The Ultimate Kali Linux

Lessons

Lab

Lab (Add-on)

TestPrep

Get A Free Trial

This course includes:

Free pre-assessment and first 2 lessons

20+ Interactive Lessons | 5+ Exercises

Accessible on mobile and tablet too

Certificate of completion

Are you an instructor?

Access detailed information about the course content, learning objectives, activities, and assessments before adding it to your curriculum.

About This Course

Skills You’ll Get

Interactive Lessons

20+ Interactive Lessons | 5+ Exercises |

Gamified TestPrep

Hands-On Labs

22+ LiveLab | 00+ Minutes

Download Course Outline

Preface

Who this course is for
What this course covers
To get the most out of this course

Introduction to Ethical Hacking

Understanding the need for cybersecurity
Exploring cybersecurity terminology
Identifying threat actors and their intent
Understanding what matters to threat actors
Exploring the importance of penetration testing
Penetration testing methodologies
Discovering penetration testing approaches
Types of penetration testing
Exploring the phases of penetration testing
Understanding the Cyber Kill Chain framework
Summary

Building a Penetration Testing Lab

Technical requirements
An overview of the lab setup and technologies used
Setting up a hypervisor and virtual networks
Setting up and working with Kali Linux
Setting up a vulnerable web application
Deploying Metasploitable 2 as a vulnerable machine
Building and deploying Metasploitable 3
Summary

Setting Up for Advanced Penetration Testing Techniques

Technical requirements
Building an Active Directory red team lab
Setting up a wireless penetration testing lab
Summary

Passive Reconnaissance

Technical requirements
The importance of reconnaissance
Exploring passive reconnaissance
Creating a sock puppet
Anonymizing internet-based traffic
Summary

Exploring Open-Source Intelligence

Technical requirements
Google hacking techniques
Domain reconnaissance
Sub-domain harvesting
Identifying organizational infrastructure
Harvesting employees’ data using Hunter
Automating social media reconnaissance with Sherlock
Summary

Active Reconnaissance

Technical requirements
Understanding active information
Profiling websites using EyeWitness
Exploring active scanning techniques
Using scanning evasion techniques
Enumerating network services
Discovering data leaks in the cloud
Summary

Performing Vulnerability Assessments

Technical requirements
Getting started with Nessus
Vulnerability identification using Nmap
Working with Greenbone Vulnerability Manager
Using web application scanners
Summary

Understanding Network Penetration Testing

Technical requirements
Introduction to network penetration testing
Working with bind and reverse shells
Antimalware evasion techniques
Working with wireless adapters
Managing and Monitoring wireless modes
Summary

Performing Network Penetration Testing

Technical requirements
Exploring password-based attacks
Performing host discovery
Identifying and exploiting vulnerable services
Summary

Post-Exploitation Techniques

Technical requirements
Pass-the-hash techniques
Post exploitation using Meterpreter
Data encoding and exfiltration
Summary

Delving into Command and Control Tactics

Technical requirements
Understanding C2
Setting up C2 operations
Post-exploitation using Empire
Working with Starkiller
Summary

Working with Active Directory Attacks

Technical requirements
Understanding Active Directory
Enumerating Active Directory
Leveraging network-based trust
Summary

Advanced Active Directory Attacks

Technical requirements
Understanding Kerberos
Abusing trust on IPv6 with Active Directory
Attacking Active Directory
Domain dominance and persistence
Summary

Advanced Wireless Penetration Testing

Technical Requirements
Introduction to Wireless Networking
Performing Wireless Reconnaissance
Compromising WPA/WPA2 Networks
Performing AP-less Attacks
Exploiting Enterprise Networks
Setting Up a Wi-Fi Honeypot
Exploiting WPA3 Attacks
Summary

Social Engineering Attacks

Technical requirements
Fundamentals of social engineering
Types of social engineering
Planning for each type of social engineering attack
Defending against social engineering
Exploring social engineering tools and techniques
Summary

Understanding Website Application Security

Technical requirements
Understanding web applications
Exploring the OWASP Top 10: 2021
Getting started with FoxyProxy and Burp Suite
Understanding injection-based attacks
Exploring broken access control attacks
Discovering cryptographic failures
Understanding insecure design
Exploring security misconfiguration
Summary

Advanced Website Penetration Testing

Technical requirements
Identifying vulnerable and outdated components
Exploiting identification and authentication failures
Understanding software and data integrity failures
Exploring server-side request forgery
Understanding security logging and monitoring failures
Understanding cross-site scripting
Automating SQL injection attacks
Performing client-side attacks
Summary

Best Practices for the Real World

Technical requirements
Guidelines for penetration testers
Penetration testing checklist
Creating a hacker’s toolkit
Setting up remote access
Next steps ahead
Summary

Appendix

Setting Up a Penetration Testing Lab on Ubuntu Desktop
Technical requirements
An overview of the lab setup and technologies used
Setting up a hypervisor and virtual networks
Setting up Kali Linux on Ubuntu
Setting up Metasploitable 3 on Ubuntu
Summary