Learn Ethical Hacking From Scratch

Become an ethical hacker that can hack like black hat hackers and secure systems like cybersecurity experts

4.58 (122342 reviews)
Udemy
platform
English
language
Network & Security
category
instructor
599,023
students
16 hours
content
Mar 2024
last update
$174.99
regular price

What you will learn

145+ videos (15+ hours) to teach you ethical hacking & cybersecurity from scratch.

Use 30+ hacking tools such as Metasploit, Aircrack-ng, SQLmap, etc.

85+ hands-on real-life hacking examples.

No prior knowledge required

Hack & secure WiFi & wired networks.

Hack cloud servers.

Create backdoors & Hack Windows.

Start from 0 up to a high-intermediate level.

Discover & exploit web application vulnerabilities to hack websites.

Learn Network Hacking / Penetration Testing.

Learn about the different hacking fields & hackers.

Install a hacking lab & needed software (on Windows, OS X and Linux).

Discover vulnerabilities & exploit them to hack into servers.

Hack secure systems using client-side & social engineering.

Secure systems from all the attacks shown.

Install & use Kali Linux - a hacking operating system.

Linux basics.

Linux commands

How to use the Linux terminal.

Network basics & how devices interact inside a network.

Run attacks on networks without knowing its key.

Control Wi-Fi connections without knowing the password.

Create a fake Wi-Fi network with internet connection & spy on clients.

Gather detailed information about networks & connected clients like their OS, ports ...etc.

Crack WEP/WPA/WPA2 encryptions.

ARP Spoofing / ARP Poisoning.

Launch various Man In The Middle attacks.

Access any account accessed by any client on the network.

Sniff network traffic & analyse it to extract important info such as: passwords, cookies, urls, videos, images ..etc.

Intercept network traffic & modify it on the fly.

Discover devices connected to the same network.

Inject Javascript in pages loaded by clients connected to the same network.

Redirect DNS requests to any destination (DNS spoofing).

Secure networks from the discussed attacks.

Edit router settings for maximum security.

Discover suspicious activities in networks.

How to prevent MITM attacks.

Discover open ports, installed services and vulnerabilities on computer systems.

Exploit buffer over flows & code execution vulnerabilities to gain control over systems.

Hack systems using client side attacks.

Hack Windows using fake updates.

Backdoor normal programs.

Backdoor any file type such as pictures, pdf's ...etc.

Gather information about people, such as emails, social media accounts, emails and friends.

Hack secure systems using social engineering.

Send emails from ANY email account without knowing the password for that account.

Analyse malware.

Manually detect undetectable malware.

Read, write download, upload and execute files on compromised systems.

Capture keystrikes on a compromised system.

Use a compromised computer as a pivot to hack other systems.

Understand how websites & web applications work.

Understand how browsers communicate with websites.

Gather sensitive information about websites.

Discover servers, technologies & services used on target website.

Discover emails & sensitive data associated with a specific website.

Discover subdomains associated with a website.

Discover unpublished directories & files associated with a target website.

Discover websites hosted on the same server as the target website.

Exploit file upload vulnerabilities to gain control over target website.

Discover, exploit and fix code execution vulnerabilities.

Discover, exploit & fix local file inclusion vulnerabilities.

Discover, exploit & fix SQL injection vulnerabilities.

Bypass login forms and login as admin using SQL injections.

Exploit SQL injections to find databases, tables & sensitive data such as usernames, passwords...etc

Read / Write files to the server using SQL injections.

Learn the right way to write SQL queries to prevent SQL injections.

Discover reflected XSS vulnerabilities.

Discover Stored XSS vulnerabilities.

Hook victims to BeEF using XSS vulnerabilities.

Fix XSS vulnerabilities & protect yourself from them as a user.

Discover MITM & ARP Spoofing attacks.

Description

Welcome this comprehensive Ethical Hacking course! This course assumes you have NO prior knowledge! It starts with you from scratch and takes you step-by-step teaching you how to hack systems like black-hat hackers and secure them like security experts!


This course is highly practical but it won't neglect the theory; we'll start with ethical hacking basics, breakdown the different penetration testing fields and install the needed software (on Windows, Linux and Apple Mac OS), then we'll dive and start hacking straight away. You'll learn everything by example, by analysing and exploiting different systems such as networks, cloud servers, clients, websites, etc. No boring dry lectures.


The course is divided into a number of sections, each section covers a penetration testing / hacking field, in each of these sections you'll first learn how the target system works, the weaknesses of this system, and how to practically exploit theses weaknesses to hack this system. As we do this I will also introduce you to different hacking and security concepts, tools and techniques. Everything will be taught through examples and hands-on practicals, there will be no useless or boring lectures!


All the techniques in this course are practical and work against real systems, you'll understand the whole mechanism of each technique first, then you'll learn how to use it to hack the target system . By the end of the course you'll be able to modify these techniques to launch more powerful attacks, and adopt them to suit different situations and different scenarios .


By the end of the course you will have a strong foundation in most hacking or penetration testing fields and you'll also learn how to detect, prevent and secure systems and yourself from the discussed attacks. 


The course is divided into four main sections:   

1. Network HackingThis section will teach you how to hack and secure both wired & wireless networks. First, you will learn network basics, how they work, and how devices communicate with each other. Then it will branch into three sub sections:   

  • Pre-connection attacks: in this subsection you'll learn a number of attacks that can be executed without connecting to the target network and without the need to know the network password; you'll learn how to gather information about the networks around you, discover connected devices, and control connections (deny/allow devices from connecting to networks).

  • Gaining Access: Now that you gathered information about the networks around you, in this subsection you will learn how to crack the key and get the password to your target network whether it uses WEP, WPA or even WPA2 .

  • Post Connection attacks: Now that you have the key, you can connect to the target network, in this subsection you will learn a number of powerful techniques that allow you to gather comprehensive information about the connected devices, see anything they do on the internet (such as login information, passwords, visited urls, images, videos, etc.), redirect requests, inject evil code in loaded pages and much more! You will also learn how to create a fake WiFi network or a honeypot, attract users to connect to it and use all of the above techniques against the connected clients.


2. Gaining AccessIn this section you will learn two main approaches to gain remote access or hack computer systems:

  • Server Side Attacks:  In this subsection you will learn how to gain full access to computer systems without user interaction. You will learn how to gather useful information about a target system such as the operating system, open ports, installed services, then use this information to discover weaknesses / vulnerabilities and exploit them to gain full control over the target. Finally you will learn how to automatically scan servers for vulnerabilities and generate different types of reports with your discoveries.

  • Client Side AttacksIf the target system does not contain any weaknesses then the only way to hack it is by interacting with the users, in this subsection you'll learn how to get the target user to install a backdoor on their system without even realising, this is done by hijacking software updates or backdooring downloads on the fly. This subsection also teaches you how to use social engineering to hack secure systems, so you'll learn how to gather comprehensive information about system users such as their social accounts, friends, their mails, etc. You'll learn how to create trojans by backdooring normal files (such as an image or a pdf) and use the gathered information to spoof emails so they appear as if they're sent from the target's friend, boss or any email account they're likely to interact with, to social engineer them into running your trojan.


3. Post ExploitationIn this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute), maintain your accessspy on the target (capture key strikes, turn on the webcam, take screenshots, etc.) and even use the target computer as a pivot to hack other systems.

4. Website / Web Application HackingIn this section you will learn how websites work, how to gather information about a target website (such as website owner, server location, used technologies, etc.) and how to discover and exploit the following dangerous vulnerabilities to hack websites:

  • Information Disclosure.

  • File Upload.

  • Code Execution.

  • Local File Inclusion.

  • Remote File Inclusion.

  • SQL Injection.

  • Cross Site Scripting (XSS).


Throughout the course you'll learn how to use use the following tools to achieve the above:

  • VMware.

  • Kali Linux

  • Nmap.

  • Bettercap.

  • Wireshark.

  • OWASP Zap.

  • Metasploit.

  • Nexpose.

  • SQLmap.

  • Maltego.

  • Veil Framework.

  • Crunch.

  • Netdiscover.

  • Zenmap.

  • arpspoof.

  • Evilgrade.

  • The Backdoor Factory.

  • BeEF.

  • Dirb.

  • Knockpy.

  • Netcat.

  • Aircrack-ng suite .

    • Airmon-ng .

    • Airodump-ng .

    • Aireplay-ng .

    • Aircrack-ng .


At the end of each section you will learn how to detect, prevent and secure systems and yourself from the discussed attacks. 


Checkout the curriculum and the course teaser for more info!


With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 15 hours.

   

Notes:

  • This course is created for educational purposes only, all the attacks are launched in my own lab or against systems that I have permission to test.

  • This course is totally a product of Zaid Sabih & zSecurity and no other organisation is associated with it or a certification exam. Although, you will receive a Course Completion Certification from Udemy, apart from that NO OTHER ORGANISATION IS INVOLVED.

Content

Introduction

Teaser - Hacking a Windows 10 Computer & Accessing Webcam
Course Introduction & Overview
What Is Hacking & Why Learn It ?

Setting up a Hacking Lab

Lab Overview & Needed Software
Installing Kali 2019 As a Virtual Machine
Creating & Using Snapshots

Linux Basics

Basic Overview of Kali Linux
The Terminal & Linux Commands

Network Hacking

Introduction to Network Penetration Testing / Hacking
Networks Basics
Connecting a Wireless Adapter To Kali
What is MAC Address & How To Change It
Wireless Modes (Managed & Monitor)

Network Hacking - Pre Connection Attacks

Packet Sniffing Basics
WiFi Bands - 2.4Ghz & 5Ghz Frequencies

Network Hacking - Gaining Access - WEP Cracking

Targeted Packet Sniffing
Deauthentication Attack (Disconnecting Any Device From The Network)

Network Hacking - Gaining Access (WEP/WPA/WPA2 Cracking)

Gaining Access Introduction
Theory Behind Cracking WEP Encryption

Network Hacking - Gaining Access - WPA / WPA2 Cracking

WEP Cracking Basics
Fake Authentication Attack
ARP Request Replay Attack
Introduction to WPA and WPA2 Cracking
Hacking WPA & WPA2 Without a Wordlist
Capturing The Handshake

Network Hacking - Gaining Access - Security

Creating a Wordlist
Cracking WPA & WPA2 Using a Wordlist Attack
Securing Your Network From Hackers
Configuring Wireless Settings for Maximum Security

Network Hacking - Post Connection Attacks

Introduction to Post-Connection Attacks

Network Hacking - Post-Connection Attacks - Information Gathering

Installing Windows As a Virtual Machine
Discovering Devices Connected to the Same Network
Gathering Sensitive Info About Connected Devices (Device Name, Ports....etc)
Gathering More Sensitive Info (Running Services, Operating System....etc)

Network Hacking - Post Connection Attacks - MITM Attacks

What is ARP Poisoning ?
Intercepting Network Traffic
Bettercap Basics
ARP Spoofing Using Bettercap
Spying on Network Devices (Capturing Passwords, Visited Websites...etc)
Creating Custom Spoofing Script
Understanding HTTPS & How to Bypass it
Bypassing HTTPS
Bypassing HSTS
DNS Spoofing - Controlling DNS Requests on The Network
Injecting Javascript Code
Wireshark - Basic Overview & How To Use It With MITM Attacks
Wireshark - Sniffing & Analysing Data
Wireshark - Using Filters, Tracing & Dissecting Packets
Wireshark - Capturing Passwords & Anything Sent By Any Device In The Network
Creating a Fake Access Point (Honeypot) - Theory
Creating a Fake Access Point (Honeypot) - Practical

Network Hacking - Detection & Security

Detecting ARP Poisoning Attacks
Detecting suspicious Activities In The Network
Preventing MITM Attacks - Method 1
Preventing MITM Attacks - Method 2

Gaining Access To Computers

Gaining Access Introduction

Gaining Access - Server Side Attacks

Installing Metasploitable As a Virtual Machine
Introduction to Server-Side Attacks
Basic Information Gathering & Exploitation
Hacking a Remote Server Using a Basic Metasploit Exploit
Exploiting a Code Execution Vulnerability to Hack into a Remote Server
Nexpose - Installing Nexpose
Nexpose - Scanning a Target Server For Vulnerabilities
Nexpose - Analysing Scan Results & Generating Reports

Gaining Access - Client Side Attacks

Introduction to Client-Side Attacks
Installing Veil Framework 3.1
Veil Overview & Payloads Basics
Generating An Undetectable Backdoor
Listening For Incoming Connections
Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10
Hacking Windows 10 Using Fake Update
Backdooring Downloads on The Fly to Hack Windows 10
How to Protect Yourself From The Discussed Delivery Methods

Gaining Access - Client Side Attacks - Social Engineering

Introduction to Social Engineering
Maltego Basics
Discovering Websites, Links & Social Accounts Associated With Target
Discovering Twitter Friends & Associated Accounts
Discovering Emails Of The Target's Friends
Analysing The Gathered Info & Building An Attack Strategy
Backdooring Any File Type (images, pdf's ...etc)
Compiling & Changing Trojan's Icon
Spoofing .exe Extension To Any Extension (jpg, pdf ...etc)
Spoofing Emails - Setting Up an SMTP Server
Email Spoofing - Sending Emails as Any Email Account
BeEF Overview & Basic Hook Method
BeEF - Hooking Targets Using Bettercap
BeEF - Running Basic Commands On Target
BeEF - Stealing Passwords Using A Fake Login Prompt
BeEF - Hacking Windows 10 Using a Fake Update Prompt
Detecting Trojans Manually
Detecting Trojans Using a Sandbox

Gaining Access - Using The Above Attacks Outside The Local Network

Overview of the Setup
Ex1 - Generating a Backdoor That Works Outside The Network
Configuring The Router To Forward Connections To Kali
Ex2 - Using BeEF Outside The Network

Post Exploitation

Introduction to Post Exploitation
Meterpreter Basics
File System Commands
Maintaining Access - Basic Methods
Maintaining Access - Using a Reliable & Undetectable Method
Spying - Capturing Key Strikes & Taking Screen Shots
Pivoting - Theory (What is Pivoting?)
Pivoting - Using a Hacked System to Hack Into Other Systems

Website Hacking

Introduction - What Is A Website ?
How To Hack a Website?

Website Hacking - Information Gathering

Gathering Basic Information Using Whois Lookup
Discovering Technologies Used On The Website
Gathering Comprehensive DNS Information
Discovering Websites On The Same Server
Discovering Subdomains
Discovering Sensitive Files
Analysing Discovered Files

Website Hacking - File Upload, Code Execution & File Inclusion Vulns

Discovering & Exploiting File Upload Vulnerabilities To Hack Websites
Discovering & Exploiting Code Execution Vulnerabilities To Hack Websites
Discovering & Exploiting Local File Inclusion Vulnerabilities
Remote File Inclusion Vulnerabilities - Configuring PHP Settings
Remote File Inclusion Vulnerabilities - Discovery & Exploitation
Preventing The Above Vulnerabilities

Website Hacking - SQL Injection Vulnerabilities

What is SQL?
Dangers of SQL Injection Vulnerabilities
Discovering SQL injections In POST
Bypassing Logins Using SQL injection
Discovering SQL injections in GET
Reading Database Information
Discovering Database Tables
Extracting Sensitive Data From The Database (Such As Passwords, User info...etc)
Reading & Writing Files On The Server Using SQL Injection Vulnerability
Discovering SQL Injections & Extracting Data Using SQLmap
The Right Way To Prevent SQL Injection Vulnerabilities

Website Hacking - Cross Site Scripting Vulnerabilities

Introduction to Cross Site Scripting?
Discovering Reflected XSS
Discovering Stored XSS
Exploiting XSS - Hooking Vulnerable Page Visitors To BeEF
Preventing XSS Vulnerabilities

Website Hacking - Discovering Vulnerabilities Automatically

Automatically Scanning Target Website For Vulnerabilities
Analysing Scan Results

Bonus Section

Bonus Lecture - What's Next?

Screenshots

Learn Ethical Hacking From Scratch - Screenshot_01Learn Ethical Hacking From Scratch - Screenshot_02Learn Ethical Hacking From Scratch - Screenshot_03Learn Ethical Hacking From Scratch - Screenshot_04

Reviews

Vladyslav
November 5, 2023
Yes, so far so good. I am noob in both hacking and IT but the way this course represents information is comfortable for me to understand it.
Anthony
November 3, 2023
Great introduction and teaser lecture. What a great way to grab the students interest right out the gate.
Jose
November 2, 2023
I recently subscribed to Udemy's Ethical Hacking course, and I have to say, I'm really impressed. The course is well-written and well-explained, and I am eager to learn more about ethical hacking. The instructor is a professional hacker, and he has a wealth of knowledge to share. I also like the fact that the course is interactive. The instructor provides live updates on his lectures so that you can always stay up-to-date on the latest developments. In conclusion, I highly recommend Udemy's Ethical Hacking course. It's well worth your time and money, and I am already looking forward to the next module!
Juan
October 29, 2023
I'm in this course for a short time, but the instructor is the instructor that I want to have ever, for all the courses. A really step by step instructions, clear and simple explanations for dummies like me. I highly recommend this course and give it top marks for Zaid Sabih.
Mohammed
October 28, 2023
Very clear and professional guidance. I see the instructor spend a lot of effort trying to deliver clear knowledge to us.
Zainul
October 27, 2023
I recently enrolled in "Learn ethical hacking from scratch" course on Udemy, and it surpassed all my expectations. This course is a comprehensive and well-structured journey from the fundamentals to advanced ethical hacking techniques. What sets it apart is the instructor's exceptional ability to simplify complex concepts, making them easy to understand with real-world examples. The hands-on labs are a game-changer, providing practical experience and preparation for real-world scenarios. The instructor's responsiveness and the active course community offer fantastic support. Plus, the course stays up-to-date with the latest tools and vulnerabilities, ensuring that your skills remain relevant. In summary, this course is a top choice for anyone interested in ethical hacking, offering a complete and up-to-date learning experience. It unquestionably deserves a 5-star rating!
Miran
October 24, 2023
Wonderfull coure and perfect way of explanation, just a bit outdated, so 4, if it gets an update i will give 5
Javier
October 23, 2023
it is theorical and practice lesson. it allow me to learn more about the capabilities of Kali. also how to discover vulnerabilities.
Sebastian
October 23, 2023
Extremely well explained and structured. Would have wished to see more hacking targeting macOS systems. But nothing to complain, really.
jack
October 22, 2023
i was enjoying this course until i got stuck in hstshijack to bypass https. like many other people who have complained about it, there isnt a quick fix. i have also done everything the tutors have suggested. this has made me realize when you take courses like this , you really need a real teacher to phsycially be available to help you with errors and corrections. you need someone whose going to be there to help you trouble shoot through the issues. udemy needs to allow or the course instructor needs to allow people to screen share with thier tutors in situations like this. having a person live online to help you with trouble shooting issue would greatly help but none of that is available. now im going to go and hire a real instructor to teach me. this isnt to blame zaid but i think all udemy courses lack this feature. everything is just pre-recorded and you are waiting for a tutor to respond do your questions if they can solve it. this course needs to be updated with some trouble shooting videos along with some clarification on what we are looking for and how it should appear. example, after using hstshijack, i didnt know that it would only work if there person manually enters it into the url search bar. it was frustrating and the tuturs didnt mention that either. i had to read multiple different posts to understand this after another guy named nell found the reason why it wasn working. this course has been up here for 2 years at least, i think its time to update these videos based on the feedback and queations you are getting from the students. its obviously causing difficulties. and its already hard to learn something like hacking from recorded videos and not get any 1 on 1 help. i would even be willing to pay for a little 1 on 1 help if it was available. but thats not an option either.
Doug
October 20, 2023
Although it is early in the curriculum, I am very impressed by the scope of what will be taught and the knowledge of instructor.
Enis
September 22, 2023
The videos are really good and gives and understanding of what hacking is and what you can use it for including how to use it for good
Sameer
September 19, 2023
It was a very informative and practical course. I legit came from scratch and now i know alot about ethical hacking. No single course can make you an expert or something, this course just gives an outline of a lot of stuff that comes under ethical hacking. For further expertise you would be needing to perform experiments and diving deeper into stuff.
Nehemiah
September 18, 2023
This course is really good even I though I just went through the teaser I've been following zaid security on YouTube his course is so interesting and he has a teasing tactics.
Abdulmalik
September 14, 2023
the course is good for genertal infromation not for practical because it is very old course all the data is old and you cant install them

Coupons

DateDiscountStatus
11/26/202192% OFF
expired

Charts

Price

Learn Ethical Hacking From Scratch - Price chart

Rating

Learn Ethical Hacking From Scratch - Ratings chart

Enrollment distribution

Learn Ethical Hacking From Scratch - Distribution chart
857010
udemy ID
5/23/2016
course created date
6/28/2019
course indexed date
Bot
course submited by