- Master Linux essentials for cybersecurity operations
- Gain hands-on expertise with ethical hacking tools and labs
- Exploit real-world vulnerabilities and simulate advanced attacks
- Strengthen web security skills with OWASP standards
- Dive into red team operations and advanced offensive security
- Apply threat-hunting techniques and industry frameworks
Course Breakdown: The Ethical Hacker's Toolkit
01. Crash Course: Linux Essentials
- Purpose: Build a strong foundation for cybersecurity operations.
- Key Learnings:
- Setting up virtual environments for practice.
- Installing and configuring Kali Linux with tools like ZSH, TMUX, and Terminator.
- Core Linux commands and Docker basics.
- Hands-on exercises to gain familiarity with Linux environments.
02. Hands-On Practice Labs
- Purpose: Transition theoretical concepts into practical experience.
- Key Learnings:
- Introduction to ethical hacking tools (VSCode, Kali Linux).
- Practicing with vulnerable labs like DVWA, WebGoat, and Metasploitable.
- Initial Capture The Flag (CTF) challenges for skill-building.
03-06. Ethical Hacking Core Concepts
Attack Vectors and Reconnaissance
- Overview of attack methodologies.
- Scanning techniques using tools like Nmap and Metasploit.
- Leveraging OSINT for information gathering.
Vulnerability Scanning
- Implementing OpenVAS-GVM for vulnerability assessment.
- Advanced threat analysis and multi-layered scanning techniques.
Exploitation and Post-Exploitation
- Working with Metasploitable labs.
- Conducting password attacks and exploring privilege escalation methods.
Network Attacks
- Wired and wireless attacks, including MITM, sniffing, and spoofing.
07. Social Engineering Attacks
- Purpose: Master human-factor vulnerabilities.
- Key Learnings:
- Understanding the psychology of social engineering.
- Designing phishing campaigns with tools like Gophish.
- Simulating client-side attacks effectively.
08. Web Application Pentesting (OWASP Top 10)
- Purpose: Strengthen your expertise in web security.
- Key Learnings:
- Understanding OWASP standards.
- Practical experience with tools like Burp Suite.
- Exploiting vulnerabilities such as XSS, SQL Injection, and CSRF in real-life scenarios.
09. Python Scripting for Cybersecurity
- Purpose: Equip learners with coding skills for custom security solutions.
- Key Learnings:
- Basics of Python programming (data types, loops, functions).
- Developing security tools such as port scanners and malware command servers.
10. CTF Challenges and Practical Pentesting
- Purpose: Test and refine your hacking skills.
- Key Learnings:
- Solving beginner-level challenges in HTB and similar platforms.
- Progressing to medium and advanced scenarios involving NoSQL injections, reverse shells, and privilege escalation.
11. Security Standards and Methodologies
- Purpose: Gain insight into industry frameworks.
- Key Learnings:
- Understanding MITRE ATT&CK, OWASP, PTES, and OSSTMM.
- Applying these standards in professional security audits.
12. Red Team Operations with Cobalt Strike
- Purpose: Dive into advanced offensive security techniques.
- Key Learnings:
- Configuring red team infrastructures.
- Executing advanced C&C operations and pivoting techniques.
13. Active Directory Attacks
- Purpose: Exploit AD vulnerabilities to simulate real-world breaches.
- Key Learnings:
- Preparing vulnerable AD environments.
- Conducting attacks like credential replay and Golden Ticket exploitation.
14. MITRE ATT&CK Framework
- Purpose: Learn the complete lifecycle of adversary techniques.
- Key Learnings:
- Using the framework to understand reconnaissance, execution, and impact stages.
15-17. Defensive Security and Threat Hunting
Introduction to Defensive Security
- Core concepts: SOC vs. SIEM, defense-in-depth architecture.
- Overview of OSSIM Open Threat Exchange.
SIEM with Elastic Stack and Wazuh
- Configuring Elasticsearch, Kibana, and Wazuh Manager.
- Integrating systems for centralized monitoring.
Threat Hunting with Wazuh
- Applying file integrity monitoring and vulnerability scanning.
- Detecting malware and Indicators of Compromise (IoCs).
18. Programming Custom Wazuh Rules
- Purpose: Customize security tools for unique scenarios.
- Key Learnings:
- Writing decoders and rules in Wazuh for tailored threat detection.
19. Real-World Threat Simulation
- Purpose: Prepare for practical incident response.
- Key Learnings:
- Simulating attacks like Shellshock and SSH brute force.
- Identifying IoCs and developing incident response workflows.
Take the first step toward becoming a cybersecurity expert! Enroll now and begin your journey into ethical hacking and forensics investigation.
Course Curriculum
01 Crash Course_ Linux
Available in
days
days
after you enroll
02 Get Your Hands Dirty
Available in
days
days
after you enroll
03 Ethical Hacking 1_ Understand Attack Vectors
Available in
days
days
after you enroll
04 Ethical Hacking 2_ Information Gathering & Enumeration
Available in
days
days
after you enroll
- 001 Initial Reconnaissance with OSINT Framework (17:25)
- 002 Scanning with ZENMAP (13:07)
- 003 Scanning with NMAP in Command Line & in Python (25:28)
- 004 Scanning with Metasploit AUX & CENSYS (14:41)
- 005 Metasploitable Environment Preparation (8:29)
- 006 Enum with NMAP Part 1 (20:29)
- 007 Enum with NMAP Part 2 (14:15)
- 008 Enum with Metasploit and other tools (16:22)
05 Ethical Hacking 3_ Vulnerability Scanning & Analysis
Available in
days
days
after you enroll
- 002 Setting up OpenVAS-GVM (9:31)
- 001 Introduction to Vulnerability Scanning and Analysis (13:35)
- 003 Vulnerability Assessment with OpenVAS-GVM (16:01)
- 004 Vulnerability Analysis in Action (27:23)
- 005 Second Opinion Vulnerability Scanning with NMAP NSE Scripts (21:30)
- 006 Third Opinion Vulnerability Scanning with Metasploit (12:07)
06 Ethical Hacking 4_ Exploitation, Post Exploitation and Password Attacks
Available in
days
days
after you enroll
- 001 Initial Presentation (18:18)
- 002 Metasploitable2 - Part 1 (13:14)
- 003 Metasploitable2 - Part 2 (11:49)
- 004 Metasploitable2 - Part 3 (17:02)
- 005 Metasploitable2 - Part 4 (17:12)
- 006 Metasploitable3 Ubuntu - Part 1 (18:30)
- 007 Metasploitable3 Ubuntu - Part 2 (17:10)
- 008 Metasploitable3 Ubuntu - Part 3 (16:08)
- 009 Metasploitable3 Ubuntu - Part 4 (13:19)
- 010 Metasploitable3 Win2k8 - Part 1 (13:22)
- 011 Metasploitable3 Win2k8 - Part 2 (15:50)
- 012 Metasploitable3 Win2k8 - Part 3 (16:18)
- 013 Password Hash Crack - Part 1 (15:42)
- 014 Password Hash Crack - Part 2 (19:23)
07 Ethical Hacking 5_ Network Attacks (Wired & Wireless)
Available in
days
days
after you enroll
08 Ethical Hacking 6_ Social Engineering Attacks
Available in
days
days
after you enroll
- 001 Social Engineering Concepts - Part 1 (10:10)
- 002 Social Engineering Concepts - Part 2 (11:25)
- 003 Gophish Framework - Reaching the Target - Part 1 (17:05)
- 004 Gophish Framework - Reaching the Target - Part 2 (13:13)
- 005 Social Engineering Client Side Attacks - Part 1 (11:31)
- 006 Social Engineering Client Side Attacks - Part 2 (10:52)
09 Ethical Hacking 7_ Web App Pentesting (OWASP-TOP 10)
Available in
days
days
after you enroll
- 001 Web App Pentesting Concepts - Part 1 (17:50)
- 002 Web App Pentesting Concepts - Part 2 (12:49)
- 003 Web App Pentesting Concepts - Part 3 (15:48)
- 004 Web App Pentesting Concepts - Part 4 (11:29)
- 005 Burp Suite Basics - Part 1 (19:49)
- 006 Burp Suite Basics - Part 2 (16:55)
- 007 Damn Vulnerable Web Application Lab - Part 1 (15:40)
- 008 Damn Vulnerable Web Application Lab - Part 2 (20:41)
- 009 Damn Vulnerable Web Application Lab - Part 3 (23:51)
- 010 Damn Vulnerable Web Application Lab - Part 4 (20:36)
- 011 Damn Vulnerable Web Application Lab - Part 5 (10:32)
- 012 OWASP Webgoat Lab - Part 1 (9:56)
- 013 OWASP Webgoat Lab - Part 2 (14:22)
- 014 OWASP Mutillidae II Lab - Part 1 (23:09)
- 015 OWASP Mutillidae II Lab - Part 2 (21:48)
- 016 Metasploitable 3 Vulnerable Web App (9:07)
- 017 bWAPP - Buggy Web Application Lab (13:43)
- 018 PortSwigger - Online Vulnerable Web Apps - Part 1 (16:16)
- 019 PortSwigger - Online Vulnerable Web Apps - Part 2 (12:38)
10 Crash Course_ Python Scripting (incl. 2x Mini Projects)
Available in
days
days
after you enroll
- 002 Basics 2_ Loop Statements, Flow Control and Modules (17:34)
- 001 Basics 1_ Installation & Config , Basic Operations, Binary Operations (17:18)
- 003 Basics 3_ Data Types and Functions (18:39)
- 004 Classes and Objects, Mini Project I_ Writing a Port Scanner (21:06)
- 005 Mini Project II_ Writing a Malware Command & Control (C&C) Server_Client (18:41)
11 Practical Pentest with CTFs (Let's Capture The Flags)
Available in
days
days
after you enroll
- 001 Intro to Hack the Box (HTB) CTF (7:38)
- 002 Easy 1 - BLUE (Enumeration, Exploitation, Hash Dump and Impacket Framework) (20:07)
- 003 Easy 2 - DEVEL (Indirect Web Shell Upload, Local Exploit Suggester, Priv. Esc.) (14:40)
- 004 Easy 3 - NETMON (PRTG Exploit with Python, Creds Discovery & Guessing) - Part 1 (18:45)
- 005 Easy 3 - NETMON (PRTG Manual Exploit with Nishang Reverse Shells) - Part 2 (16:06)
- 006 Medium 1 - POPCORN (Dirbuster Enum, Upload Abuse, Nix PAM, DirtyCow Exploit) (21:43)
- 007 Medium 2 - BLUNDER (Gobuster, Bludit CMS exploits) - Part 1 (18:23)
- 008 Medium 2 - BLUNDER (Hashcat, LinPEAS Priv Esc., sudo Exploit) - Part 2 (16:32)
- 009 Medium 2 - BLUNDER (CSRF_Anti-Bruteforce Bypass with Python Scripting) - Part 3 (16:21)
- 010 Medium 3 - SNIPER (SMB Enum, LFI RFI, Gain Rev Shell) - Part 1 (18:30)
- 011 Medium 3 - SNIPER (RFI RCE, Local Enum, Priv Esc, CHM Weaponization) - Part 2 (17:18)
- 012 Medium 3 - SNIPER (CrackMapExec, Impacket, Cookie Poisoning) - Part 3 (19:16)
- 013 Medium 4 - MANGO (Recon, NoSQL MongoDB Injection) - Part 1 (18:40)
- 014 Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 2 (16:03)
- 015 Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 3 (20:43)
- 016 Medium 4 - MANGO (LinPEAS, GTFOBins Priv. Esc. Attack Vectors) - Part 4 (13:15)
- 017 Hard 1 - CONTROL (Manual SQL Injection, SQLmap) - Part 1 (19:18)
- 018 Hard 1 - CONTROL (Read & Write Webshells with SQLMap, winPEAS) - Part 2 (20:08)
- 019 Hard 1 - CONTROL (Windows Priv. Esc Abusing SDDL Perms, Service Exec) - Part 3 (20:16)
12 Security Standards and Methodologies
Available in
days
days
after you enroll
13 Cobalt Strike_ Operations & Development
Available in
days
days
after you enroll
- 001 Introduction to Red Teaming - Part 1 (19:12)
- 002 Introduction to Red Teaming - Part 2 (20:03)
- 003 Red Teaming Operations - Part 1 (18:46)
- 004 Red Teaming Operations - Part 2 (21:50)
- 005 Red Teaming Infrastructure - Part 1 (16:15)
- 006 Red Teaming Infrastructure - Part 2 (12:01)
- 007 Red Teaming Infrastructure - Part 3 (11:15)
- 008 Red Teaming Command and Control (C&C) - Part 1 (18:54)
- 009 Red Teaming Command and Control (C&C) - Part 2 (18:43)
- 010 Red Teaming Command and Control (C&C) - Part 3 (18:06)
- 011 Red Teaming Command and Control (C&C) - Part 4 (17:57)
- 012 Red Teaming Command and Control (C&C) - Part 5 (22:17)
- 013 Red Teaming Weaponization (DDE & Micro Attacks) - Part 1 (16:12)
- 014 Red Teaming Weaponization (HTA Attack, Droppers, File Format Exploits) - Part 2 (10:44)
- 015 Red Teaming Initial Access Attack Scenarios (12:53)
- 016 Red Teaming Post Exploit (Proc Injection & Bypass UAC, Token Tampering) - Part 1 (16:10)
- 017 Red Teaming Post Exploit (Keylogger, Screen Spy, Cobalt Strike Ops) - Part 2 (15:59)
- 018 Red Teaming Post Exploit (Pivoting, Session Passing, RDP Tunnel) - Part 3 (12:26)
14 Active Directory Attacks in Depth
Available in
days
days
after you enroll
- 001 Active Directory Attacks Concepts - Part 1 (19:17)
- 002 Active Directory Attacks Concepts - Part 2 (16:42)
- 003 Active Directory Attacks Concepts - Part 3 (18:08)
- 004 Active Directory Setup on Metasploitable VM (18:36)
- 005 Vulnerable AD Lab Preparation (17:16)
- 006 AD Enumeration, Credentials Replay Attacks, Over-PTH, Secretsdump and Evil-WinRM (17:35)
- 007 AS-REP Roast, Hashcat, Pass The Ticket Attacks (21:37)
- 008 Golden Tickets, Kerberoasting against User SPNs and Mimikatz Attacks (19:39)
15 MITRE ATT&CK Framework
Available in
days
days
after you enroll
- 002 Introduction to MITRE ATT&CK - Part 2 (12:23)
- 001 Introduction to MITRE ATT&CK - Part 1 (13:31)
- 003 Reconnaissance (8:40)
- 004 Resource Development (6:29)
- 005 Initial Access (11:35)
- 006 Execution (5:43)
- 007 Persistence (9:35)
- 008 Privilege Escalation (6:50)
- 009 Defense Evasion (14:50)
- 010 Credential Access (8:03)
- 011 Discovery (7:57)
- 012 Lateral Movement (4:07)
- 013 Collection (5:17)
- 014 Command and Control (7:15)
- 015 Exfiltration (4:09)
- 016 Impact (7:09)
16 Introduction to Defensive Security
Available in
days
days
after you enroll
- 001 SIEM vs. SOC (5:55)
- 002 How SIEM works (4:25)
- 003 What are SIEM Use-Cases and Common Mistakes_ (8:24)
- 004 Threat Intelligence & OSSIM Open Threat Exchange (OTX) P1 (9:00)
- 005 Threat Intelligence & OSSIM Open Threat Exchange (OTX) P2 (5:43)
- 006 SIEM vs. SOAR vs. UEBA (4:12)
- 007 How secure is secure enough_ (3:56)
- 008 Defense-in-Depth Architecture Part 1 (6:38)
- 009 Defense-in-Depth Architecture Part 2 (6:00)
17 Setting Up Our SIEM with Elastic-Stack & Wazuh Manager
Available in
days
days
after you enroll
18 Integrating Endpoints in Elastic-Stack & Wazuh Manager
Available in
days
days
after you enroll
- 002 Automated Roll-out of Wazuh Agent on a Network of Windows Workstations (16:40)
- 001 Integrating Windows Endpoint in Wazuh Manager (4:53)
- 003 Integrating Linux Endpoint in Wazuh Manager (3:58)
- 004 Integrating Fortigate Firewall in Wazuh Manager (13:02)
- 005 Changing Password of the Read-Only Admin Account (7:32)
19 Index Life-Cycle Management (ILM) in Elasticsearch & Wazuh Manager
Available in
days
days
after you enroll
20 Applying Wazuh Capabilities for Security Monitoring
Available in
days
days
after you enroll
- 002 Linux System Calls Monitoring_ Alert when Auditctl Rules are met (7:05)
- 001 File Integrity Monitoring (FIM)_ Alert when Critical Files Touched (11:21)
- 003 Continuous Enterprise Vulnerability Monitoring (11:51)
- 004 CIS Hardening Monitoring with Wazuh SCA (Less is More Principle) (9:20)
- 005 Windows Defender in Wazuh_ Centrally Monitor Malware & Actions across Endpoints (6:18)
- 006 Use Sysinternals Sysmon with Wazuh_ The Swiss Army Knife for Windows Monitoring (9:34)
21 Programming Rulesets (Decoders & Rules) in Wazuh
Available in
days
days
after you enroll
22 Practical Attacks & Threat Hunting IoC Use-Cases with Wazuh
Available in
days
days
after you enroll
- 001 Run & Detect SSH & RDP Brute Force Attack - Linux & Windows Endpoint (7:45)
- 002 Run & Detect Shellshock Attack - Linux Endpoint (5:22)
- 003 Run & Detect MSHTA Session initiation Attack (6:35)
- 004 Run & Detect Spawn Session and Process Injection (4:49)
- 005 Run & Detect Priv Esc, Lateral Mov. & Exec using PSExec WMIC (Windows Endpoint) (6:24)
- 006 Run & Detect Mimikatz & Pass The Hash Attacks (4:21)
- 007 Run & Detect Log Tampering IoC (Someone is deleting his traces) (4:34)
Offer Ending Soon
