
  • EC Council Certified Instructor (CEI) ID #ECC51750391761
  • CEH: Certified Ethical Hacking ID #ECC64515022319
  • Certified Cisco System Instructor (CCSI)
  • Microsoft Certified System Engineer (MCSE)
  • Microsoft Certified IT Professional (Windows Server Administration 2008)
  • CompTIA Certified (Network +) ID #
  • CompTIA Certified (Server +)
  • CompTIA Certified (Linux +)
  • CompTIA Certified (Security +)
  • Cisco Certified Network Associate (CCNA)ID #CSCO11273248
  • Cisco Certified Network Professional (CCNP)
  • Project Management Professional (PMP) )ID #1772374

Details & Requirements

  • Length of time users can access this course: lifetime
  • Access options: web streaming, mobile streaming
  • Certification of completion not included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Experience level required: all levels

Compatibility

  • Internet required

Course Outline

  • Introduction
    • Introduction to Ethical Hacking (29:50)
  • Setup your lab
    • Install VMWARE Player (9:33)
    • Install and configure the lab (12:17)
  • Start to use Linux
    • Linux (19:39)
  • Reconnaissance
    • What is Reconnaissance? (24:41)
    • What information you should look for? (8:06)
    • Tools and Technique (4:36)
    • Advanced Resonance technique (7:29)
    • Maltego (2:23)
  • Scanning
    • What is Scanning? (2:17)
    • NMAP (24:13)
    • Advanced technique of scanning (13:45)
    • Different types of scanning (13:27)
    • Enumeration (15:06)
  • Start Hacking
    • Define your Objective (3:15)
    • Password guessing and cracking (15:09)
    • Hydra and Xhydra (12:10)
    • Rambo table technique (19:20)
    • Advanced Password cracking technique (10:49)
  • Network Hacking
    • How to Hack a network? (5:40)
    • Sniffing (30:13)
    • Man in the Middle attack (11:59)
    • Cain and Able (6:33)
    • Ettercap (5:44)
    • DNS Poising (15:58)
    • SSL Stip (10:47)
  • Social Engineering
    • What is Social Engineering? (5:24)
    • Social Engineering Toolkit (4:41)
    • Phising - Credential Harvest (13:11)
    • Advanced Social engineering technique (18:58)
    • Fake Email (Spoofing) (6:13)
  • Vulnerability and Exploit
    • What is a Vulnerability and Exploit? (4:15)
    • Search for Vulnerability and its Exploit (7:58)
    • Exploit the Vulnerability (10:28)
    • Metasploit (5:33)
    • Fast Track (9:41)
    • Armitage (8:29)
  • Wireless Hacking
    • Wireless explanation (4:23)
    • Wireless network infrastructure (17:26)
    • Warless attacks (2:33)
    • WEP cracking (20:48)
    • WPA, WPA2 Cracking (27:51)
    • Advanced WPA2 Cracking technique using Reaver (6:41)
  • Buffer Overflow
    • What is Buffer Overflow? (5:28)
    • How to search for Buffer Overflow? (14:04)
    • How to Compromise a System through Buffer Overflow ? (8:59)
    • Buffer Overflow 1 (48:26)
    • Buffer Overflow 2 (16:33)
    • Buffer Overflow 3 (26:05)
    • Changing the Payload (5:47)
    • Another Demonstration (6:28)
    • Your Mission if you choose to accept it (1:47)
  • Web Application Hacking
    • What is Web Application Hacking? (4:16)
    • DVWA (9:09)
    • Hackthissite.org (3:07)
    • What is SQL Injection Attack? (14:05)
    • SQL Injection Attack 1 (7:53)
    • SQL Injection Attack 2
    • XSS Introduction (2:58)
    • Reflected XSS (12:38)
    • Stored XSS (5:14)
    • Affected website for testing (3:27)
    • Advanced web application Attack (10:50)
    • Major Web Application vulnerabilities (3:01)
    • Your Mission if you choose to accept it (1:42)
  • Cryptography
    • Cryptography (Part1) (12:16)
    • Cryptography (Part2) (14:40)
    • Steganography (10:00)
    • Hash (7:57)
  • Malicious Code
    • Malicious Code Analysis (11:10)
    • Types of Malicious Code (14:51)
    • Discovering Malicious Code (8:32)
    • Hiding your Malicious code (6:51)
    • File hash (5:08)
  • Denial of service
    • What is Denial of Service? (3:38)
    • Denial Service Attacks (7:57)
    • DOS Attack 1 (9:09)
    • DOS Attack 2 (6:44)
    • Ping of Death (6:39)
    • DDOS (3:11)
  • Bypassing Security
    • Bypassing different Security Technique (10:43)
  • Real Life Scenario
    • Real Life Scenario 1 (18:19)
    • Real Life Scenario 2 (14:00)
    • Real Life Scenario 3 (7:27)
    • How to manage penetration testing project (6:32)

View Full Curriculum


Access
Lifetime
Content
11.5 hours
Lessons
105

Learn Social Engineering From Scratch

Hack Into Secure Systems & Protect Yourself From Hackers

By iSecur1ty | in Online Courses

In this course you'll start with the basics of social engineering and elevate to an advanced enough level to be able to hack into all major operating systems, generate different types of Trojans, and deliver them using smart social engineering practices. Focused on the practical side of penetration testing, you'll first set up a lab before getting real practice with penetration testing that will help you build a career and protect yourself from malicious hacking.

  • Access 105 lectures & 11.5 hours of content 24/7
  • Learn how to gather information about your target
  • Generate evil files like backdoors, keyloggers, credential harvesters, & more for Windows, macOS, & Linux
  • Discover a number of social engineering methods to deliver Trojans to a target like creating fake websites
  • Interact w/ the systems you've compromised by accessing the file system, escalating your privileges, & more
  • Learn how to protect yourself & your systems from these attacks
Zaid Al-Quraishi is an ethical hacker, pentester, and programmer. He has extensive experience in ethical hacking and penetration testing, more specifically with regard to network security. Zaid started making video tutorials in 2009 for the ethical hacking website iSecuri1ty, and has also served as an editor, manager, and penetration tester for the company. He teaches mostly by example, specifically by first explaining the theory of each technique and then how it translates to a real-life situation.

Details & Requirements

  • Length of time users can access this course: lifetime
  • Access options: web streaming, mobile streaming
  • Certification of completion not included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Experience level required: all levels

Compatibility

  • Internet required

Course Outline

  • Introduction
    • What Is Social Engineering (3:14)
    • Teaser - Hacking An Android Phone & Accessing The Camera (5:34)
    • Course Overview (4:16)
  • Preparation - Creating a Penetration Testing Lab
    • Lab Overview & Needed Software (3:27)
    • Option 1 - Installing Kali Linux As a Virtual Machine Using a Ready Image
    • Option 2 - Installing Kali Using ISO (10:01)
    • Installing Windows As a Virtual Machine (3:22)
    • Installing Ubuntu As a Virtual Machine (7:05)
  • Preparation - Linux Basics
    • Basic Overview Of Kali Linux (4:37)
    • The Linux Terminal & Basic Linux Commands (9:07)
    • Creating & Using Snapshots (6:08)
    • Updating Sources & Installing Programs (4:42)
  • Information Gathering
    • Introduction (1:52)
  • Information Gathering - Gathering Info About A Company/Website
    • Maltego Overview (6:02)
    • Discovering Domain Info & Emails Associated With Target (7:24)
    • Discovering Information About Hosting Company, Support Team Emails & Admin Email (6:55)
    • Discovering Files, Links, Websites & Other Companies Related To Target (5:12)
    • Using The Gathered Info To Build An Attack Stratigy
  • Information Gathering - Gathering Info About A Person
    • Discovering Websites, Links & Social Networking Accounts (9:28)
    • Discovering Twitter Friends & Associated Accounts (4:57)
    • Discovering Emails Of The Target's Friends (4:39)
    • Analysing The Gathered Info & Building An Attack Stratigy (8:41)
  • Windows Evil Files
    • Introduction (2:14)
  • Windows Evil Files - Generating Undetectable Backdoors
    • Installing Veil 3.0 (7:49)
    • Veil Overview & Payloads Basics (7:20)
    • Generating An Undetectable Backdoor Using Veil 3 (9:44)
    • Listening For Incoming Connections (7:25)
    • Hacking A Windows 10 Machine Using The Generated Backdoor (7:12)
    • Installing The Fat Rat (6:18)
    • Generating An Undetectable Backdoor Using TheFatRat (11:29)
    • Installing Empire (6:21)
    • Creating An Empire Listener (6:01)
    • Crating a Windows Powershell Stager & Hacking Windows 10 (7:29)
    • Modifying Backdoor Source To Bypass All Anti-virus Programs (8:13)
  • Windows Evil Files - Spying
    • What Is A Keylogger ? (6:23)
    • Creating A Remote Keylogger (4:55)
    • Using A Remote Keylogger To Capture Key Strikes Including Passwords (7:16)
    • Password Recovery Basics (7:29)
    • Recovering Saved Passwords From Local Machine (3:17)
    • Recovering Saved Passwords From A Remote Machine
  • Windows Evil Files - Enhancing Evil Files
    • Bypassing All Anti-Virus Programs By Modifying Hex Vales (10:35)
    • Download & Execute Payload (6:18)
    • Creating The Perfect Spying Tool (6:49)
  • Windows Evil Files - Converting Evil File To A Trojan
    • Embedding Evil Files With Any File Type Like An Image Or PDF (10:14)
    • Running Evil Files Silently In The Background (9:13)
    • Changing Trojan's Icon (8:19)
    • Spoofing File Extension from .exe to anything else (pdf, png ..etc) (11:33)
    • Embedding backdoor In A Legitimate Microsoft Office Document (8:45)
    • Embedding Any Evil File In A Legitimate Microsoft Office Document (10:20)
  • Mac OS X Evil Files
    • Introduction (3:11)
    • Hacking Mac OS X Using A Basic Backdoor (6:32)
    • Converting Basic Backdoor To An Executable (3:33)
    • Embedding A Normal File With Backdoor (9:20)
    • Changing Trojan's Icon (6:17)
    • Configuring The Trojan To Run Silently (6:14)
    • Embedding Backdoor In A Legitimate Microsoft Office Document (6:10)
  • Linux Evil Files
    • Hacking Into Linux-Like Systems Using One Command (8:54)
    • More Advanced Linux Backdoor (6:35)
    • Generating A Persistant Remote Keylogger (4:39)
    • Using A Remote Keylogger To Capture Key Strikes Including Passwords (6:43)
    • Recovering Saved Passwords From A Local Machine (7:12)
    • Execute & Report Payload (6:57)
    • Recovering Saved Passwords From A Remote Machine (6:53)
    • Embedding Evil Code In A Legitimate Linux Package - Part 1 (12:37)
    • Embedding Evil Code In A Legitimate Linux Package - Part 2 (4:59)
    • Backdooring a Legitimate Android App (9:45)
  • Delivery Methods
    • Introduction (1:51)
    • Preparing Evil Files To Be Delivered Via A URL (6:03)
    • Email Spoofing - Send Emails As Any Email Account (7:20)
    • Hacking OS X & Linux Using Pure Social Engineering Without Sending Any Files (10:10)
    • Creating A Replica Of Any Website / Login Page (6:03)
    • Stealing Login Info Using Fake A Login Page (9:00)
    • BeEF Overview & Basic Hook Method (7:08)
    • Injecting BeEF's Hook In Any Webpage (4:57)
    • Luring Target Into Accessing Evil URL Without Direct Interaction (10:44)
    • Basic BeEF Commands (4:24)
    • Stealing Credentials/Passwords Using A Fake Login Prompt (2:17)
    • Hacking Windows 10 Using A Fake Update (4:40)
    • Hacking Mac OS X Using A Fake Update (4:29)
    • Hacking Linux Using A Fake Update (4:45)
  • Using The Above Attacks Outside The Local Network
    • Overview of the Setup (5:55)
    • Ex1 - Generating a Backdoor That Works Outside The Network
    • Configuring The Router To Forward Connections To Kali (6:58)
    • Ex2 - Using BeEF Outside The Network (5:50)
  • Post Exploitation
    • Introduction (2:11)
    • Upgrading Basic Shell Access To A Meterpreter/Empire Access (9:06)
    • Automatically Execute Commands When A Reverse Shell Is Spawned (6:03)
  • Post Exploitation - Meterpreter
    • Meterpreter Basics (6:22)
    • File System Commands (5:10)
    • Maintaining Access Basic Methods (5:07)
    • Maintaining Access - Using a Reliable & undetectable Method (6:53)
    • Spying - Capturing Key Strikes & Taking Screen Shots (2:40)
    • Pivoting - Theory (What is Pivoting?) (7:07)
    • Pivoting - Exploiting Devices on The Same Network As The Target Computer (8:11)
    • Controlling Android Phone & Accessing Mic, Camera, Messages, File System & More (8:43)
  • Post Exploitation - Empire
    • Basics Of Empire Agents (6:30)
    • File System Commands (6:43)
    • Upload & Execute Shell Commands (4:33)
    • Injecting Backdoor Process In System Processes (9:38)
    • Stealing root Password & Escalating Privileges On OS X (7:16)
    • Maintaining Access On OS X (5:34)
  • Security
    • Detecting Fake/Spoofed Emails (6:08)
    • How to Protect Against BeEF & Other Browser Exploits (4:17)
    • Detecting Trojans Manually (5:32)
    • Detecting Trojans Using a Sandbox (3:16)

View Full Curriculum


Access
Lifetime
Content
9 hours
Lessons
93

Learn Website Hacking and Penetration Testing From Scratch

Learn How to Hack Sites Like A Black Hat Hacker & How to Protect Them Like A White Hat Hacker

By iSecur1ty | in Online Courses

This course is focused on the practical side of penetration testing without neglecting the theory behind each attack. As you gain a complex understanding of websites, you will then learn how you can exploit them to carry out a number of powerful cyber attacks. You'll track from a beginning to advanced level and by the time you finish you'll be able to launch attacks and test the security of websites and apps the same way that black hat hackers would, and be able to fix these vulnerabilities.

  • Access 93 lectures & 9 hours of content 24/7
  • Learn how to gather information about your target site like discovering the DNS server used & subdomains
  • Discover, exploit, & fix a number of vulnerabilities like file upload, code execution, SQL injection, XSS, & much more
  • Understand what you can do w/ the access gained from vulnerabilities
  • Explore the basic exploitation of attacks & the advanced methods to enhance them
  • Learn how & why vulnerabilities are exploitable, how to fix them, & the right practices to avoid them
Zaid Al-Quraishi is an ethical hacker, pentester, and programmer. He has extensive experience in ethical hacking and penetration testing, more specifically with regard to network security. Zaid started making video tutorials in 2009 for the ethical hacking website iSecuri1ty, and has also served as an editor, manager, and penetration tester for the company. He teaches mostly by example, specifically by first explaining the theory of each technique and then how it translates to a real-life situation.

Details & Requirements

  • Length of time users can access this course: lifetime
  • Access options: web streaming, mobile streaming
  • Certification of completion not included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Experience level required: all levels

Compatibility

  • Internet required

Course Outline

  • Introduction
    • Course Introduction (2:13)
  • First Section
    • Lab Overview & Needed Software (3:25)
    • Option 1 - Installing Kali Linux As a Virtual Machine Using a Ready Image (5:24)
    • Option 2 - Installing Kali Using ISO (10:01)
    • Installing Metasploitable As a Virtual Machine (4:10)
    • Installing Windows As a Virtual Machine (3:22)
  • Preparation - Linux Basics
    • Basic Overview Of Kali Linux (4:37)
    • The Linux Terminal & Basic Linux Commands (9:07)
    • Configuring Metasploitable & Lab Network Settings (5:38)
  • Website Basics
    • What is a Website? (4:13)
    • How To Hack a Website ? (5:31)
  • Information Gathering
    • Gathering Information Using Whois Lookup (4:41)
    • Discovering Technologies Used On The Website (6:04)
    • Gathering Comprehensive DNS Information (5:58)
    • Discovering Websites On The Same Server (3:43)
    • Discovering Subdomains (5:06)
    • Discovering Sensitive Files (7:26)
    • Analysing Discovered Files (4:17)
    • Maltego - Discovering Servers, Domains & Files (7:43)
    • Maltego - Discovering Websites, Hosting Provider & Emails (4:49)
  • File Upload Vulnerabilities
    • What are they? And How To Discover & Exploit Basic File Upload Vulnerabilites (6:44)
    • HTTP Requests - GET & POST (4:13)
    • Intercepting HTTP Requests (6:44)
    • Exploiting Advanced File Upload Vulnerabilities (4:37)
    • Exploiting More Advanced File Upload Vulnerabilities (4:22)
    • [Security] Fixing File Upload Vulnerabilities (6:22)
  • Code Execution Vulnerabilities
    • What are they? & How To Discover & Exploit Basic Code Execution Vulnerabilities (7:26)
    • Exploiting Advanced Code Execution Vulnerabilities (6:06)
    • [Security] - Fixing Code Execution Vulnerabilities (5:47)
  • Local File Inclusion Vulnerabilities (LFI)
    • What are they? And How To Discover & Exploit Them (5:49)
    • Gaining Shell Access From LFI Vulnerabilities - Method 1 (7:10)
    • Gaining Shell Access From LFI Vulnerabilities - Method 2 (10:38)
  • Remote File Inclusion Vulnerabilities (RFI)
    • Remote File Inclusion Vulnerabilities - Configuring PHP Settings
    • Remote File Inclusion Vulnerabilities - Discovery & Exploitation (5:44)
    • Exploiting Advanced Remote File Inclusion Vulnerabilities (2:49)
    • [Security] Fixing File Inclusion Vulnerabilities (5:55)
  • SQL Injection Vulnerabilities
    • What is SQL (5:48)
    • Dangers of SQL Injections (2:53)
  • SQL Injection Vulnerabilities - SQLi In Login Pages
    • Discovering SQL Injections In POST (7:56)
    • Bypassing Logins Using SQL Injection Vulnerability (4:49)
    • Bypassing More Secure Logins Using SQL Injections (6:24)
    • [Security] Preventing SQL Injections In Login Pages (7:43)
  • SQL injection Vulnerabilities - Extracting Data From The Database
    • Discovering SQL Injections in GET (6:44)
    • Reading Database Information (5:26)
    • Finding Database Tables (3:34)
    • Extracting Sensitive Data Such As Passwords (4:29)
  • SQL injection Vulnerabilities - Advanced Exploitation
    • Discovering & Exploiting Blind SQL Injections (5:53)
    • Discovering a More Complicated SQL Injection (7:21)
    • Extracting Data (passwords) By Exploiting a More Difficult SQL Injection (4:47)
    • Bypassing Security & Accessing All Records (7:19)
    • Bypassing Filters (4:48)
    • [Security] Quick Fix To Prevent SQL Injections (6:43)
    • Reading & Writing Files On The Server Using SQL Injection Vulnerability (5:58)
    • Getting A Reverse Shell Access & Gaining Full Control Over The Target Web Server (8:26)
    • Discoverting SQL Injections & Extracting Data Using SQLmap (6:47)
    • Getting a Direct SQL Shell using SQLmap (2:58)
    • [Security] - The Right Way To Prevent SQL Injection (4:58)
  • XSS Vulnerabilities
    • Introduction - What is XSS or Cross Site Scripting? (3:09)
    • Discovering Basic Reflected XSS (3:46)
    • Discovering Advanced Reflected XSS (4:34)
    • Discovering An Even More Advanced Reflected XSS (7:04)
    • Discovering Stored XSS (2:56)
    • Discovering Advanced Stored XSS (3:36)
    • Discovering Dom Based XSS (6:33)
  • XSS Vulnerabilities - Exploitation
    • Hooking Victims To BeEF Using Reflected XSS (5:41)
    • Hooking Victims To BeEF Using Stored XSS (4:09)
    • BeEF - Interacting With Hooked Victims (3:56)
    • BeEF - Running Basic Commands On Victims (4:24)
    • BeEF - Stealing Credentials/Passwords Using A Fake Login Prompt (2:17)
    • Installing Veil 3
    • Bonus - Veil Overview & Payloads Basics
    • Bonus - Generating An Undetectable Backdoor Using Veil 3
    • Bonus - Listening For Incoming Connections
    • Bonus - Using A Basic Deliver Method To Test The Backdoor & Hack Windows 10
    • BeEF - Gaining Full Control Over Windows Target (3:40)
    • [Security] Fixing XSS Vulnerabilities (7:17)
  • Insecure Session Management
    • Logging In As Admin Without a Password By Manipulating Cookies (6:05)
    • Discovering Cross Site Request Forgery Vulnerabilities (CSRF) (6:46)
    • Exploiting CSRF Vulnerabilities To Change Admin Password Using a HTML File (7:00)
    • Exploiting CSRF Vulnerabilities To Change Admin Password Using Link (5:40)
    • [Security] The Right Way To Prevent CSRF Vulnerabilities (8:45)
  • Brute Force & Dictionary Attacks
    • What Are Brute Force & Dictionary Attacks? (3:44)
    • Creating a Wordlist (6:35)
    • Launching a Wordlist Attack & Guessing Login Password Using Hydra (13:32)
  • Discovering Vulnerabilities Automatically Using Owasp ZAP
    • Scanning Target Website For Vulnerabilities (4:11)
    • Analysing Scan Results (4:19)
  • Post Exploitation
    • Post Exploitation Introduction (3:58)
    • Interacting With The Reverse Shell Access Obtained In Previous Lectures (6:59)
    • Escalating Reverse Shell Access To Weevely Shell (7:52)
    • Weevely Basics - Accessing Other Websites, Running Shell Commands ...etc (4:54)
    • Bypassing Limited Privileges & Executing Shell Commands (6:32)
    • Downloading Files From Target Webserver (4:39)
    • Uploading Files To Target Webserver (7:53)
    • Getting a Reverse Connection From Weevely (7:46)
    • Accessing The Database (8:53)

View Full Curriculum


Access
Lifetime
Content
3 hours
Lessons
23

Hands on, Interactive Penetration Testing & Ethical Hacking

Learn Ethical Hacking Through Metasploit & Bypassing Anti-Virus Software

By Nick Smith | in Online Courses

This course allows you to follow, in real time, each stage of a penetration testing engagement so you cna tweak and train your skills over and over again. You'll get the latest tools and techniques using Rapid 7's tool Metasploit to exploit targets, as well as run post exploitation techniques and utilize PowerShell with Empire. By giving you interactive, hands-on experience, you'll be able to learn more efficiently and build a lucrative career as a penetration tester.

  • Access 23 lectures & 3 hours of content 24/7
  • Understand how to move around Metasploit
  • Learn how to not be seen by intrusion detection system & evade anti-virus software used by professional penetration testers
  • Explore Empire, how to gain sessions known as "agents," escalate privileges & migrate over to the Metasploit framework
  • Discover penetration tactics in real-time through visual learning
Nick Smith has substantial experience in Networking & Systems Management covering Windows, *nix & Mac. He has worked from the ground up as a Systems Administrator / Network Administrator, ISP, Provisioning Broadband services & MPLS Networks in large corporate environments. He has been involved in running penetration test engagements within the Financial Sector Services for some of the largest global banking Institutes. Nick currently holds the Qualys Vulnerability Assessor Certification, & will explore CREST and others when he has time in the future.

Details & Requirements

  • Length of time users can access this course: lifetime
  • Access options: web streaming, mobile streaming
  • Certification of completion not included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Experience level required: all levels

Compatibility

  • Internet required

Course Outline

  • Learn Metasploit
    • Navigation around the Console, Shortcut Keys, Searching and Time Saving Key Tips (14:34)
    • Understanding OS Finger Printing for Information Gathering Purposes (7:07)
    • Understanding the famous MS08067netapi Exploit (7:00)
    • Upgrading Command Shells to Meterpreter (5:06)
    • Denial Of Service - MS12-020 MS Remote Desktop Use After Free (7:32)
    • Exploitation - Web Script Delivery in PowerShell (14:08)
    • Creating AutoRun Scripts for Fast Code Execution (5:09)
    • Post Exploitation - Gathering Hashes - Cracking with JTR and OPHCRACK
    • Post Exploitation - Mimikatz Usage for Password Recovery (7:15)
    • Post Exploitation - 'Pass the Hash' - (update) What it is and how to use it (10:21)
    • Post Exploitation - 'Pivoting' (Compromise Sessions through Sessions!) (19:23)
    • Post Exploitation - Using the 'ask' Module (6:32)
    • Persistence (5:47)
    • Covering Your Tracks! - Don't Get Caught..... (4:00)
  • Learn PowerShell Empire
    • Installation and Basic Setup (1:44)
    • Navigation around the Console, Shortcut Keys, Searching and Time Saving Key Tips (45:12)
    • Creating Base64 encoded Powershell Stagers
    • Creating a Component Scriptlet Stager to create shells! (0:16)
    • Interacting with 'Agents' (0:05)
    • Privilege Escalation - 'Bypass UAC' - 3 Different Methods! (3:01)
    • Privilege Escalation - 'Ask' Module (1:21)
    • Migrate to a 'SYSTEM' user and *Try to use mimikatz!
    • Empire to Metasploit to Harvest passwords (0:04)

View Full Curriculum


Access
Lifetime
Content
3 hours
Lessons
21

Complete WiFi and Network Ethical Hacking Course 2017

Learn to Break & Secure WiFi Networks

By Learn Pentest | in Online Courses

This course will give you an in-depth look into WiFi hacking and security. By course's end, regardless of experience, you'll be confident breaking all types of WiFi encryption methods and be ready to start pursuing a career in network security.

  • Access 21 lectures & 3 hours of content 24/7
  • Learn how to properly prepare your working environment
  • Explore some basics about networks & how they work
  • Discover every possible attack you can perform on a target network without being connected to it
  • Crack & bypass security mechanisms of a network
  • Understand how to anonymously stay on the network without being noticed
  • Reduce the risk of being hacked by learning to secure your network
LearnPentest is a group of penetration testers and ethical hackers with an extensive background in web application security, web and software development, network administration and exploit development. They have over 7 years of professional experience in the cyber security domain. Their instructors hold some of the most valuable certifications in the cyber security domain including: OSCP, LPT, C|EH, CISSP, OSCE.

Details & Requirements

  • Length of time users can access this course: lifetime
  • Access options: web streaming, mobile streaming
  • Certification of completion not included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Experience level required: all levels

Compatibility

  • Internet required

Course Outline

  • Introduction
    • Introduction (1:02)
    • Course Outline (3:48)
  • Setting Up Our Environment
    • Kali Linux Installation - Virtual (7:27)
    • Kali Linux Installation - Live (5:51)
    • Kali Linux Installation - Dual Boot (8:12)
    • Testing WiFi Adapter (2:16)
    • Web Application Attacks Vulnerable Machine (6:46)
  • Network Basics
    • TCP and IP (4:04)
    • MAC Address (3:03)
    • Network Fundamentals (2:03)
  • Pre-connection Attacks
    • Passive Network Client Discovery (4:31)
    • Deauthentication Attack (Targeted Client ) (3:21)
    • Deauthentication Attack (Multiple Clients) (3:55)
    • Creating a Fake Access Point (Wifiphisher) (4:15)
    • Creating a Fake Access Point (Wifi-Pumpkin) (5:13)
  • Gaining Access
    • WEP Cracking - Automated (1st method) (3:00)
    • Universal Attacking Tool (2:17)
    • WPA and WPA2 - Capturing Handshake (2:41)
    • WPA and WPA2 - Dictionary Attack (2:20)
    • WPS - Attack (2:18)
  • Post-connection Attacks
    • Live Host Discovery (1:48)
    • Port and Service Scanning (1:27)
    • Operating System Enumeration (3:21)
    • Metasploit Framework (2:24)
    • Metasploit Framework Modules (4:09)
    • Armitage (5:33)
    • Malicious Backdoor (9:47)
    • Exploiting Windows 7, 8.1 and 10 Without User Interaction (7:39)
    • Meterpreter Upload and Download (4:53)
  • Web Application Attacks
    • Burpsuite (2:50)
    • Cross Site Scripting - Overview (1:51)
    • Cross Site Scripting - Reflected (4:33)
    • Cross Site Scripting - Stored (4:51)
    • Cross-site Request Forgery (6:32)
    • HTML Injection (3:09)
    • Open Redirect (1:19)
    • Command Injection
    • File Inclusion (6:38)
    • File Upload (4:42)
    • Insecure Direct Object References (1:56)
    • Sensitive Data Exposure (2:02)
    • SQL Injection - Automated (3:13)
    • SQL Injection - From SQL Injection to System Shell (2:20)
    • SQL Injection - Manual (4:02)
    • Dirbuster (2:01)
    • Nikto (1:59)
  • Securing Network
    • Best practice (1:21)

View Full Curriculum


Access
Lifetime
Content
11 hours
Lessons
117

Cyber Security Volume I: Hackers Exposed

Learn How to Stop Hackers, Prevent Tracking, & Counter Government Surveillance

By Nathan House | in Online Courses

Internet security has never been as important as it is today with more information than ever being handled digitally around the globe. In the first course of this four volume bundle, you'll get an introduction to hacking and how to protect yourself and others. You'll develop an understanding of the threat and vulnerability landscape through threat modeling and risk assessments, and build a foundation for which to expand your security knowledge.

  • Access 117 lectures & 11 hours of content 24/7
  • Explore the Darknet, malware, exploit kits, phishing, zero day vulnerabilities, & more
  • Learn about global tracking & hacking infrastructures that nation states run
  • Understand the foundations of operating system security & privacy functionality
  • Get a crash course on encryption, how it can be bypassed, & what you can do to mitigate risks
  • Discover defenses against phishing, SMShing, vishing, identity theft, & other cons
Nathan House has over 24 years experience in cyber security where he has advised some of largest companies in the world, assuring security on multi-million and multi-billion pound projects. He is CEO of Station X, a cyber security consultancy. More recently Nathan acted as the lead security consultant on a number of the UK's mobile banking and payment solutions helping secure to date over £71Bn in transactions.

His clients have included; BP, ExxonMobil, Shell, Vodafone, VISA, T-mobile, GSK, COOP Banking Group, Royal Bank of Scotland, Natwest, Yorkshire bank, BG Group, BT, London 2012.

Over the years he has spoken at a number of security conferences, developed free security tools, and discovered serious security vulnerabilities in leading applications. Nathan's qualifications and education include:

  • BSc. (Hons) Computing 'Networks & Communication' 1st Class Honors
  • SCF : SABSA Charted Architect Foundation
  • CISSP : Certified Information Systems Security Professional
  • CISA : Certified Information Systems Auditor
  • CISM : Certified Information Security Manager
  • ISO 27001 Certified ISMS Lead Auditor
  • CEH : Certified Ethical Hacker
  • OSCP : Offensive Security Certified Professional

Details & Requirements

  • Length of time users can access this course: lifetime
  • Access options: web streaming, mobile streaming
  • Certification of completion not included
  • Redemption deadline: redeem your code within 30 days of purchase
  • Experience level required: all levels

Compatibility

  • Internet required

Course Outline

  • Section 1. Introduction
    • 1. Welcome and Introduction to the Instructor! Preview (2:06)
    • 2. Security Quick Win! (11:40)
    • 3. Goals and Learning Objectives - Volume 1 (2:30)
    • 4. Target Audience Preview (1:54)
    • 5. Study Recommendations (5:16)
    • The Forum - For Questions, Answers and Other Resources (1:34)
    • 6. Course updates (0:40)
  • Section 2. Know Yourself - The Threat and Vulnerability Landscape
    • 7. Goals and Learning Objectives (0:41)
    • 8. Protect What You Value (2:04)
    • 9. What is Privacy, Anonymity and Pseudonymity (4:35)
    • 10. Security, Vulnerabilities, Threats and Adversaries (4:37)
    • 11. Threat Modeling and Risk Assessments (7:51)
    • 12. Security vs Privacy vs Anonymity - Can we have it all? (1:56)
    • 13. Defense In Depth (1:35)
    • 14. The Zero Trust Model (3:40)
  • Section 3. Know Your Enemy - The Current Threat and Vulnerability Landscape
    • 15. Goals and Learning Objectives (0:43)
    • 16. Why You Need Security – The Value Of A Hack (5:14)
    • 17. The Top 3 Things You Need To Stay Safe Online (1:23)
    • 18. Security Bugs and Vulnerabilities - The Vulnerability Landscape (5:48)
    • 19. Hackers, crackers and cyber criminals (2:32)
    • 20. Malware, viruses, rootkits and RATs (6:56)
    • 21. Spyware, Adware, Scareware, PUPs & Browser hijacking (4:44)
    • 22. What is Phishing, Vishing and SMShing (14:53)
    • 23. Spamming & Doxing (3:15)
    • 24. Social engineering - Scams, cons, tricks and fraud (5:31)
    • 25. Darknets, Dark Markets and Exploit kits (8:04)
    • 26. Governments, spies and secret stuff part I (5:12)
    • 27. Governments, spies and secret stuff part II (9:43)
    • 28. Regulating encryption, mandating insecurity & legalizing spying (14:36)
    • 29. Trust & Backdoors (10:14)
    • 30. Censorship (2:24)
    • 31. Security News and Alerts – Stay Informed (0:49)
  • Section 4. Encryption Crash Course
    • 32. Goals and Learning Objectives (0:24)
    • 33. Symmetric Encryption (9:54)
    • 34. Asymmetric Encryption (10:17)
    • 35. Hash Functions (6:32)
    • 36. Digital Signatures (4:45)
    • 37. Secure Sockets Layer (SSL) and Transport layer security (TLS) (13:26)
    • 38. SSL Stripping (12:02)
    • 39. HTTPS (HTTP Secure) (7:49)
    • 40. Digital Certificates (6:19)
    • 41. Certificate Authorities and HTTPS (12:56)
    • 42. End-to-End Encryption (E2EE) (1:57)
    • 43. Steganography (8:12)
    • 44. How Security and Encryption is Really Attacked (2:42)
  • Section 5. Setting up a Testing Environment Using Virtual Machines
    • 45. Goals and Learning Objectives (0:27)
    • 46. Introduction to Setting up a Testing Environment Using Virtual Machines (10:08)
    • 76. Vmware (10:55)
    • 48. Virtual box (12:03)
    • 49. Kali Linux (2:50)
  • Section 6. Operating System Security & Privacy (Windows vs Mac OS X vs Linux)
    • 50. Goals and Learning Objectives (0:37)
    • 51. Security Features and Functionality (2:48)
    • 52. Security Bugs and Vulnerabilities (4:00)
    • 53. Usage Share (3:56)
    • 54. Windows 10 - Privacy & Tracking (6:08)
    • 55. Windows 10 - Disable tracking automatically (4:42)
    • 56. Windows 10 - Tool : Disable Windows 10 Tracking (8:32)
    • 57. Windows 10 – Cortana (2:20)
    • 58. Windows 10 – Privacy Settings (8:15)
    • 59. Windows 10 - WiFi Sense (3:38)
    • 60. Windows 7, 8 and 8.1 - Privacy & Tracking (7:19)
    • 61. Mac - Privacy & Tracking (4:33)
    • 62. Linux and Unix “like” Operating systems (3:27)
    • 63. Linux - Debian (1:02)
    • 64. Linux - Debian 8 Jessie - Virtual box guest additions Issue (6:15)
    • 65. Linux - OpenBSD and Archlinux (1:38)
    • 66. Linux - Ubuntu (0:58)
  • Section 7. Security Bugs and Vulnerabilities
    • 67. Goals and Learning Objectives (0:25)
    • 68. The Importance of Patching (3:47)
    • 69. Windows 7 - Auto Update (1:15)
    • 70. Windows 8 & 8.1 - Auto Update (1:25)
    • 71. Windows 10 - Auto Update (1:25)
    • 72. Windows - Criticality and Patch Tuesday (3:46)
    • 73. Windows 7, 8, 8.1 & 10 - Automate the pain away from patching (8:34)
    • 74. Linux - Debian - Patching (10:58)
    • 75. Mac - Patching (6:58)
    • 76. Firefox - Browser and extension updates (4:23)
    • 77. Chrome - Browser and extension updates (1:13)
    • 78. IE and Edge - Browser and extention updates (0:46)
    • 79. Auto updates - The Impact to privacy and anonymity (1:41)
  • Section. 8 Reducing Threat Privilege
    • 80. Goals and Learning Objectives + Removing Privilege (2:53)
    • 81. Windows 7 - Not using admin (3:32)
    • 82. Windows 8 and 8.1 - Not using admin (4:14)
    • 83. Windows 10 - Not using admin (3:25)
  • Section 9. Social Engineering and Social Media Offence and Defence
    • 84. Goals and Learning Objectives (0:26)
    • 85. Information Disclosure and Identity Strategies for Social Media (12:34)
    • 86. Identify Verification and Registration (5:05)
    • 87. Behavioural Security Controls Against Social Threats (Phishing, Spam) Part 1 (7:50)
    • 88. Behavioural Security Controls Against Social Threats (Phishing, Spam) Part 2 (10:22)
    • 89. Technical Security Controls Against Social Threats (Phishing, Spam, Scam & Cons) (5:02)
  • Section 10. Security Domains
    • 90. Goals and Learning Objectives (0:21)
    • 91. Security Domains (10:00)
  • Section 11. Security Through Isolation and Compartmentalization
    • 92. Goals and Learning Objectives (0:37)
    • 93. Introduction to Isolation and Compartmentalization (2:10)
    • 94. Physical and Hardware Isolation - How to change the Mac Address (7:10)
    • 95. Physical and Hardware Isolation - Hardware Serials (11:18)
    • 96. Virtual Isolation (8:36)
    • 97. Dual Boot (2:41)
    • 98. Built-in Sandboxes and Application Isolation (3:07)
    • 99. Windows - Sandboxes and Application Isolation (5:57)
    • 100. Windows - Sandboxes and Application Isolation - Sandboxie (11:29)
    • 101. Linux - Sandboxes and Application Isolation (3:04)
    • 102. Mac - Sandboxes and Application Isolation (6:33)
    • 103. Virtual Machines (10:51)
    • 104. Virtual Machine Weaknesses (10:31)
    • 105. Virtual Machine Hardening (9:15)
    • 106. Whonix OS - Anonymous Operating system (20:51)
    • 107. Whonix OS - Weaknesses (4:18)
    • 108. Qubes OS (19:07)
    • 109. Security Domains, Isolation and Compartmentalization (4:42)
  • Section 12. BONUS - What's next?... Volume 2, 3 and 4
    • 110. BONUS - Important Information (0:46)
    • 111. Congratulations - Video to be redone
    • 112. BONUS Lecture from Volume 2 - Router Vulnerability Scanning (Shodan, Qualys) (16:23)
    • 113. BONUS Lecture from Volume 2 - Password cracking part 2 (7:09)
    • 114. BONUS Lecture from Volume 3 - Bypassing firewalls and HTTP proxies part 3 (15:21)
    • 115. BONUS Lecture from Volume 4 - Email clients, protocols and authentication (13:17)

View Full Curriculum



Terms

  • Instant digital redemption

15-Day Satisfaction Guarantee

We want you to be happy with every course you purchase! If you're unsatisfied for any reason, we will issue a store credit refund within 15 days of purchase.