Network & Security


Learn Ethical Hacking From Scratch

Become an ethical hacker that can hack computer systems like black hat hackers and secure them like security experts.

4.56 (90108 reviews)



14.5 hours


Oct 2020

Last Update
Regular Price

What you will learn

135+ ethical hacking & security videos.

Start from 0 up to a high-intermediate level.

Learn ethical hacking, its fields & the different types of hackers.

Install a hacking lab & needed software (on Windows, OS X and Linux).

Hack & secure both WiFi & wired networks.

Understand how websites work, how to discover & exploit web application vulnerabilities to hack websites.

Use 30+ hacking tools such as Metasploit, Aircrack-ng, SQLmap.....etc.

Discover vulnerabilities & exploit them to hack into servers.

Hack secure systems using client-side & social engineering.

Secure systems from all the attacks shown.

Install & use Kali Linux - a penetration testing operating system.

Learn linux basics.

Learn linux commands & how to interact with the terminal.

Learn Network Hacking / Penetration Testing.

Network basics & how devices interact inside a network.

Run attacks on networks without knowing its key.

Control Wi-Fi connections without knowing the password.

Create a fake Wi-Fi network with internet connection & spy on clients.

Gather detailed information about networks & connected clients like their OS, ports ...etc.

Crack WEP/WPA/WPA2 encryptions using a number of methods.

ARP Spoofing / ARP Poisoning.

Launch various Man In The Middle attacks.

Access any account accessed by any client on the network.

Sniff network traffic & analyse it to extract important info such as: passwords, cookies, urls, videos, images ..etc.

Intercept network traffic & modify it on the fly.

Discover devices connected to the same network.

Inject Javascript in pages loaded by clients connected to the same network.

Redirect DNS requests to any destination (DNS spoofing).

Secure networks from the discussed attacks.

Edit router settings for maximum security.

Discover suspicious activities in networks.

Encrypt traffic to prevent MITM attacks.

Discover open ports, installed services and vulnerabilities on computer systems.

Hack servers using server side attacks.

Exploit buffer over flows & code execution vulnerabilities to gain control over systems.

Hack systems using client side attacks.

Hack systems using fake updates.

Hack systems by backdooring downloads on the fly.

Create undetectable backdoors.

Backdoor normal programs.

Backdoor any file type such as pictures, pdf's ...etc.

Gather information about people, such as emails, social media accounts, emails and friends.

Hack secure systems using social engineering.

Send emails from ANY email account without knowing the password for that account.

Analyse malware.

Manually detect undetectable malware.

Read, write download, upload and execute files on compromised systems.

Capture keystrokes on a compromised system.

Use a compromised computer as a pivot to hack other systems.

Understand how websites & web applications work.

Understand how browsers communicate with websites.

Gather sensitive information about websites.

Discover servers, technologies & services used on target website.

Discover emails & sensitive data associated with a specific website.

Discover subdomains associated with a website.

Discover unpublished directories & files associated with a target website.

Discover websites hosted on the same server as the target website.

Exploit file upload vulnerabilities to gain control over target website.

Discover, exploit and fix code execution vulnerabilities.

Discover, exploit & fix local file inclusion vulnerabilities.

Discover, exploit & fix SQL injection vulnerabilities.

Bypass login forms and login as admin using SQL injections.

Exploit SQL injections to find databases, tables & sensitive data such as usernames, passwords...etc

Read / Write files to the server using SQL injections.

Learn the right way to write SQL queries to prevent SQL injections.

Discover reflected XSS vulnerabilities.

Discover Stored XSS vulnerabilities.

Hook victims to BeEF using XSS vulnerabilities.

Fix XSS vulnerabilities & protect yourself from them as a user.

Discover MITM & ARP Spoofing attacks.


Welcome this comprehensive Ethical Hacking course! This course assumes you have NO prior knowledge and by the end of it you'll be able to hack systems like black-hat hackers and secure them like security experts!

This course is highly practical but it won't neglect the theory; we'll start with ethical hacking basics, breakdown the different penetration testing fields and install the needed software (on Windows, Linux and Mac OS X), then we'll dive and start hacking straight away. You'll learn everything by example, by analysing and exploiting different systems such as networks, servers, clients, websites .....etc. We'll never have any boring dry theoretical lectures.

The course is divided into a number of sections, each section covers a penetration testing / hacking field, in each of these sections you'll first learn how the target system works, the weaknesses of this system, and how to practically exploit theses weaknesses to hack into this system.

By the end of the course you will have a strong foundation in most hacking or penetration testing fields and you'll also learn how to detect, prevent and secure systems and yourself from the discussed attacks. 

The course is divided into four main sections:   

1. Network HackingThis section will teach you how to test the security of both wired & wireless networks. First, you will learn network basics, how they work, and how devices communicate with each other. Then it will branch into three sub sections:   

  • Pre-connection attacks: in this subsection you'll learn a number of attacks that can be executed without connecting to the target network and without the need to know the network password; you'll learn how to gather information about the networks around you, discover connected devices, and control connections (deny/allow devices from connecting to networks).

  • Gaining Access: Now that you gathered information about the networks around you, in this subsection you will learn how to crack the key and get the password to your target network weather it uses WEP, WPA or even WPA2.

  • Post Connection attacks: Now that you have the key, you can connect to the target network, in this subsection you will learn a number of powerful techniques that allow you to gather comprehensive information about the connected devices, see anything they do on the internet (such as login information, passwords, visited urls, images, videos ....etc), redirect requests, inject evil code in loaded pages and much more! All of these attacks work against both wireless and wired networks. You will also learn how to create a fake WiFi network, attract users to connect to it and use all of the above techniques against the connected clients.

2. Gaining AccessIn this section you will learn two main approaches to gain full control or hack computer systems:

  • Server Side Attacks:  In this subsection you will learn how to gain full access to computer systems without user interaction. You will learn how to gather useful information about a target computer system such as its operating system, open ports, installed services, then use this information to discover weaknesses and vulnerabilities and exploit them to gain full control over the target. Finally you will learn how to automatically scan servers for vulnerabilities and generate different types of reports with your discoveries.

  • Client Side AttacksIf the target system does not contain any weaknesses then the only way to hack it is by interacting with the users, in this subsection you'll learn how to get the target user to install a backdoor on their system without even realising, this is done by hijacking software updates or backdoornig downloadeds on the fly. This subsection also teaches you how to use social engineering to hack into secure systems, so you'll learn how to gather comprehensive information about system users such as their social accounts, friends, their mails.....etc, you'll learn how to create trojans by backdooring normal files (such as an image or a pdf) and use the gathered information to spoof emails so they appear as if they're sent from the target's friend, boss or any email account they're likely to interact with, to social engineer them into running your torjan.

3. Post ExploitationIn this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute), maintain your accessspy on the target (capture key strikes, turn on the webcam, take screenshots....etc) and even use the target computer as a pivot to hack other systems.

4. Website / Web Application HackingIn this section you will learn how websites work, how to gather information about a target website (such as website owner, server location, used technologies ....etc) and how to discover and exploit the following dangerous vulnerabilities to hack into websites:

  • File Upload.

  • Code Execution.

  • Local File Inclusion.

  • Remote File Inclusion.

  • SQL Injection.

  • Cross Site Scripting (XSS).

At the end of each section you will learn how to detect, prevent and secure systems and yourself from the discussed attacks. 

All the techniques in this course are practical and work against real systems, you'll understand the whole mechanism of each technique first, then you'll learn how to use it to hack into the target system. By the end of the course you'll be able to modify the these techniques to launch more powerful attacks, and adopt them to suit different situations and different scenarios.

With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 15 hours.



  • This course is created for educational purposes only, all the attacks are launched in my own lab or against systems that I have permission to test.

  • This course is totally a product of Zaid Sabih & zSecurity and no other organisation is associated with it or a certification exam. Although, you will receive a Course Completion Certification from Udemy, apart from that NO OTHER ORGANISATION IS INVOLVED.


Learn Ethical Hacking From Scratch
Learn Ethical Hacking From Scratch
Learn Ethical Hacking From Scratch
Learn Ethical Hacking From Scratch



Teaser - Hacking a Windows 10 Computer & Accessing Webcam

Course Introduction & Overview

What Is Hacking & Why Learn It ?

Setting up a Hacking Lab

Lab Overview & Needed Software

Installing Kali 2019 As a Virtual Machine

Creating & Using Snapshots

Linux Basics

Basic Overview of Kali Linux

The Terminal & Linux Commands

Network Hacking

Introduction to Network Penetration Testing / Hacking

Networks Basics

Connecting a Wireless Adapter To Kali

What is MAC Address & How To Change It

Wireless Modes (Managed & Monitor)

Network Hacking - Pre Connection Attacks

Packet Sniffing Basics

WiFi Bands - 2.4Ghz & 5Ghz Frequencies

Network Hacking - Gaining Access - WEP Cracking

Targeted Packet Sniffing

Deauthentication Attack (Disconnecting Any Device From The Network)

Network Hacking - Gaining Access (WEP/WPA/WPA2 Cracking)

Gaining Access Introduction

Theory Behind Cracking WEP Encryption

Network Hacking - Gaining Access - WPA / WPA2 Cracking

WEP Cracking Basics

Fake Authentication Attack

ARP Request Replay Attack

Introduction to WPA and WPA2 Cracking

Hacking WPA & WPA2 Without a Wordlist

Capturing The Handshake

Network Hacking - Gaining Access - Security

Creating a Wordlist

Cracking WPA & WPA2 Using a Wordlist Attack

Securing Your Network From Hackers

Configuring Wireless Settings for Maximum Security

Network Hacking - Post Connection Attacks

Introduction to Post-Connection Attacks

Network Hacking - Post-Connection Attacks - Information Gathering

Installing Windows As a Virtual Machine

Discovering Devices Connected to the Same Network

Gathering Sensitive Info About Connected Devices (Device Name, Ports....etc)

Gathering More Sensitive Info (Running Services, Operating System....etc)

Network Hacking - Post Connection Attacks - MITM Attacks

What is ARP Poisoning ?

Intercepting Network Traffic

Bettercap Basics

ARP Spoofing Using Bettercap

Spying on Network Devices (Capturing Passwords, Visited Websites...etc)

Creating Custom Spoofing Script

Understanding HTTPS & How to Bypass it

Bypassing HTTPS

Bypassing HSTS

DNS Spoofing - Controlling DNS Requests on The Network

Injecting Javascript Code

Wireshark - Basic Overview & How To Use It With MITM Attacks

Wireshark - Sniffing & Analysing Data

Wireshark - Using Filters, Tracing & Dissecting Packets

Wireshark - Capturing Passwords & Anything Sent By Any Device In The Network

Creating a Fake Access Point (Honeypot) - Theory

Creating a Fake Access Point (Honeypot) - Practical

Network Hacking - Detection & Security

Detecting ARP Poisoning Attacks

Detecting suspicious Activities In The Network

Preventing MITM Attacks - Method 1

Preventing MITM Attacks - Method 2

Gaining Access To Computers

Gaining Access Introduction

Gaining Access - Server Side Attacks

Installing Metasploitable As a Virtual Machine

Introduction to Server-Side Attacks

Basic Information Gathering & Exploitation

Hacking a Remote Server Using a Basic Metasploit Exploit

Exploiting a Code Execution Vulnerability to Hack into a Remote Server

Nexpose - Installing Nexpose

Nexpose - Scanning a Target Server For Vulnerabilities

Nexpose - Analysing Scan Results & Generating Reports

Gaining Access - Client Side Attacks

Introduction to Client-Side Attacks

Installing Veil Framework 3.1

Veil Overview & Payloads Basics

Generating An Undetectable Backdoor

Listening For Incoming Connections

Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10

Hacking Windows 10 Using Fake Update

Backdooring Downloads on The Fly to Hack Windows 10

How to Protect Yourself From The Discussed Delivery Methods

Gaining Access - Client Side Attacks - Social Engineering

Introduction to Social Engineering

Maltego Basics

Discovering Websites, Links & Social Accounts Associated With Target

Discovering Twitter Friends & Associated Accounts

Discovering Emails Of The Target's Friends

Analysing The Gathered Info & Building An Attack Strategy

Backdooring Any File Type (images, pdf's ...etc)

Compiling & Changing Trojan's Icon

Spoofing .exe Extension To Any Extension (jpg, pdf ...etc)

Spoofing Emails - Setting Up an SMTP Server

Email Spoofing - Sending Emails as Any Email Account

BeEF Overview & Basic Hook Method

BeEF - Hooking Targets Using Bettercap

BeEF - Running Basic Commands On Target

BeEF - Stealing Passwords Using A Fake Login Prompt

BeEF - Hacking Windows 10 Using a Fake Update Prompt

Detecting Trojans Manually

Detecting Trojans Using a Sandbox

Gaining Access - Using The Above Attacks Outside The Local Network

Overview of the Setup

Ex1 - Generating a Backdoor That Works Outside The Network

Configuring The Router To Forward Connections To Kali

Ex2 - Using BeEF Outside The Network

Post Exploitation

Introduction to Post Exploitation

Meterpreter Basics

File System Commands

Maintaining Access - Basic Methods

Maintaining Access - Using a Reliable & Undetectable Method

Spying - Capturing Key Strikes & Taking Screen Shots

Pivoting - Theory (What is Pivoting?)

Pivoting - Using a Hacked System to Hack Into Other Systems

Website Hacking

Introduction - What Is A Website ?

How To Hack a Website?

Website Hacking - Information Gathering

Gathering Basic Information Using Whois Lookup

Discovering Technologies Used On The Website

Gathering Comprehensive DNS Information

Discovering Websites On The Same Server

Discovering Subdomains

Discovering Sensitive Files

Analysing Discovered Files

Website Hacking - File Upload, Code Execution & File Inclusion Vulns

Discovering & Exploiting File Upload Vulnerabilities To Hack Websites

Discovering & Exploiting Code Execution Vulnerabilities To Hack Websites

Discovering & Exploiting Local File Inclusion Vulnerabilities

Remote File Inclusion Vulnerabilities - Configuring PHP Settings

Remote File Inclusion Vulnerabilities - Discovery & Exploitation

Preventing The Above Vulnerabilities

Website Hacking - SQL Injection Vulnerabilities

What is SQL?

Dangers of SQL Injection Vulnerabilities

Discovering SQL injections In POST

Bypassing Logins Using SQL injection

Discovering SQL injections in GET

Reading Database Information

Discovering Database Tables

Extracting Sensitive Data From The Database (Such As Passwords, User info...etc)

Reading & Writing Files On The Server Using SQL Injection Vulnerability

Discovering SQL Injections & Extracting Data Using SQLmap

The Right Way To Prevent SQL Injection Vulnerabilities

Website Hacking - Cross Site Scripting Vulnerabilities

Introduction to Cross Site Scripting?

Discovering Reflected XSS

Discovering Stored XSS

Exploiting XSS - Hooking Vulnerable Page Visitors To BeEF

Preventing XSS Vulnerabilities

Website Hacking - Discovering Vulnerabilities Automatically

Automatically Scanning Target Website For Vulnerabilities

Analysing Scan Results

Bonus Section

Bonus Lecture - What's Next?


Lim9 October 2020

I had gained some new knowledge about different types of hackers, previously I only know black & white hackers but now I know grey hat hackers who hacked whenever they like but they don't steal or ask for money but what they do is still illegal as no access permission is given to them.

Onyekachukwu7 October 2020

Yes, it is i haven't got any idea about ethical hacking before now but this is actually breaking it clearly to me

Patrick7 October 2020

Bisher habe ich vieles gelernt und dank dieser Lektionen schon einige Fortschritte gemacht. Es ist sehr verständlich und gut erklärt.

Ernest7 October 2020

Since childhood I dreamed to become a security guard by now Its all in Information Security, Well done Zaid

Rohit7 October 2020

Well Just in simple words this course is what you wanna LEARN DUDES, Its amazing with Explanation of each and every topic related to course with basics to high level. Thank You Zaid Sir, FOR THIS COURSE TOO MUCH!!!!!.

Yuvraj7 October 2020

Its Great and easy to learn as Zaid teaches it in a very simple way and explains it in a very easy way so that everyone can understand it...

I-Chow7 October 2020

I am glad someone offer this course. Anyone doing anything important on their computer should know about this.

Luca6 October 2020

So many bugs and problems that had to be resolved, no proper answer about the custom kali image not working for so many people, I wish it was clearer why, I now have to use the default image and am hoping that no more bugs will occur during the course

Surabhi27 February 2020

My experience is good so far but it would be more better if you could give some more references, so that it would be better for practice.

Jose27 February 2020

Curso para comenzar a conocer algo sobre como hackear máquinas o conocer si te han hackeado la tuya.

Kenny25 February 2020

I really enjoyed this course, Zaid does a really good job of explaining the concepts on each module. Certainly going to take more courses by this instructor.

Shashwat25 February 2020

The course is amazing till this point and this course tell that what we can do? why we have to learn this? and many more things like. I am very excited about the next section ??

Surampudivikas25 February 2020


Learn23 February 2020

sir as i told you that i am very interested these type of topics to learn and i already knew very much about hacking so i am able to understand your course much better altough i am also a programmer and a app developer.

Joe21 February 2020

I'm learning this to compete in a hacking competition, I think it will help me a lot because I want to become an Ethical Hacker myself.


Udemy ID


Course created date


Course Indexed date
Course Submitted by

Android PlayStore
Apple Appstore