Certified Ethical Hacker (CEH) – Linux Academy’s Prep Course

Course

January 4th, 2019

Intro Video

Photo of Ermin Kreponic

Ermin Kreponic

Training Architect

Length

36:55:23

Difficulty

Intermediate

Course Details

Welcome to the Certified Ethical Hacker Course!

Have you always wanted to learn how to discover weaknesses and vulnerabilities of a system? Have you always wondered how security professionals protect their systems from intruders? Do you wish to master hacking technologies? If so, then this exam is for you.

With the rapid development of information technology, almost every industry in the world has some sort of an information system installed and greatly depends on it. Such systems bring great value to companies. However, every system has its weaknesses and vulnerabilities which, if discovered by someone with bad intentions, can cause a lot of damage. For this reason, it has become an imperative to protect these systems and information they contain.

If you wish to learn how you can improve the security of any system, or even if you have some experience working as a security professional and now wish to advance your skills and knowledge, then CEH certificate will be of great benefit to you and your organization.

This course will help you prepare for the exam. You will learn about the tools, methods, and technologies used. The goal of this course is to help you master the topics required for passing the exam and becoming an ethical hacker.

https://interactive.linuxacademy.com/diagrams/CEH.html

Syllabus

Course Introduction

Getting Started

About the Author

00:01:56

Lesson Description:

In this video you will get to meet your instructor for this course. The instructor will talk a bit about himself, his skills and experience, and his passion about learning new things and helping others do the same.

About the Course

00:07:03

Lesson Description:

In this video we will briefly talk about what this course will cover and what it will not. I will explain the tools and learning methods that will be used throughout the course. Also, the structure of the course will be explained.

Course Requirements

00:04:52

Lesson Description:

To follow the course, and prepare for the exam, you should be familiar with operating systems and networking. Having experience in system security is a plus, but not a requirement. Throughout this course, you will use charts, labs, flashcards and quizzes to learn and improve your knowledge.

How to Get Help

00:06:12

Lesson Description:

Here I will briefly explain how to ask for help.

About the Exam

00:11:45

Lesson Description:

In this video I'll simply cover what to expect on the final exam.

Introduction to Ethical Hacking

Overview of Information Security

Chapter Introduction

00:02:27

Lesson Description:

Chapter Introduction

Common Terms (Hack Value, Vulnerability, Exploit, Payload)

00:07:19

Lesson Description:

In these lectures I'll go over some basic terms. It is very important to understand the concepts which they represent, and not just memorize them.

Zero Day Attack

00:06:36

Lesson Description:

In these lectures I'll go over some basic terms. It is very important to understand the concepts which they represent, and not just memorize them.

Daisy Chaining

00:08:12

Lesson Description:

In these lectures I'll go over some basic terms. It is very important to understand the concepts which they represent, and not just memorize them.

QUIZ SOLUTION: Overview of Information Security - Questions answered and explained

00:08:21

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Overview of Information Security

00:30:00

Overview of Information Security Threats and Attacks

Chapter Introduction

00:00:45

Lesson Description:

Chapter Introduction

Threats vs Attacks

00:02:33

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Motives and Reasons Behind Cyber Security Attacks

00:03:00

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

What Are the Means by Which Hackers Gain Access to Systems and Networks?

00:02:38

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Cloud Computing Threats

00:06:37

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Advanced Presistent Threats

00:02:09

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Viruses and Worms

00:03:19

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Ransomware

00:05:17

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Mobile Threats

00:03:46

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Modern Age Information Warfare

00:04:41

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Insider Attacks

00:01:49

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Phishing

00:02:25

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Web Application Threats

00:02:31

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Classification of Threats: Network Threats

00:02:53

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Clasification of Threats: Host Threats

00:02:28

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Clasification of Threats: Application Threats

00:03:57

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Classification of Attacks

00:12:24

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Botnets

00:03:00

Lesson Description:

These lectures will continue to deal with key concepts. This knowledge is vital for passing the exam and being able to understand latter parts of this course. Again, please be sure to understand the concepts which these terms represent to the best of your ability. As we go through the course you will find me using them in sentences, and you'll need to know them without having to pause to search for their meaning. Learning and understanding these terms and concepts is going to be the most efficient way to go through the course and prepare for the certification.

Laws, Standards, and Regulations

00:12:38

Lesson Description:

This video deals with laws, regulations and standards that govern our industry.

QUIZ SOLUTION: Overview of Information Security Threats and Attacks - Questions answered and explained

00:09:40

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Information Security Threats and Attacks

00:30:00

History of Hacking

A Brief Look at the History of Hacking

00:12:43

Lesson Description:

The history of hacking is really the history of computers. From some Australian lads who messed with a NASA satellite, to a guy who hacked the Pentagon by pretending to be an intern and just asking for help. Unfortunately, you will find that the term hacker has really been stigmatized and to most people it is just another word for a criminal. In reality this is not the case, most people that are referred to as hackers are really law abiding folks, just your average Joe. They work on protecting systems, performing penetration tests, conducting investigations and so on. On the other hand there is a very loud minority, whose actions get into the news. Again, unfortunately, this loud minority is what people are acquainted with. Now let us break that stigma and see what a term hacker really represents.

Types of Hackers

00:10:06

Lesson Description:

The history of hacking is really the history of computers. From some Australian lads who messed with a NASA satellite, to a guy who hacked the Pentagon by pretending to be an intern and just asking for help. Unfortunately, you will find that the term hacker has really been stigmatized and to most people it is just another word for a criminal. In reality this is not the case, most people that are referred to as hackers are really law abiding folks, just your average Joe. They work on protecting systems, performing penetration tests, conducting investigations and so on. On the other hand there is a very loud minority, whose actions get into the news. Again, unfortunately, this loud minority is what people are acquainted with. Now let us break that stigma and see what a term hacker really represents.

What is Ethical Hacking? What is Its Purpose?

00:03:21

Lesson Description:

The history of hacking is really the history of computers. From some Australian lads who messed with a NASA satellite, to a guy who hacked the Pentagon by pretending to be an intern and just asking for help. Unfortunately, you will find that the term hacker has really been stigmatized and to most people it is just another word for a criminal. In reality this is not the case, most people that are referred to as hackers are really law abiding folks, just your average Joe. They work on protecting systems, performing penetration tests, conducting investigations and so on. On the other hand there is a very loud minority, whose actions get into the news. Again, unfortunately, this loud minority is what people are acquainted with. Now let us break that stigma and see what a term hacker really represents.

Scope of Ethical Hacking

00:03:56

Lesson Description:

The history of hacking is really the history of computers. From some Australian lads who messed with a NASA satellite, to a guy who hacked the Pentagon by pretending to be an intern and just asking for help. Unfortunately, you will find that the term hacker has really been stigmatized and to most people it is just another word for a criminal. In reality this is not the case, most people that are referred to as hackers are really law abiding folks, just your average Joe. They work on protecting systems, performing penetration tests, conducting investigations and so on. On the other hand there is a very loud minority, whose actions get into the news. Again, unfortunately, this loud minority is what people are acquainted with. Now let us break that stigma and see what a term hacker really represents.

Hacking Stages: Reconnaissance

00:03:05

Lesson Description:

The history of hacking is really the history of computers. From some Australian lads who messed with a NASA satellite, to a guy who hacked the Pentagon by pretending to be an intern and just asking for help. Unfortunately, you will find that the term hacker has really been stigmatized and to most people it is just another word for a criminal. In reality this is not the case, most people that are referred to as hackers are really law abiding folks, just your average Joe. They work on protecting systems, performing penetration tests, conducting investigations and so on. On the other hand there is a very loud minority, whose actions get into the news. Again, unfortunately, this loud minority is what people are acquainted with. Now let us break that stigma and see what a term hacker really represents.

Hacking Stages: Scanning

00:02:07

Lesson Description:

The history of hacking is really the history of computers. From some Australian lads who messed with a NASA satellite, to a guy who hacked the Pentagon by pretending to be an intern and just asking for help. Unfortunately, you will find that the term hacker has really been stigmatized and to most people it is just another word for a criminal. In reality this is not the case, most people that are referred to as hackers are really law abiding folks, just your average Joe. They work on protecting systems, performing penetration tests, conducting investigations and so on. On the other hand there is a very loud minority, whose actions get into the news. Again, unfortunately, this loud minority is what people are acquainted with. Now let us break that stigma and see what a term hacker really represents.

Hacking Stages: Gaining Access

00:00:42

Lesson Description:

The history of hacking is really the history of computers. From some Australian lads who messed with a NASA satellite, to a guy who hacked the Pentagon by pretending to be an intern and just asking for help. Unfortunately, you will find that the term hacker has really been stigmatized and to most people it is just another word for a criminal. In reality this is not the case, most people that are referred to as hackers are really law abiding folks, just your average Joe. They work on protecting systems, performing penetration tests, conducting investigations and so on. On the other hand there is a very loud minority, whose actions get into the news. Again, unfortunately, this loud minority is what people are acquainted with. Now let us break that stigma and see what a term hacker really represents.

Hacking Stages: Maintaining Access

00:03:48

Lesson Description:

The history of hacking is really the history of computers. From some Australian lads who messed with a NASA satellite, to a guy who hacked the Pentagon by pretending to be an intern and just asking for help. Unfortunately, you will find that the term hacker has really been stigmatized and to most people it is just another word for a criminal. In reality this is not the case, most people that are referred to as hackers are really law abiding folks, just your average Joe. They work on protecting systems, performing penetration tests, conducting investigations and so on. On the other hand there is a very loud minority, whose actions get into the news. Again, unfortunately, this loud minority is what people are acquainted with. Now let us break that stigma and see what a term hacker really represents.

Hacking Stages: Clearing Tracks

00:03:30

Lesson Description:

The history of hacking is really the history of computers. From some Australian lads who messed with a NASA satellite, to a guy who hacked the Pentagon by pretending to be an intern and just asking for help. Unfortunately, you will find that the term hacker has really been stigmatized and to most people it is just another word for a criminal. In reality this is not the case, most people that are referred to as hackers are really law abiding folks, just your average Joe. They work on protecting systems, performing penetration tests, conducting investigations and so on. On the other hand there is a very loud minority, whose actions get into the news. Again, unfortunately, this loud minority is what people are acquainted with. Now let us break that stigma and see what a term hacker really represents.

QUIZ SOLUTION: History of Hacking - Questions answered and explained

00:12:58

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: The History of Hacking

00:30:00

Protecting Information

Chapter Introduction

00:05:00

Lesson Description:

Chapter Introduction

Information Assurance

00:12:57

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops admin, network and system admin, and any other employee of a company or entity. These lectures will deal with the terminology related to information protection. Make sure you remember and understand the terms as you learn them one by one. We'll explore all sorts of cool things that they represent and can be tied to, like User Behavior Analytics being used by an AI to predict and proactively act to mitigate insider threats.

EISA and Information security management program

00:11:45

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops, network and system admin and pretty much any employee of a company or any other entity. These lectures will deal with the terminology related to information protection, make sure to remember and understand the terms as you learn them one by one, you will see all sorts of cool things that they represent and can be tied to. For example User Behavior Analytics being used by an AI to predict and proactivly act to mitigate insider threats.

Network Zoning

00:14:21

Lesson Description:

Network zoning allows for greater degrees of control and provides a multi-layer defense system. You can apply rules to zones individually, and set various degrees of trust.

Defense in Depth

00:12:07

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops admin, network and system admin, and any other employee of a company or entity. These lectures will deal with the terminology related to information protection. Make sure you remember and understand the terms as you learn them one by one. We'll explore all sorts of cool things that they represent and can be tied to, like User Behavior Analytics being used by an AI to predict and proactively act to mitigate insider threats.

What Sort of Things Do Policies Regulate?

00:15:03

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops admin, network and system admin, and any other employee of a company or entity. These lectures will deal with the terminology related to information protection. Make sure you remember and understand the terms as you learn them one by one. We'll explore all sorts of cool things that they represent and can be tied to, like User Behavior Analytics being used by an AI to predict and proactively act to mitigate insider threats.

Workplace Security Policies and Examples

00:12:03

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops admin, network and system admin, and any other employee of a company or entity. These lectures will deal with the terminology related to information protection. Make sure you remember and understand the terms as you learn them one by one. We'll explore all sorts of cool things that they represent and can be tied to, like User Behavior Analytics being used by an AI to predict and proactively act to mitigate insider threats.

Physical Security Controls and Risk

00:11:52

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops admin, network and system admin, and any other employee of a company or entity. These lectures will deal with the terminology related to information protection. Make sure you remember and understand the terms as you learn them one by one. We'll explore all sorts of cool things that they represent and can be tied to, like User Behavior Analytics being used by an AI to predict and proactively act to mitigate insider threats.

Risk Management

00:11:44

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops admin, network and system admin, and any other employee of a company or entity. These lectures will deal with the terminology related to information protection. Make sure you remember and understand the terms as you learn them one by one. We'll explore all sorts of cool things that they represent and can be tied to, like User Behavior Analytics being used by an AI to predict and proactively act to mitigate insider threats.

Threat Modeling and Incident Management

00:20:15

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops admin, network and system admin, and any other employee of a company or entity. These lectures will deal with the terminology related to information protection. Make sure you remember and understand the terms as you learn them one by one. We'll explore all sorts of cool things that they represent and can be tied to, like User Behavior Analytics being used by an AI to predict and proactively act to mitigate insider threats.

UBA - User Behavior Analytics and Network Security Controls

00:08:22

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops, network and system admin and pretty much any employee of a company or any other entity. These lectures will deal with the terminology related to information protection, make sure to remember and understand the terms as you learn them one by one, you will see all sorts of cool things that they represent and can be tied to. For example User Behavior Analytics being used by an AI to predict and proactivly act to mitigate insider threats.

Access Controls

00:08:41

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops admin, network and system admin, and any other employee of a company or entity. These lectures will deal with the terminology related to information protection. Make sure you remember and understand the terms as you learn them one by one. We'll explore all sorts of cool things that they represent and can be tied to, like User Behavior Analytics being used by an AI to predict and proactively act to mitigate insider threats.

Identification Authentication Authorization Accounting and IAM

00:11:39

Lesson Description:

Protection of information is probably the single most important task for a penetration tester, ethical hacker, devops admin, network and system admin, and any other employee of a company or entity. These lectures will deal with the terminology related to information protection. Make sure you remember and understand the terms as you learn them one by one. We'll explore all sorts of cool things that they represent and can be tied to, like User Behavior Analytics being used by an AI to predict and proactively act to mitigate insider threats.

Data Leakage

00:09:44

Lesson Description:

Here we'll cover data backups, how are they made, what can be extracted from them, what are they used for, and of what importance they are to a penetration tester. Data leaks, and it will be your job to find that leak. You may possibly to patch it, but finding it is crucial. So let us go ahead and have a look at data leakage, backup, and recovery.

Data Backup

00:21:34

Lesson Description:

Here we'll cover data backups, how are they made, what can be extracted from them, what are they used for, and of what importance they are to a penetration tester. Data leaks, and it will be your job to find that leak. You may possibly to patch it, but finding it is crucial. So let us go ahead and have a look at data leakage, backup, and recovery.

Data Recovery

00:02:29

Lesson Description:

Here we'll cover data backups, how are they made, what can be extracted from them, what are they used for, and of what importance they are to a penetration tester. Data leaks, and it will be your job to find that leak. You may possibly to patch it, but finding it is crucial. So let us go ahead and have a look at data leakage, backup, and recovery.

QUIZ SOLUTION: Protecting Information - Questions answered and explained

00:11:56

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Protecting Information

00:30:00

Penetration Testing

What Is Penetration Testing?

00:03:51

Lesson Description:

Penetration testing is a necessity. Many entities, like corporations, governments, NGOs, and universities, rely on highly digitized systems. These systems are susceptible to all manner of exploitation. They contain all sorts of data and are crucial to our daily tasks and activities. Organizations feel the effects of an interruption in services far and wide. Penetration testing simulates the kind of attack(s) that organizations face, probing for weaknesses that leave an entity vulnerable to real attacks.

What Does a Good Penetration Test Consist of?

00:11:46

Lesson Description:

Penetration testing is a necessity. Many entities, like corporations, governments, NGOs, and universities, rely on highly digitized systems. These systems are susceptible to all manner of exploitation. They contain all sorts of data and are crucial to our daily tasks and activities. Organizations feel the effects of an interruption in services far and wide. Penetration testing simulates the kind of attack(s) that organizations face, probing for weaknesses that leave an entity vulnerable to real attacks. These are some of the things that make up a good test.

Why Do a Penetration Test

00:11:09

Lesson Description:

Penetration testing is a necessity. Many entities, like corporations, governments, NGOs, and universities, rely on highly digitized systems. These systems are susceptible to all manner of exploitation. They contain all sorts of data and are crucial to our daily tasks and activities. Organizations feel the effects of an interruption in services far and wide. Penetration testing simulates the kind of attack(s) that organizations face, probing for weaknesses that leave an entity vulnerable to real attacks.

Pre-Attack Phase: Contracts

00:02:45

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Audit vs Vulnerability Assessment vs Penetration Test

00:02:22

Lesson Description:

Penetration testing is a necessity. Many entities, like corporations, governments, NGOs, and universities, rely on highly digitized systems. These systems are susceptible to all manner of exploitation. They contain all sorts of data and are crucial to our daily tasks and activities. Organizations feel the effects of an interruption in services far and wide. Penetration testing simulates the kind of attack(s) that organizations face, probing for weaknesses that leave an entity vulnerable to real attacks.

Red vs Blue Team!

00:02:53

Lesson Description:

Penetration testing is a necessity. Many entities, like corporations, governments, NGOs, and universities, rely on highly digitized systems. These systems are susceptible to all manner of exploitation. They contain all sorts of data and are crucial to our daily tasks and activities. Organizations feel the effects of an interruption in services far and wide. Penetration testing simulates the kind of attack(s) that organizations face, probing for weaknesses that leave an entity vulnerable to real attacks.

Types of Penetration Testing

00:07:32

Lesson Description:

Penetration testing is a necessity. Many entities, like corporations, governments, NGOs, and universities, rely on highly digitized systems. These systems are susceptible to all manner of exploitation. They contain all sorts of data and are crucial to our daily tasks and activities. Organizations feel the effects of an interruption in services far and wide. Penetration testing simulates the kind of attack(s) that organizations face, probing for weaknesses that leave an entity vulnerable to real attacks.

Pre-Attack Phase: Rules of Engagement

00:02:24

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Pre-Attack Phase: Understanding your Client's requirements

00:03:59

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Pre-Attack Phase: Scope of a Penetration Test

00:06:55

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Pre-Attack Phase: Information Gathering

00:06:17

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Pre-Attack Phase: Two Types of Information Gathering

00:05:27

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Attack Phase

00:01:36

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Attack Phase: Penetrating the Perimeter

00:04:27

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Attack Phase: Target Acquisition

00:03:03

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Attack Phase: Privilege Escalation

00:03:14

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Attack Phase: Execute, Implant, Retract

00:03:42

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Post-Attack Phase

00:02:08

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

Security Testing Methodologies

00:07:07

Lesson Description:

All attacks are done in phases, sometimes the attacker is aware of this and sometimes they are not. Either way, every attack on any given system goes through the same set of phases. Let us have a closer look at those phases.

QUIZ SOLUTION: Penetration Testing - Questions answered and explained

00:10:12

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Penetration Testing

00:30:00

Footprinting

Footprinting Process

About Footprinting

00:02:57

Lesson Description:

Footprinting is really a process of information gathering. There might be a lot of fancy terms, definitions and the like, but footprinting is really just gathering information about a target in any way you can.

Hacker State of Mind

00:05:25

Lesson Description:

Footprinting is really a process of information gathering. There might be a lot of fancy terms, definitions and the like, but footprinting is really just gathering information about a target in any way you can.

Search Engine and Online Resources

00:17:55

Lesson Description:

Footprinting is really a process of information gathering. There might be a lot of fancy terms, definitions and the like, but footprinting is really just gathering information about a target in any way you can.

Whois GeoIpLocation and DNS Interogation

00:14:40

Lesson Description:

The techniques and tools are many, ranging from nmap to search engines, and even going as far as digging through dumpsters. Anything that you use to learn more about your target can in a way be called a tool.

Email Header Analysis

00:16:14

Lesson Description:

The video deals with the analysis of the email header and here we will see what sort of information can be extracted from it, what it all means and how can it be used to verify the email origin and email sender identity.

Getting an IP Address from an Email and More

00:16:42

Lesson Description:

In this video we will deal with the subject of phishing. And you will see what sort of information about yourself are you volunteering each time you click on a link.

Quick Look at a Website Certificate, Source Code and Traffic

00:14:59

Lesson Description:

The techniques and tools are many, ranging from nmap to search engines, and even going as far as digging through dumpsters. Anything that you use to learn more about your target can in a way be called a tool.

How to Clone a Website and Extract Metadata from Files

00:18:26

Lesson Description:

The techniques and tools are many, ranging from nmap to search engines, and even going as far as digging through dumpsters. Anything that you use to learn more about your target can in a way be called a tool.

Nmap and Traceroute

00:19:11

Lesson Description:

The techniques and tools are many, ranging from nmap to search engines, and even going as far as digging through dumpsters. Anything that you use to learn more about your target can in a way be called a tool.

QUIZ SOLUTION: Footprinting - Questions answered and explained

00:08:39

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Footprinting

00:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Reports and Countermeasures

Countermeasures and Best Practices

00:11:40

Lesson Description:

Reports might be the really the boring part of the work, but they are essentially documentation of your work and the results of your work.

What Goes into a Footprinting Report?

00:05:14

Lesson Description:

Reports are really the boring part of the work, but they are essentially the documentation of your work and the results of your work.

QUIZ SOLUTION: Reports and Countermeasures - Questions answered and explained

00:07:38

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Reports and Countermeasures

00:30:00

Scanning Networks

Network Scanning Techniques

Banner Grabbing

00:06:30

Lesson Description:

The technique known as Banner Grabbing is extremely simple, costs little to nothing in terms of time and system resources, and has a good chance of providing crucial information about a target.

Drawing and Mapping Out Network Topologies

00:09:17

Lesson Description:

This video focuses on explaining how to use Zenmap, which is a GUI interface for Nmap, and shows how to literally draw network topologies.

Scanning for Vulnerabilities

00:15:15

Lesson Description:

Nmap as a tool has its own scripting engine, and comes with a large number of scripts that can detect and confirm various vulnerabilities. In addition to scanning the system and getting the information such as IP addresses services, open ports, and versions, it is also possible to scan individual services on different ports for vulnerabilities.

Enumeration

00:08:08

Lesson Description:

Enumeration is a phase during which an attacker will use the data gathered from reconnaissance to actively engage the given system and acquire information. The simplest way to illustrate is imagine someone performing surveillance on a house. They won't really know how many rooms it has, how many bathrooms there are, where the kitchen is, and how many doors are in the house. This is passive reconnaissance. Enumeration is a more active process. Think of it like peeking in the windows, sneaking in and walking around a bit, and maybe rifling through the trash bin out in the garage.

QUIZ SOLUTION: Network Scanning Techniques - Questions answered and explained

00:09:30

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Network Scanning Techniques

00:30:00

System Hacking

Password Cracking Techniques

Password Cracking, Crunch, and Some Basics

00:17:07

Lesson Description:

Before you learn how to crack passwords, you should learn something about the passwords. That is what we'll go over in this video. In addition, we will get an idea of how many permutations can be calculated, and be able to estimate how long different kinds of passwords will take to crack.

Using Hydra for online password cracking

00:17:23

Lesson Description:

Cracking online passwords can be quite different from cracking passwords offline and you have to work with a large number of restrictions, such as rate limiting, intrusion detection systems, low number of attempts per a second and so on.

Hashcat: Environment Setup

00:16:58

Lesson Description:

Here we'll become acquainted with Hashcat. It has become the de facto for cracking hashes, and does it so fast by harnesses the power of GPUs available in the cloud.

HashCat: Installation

00:07:51

Lesson Description:

We cannot really do much without installing the tools that we need. So let us go ahead and go through the process of Hashcat installation.

HashCat: Let Us Crack Some Passwords!

00:17:08

Lesson Description:

Now that we have everything installed, let's see what this thing can do. How fast can it crack passwords, and what options and approaches do we have?

HashCat: Results and Recap

00:11:37

Lesson Description:

This will be a quick recap and review of the results, along with some conclusions and observations in regards to Hashcat's limitations.

QUIZ SOLUTION: Password Cracking Techniques - Questions answered and explained

00:11:09

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Password Cracking Techniques

00:30:00

Techniques for Creating and Maintaining Access to the Remote System

Reverse Shell and Remote Service Exploitation

00:16:16

Lesson Description:

In this lecture I will demonstrate how outdated services or applications are exploited and what can happen.

Keylogger Intro and Environment Setup

00:10:59

Lesson Description:

The first step in deploying or configuring any sort of software, malicious or benevolent, is setting up the environment in which it can be examined, compiled, and configured. The same goes for the Keylogger. Before we can successfully deploy a Keylogger binary, we need to configure the source code and compile it.

Keylogger Source Code Download and Import

00:04:42

Lesson Description:

In this video I will show you how to download and import keylogger source code into an IDE and we will then proceed to configuring it and compilng it. https://github.com/ErminLA?tab=repositories

Keylogger Configuration

00:07:14

Lesson Description:

Here we need to configure the Keylogger to our send files and logs to our desired email address.

Keylogger Demo

00:12:06

Lesson Description:

This one is plain and simple. The lecture will consist of me demonstrating how a Keylogger works.

Decrypting Keylogger Logs

00:08:41

Lesson Description:

Now we need to learn how to decrypt the keylogger files so that we can actually read them.

QUIZ SOLUTION: Persistent Remote Access - Questions Answered and Explained

00:08:07

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Persistent Remote Access

00:30:00

Hiding Malicious Programs

SandBox

00:15:39

Lesson Description:

The intended purpose of this video is to explain the concept of a SandBox, where sandboxed environments are used, and for what.

How to Create a Safe Sandbox Environment

00:13:16

Lesson Description:

Over the course of your career as a penetration tester, developer, devops, or something similar, you will find yourself in need of a safe and secure testing environment. You need a place where you will be able to safely test and deploy your code or perform task and tests that would be risky to do in a production environment. With that said, let us see how to create a safe sandboxed environment.

Anti-Malware Software Overview

00:10:25

Lesson Description:

In order to bypass anti-malware detection, we first must understand how it works, and that is exactly what we will do in this lecture.

Packing Malware

00:11:05

Lesson Description:

Packaging and hiding Malware is extremely challenging and there are many obstacles in the process. But knowing the process and seeing how it works will enable you to be better prepared to face and recognize threats in the future. Plus you get some really cool knowledge.

Rootkits

00:07:27

Lesson Description:

Rootkits are complex and advanced malicious programs that are able to control what processes are visible to the user. They are generally extremely difficult to detect and find once they are embedded into the system.

Hiding Files and Steganography

00:12:48

Lesson Description:

How to embed hidden messages into pictures or other files is the core of this lecture. We will take one text file's content and embed that into a picture without the picture changing in any noticeable way. Later on in the video, I will demonstrate the reverse procedure, where data is extracted out of an image.

QUIZ SOLUTION: Hiding Malicious Programs - Questions Answered and Explained

00:05:27

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Hiding Malicious Programs

00:30:00

Covering Tracks and Destroying Evidence

Log Files: Covering Your Tracks

00:15:49

Lesson Description:

Before you break into a system, it critical to have some sort of Cover Your Tracks plan. There can be no trace of your existence and presence there. Since leaving any evidence to begin with isn't always possible, the next best thing to do is mask your activities on the system, making them as similar as possible to what the system would recognize as normal.

QUIZ SOLUTION: Covering Tracks and Destroying Evidence - Questions Answered and Explained

00:09:42

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Covering Tracks and Destroying Evidence

00:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Wireless Networks and Spoofing

Spoofing Techniques

ARP Spoofing

00:16:37

Lesson Description:

This video will demonstrate how someone on the network can misrepresent themselves and redirect traffic.

MAC Address Spoofing

00:12:27

Lesson Description:

Spoofing a MAC address on the network can hide you, and protects against leaving unwanted traces of your presence on the network.

DHCP Starvation

00:06:24

Lesson Description:

DHCP has a limited number of ip addresses to lease. Starve it, and no new clients will be able to connect, effectively performing a DOS attack on the network.

QUIZ SOLUTION: Sniffing Techniques - Questions Answered and Explained

00:15:14

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Sniffing Techniques

00:30:00

Attacking and Exploiting Wireless Networks

Capturing the WPA2 Handshake

00:15:41

Lesson Description:

In order to be able to crack a WPA2 passkey, we need to capture it first. Along the way to learning how to do this, we will mount DOS attacks on the local network and perform discovery of all the clients and access points around us.

Cracking WPA2 Passkey

00:15:52

Lesson Description:

Here we will use cloud resources and attempt to crack a WPA2 key.

QUIZ SOLUTION: Wireless Networks - Questions Answered and Explained

00:10:55

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Wireless Networks

00:30:00

Social Engineering

Tip, Tricks and Real Life Scenarios

Social Engineering

00:17:20

Lesson Description:

Social engineering is a process where one human interacts with another human being, directly or indirectly, for the purpose of obtaining information relevant to the target.

Well Known Social Engineering Attacks: A Retrospective

00:11:44

Lesson Description:

This is a brief overview of well known social engineering attacks. How did they happen? What were the weak links? What was exploited? How?

QUIZ SOLUTION: Social Engineering - Questions Answered and Explained

00:09:00

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Social Engineering

00:30:00

Firewalls and Honeypots

Firewalls

What Is a Firewall? How Does It Work?

00:08:38

Lesson Description:

Firewalls are essentially traffic cops, used for controlling and regulating traffic on networks. They are one of the first obstacles you come up against as a penetration tester, so let us get acquainted with them.

Firewall Usage, Logging, and Configuration

00:10:29

Lesson Description:

Let me show you some basic firewall usage, to better demonstrate what firewalls actually do.

Evading Firewall GeoIpBock

00:17:22

Lesson Description:

Let me show you some basic firewall usage, to better demonstrate what firewalls actually do.

QUIZ SOLUTION: Firewalls - Questions answered and explained

00:08:02

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Firewalls

00:30:00

Honeypots

How to Set Up a Honeypot

00:13:55

Lesson Description:

Honeypots are like nets to catch fish. In the world of penetration testing and cyber security, your net is a proxy, a VPN, tor nodes, and free wireless access points (among other things) that you set out for someone to use. When they do, and they will in all likelihood, their traffic belongs to you.

How to grab traffic from a Honeypot

00:14:13

Lesson Description:

Now that we have set up a tempting honeypot, let us see how we can perform a remote network traffic capture and examine it locally with Wireshark.

QUIZ SOLUTION: Honeypots - Questions Answered and Explained

00:07:21

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Honeypots

00:30:00

Hacking Web Servers and Web Applications

Let's Attack Web Servers and Web Applications!

OWASP - Open Web Application Security Project

00:04:45

Lesson Description:

This is the website where you can vist to get an overview of pretty much all vulnerabilities, exploits, code snippets, and so forth. They are sorted in alphabetical order, and there is a little something for everyone. It's a great place all around, and I strongly recommend you check it out.

QUIZ SOLUTION: Attacking Web Servers and Web Applications - Questions Answered and Explained

00:07:31

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

XSS Cross Site Scripting

00:12:20

Lesson Description:

XSS, or Cross Site Scripting, is a vulnerability where an attacker figures out how to embed his own code into something like a forum post, or a blog comment. Anyone else that comes by it ends up executing the attackers code.

SQL Injections

00:15:54

Lesson Description:

SQL injection is a technique where code is injected into data input fields in the form of well crafted SQL statements. That is what will be demonstrated in this lecture.

QUIZ: Attacking Web Servers and Web Applications

00:30:00

Cryptography

About Cryptography

Cryptography Basics

00:08:40

Lesson Description:

Let me introduce you to the world of cryptography. What is it? What is it for? Why is it important? Why use it? These are the questions that we will begin to answer here.

Cryptography Common Algorithms and Message Digest

00:09:19

Lesson Description:

This is an overview of common algorithms that are used for encryption.

PKI Public Key Infrastructure

00:07:54

Lesson Description:

Ever wondered what happens when you open up a website with HTTPS, and how the encryption works? What are all the individual elements involved, and what processes are taking place? Well, wonder no more. Let's have a look together.

Encryption, Decryption, Cryptanalysis and Attack Vectors

Cryptanalysis and Attack Vectors

00:11:02

Lesson Description:

Cyrptoanalysis is a process during which all manner of useful information is extracted, and is used for the purpose of ultimately finding a key.

Checksum and File Encryption

00:12:49

Lesson Description:

Learn how to check any file for signs of tampering and confirm integrity. Discover how to encrypt your files with strong algorithms, and see examples of how encryption works in general.

SSH RSA Demo

00:13:49

Lesson Description:

One of the most widely use services, SSH (Secure Shell) is a perfect way to see how asynchronous encryption works.

Storage Medium Encryption

00:12:32

Lesson Description:

Ensure the secrecy of data, even after the loss of the medium that it was stored on, by encrypting it and making sure that it can only be accessed with a proper key that only you have.

QUIZ SOLUTION: Cryptography - Questions Answered and Explained

00:08:11

Lesson Description:

In this video you will find all the questions and answers explained for the given quiz.

QUIZ: Cryptography

00:30:00

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Final practice exam

Final

Final Practice Exam

00:05:13

Lesson Description:

Here we will take a look at the form, questions and answers of the final practice exam. I will also show you some common pitfalls when reading and answering questions and will go over a lot of question and answers just so you can see that there is a lot of word trickery and what seams very difficult is probably extremely easy.

Certified Ethical Hacker (CEH) Practice Exam

02:00:00

Final practice exam SOLUTIONS

Final SOLUTIONS

Final Practice Exam Question and Answer overview part 1

00:21:04

Lesson Description:

Here we will take a look at the form, questions and answers of the final practice exam. I will also show you some common pitfalls when reading and answering questions and will go over a lot of question and answers just so you can see that there is a lot of word trickery and what seams very difficult is probably extremely easy.

Final Practice exam Question and Answer overview part 2

00:12:36

Lesson Description:

Here we will take a look at the form, questions and answers of the final practice exam. I will also show you some common pitfalls when reading and answering questions and will go over a lot of question and answers just so you can see that there is a lot of word trickery and what seams very difficult is probably extremely easy.

Final Practice exam Question and Answer overview part 3

00:19:49

Lesson Description:

Here we will take a look at the form, questions and answers of the final practice exam. I will also show you some common pitfalls when reading and answering questions and will go over a lot of question and answers just so you can see that there is a lot of word trickery and what seams very difficult is probably extremely easy.

Final Practice exam Question and Answer overview part 4

00:18:19

Lesson Description:

Here we will take a look at the form, questions and answers of the final practice exam. I will also show you some common pitfalls when reading and answering questions and will go over a lot of question and answers just so you can see that there is a lot of word trickery and what seams very difficult is probably extremely easy.