Practical Ethical Hacking Course Part 1

Jul 15, 2024

Practical Ethical Hacking Course Part 1 🛡️

Introduction

  • Instructor: Heath Adams
  • Course Format: Part 1 and Part 2 (due to YouTube's 12-hour video limit)
  • Company: CEO of TCM Security
    • Focus: Ethical hacking, cybersecurity consulting, educational institution
  • Objective: To hack ethically for identifying security issues in companies

Course Overview

  • Hacking Variety: Networks, web apps, wireless, mobile apps, physical penetration testing
  • Course Goals: Comprehensive coverage of hacking methodologies updated for 2023
  • Additional Resources: TCM Security Academy offers extended courses
  • Certification: Course linked to the PMPT (Practical Network Penetration Tester) certification

Ethical Hacking Career Path

  • Backgrounds: IT background not necessary
    • Example backgrounds: Mayor, doctor, accountant
  • Skills Needed: Basic computer and networking knowledge
  • Certifications: Various relevant hacking certifications listed
  • Follow Instructor: Social Media - LinkedIn, Twitter, YouTube
    • Goal: Reaching a million subscribers on YouTube

Course Details

  • Past Course Comparison: Expanded from a 12-hour to a 15-hour course for 2023
    • Updates span methodologies, tool versions to the most current standard
  • Structure: Parts 1 & 2; Free on YouTube, extended versions on TCM Security Academy for more content
    • Price: Each academy course around $29.99

Day in the Life of a Pen Tester

  • Daily Tasks: Assessment, report writing, debrief
  • Assessment Types: External Network Pen Test, Internal Network Pen Test, Web Application Pen Test, Wireless Pen Test, Physical/Social Engineering Assessments

External Network Pen Test

  • Target: Organizations from outside perspective
  • Focus: Open-source intelligence, login panels, heavily on footprinting
  • Duration: Typically 32-40 hours plus 8-16 hours for report

Internal Network Pen Test

  • Target: Organizations from inside perspective
  • Focus: Active Directory, typically used in around 99% of organizations
  • Duration: 32-40 hours plus 8-16 hours for report

Web Application Pen Test

  • Focus: Web-based attacks using OWASP testing guidelines
  • Duration: 32-40 hours, testing along OWASP top 10 vulnerabilities

Wireless Pen Test

  • Focus: Assessing organization’s wireless security
  • Tools: Wireless network adapter with packet injection
  • Duration: 4-8 hours per SSID

Physical Pen Test & Social Engineering

  • Target: Physical security assessments
  • Methodology: Depends on client’s goals, focus on phishing, smishing campaigns
  • Duration: 16-40 hours plus 4-8 hours for report

Advanced Assessments

  • Additional Specializations: Mobile Penetration Testing, IoT Testing, Red Team Engagements, Purple Team Engagements

Report Writing & Debriefs

  • Report Structure: Executive Summary for non-technical, technical details for engineers
  • Importance: Clear communication for remediation
  • Debrief Process: Ensuring client understands findings, addressing concerns

Tools and Note-Keeping

  • Recommended Tools: Keepnote, Greenshot for effective note keeping and screenshots
  • Notetaking Tips: Structured notes, detailed assessment records
  • Installation: Guidance on virtual machines, using tools like VMware/VirtualBox, Kali Linux setup

Linux Command-Line Basics

  • Key Commands: pwd, ls, cd, mkdir, rmdir, cp, mv, cat, sudo
  • Network and System Commands: ifconfig, ip, arp, route, ping, systemctl

Networking Concepts

  • IP Addresses: IPv4 vs IPv6, private vs public addressing, subnetting
  • OSI Model: 7 layers from physical to application
  • Ports & Protocols: Common TCP/UDP ports like 21, 80, 443, 53

Networking and Linux Practical Steps

  • Setup: Virtual machines and installing necessary tools
  • Networking Refresher: IP addressing, subnetting, basic networking commands

Hands-on Python Section

  • Introduction to Python: Strings, variables, methods, functions
  • Advanced Topics: Loops, conditional statements, boolean expressions, lists, dictionaries
  • Building Tools: Example projects like port scanner, budget app

Five Stages of Ethical Hacking

  1. Reconnaissance: Information gathering
  2. Scanning & Enumeration: Using tools like nmap, discovering open ports, vulnerabilities
  3. Gaining Access: Exploiting vulnerabilities
  4. Maintaining Access: Ensuring continued access post-exploitation
  5. Covering Tracks: Removing evidence

Reconnaissance & Information Gathering

  • Types: Passive (research) vs Active (scanning directly)
  • Sources: OSINT tools, job boards, social networks

Example Tools & Techniques

  • Hunter.io, phonebook.cz: Gathering email addresses
  • Clearbit, email verification sites: Validate potential email formats
  • Using breaches: Noted how to utilize previously breached credentials data for discovery
  • Tools like dhash: Deep-search breaches database

Final Steps and Transition

  • Part 1 Complete: Continue to Part 2 for further lessons
  • Next Steps: Deepening scanning & enumeration, exploiting vulnerabilities, web application security

Full transcript