Ethical Hacking - The Ultimate Bundle

5.0 Value Rating*

This bundle is a white hat hackers dream come true! Roll your sleeves up and put away all those distractions before you dive into this amazing collection of courses that will teach you basics and advanced level ethical hacking skills. Once acquired, please abide by the code of honour and use your newly acquired skills for the good of humanity only!

$39

$19.50
19
COURSES
720
LESSONS
NEW
ENROLLED

LIFETIME ACCESS TO ALL THESE 19 COURSES
Make in-house Hacking and Penetration testing Lab
Make in-house Hacking and Penetration testing Lab

$49 Value

Real world hacking and penetration testing - Professional level
Real world hacking and penetration testing - Professional level

$200 Value

Learn GREP and SED on Linux for Beginners
Learn GREP and SED on Linux for Beginners

$99 Value

Learn Basic Linux Shell Course
Learn Basic Linux Shell Course

$99 Value

Wireless Penetration Testing with Kali Linux & Raspberry Pi
Wireless Penetration Testing with Kali Linux & Raspberry Pi

$37 Value

Learn Bash Shell in Linux for Beginners
Learn Bash Shell in Linux for Beginners

$99 Value

Hackproof your Linux server
Hackproof your Linux server

$99 Value

Step by Step Web Applications Penetration Tester
Step by Step Web Applications Penetration Tester

$99 Value

WordPress Hacking and Hardening in Simple Steps
WordPress Hacking and Hardening in Simple Steps

$99 Value

Learn Server Security With BitNinja
Learn Server Security With BitNinja

$99 Value

IT Security for Project Managers
IT Security for Project Managers

FREE

Secure Programming of Web Applications - Developers and TPMs
Secure Programming of Web Applications - Developers and TPMs

$35 Value

Master Ethical Hacking with Python
The Complete Python Hacking Course: Beginner to Advanced

$9.99 Value

Learn Ethical Hacking Beginner to Advanced!
Learn Ethical Hacking: Beginner to Advanced!

$9.99 Value

Certified Ethical Hacker Boot Camp for 2017!
Certified Ethical Hacker Boot Camp

$9.99 Value

WordPress Security 2017 Secure Your Site Against Hackers!
WordPress Security 2017: Secure Your Site Against Hackers!

$94 Value

Java Cryptography Architecture Secure Password Hashing
Java Cryptography Architecture: Secure Password Hashing

$12 Value

File Encryption Basics and Practices with CrococryptFile
File Encryption Basics and Practices with CrococryptFile

FREE

Introduction to Encryption - Terminology and Technology
Introduction to Encryption - Terminology and Technology

$20 Value

DETAILS OF THE 19 COURSES IN THE BUNDLE
Make in-house Hacking and Penetration testing Lab

Make in-house Hacking and Penetration testing Lab

Instructor: Atul Tiwari

OverviewDescriptionAbout

Hacking, pentesting Lab on your own computer.

Why do you need a pentest lab ?

Simple! If you aspire to be a pentester, or want to improve your skills, in-house pentesting labs are one of the best way to practice!

Why do you need a pentest lab ?

Simple! If you aspire to be a pentester, or want to improve your skills, in-house pentesting labs are one of the best way to practice!

It also gives you techniques for:

Firewall Evasion, IDS bypassing, WAF Evasion techniques.

It best suites for people who is keen to make testing with their own and only one computer. it doesn’t require too much knowledge to set it up.

Just you need to have understanding of computer and basic computing skills to start with.
This course is highly focused towards practical from scratch to advanced level towards penetration testing on virtual machine.This course is very helpful for newcomers in ethical hacking and penetration testing field.
In this course, you also get where to start penetration testing and ethical hacking knowledge.

Ummm.. So, what are you waiting for ? go ahead an take a challenge to HACK if you can…?

Atul Tiwari

Security Analyst | IT AUDITOR | Cyber laws expert | Author | Public speaker | CISSP

Having more than 10 years of working experience in information security field.

Have trained more than 35000 students on the topic of Information security & penetration testing in classroom mode and online across 162 countries. with expertise in web application penetration testing, i have performed several penetration tests and security audits, security analysis with private, governments and security agencies to help assist with to cope with cyber threats.

1:50  Hours

18 Lessons

Lifetime Access

Course Curriculum

Preview Course

Creating virtual LAB – The hacking box
Kali linux virtual machine setup
OWASPbwa virtual machine setup
Metasploitable2 Virtual machine setup (2:02)
Exploiting the Penetration testing box – Security Testing
Testing for SQL injection vulnerabilities – on OWASPbwa LAB (8:33)
Testing for Cross site request forgery attacks – CSRF (OWASPbwa LAB) (6:00)
Exploiting web application of LAB – With Metasploit (7:31)
Burp suite in action – Fuzzing Input Fields for bugs (8:21)
BeEF in action – XSS hunted forever (9:31)
Playing with Firewalls, Antivirus (Evasion)
Windows 7 firewall bypass in real time (LIVE) (10:59)
Creating undetectable Payload in LAB – Veil Evasion (KALI Linux LAB) (4:18)
Creating payload in LAB – Msfvenom-msfpc (5:49)

Real world hacking and penetration testing - Professional level

Real world hacking and penetration testing - Professional level

Instructor: Atul Tiwari

OverviewDescriptionAbout

Learn Penetration testing from real world examples performed

If you are wanting to learn Ethical Hacking and Penetration Testing to a Professional Standard, and work online to help companies secure their data, you will love this Course! having more than 40k students in less than 3 months.

If you are wanting to learn Ethical Hacking and Penetration Testing to a Professional Standard, and work online to help companies secure their data, you will love this Course! having more than 40k students in less than 3 months.

In this highly practical course, you will learn from a Certified Professional Hacker & Penetration tester. You will get practical details about what a modern pen-tester must have in order to be a professional level Penetration Tester.

Atul Tiwari
Security Analyst | IT AUDITOR | Cyber laws expert | Author | Public speaker | CISSP

Having more than 10 years of working experience in information security field.

Have trained more than 35000 students on the topic of Information security & penetration testing in classroom mode and online across 162 countries. with expertise in web application penetration testing, i have performed several penetration tests and security audits, security analysis with private, governments and security agencies to help assist with to cope with cyber threats.

5  Hours

55 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction to course
Introduction to Penetration Testers (4:02)
Building virtual pentesting box
Setting-up OWASPbwa VM (3:17)
Setting-up KALI LINUX VM (4:27)
Setting-up Metasploitable VM (2:02)
Setting-up windows VM (1:40)
Penetration testing methodologies
Penetration Testing methodologies (2:25)
Passive Discovery – Open source intelligence gathering – OSINT
Open source intelligence gathering – Basics (4:05)
OSINT Reconnaissance – Recon-ng (14:03)
Open source intelligence gathering – DiscoverScript (13:41)
Open-source intelligence gathering – Spiderfoot (6:14)
Active Discovery – Reconnaissance
Active Reconnaissance with sparta (9:19)
Scanning Entire network range in 6 min (8:13)
Taking massive snapshots of web (3:48)
Httpscreenshot and EyeWitness Installations
Vulnerability Assessments
Vulnerability assessment – Nessus (14:28)
Vulnerability assessment – OpenVAS (16:25)
Vulnerability assessment – Nikto (4:41)
Quick findings of web apps vulnerabilities (2:04)
Web application scanning – ZAP (4:40)
ZAP Scan analysis (5:23)
Web application scanning – AppSpider_PRO (7:15)
Vulnerability to Exploitations – Exploiting the targets
Metasploit commanding (9:03)
Metasploit – Exploiting MS08-067 (8:44)
Metasploit – Exploiting web apps (7:31)
Binary_Exploitation_Buffer_overflow (8:42)
Binary Exploitation
Browser Exploitation with BeEF (9:31)
Web application penetration testing – Exploiting web apps
SQL Injection basics
Exploiting SQL injection (8:33)
Cross site scripting attack – XSS (5:13)
Cross site request forgery attacks – CSRF (6:00)
Fuzzing Input Fields – Input validation attacks (8:21)
Wireless network hacking – Security testing WLAN
WEP Cracking
WPA-WPA2 cracking
Cracking WPA2 Networks – Attack in action (6:48)
Post exploitation attacks – Lateral moving in networks
First post Responder – Collecting credentials without authorization (5:31)
Adding user account to target machine (2:25)
Creating a persistent backdoor on target machine (3:30)
Msfvenom-msfpc with RC Script (5:49)
Dumping cached credentials – Last 10 passwords (1:59)
Anti-virus / Firewall / IDS Evasion / VEIL Evasion
Firewall Evasion with Nmap – Live attack on windows 7 system (10:59)
Content filter bypass with metasploit (3:30)
Veil Evasion framework – Evading Anti-viruses (4:18)
Password cracking and exploits
Windows password cracking – kon boot (1:34)
Linux Password hash Cracking (3:54)
Generating alpha-numeric passwords lists (2:16)
Generating passwords list from target website (2:44)
Compromised passwords list
Exploits and vulnerability Research
Searchsploit in kali (4:04)
Exploits search in bugtraq (2:17)
Exploits in Exploit-DB (3:39)
Anonymity – safe and secure
Being_anonymous_The TOR Network (9:44)
My recommendations for pentesting
Top Security Conferences & magazine (3:30)
Best commercial tools (3:27)
Bug Bounty programmes (1:03)
Bonus lectures
TOR
The Darknet – Dark side of the internet (7:31)
Pentester’s suitecase – by atul tiwari (International article)

Learn GREP and SED on Linux for Beginners

Learn GREP and SED on Linux for Beginners

Instructor: EDUmobile Academy

OverviewDescriptionAbout

This course explores in details of two powerful tools grep and sed

One of the most important tasks we undertake in Linux is processing text in files. This course explores two powerful tools we have to do this: grep and sed. Grep and sed find and manipulate text in files usingregular expressions, which use special characters for searching and replacing text.

One of the most important tasks we undertake in Linux is processing text in files. This course explores two powerful tools we have to do this: grep and sed. Grep and sed find and manipulate text in files usingregular expressions, which use special characters for searching and replacing text.

In the course, we’ll introduce regular expression syntax in the context of learning grep, then apply what we’ve learned as we work with sed. Topics include:

– finding text with grep
– regular expression syntax
– meta characters
– validating emails and phone numbers
– intro to sed
– replacing text in files
– line number addressing
– outputting only found lines
– printing line numbers
– adding text before and after lines
– simple sed scripts

The course is in two units, and runs just over an hour in length.

What are the requirements?
Any Linux Based Operating System
Knowledge of any Command Line is Helpful, but Not Necessary
What am I going to get from this course?
Over 13 lectures and 1 hour of content!
Use Grep Efficiently
Understand Switches Properly
Use Regular Expressions
What is the target audience?
Any Fresher Who Wants to Learn Basic Linux Shell Commands
Any Fresher Who Wants to Learn Basic Regex
Expert who Needs to Brush up Regex Skills

EDUmobile Academy
EDUmobile Academy develops high quality video training courses around topics in mobile development including iPhone, Android, Windows Phone, Java, Responsive Web Design and other emerging technologies.

Every course is created by an expert developer AND a trained mentor in the area of expertise.

Each course undergoes a rigorous planning, review and an internal quality check phase – to ensure that the teaching is of highest standards available online.

EDUmobile Academy was founded in 2008 when smart phones were just emerging into the market. Founder Vishal Lamba is experienced in multiple areas of digital design, mobile development and design, web technologies and digital marketing. He has a mathematics and computer science degree from Lawrence University, USA.

Vishal works closely with content creators and teachers to ensure that every course released meets the internal rigorous quality standards.

All course creators and trainers are currently based in the USA. Support for each course on Udemy is provided with quick turn around by a small team of developers and trainers.

1:50  Hours

14 Lessons

Lifetime Access

Course Curriculum

Preview Course

Intro to Grep
Introduction to the Course (3:06)
Learn Switches: -i, -v, -c (4:53)
More on Switches: -I, -L, -n, -h (4:00)
Other Command Line Switches (4:18)
Piping Other Commands to Grep (4:12)
Meta Characters in Regular Expressions (9:20)
Example of Validating E-mail Addresses (7:05)
Example of Validating US Phone Numbers (9:02)
Intro to Sed
SED Introduction (4:36)
Suppressing Output with -n, And Back Expressions (7:20)
Address Notation (7:13)
Printing Line Numbers with the = Command (3:14)
Other Commands ans Scripting Sed (6:11

Learn Basic Linux Shell Course

Learn Basic Linux Shell Course

Instructor: EDUmobile Academy

OverviewDescriptionAbout

This course is teaches the basics of using the linux shell, and is intended as a first course in using the terminal.

This course  teaches the basics of using the linux shell, and is intended as a first course in using the terminal.

This course is teaches the basics of using the linux shell, and is intended as a first course in using the terminal. In just under an hour, you’ll learn how to navigate the directory structure, show the contents of directories, how to understand and work with file permissions, how to copy, move, and remove files and directories, and more.

Topics include:

  • How to open the linux terminal
  • All about directories
  • Listing a directory’s contents
  • Understanding file permissions
  • Changing permissions
  • How to make and remove directories
  • Using the wildcard characters * and ?
  • Copying, moving, and removing files.
  • Removing non-empty directories
  • Using redirection and piping.

This is the first course in a new series of courses on the linux shell. Upcoming courses will explore various aspects of the shell, such as scripting, using utilities such as grep and sed, C and Perl programming in linux, and the file structure.

I hope you join me as we explore linux together.

EDUmobile Academy
EDUmobile Academy develops high quality video training courses around topics in mobile development including iPhone, Android, Windows Phone, Java, Responsive Web Design and other emerging technologies.

Every course is created by an expert developer AND a trained mentor in the area of expertise.

Each course undergoes a rigorous planning, review and an internal quality check phase – to ensure that the teaching is of highest standards available online.

EDUmobile Academy was founded in 2008 when smart phones were just emerging into the market. Founder Vishal Lamba is experienced in multiple areas of digital design, mobile development and design, web technologies and digital marketing. He has a mathematics and computer science degree from Lawrence University, USA.

Vishal works closely with content creators and teachers to ensure that every course released meets the internal rigorous quality standards.

All course creators and trainers are currently based in the USA. Support for each course on Udemy is provided with quick turn around by a small team of developers and trainers.

1  Hour

12 Lessons

Lifetime Access

Course Curriculum

Preview Course

Start Here
Introduction (2:45)
Starting with Terminal (1:51)
Basic Directories Commands (5:46)
File Listing (8:38)
File Permissions (4:53)
Changing File Permissions (7:11)
More On Directories, Wilcards and More
Making and Removing Directories (5:15)
Usage of Wildcards (5:23)
File Operations (8:01)
Removing Non Empty Directories (5:36)
Redirection and Piping (7:04)

Wireless Penetration Testing with Kali Linux & Raspberry Pi

Wireless Penetration Testing with Kali Linux & Raspberry Pi

Instructor: Cristian Gradisteanu

OverviewDescriptionAbout

Use this small but powerful Raspberry Pi device in order to perform pen testing on your network or for clients.

Are you into network security or just want to get started in this field?

This course is an excellent introduction to Network and Systems security.

Are you into network security or just want to get started in this field?

This course is an excellent introduction to Network and Systems security. We will use a Raspberry Pi device throughout this course but you can also follow along by installing Kali Linux on your computer, a process described in the course also.

Ever wanted to know how hackers are breaking into your network and what you can do to stop them? Then this course is right for you!

We will play the role of a Pen Tester or White Hat Hacker in order to discover network and system vulnerabilities and then see how we can protect against them. Scan your network for vulnerabilities before hackers are taking action against your system. Learn how to protect against common vulnerabilities that are present in Operating Systems and how to better understand how Computer Security works.

Don’t be caught off-guard and protect your network before hackers discovers the vulnerabilities in your system.

Take action today!

Cristian Gradisteanu
As a software developer, I am responsible for the development of management software products produced by the company. My area of expertise includes programming languages like Java, Objective-C, C#, C++, PHP, Ruby and system administration. With more than 15 years of Desktop software development experience, I discovered that mobiles application programming is something that I would love to do for the rest of my life 🙂

I am very passionate about teaching everyday people topics that they are interested in. I think that in order to keep up with the latest technology trends your leaning process should be a continuous one.

The biggest goal for me right now is to motivate and inspire others through the form of knowledge. If I can inform someone of ways to achieve a healthy mindset or production solution that makes their life easier, I can officially say that I’ve done my job.

3  Hours

24 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction
Course Introduction (1:39)
Hardware Requirements (6:57)
Downloading and installing Kali Linux on Raspberry Pi (8:56)
Downloading and installing Kali Linux in VirtualBox on Windows (8:42)
Downloading and installing Kali Linux in VirtualBox on Mac OS X (6:20)
Connecting to Kali Linux for the first time – VirtualBox
Connecting to Kali Linux for the first time – Raspberry Pi (8:45)
Updating Kali Linux (3:37)
Setting up your wireless adapter (19:51)
Conclusions (1:24)
Bypassing Wireless LAN Authentication
Bypassing Hidden SSIDs (7:05)
Bypassing MAC Address filtering (13:19)
Bypassing Shared Key Authentication (6:55)
Bypassing Open System Authentication (2:35)
Cracking WEP (8:44)
Cracking WEP with fern-wifi-cracker (8:00)
Cracking WPA & WPA2 (11:37)
Cracking WPA2 with Wifite and Cowpatty (8:42)
Connecting to a WPA/WPA2 wireless network (4:04)
MITM – Man in the middle attack (15:31)
MITM with Ettercap (9:17)

Learn Bash Shell in Linux for Beginners

Learn Bash Shell in Linux for Beginners

Instructor: EDUmobile Academy

OverviewDescriptionAbout

This course teaches beginning Linux shell scripting in the Bash shell.

The emphasis in the course is on the scripting language itself: using scripts to automate common tasks, and the logic within the language used to control the execution of the script.

This course teaches beginning Linux shell scripting in the Bash shell. The emphasis in the course is on the scripting language itself: using scripts to automate common tasks, and the logic within the language used to control the execution of the script.

The course is in two units, and contains over an hour of demos and discussion. This is the second part of the Linux course series from EDUMobile Academy.

In the first unit of the course, we’ll explore the shell environment itself, and cover such topics as:

– a simple hello world script
– making scripts executable
– why we run a script with a ./ and how to remove it
– running a script to act upon the currently running shell
– variables and how to use them
– the .bashrc file

The second unit covers scripting commands, particularly control flow. Topics include:

– exit status of shell commands
– the if statement and tests
– handling command line arguments
– random numbers
– loops (while, until, and for)
– the case statement

I hope you join me for this beginner’s guide to the bash scripting language!

EDUmobile Academy
EDUmobile Academy develops high quality video training courses around topics in mobile development including iPhone, Android, Windows Phone, Java, Responsive Web Design and other emerging technologies.

Every course is created by an expert developer AND a trained mentor in the area of expertise.

Each course undergoes a rigorous planning, review and an internal quality check phase – to ensure that the teaching is of highest standards available online.

EDUmobile Academy was founded in 2008 when smart phones were just emerging into the market. Founder Vishal Lamba is experienced in multiple areas of digital design, mobile development and design, web technologies and digital marketing. He has a mathematics and computer science degree from Lawrence University, USA.

Vishal works closely with content creators and teachers to ensure that every course released meets the internal rigorous quality standards.

All course creators and trainers are currently based in the USA. Support for each course on Udemy is provided with quick turn around by a small team of developers and trainers.

1:50  Hours

13 Lessons

Lifetime Access

Course Curriculum

Preview Course

Exploring Shell Environment
Introduction (4:11)
Writing and Running a Hello World Script (6:28)
Removing the ./ Resolution (6:17)
Running Scripts in the Current Open Shell (7:39)
Intro to Variables (8:19)
Saving Shell State in .bashrc (5:36)
Shell
Exit Status of Shell Commands (4:13)
Tests and the if Statement (7:26)
Command Line Arguments (9:12)
Guessing Game (11:52)
Loops (9:01)
The Case Statement (8:59)

Hackproof your Linux server

Hackproof your Linux server

Instructor: Gabriel Avramescu

OverviewDescriptionAbout

Linux security guide with practical hardening tips

Linux Servers provide many user transactions, which are constantly vulnerable to security threats, due to data sensitivity. To bring an application up and running on a server is an important thing, but without taking security measures, it can end up in a disaster.

Linux Servers provide many user transactions, which are constantly vulnerable to security threats, due to data sensitivity. To bring an application up and running on a server is an important thing, but without taking security measures, it can end up in a disaster. Although Linux is immune to some of the dangers Windows servers encounters, Internet is still a dangerous place. Therefore it’s important to apply security measures to prevent malicious attacks like brute force attack, etc.

This course was designed to show some practical tips on how to protect your server, that once applied, they will increase the level of security on your system and decrease the chances of it being compromised.

Along with the video lectures, you will also find exercises to help you improve your hands-on experience.

Gabriel Avramescu
Senior Information Security Consultant

  • I work in the Internet security team, focused on ethical hacking – deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
  • Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking).
  • Make recommendations on security weaknesses and report on activities and findings.
  • Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
  • Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
    Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
    Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
    Assist with the development of remediation services for identified findings
    Customize, operate, audit, and maintain security related tools and applications
    IT Trainer

CEH, ECSA, CHFI from EC-Council
Cisco CCNA, CCNA Security, Linux Essentials
Certifications

  • OSCE
  • OSWE
  • OSWP
  • CREST Registered Penetration Tester (CRT)
  • OSCP
  • CHFI (Computer Hacking Forensic Investigator)
  • ISO 270001 Lead Auditor
  • ECSA (EC-Council Security Analyst)
  • CEH (Certified Ethical Hacker)
  • CCNA and CCNA Security
  • CCNP Routing and CCNP Switching
  • Advanced Linux&InfoSEC
  • VMWare vSphere Install, Configure, Manage
  • Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.

2  Hours

25 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction
Tips & Tricks (11:14)
GRUB Protection and Security Patching
Intro
Protect GRUB with password (3:12)
Exercise – Protect GRUB with password
Security Patching (5:00)
Third-party packages
User Management and PAM
What is PAM? (4:50)
Check if a service uses PAM (1:23)
Common-auth file explained (2:26)
Restrict users from using the same old passwords (3:25)
Exercise – Restrict users from using the same old password
Set password expiration for users (2:48)
Enforce strong passwords (5:15)
Exercise – Enforce strong passwords
sudo access (7:50)
Disable root login (2:42)
/etc/securetty file (1:05)
Limit scheduling jobs with cron (5:18)
PAM Quiz
Control remote connections
SSH banner before & after the login (3:09)
SSH keys
Exercise – Generate ssh keys
Server’s fingerprint (2:17)
Disable root connection (1:02)
Blacklist users from ssh (6:25)
SSH Quiz
Firewalls & TCP Wrappers
Iptables (5:45)
Iptables-persistent (4:47)
Exercise – Iptables
Fail2ban (10:39)
fail2ban-client command (3:59)
TCP Wrappers (10:47)
Fail2ban Quiz
Auditing & Virus Scanning
Lynis audit tool (6:58)
Exercise – Lynis audit tool
Virus scanning – ClamAV (5:26)
Final Section
Conclusions
Final Quiz

Step by Step Web Applications Penetration Tester

Step by Step Web Applications Penetration Tester

Instructor: Gabriel Avramescu

OverviewDescriptionAbout

You will learn hacking tools, methodologies and techniques and and learn how to secure them from these hackers. In order to protect yourself from hackers, you must think as one.

This training is based on a practical approach of day-by-day situations and it contain labs based on real environments.

In order to protect yourself from hackers, you must think as one.

This training is based on a practical approach of day-by-day situations and it contain labs based on real environments. For the labs, target virtual machines are provided.

The course objective is to help you learn to master the (ethical) hacking techniques and methodology that are used in penetration systems. The course is designed for IT passionate, network and system engineers, security officers.

Below are the main topics, both theoretical and practical, of this course:

  • Core problems (Causes. Defences)
  • Web Technologies (HTTP Protocol, Web Functionality, Encoding)
  • Mapping (Spidering and Analysing)
  • Attacking Authentication (Technologies, Flaws, Fixes, Brute Force)
  • Attacking Session Management (State, Tokens, Flaws)
  • Attacking Access Controls (Common Vulnerabilities, Attacks)
  • Attacking Data Stores (SQL Injection, Bypassing Filters, Escalation)
  • Bypassing Client-Side Controls (Browser Interception, HTML interception, Fixes)
  • Attacking the server (OS command Injection, Path Traversal, Mail Injection, File Upload)
  • Attacking Application Logic
    Cross Site Scripting
  • Attacking Users (CSRF, ClickJacking, HTML Injection)
    Demos:
  • Spidering, Website Analyser
  • Brute-Force
  • Session Hijacking via Mann-in-The-Middle
  • Get Gmail or Facebook Passwords via SSLStrip
  • SQL Injection
  • Upload File and Remote Execution
  • Cross-Site Scripting (Stored + Reflected, Preventing XSS)
  • CSRF (Change password trough CSRF vuln., Preventing CSRF)

Gabriel Avramescu
Senior Information Security Consultant

  • I work in the Internet security team, focused on ethical hacking – deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
  • Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking).
  • Make recommendations on security weaknesses and report on activities and findings.
  • Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
  • Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
  • Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
  • Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
  • Assist with the development of remediation services for identified findings
  • Customize, operate, audit, and maintain security related tools and applications
    IT Trainer
  • CEH, ECSA, CHFI from EC-Council
  • Cisco CCNA, CCNA Security, Linux Essentials
    Certifications
  • OSCE
  • OSWE
  • OSWP
  • CREST Registered Penetration Tester (CRT)
  • OSCP
  • CHFI (Computer Hacking Forensic Investigator)
  • ISO 270001 Lead Auditor
  • ECSA (EC-Council Security Analyst)
  • CEH (Certified Ethical Hacker)
  • CCNA and CCNA Security
  • CCNP Routing and CCNP Switching
  • Advanced Linux&InfoSEC
  • VMWare vSphere Install, Configure, Manage
  • Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.

3:26  Hours

13 Lessons

Lifetime Access

Course Curriculum

Preview Course

Why Web Security?
Introduction (1:14)
Core Problems – Why Web Security (7:33)
Web Technologies
Preparing the Lab Environment (8:31)
Mapping the Web Application. User and Password Brute-Forcing
What Web Application Mapping Means
Usernames and Passwords Brute-Forcing using Burp (14:54)
Spider and Analyze a Website using Burp (5:27)
Brute-frocing Web Resources using Dirb and Dirbuster (10:38)
Attacking Authentication and Session Management – Session Hijacking
Theoretical Overview of Attacking Authentication and Session Management
Session Hijacking trough Man In The Middle Attack (11:05)
Intercept and access traffic over HTTPS (8:56)
Access controls. Data stores and Client-side Controls
Theoretical Approach of Attacking Access Controls
SQL injection (9:09)
Exploiting SQLi using Sqlmap and Getting Remote Shell (10:07)
Upload and Remote File Execution (10:43)
Attacking the Server and Application Logic
Attacking the server: OS Command injection, Path Traversal and Mail Injection
Attacking Application Logic
(XSS) Cross Site Scripting. Attacking the Users
Cross Site Scripting Theory. Attacking Users
Reflected XSS – Session Hijacking using Cross Site Scripting (10:29)
Stored or Persistent Cross Site Scripting (6:59)
Cross-site Request Forgery (CSRF) (7:19)
Guideline for Discovering and Improving Application Security
Guideline for Discovering and Improving Application Security

WordPress Hacking and Hardening in Simple Steps

WordPress Hacking and Hardening in Simple Steps

Instructor: Gabriel Avramescu

OverviewDescriptionAbout

When it comes to WordPress security, there are a lot of things you can do to lock down your site to prevent hackers

Did you know that more than 73 million web sites in the world run on the WordPress publishing platform? This makes WordPress more popular than Microsoft SharePoint, Blogger, or Drupal.

Did you know that more than 73 million web sites in the world run on the WordPress publishing platform? This makes WordPress more popular than Microsoft SharePoint, Blogger, or Drupal. It also means that WordPress is a large target for hackers.
Half of the WordPress sites out there are self-hosted, which means that the WordPress administrator carries the lion’s share of responsibility for a secure installation. Out of the box, there are several ways that WordPress security can be tightened down, but only a fraction of sites actually do so. This makes WordPress an even more popular target for hackers.
The strategies that you will learn in this course can help any WordPress installation become significantly more secure, and raise awareness of the types of vulnerabilities to defend against.

What you’ll learn
Secure WordPress Websites
Scan their WordPress Instance for vulnerabilities
Prevent Spam
Prevent Brute Force Attacks
Secure HTTP Headers
Configure 2factor Authentication
File Integrity Protection
Web Application Firewall Configuration
Block malicious IPs and attacks
Advanced Steps to Further Secure the WordPress Instance

Gabriel Avramescu
Senior Information Security Consultant

  • I work in the Internet security team, focused on ethical hacking – deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
  • Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking).
  • Make recommendations on security weaknesses and report on activities and findings.
  • Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
  • Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
  • Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
  • Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
  • Assist with the development of remediation services for identified findings
  • Customize, operate, audit, and maintain security related tools and applications

IT Trainer

CEH, ECSA, CHFI from EC-Council
Cisco CCNA, CCNA Security, Linux Essentials

Certifications

OSCE
OSWE
OSWP
CREST Registered Penetration Tester (CRT)
OSCP
CHFI (Computer Hacking Forensic Investigator)
ISO 270001 Lead Auditor
ECSA (EC-Council Security Analyst)
CEH (Certified Ethical Hacker)
CCNA and CCNA Security
CCNP Routing and CCNP Switching
Advanced Linux&InfoSEC
VMWare vSphere Install, Configure, Manage
Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.

5:11  Hours

38 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction
Let’s meet (0:54)
About me. And Course Outline (13:49)
Lab Setup (2:48)
Overview of a WordPress attack
Scanning WordPress for vulnerabilities (10:26)
Exploit Vulnerable WordPress Plugin (9:18)
Upload a backdoor (7:36)
Sending spam (17:20)
Securing your WordPress – basics steps
Backup your WordPress Instance (6:46)
Restore from backup
Update WordPress and Plugins (4:00)
HTTPS introduction (8:22)
Manually configuring HTTPS – generating certificates (15:53)
Automatic configuration and free signed certificate (7:47)
HTTP to HTTPS Redirect. Manual and using WordPress Plugins (3:12)
Security Plugins (4:00)
Wordfence Security Plugin and 2 Factor Authentication (19:04)
Brute Force Demo – IP and User Block (5:24)
Spam protection. Captcha on login and comments (4:39)
HTTP Secure Hearders and TLS scan – free scan your website (11:22)
HTTP Security Headers using plugins – demo (3:44)
More Advanced WordPress Security
Finding the source of spam (14:00)
Vulnerabilities and exploits (9:14)
How to Change Your WordPress Login URL (4:32)
SQL Injection and URL Hacking (5:36)
Protect Sensitive Files (3:24)
Default usernames (3:33)
Disable XML-RPC (2:07)
Hide your WordPress version (4:21)
DDos Protection (5:09)
Bonus – Learn more about web security
Bonus Section (0:30)
SQL Injection (9:09)
Automatic Exploitation. of SQL Injection (10:07)
Cross-Site Scripting Introduction. Attacking Users. (8:27)
Reflected XSS – Session Hjacking (10:29)
Stored XSS (6:59)
Using XSS to grab cookies, Facebook username and passwords. Social Engineering (16:12)
Upload and file execution (10:43)
Cross-Site Request Forgery (7:19)
Promo – further information
Owasp Top 10 Vulnerabilities – Further Reading (18:16)

Learn Server Security With BitNinja

Learn Server Security With BitNinja

Instructor: Gabriel Avramescu

OverviewDescriptionAbout

Full-stack server security in one easy-to-use protection suite – Enjoy real-time protection, automatic false positive handling and threat analysis

There are a lot of courses out here about offensive security and penetration testing. They are extremely useful.

There are a lot of courses out here about offensive security and penetration testing. They are extremely useful. But even if you are a penetration tester, security consultant, a linux administrator or a developer, you should also have to know how to fix your security. How to protect actively (so in real time) and reactively your linux servers. And this is not an easy task, believe me, I hack websites and servers for living. And at the end of the audit, I have to give a report about how I did it and how to protect against attacks like mine.

So wouldn’t be easy if you would really on an actively working Web Application Firewall, Firewall and Intrusion Prevention System. To have an all in one product easily manageable, that would know the attacks and prevent them from being successful?

This course is all about this. It is about protecting your server. You will witness different attacks and you will see a product like this in action. This product is called BitNinja and it is an All in one security for Linux Servers. So you can see the attacks but also you will see how to protect against them.

It’s very important to know that BitNinja is a commercial, subscription-based product. Hovewer, for this training, you will have an extended free trial so you can test it in your lab environment or even in production.

This is a hands-on training based on demos. So a basic knowledge of Linux would be very useful.

Interested in learning more about the product? Feel free to browse https://bitninja.io

So what are the topics we will discuss about:

  • We will start with an overview of a WordPress Attack. We will scann a website hosted on WordPress and exploit its vulnerabilities. Furthermore we will upload a backdoor so we can have remote access to the target server.
  • Then we will dig in Bitninja. We will begin by installing and registering the product and see it’s main features. We will talk then about proactive protection mechanisms such as IP Reputation, Port Honeypots, Web Honeypots, DoS Detection and WAF Modules.
  • We will continue with reactive protection mechanisms such as Malware Detection, Outbound WAF and we will see bitninja-cli capabilities.
  • Furthermore, we will find sources of an infection and spamming and source of outbound attacks.
  • In the end we will learn about troubleshooting and how to find a trouble maker IP. I think you will enjoy all of this.

How BitNinja Works

  • Easy setup- Enjoy immediate protection on your server. BitNinja is designed to install and work with as little human interaction as possible. Run one line of code and your server is protected from 99% of attacks.
  • All-in-one protection- BitNinja combines the most powerful server security software in one easy-to-use protection suite. You get full-stack protection against XSS, DDoS, malware, scans, script injection, enumeration, brute force and other automated attacks — on all major protocols, not only HTTP(S).
  • Machine learning- Servers protected by BitNinja learn from each attack and inform each other about malicious IPs. This result is a global defense network that counteracts botnet attacks with a shield of protection for all servers running BitNinja, while also reducing the number of false positives each server encounters.

Gabriel Avramescu

Senior Information Security Consultant

  • I work in the Internet security team, focused on ethical hacking – deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
  • Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking).
  • Make recommendations on security weaknesses and report on activities and findings.
  • Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
  • Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
  • Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
  • Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
  • Assist with the development of remediation services for identified findings
  • Customize, operate, audit, and maintain security related tools and applications

IT Trainer 

  • CEH, ECSA, CHFI from EC-Council
  • Cisco CCNA, CCNA Security, Linux Essentials

Certifications

  • OSCE
  • OSWE
  • OSWP
  • CREST Registered Penetration Tester (CRT)
  • OSCP
  • CHFI (Computer Hacking Forensic Investigator)
  • ISO 270001 Lead Auditor
  • ECSA (EC-Council Security Analyst)
  • CEH (Certified Ethical Hacker)
  • CCNA and CCNA Security
  • CCNP Routing and CCNP Switching
  • Advanced Linux&InfoSEC
  • VMWare vSphere Install, Configure, Manage
  • Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.

5  Hours

81 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction
Promo Video (2:00)
Let’s meet (5:30)
Lab Setup (1:46)
Lab Setup – Login Information and Download Links
Overview of a WordPress attack
Commands to be used in the next section
Scanning for wordpress vulnerabilities (10:26)
Exploiting a remote code execution vulnerability (9:18)
Uploading a backdoor (7:36)
Sending spam (17:20)
Basics
Registration and Installation – Useful Information
Registration and installation (8:51)
IP Reputations. IP lists – User vs Global lists. Greylisting, Blacklists, Whitelist (16:57)
HTTP CAPTCHA (8:35)
SMTP CAPTHCA (4:27)
Commands used in SSLTerminating Lecture
SslTerminating Module (32:12)
SslTerminating Module – Adding Certs Manually (5:00)
Proactive protection mechanisms
Commands to be used in this section
Port Honeypots (7:57)
Web Honeypots (10:11)
DoS Detection and Protection (10:53)
Log Analysis (3:17)
WAF – Web Application Firewall (20:33)
Demo – Log Analysis and WAF (8:29)
Reactive protection mechanisms
Malware Detection (6:57)
Outbound WAF (2:04)
Demo – Malware Detection and Outbound WAF (11:33)
Blacklist/Whitelist and Country level blacklist/whitelist (11:35)
bitninja-cli (7:42)
The “How To” Section
How to find the source of an infection (9:41)
How to find the source of spamming (16:38)
How to find the source of outbound attacks (10:56)
Security daily routine (4:58)
Attack trend analysis (4:55)
Troubleshooting
CDN integrations (4:23)
Finding a trouble-maker IP (9:34)
Further Reading

IT Security for Project Managers

IT Security for Project Managers

Instructor: Frank Hissen

OverviewDescriptionAbout

About implementing Security in IT(-related) projects and products properly – A pragmatic Guideline

Despite many accepted IT security standards, many IT projects fail at IT security. This also includes for instance (‘smart’) products that just include information technology in small proportion. What needs to be considered, what mistakes and pitfalls to avoid?

Despite many accepted IT security standards, many IT projects fail at IT security. This also includes for instance (‘smart’) products that just include information technology in small proportion. What needs to be considered, what mistakes and pitfalls to avoid?

Most IT projects have a tight budget. Only in rare cases, a project manager has access to unlimited financial resources. This applies to projects of both large and small businesses alike but usually the smaller the company the bigger the problem. If security cannot be used as a (unique) selling point for a product or for the development of a system, the project manager often has a hard job to acquire proper and adequate resources for security.

Frank Hissen
Frank Hissen successfully studied Computer Science at Darmstadt University of Technology (Germany) focusing on IT security. For over 22 years, he works as IT consultant and software engineer; for over 16 years, he also works in various positions as security expert in IT development and consulting projects. He mainly worked for large businesses but also medium-sized companies.

He develops software and system architectures for complex systems and implements them or supervises the implementation. Moreover, he creates studies and function specifications.

In the area of IT security, Mr. Hissen is specialized in applied and technical IT security . For major as well as smaller companies, he equally developed and implemented security solutions and accompanied processes for secure product and software development.

In the area of cryptography and encryption, Mr. Hissen developed security solutions as Senior Solution Engineer at SECUDE before he became self-employed in 2009. Since then he works as freelancing expert in the area of web and cloud application security. He creates secure conceptual designs of system architectures but also takes care of their secure implementation and corresponding security requirements. One other focus is the technical examination and validation of the actual implementation.

Until now, Mr. Hissen worked in various projects amongst others for Deutsche Telekom AG, SECUDE, Allianz AG, ITO Darmstadt UT and SAP Research.

For his services and background, he can be reached through HissenIT – IT Consulting & Software Development.

1 Hour

8 Lessons

Lifetime Access

Course Curriculum

Preview Course

Section 1: Introduction
Motivation: IT Security Holes in Projects and Products (2:50)
Enforce IT Security in Projects (3:32)
Section 2: Content
IT Security in Projects: From the very beginning! (6:04)
Security is a Process (4:23)
IT Security Standards (5:58)
Data Privacy / Protection Laws (1:32)
Checklist for Project Managers (13:29)
Section 3: Conclusion
Conclusion (1:20)

Secure Programming of Web Applications - Developers and TPMs

Secure Programming of Web Applications - Developers and TPMs

Instructor: Frank Hissen

OverviewDescriptionAbout

Web Application Security for Software Developers and Technical Project Managers

Understand Application Security: Numerous successful attacks on well-known web applications on a weekly basis should be reason enough to study the background of “Web Application Security” of custom-made or self-developed applications.

Understand Application Security: Numerous successful attacks on well-known web applications on a weekly basis should be reason enough to study the background of “Web Application Security” of custom-made or self-developed applications.

Frank Hissen

Frank Hissen successfully studied Computer Science at Darmstadt University of Technology (Germany) focusing on IT security. For over 22 years, he works as IT consultant and software engineer; for over 16 years, he also works in various positions as security expert in IT development and consulting projects. He mainly worked for large businesses but also medium-sized companies.

He develops software and system architectures for complex systems and implements them or supervises the implementation. Moreover, he creates studies and function specifications.

In the area of IT security, Mr. Hissen is specialized in applied and technical IT security . For major as well as smaller companies, he equally developed and implemented security solutions and accompanied processes for secure product and software development.

In the area of cryptography and encryption, Mr. Hissen developed security solutions as Senior Solution Engineer at SECUDE before he became self-employed in 2009. Since then he works as freelancing expert in the area of web and cloud application security. He creates secure conceptual designs of system architectures but also takes care of their secure implementation and corresponding security requirements. One other focus is the technical examination and validation of the actual implementation.

Until now, Mr. Hissen worked in various projects amongst others for Deutsche Telekom AG, SECUDE, Allianz AG, ITO Darmstadt UT and SAP Research.

For his services and background, he can be reached through HissenIT – IT Consulting & Software Development.

1:59  Hours

18 Lessons

Lifetime Access

Course Curriculum

Preview Course

Section 1: Intro
Introduction and Motivation (2:00)
Well-known Vulnerabilities Overview (2:28)
Causes & Background (9:22)
Secure Programming in General (3:29)
Cross-Site Scripting (XSS) (5:24)
Section 2: Well-known Vulnerabilities and Secure Programming
Code/Command Injection (3:08)
(No) SQL Code Injection (4:25)
Cross-Site Request Forgery (CSRF) (5:20)
Open Redirection (4:01)
File Inclusion / Directory Traversal (4:59)
Clickjacking (4:18)
Session-Hijacking (7:20)
Information Disclosure (3:01)
Authentification (7:23)
Denial of Service (4:32)
Middleware (1:10)
Third-Party Software (1:12)
Section 3: Conclusion & Summary
Conclusion and Summary (3:47)

Master Ethical Hacking with Python

The Complete Python Hacking Course: Beginner to Advanced

Instructor: Joseph Delgadillo

OverviewDescriptionAbout

Learn ethical hacking, penetration testing and network security while working on Python coding projects!

If you would like to master ethical hacking in 2019, you are going to LOVE this course! Learn ethical hacking and penetration testing while working on practical Python coding projects.

If you would like to master ethical hacking in 2019, you are going to LOVE this course! Learn ethical hacking and penetration testing while working on practical Python coding projects. We will cover the following topics in this course:

  • Introduction and setup
  • Port and vulnerability scanning
  • SSH and FTP attacks
  • Password cracking
  • Sniffers, flooders and spoofers
  • DNS spoofing
  • Network analysis
  • Coding a multi-functioning reverse shell
  • Keyloggers
  • Command and control center
  • Website penetration testing

This course was designed for studentsinterested in intermediate to advanced level ethical hacking tutorials, however it is still taught in a step-by-step, beginner friendly method. English subtitles are available and all lectures are downloadable for offline viewing. 1 on 1 assistance with the coding projects is available within the discussion forum.

Thank you for taking the time to read this and we hope to see you in the course!

Joseph Delgadillo
Joseph Delgadillo is the founder of JTDigital Courses, an education technology company. He has been active in the online learning community since 2015 and has worked with multiple startups. As of 2020, over 1 million students across the globe have enrolled in his courses covering ethical hacking, Python programming, web development and more.

He graduated with honors from Central Washington University.

17:21 Hours

88 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction and Setup
Welcome to Python for ethical hacking! (5:16)
VirtualBox installation (11:38)
Kali Linux installation (17:05)
Guest Additions installation (15:06)
Python in Kali terminal (13:31)
Port and Vulnerability Scanning
Building a simple port scanner (15:30)
Adding raw_input to our port scanner (9:21)
Scanning the first 1000 ports (4:46)
Coding an advanced port scanner part 1 (13:12)
Coding an advanced port scanner part 2 (8:48)
Finishing and testing our scanner (8:55)
Configuring IP address and installing Metasploitable (8:13)
Returning banner from open port (14:45)
Coding a vulnerability scanner part 1 (11:55)
Coding a vulnerability scanner part 2 (7:19)
SSH and FTP Attacks
Automating SSH login part 1 (9:54)
Automating SSH login part 2 (9:20)
Testing our SSH login program (8:34)
Coding SSH brute-forcer (10:37)
Executing commands on target after brute-forcing SSH (10:09)
Anonymous FTP login attack (9:53)
Username and password list attack on FTP (17:32)
Password Cracking
SHA256, SHA512, MD5 (8:36)
Cracking SHA1 hash with online dictionary (16:40)
Getting password from MD5 hash (13:22)
Cracking crypt passwords with salt (24:02)
Sniffers, Flooders and Spoofers
Changing MAC address manually (8:33)
Theory behind ARP spoofing (4:41)
Coding MAC address changer (16:55)
Crafting malicious ARP packet (19:26)
Coding ARP spoofer (13:31)
Forwarding packets and restoring ARP tables (8:04)
Spoofing our IP address and sending message with TCP payload (12:00)
Running SynFlooder with changed source IP address (11:20)
Getting source and destination MAC address from received packets (24:45)
Sniffing FTP username and password part 1 (8:09)
Sniffing FTP username and password part 2 (12:09)
Getting passwords from HTTP websites (14:00)
Coding DNS Spoofer
Cloning any web page (10:36)
Printing DNS queries (9:57)
Redirecting response to cloned page (16:44)
Setting IP table rules and running DNS spoofer (10:35)
Network Analysis
Analyzing Ethernet header (16:07)
Analyzing IP header part 1 (10:24)
Analyzing IP header part 2 (25:34)
Analyzing TCP header (15:13)
Analyzing UDP header (13:20)
Multi-functioning Reverse Shell
Theory behind socket programming (7:20)
Wine and Pyinstaller installation (7:41)
Setting up listener (8:17)
Establishing connection between target and server (6:30)
Implementing send & receive functions (11:28)
Executing commands on target system (11:43)
Importing JSON library to parse data (8:19)
Converting Python backdoor to .exe (8:14)
Using OS library to change directory (9:58)
Downloading & uploading files to target PC (19:07)
Hiding our backdoor and creating persistence (13:49)
Trying to connect to server every 20 seconds (7:52)
Downloading files to target PC (11:49)
Capturing screenshot on target PC (23:04)
Administrator privilege check (8:14)
Starting other programs with our shell (10:43)
Running our shell as an image, audio, PDF (20:05)
Coding a Keylogger
Installing Pynput (6:19)
Printing space character (8:48)
Calling timer on our keylogger (9:56)
Adding keylogger to our backdoor (12:58)
Command and Control Center
What is a threaded server? (5:05)
Accepting connections with a thread (13:11)
Managing multiple sessions (8:39)
Testing threaded server with Windows 10 target (9:04)
Fixing Q command (11:10)
Coding exit function (13:50)
Attacking multiple targets and gathering botnet (16:26)
Website Penetration Testing
Stealing saved wireless passwords (21:55)
Saving passwords to a file (3:02)
Bruteforcing Gmail (10:13)
Bruteforcing any login page part 1 (12:59)
Bruteforcing any login page part 2 (10:07)
Finding hidden directories part 1 (5:10)
Finding hidden directories part 2 (6:36)
Discovering subdomains (11:31)
Changing HTTP headers (13:55)
Starting basic and digest authentication bruteforcer (10:23)
Controlling threads (8:34)
Coding run function (10:06)
Printing usage and testing our program (12:33)
Taking a look at ransomware (8:19)

Learn Ethical Hacking Beginner to Advanced!

Learn Ethical Hacking: Beginner to Advanced!

Instructor: Joseph Delgadillo

OverviewDescriptionAbout

Learn ethical hacking, Kali Linux, Python hacking and network security skills in our best-selling course!

If you would like to learn ethical hacking in 2020, you are going to LOVE this course!

If you would like to learn ethical hacking in 2020, you are going to LOVE this course! We will cover the following topics:

  • How to setup a Linux system
  • Basic Unix system commands
  • How to create a secure penetration testing environment
  • Footprinting
  • Scanning
  • Website penetration testing
  • WPA2 wireless network cracking
  • Man in the middle attacks
  • System hacking
  • Python programming fundamentals
  • Writing our own pen-testing tools (reverse shell, keylogger and bruteforcer)
  • Tips for building a career in cyber security

Joseph Delgadillo
Joseph Delgadillo is the founder of JTDigital Courses, an education technology company. He has been active in the online learning community since 2015 and has worked with multiple startups. As of 2020, over 1 million students across the globe have enrolled in his courses covering ethical hacking, Python programming, web development and more.

He graduated with honors from Central Washington University.

28:44  Hours

151 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction and Installation
Introduction to the course (4:40)
VirtualBox installation (15:36)
Kali Linux installation (13:54)
Enabling full-screen (18:16)
Basic Linux Commands
Basic commands part 1 (9:41)
Basic commands part 2 (21:04)
Basic commands part 3 (12:45)
Creating a Secure Hacking Environment
Changing IP addresses and wireless adapter setup (4:51)
Creating a bootable Kali USB drive (4:54)
Essential networking terms (10:15)
Essential hacking terms (17:58)
Additional Kali tools to install (8:29)
Changing our MAC address with macchanger (6:24)
Footprinting
Google hacking (13:08)
Whois tool (6:39)
Nikto basics (10:55)
Email harvesting (6:07)
Shodan (10:24)
Zone transfer with Dig (7:08)
Scanning
Installing Metasploitable (6:58)
Nmap part 1 (15:32)
Nmap part 2 (11:43)
Nmap part 3 (12:24)
Zenmap (7:52)
TCP scans (15:50)
Nmap bypassing defenses (17:23)
Nmap scripts part 1 (9:28)
Nmap scripts part 2 (13:59)
Website Penetration Testing
Installing OWASP (8:26)
HTTP request (9:57)
HTTP response (10:27)
Burpsuite configuration (12:49)
Editing packets in Burpsuite (12:20)
Whatweb and Dirb (10:10)
Password recovery attack (15:32)
Burpsuite login bruteforce (11:01)
Hydra login bruteforce (8:44)
Session fixation (13:50)
Injection attacks (5:31)
Simple command injection (11:04)
Exploiting command injection vulnerability (7:38)
Finding blind command injection (13:39)
SQL basics (10:21)
Manual SQL injection part 1 (13:12)
Manual SQL injection part 2 (20:49)
SQLmap basics (16:34)
XML injection (15:54)
Installing XCAT and preventing injection attacks (5:50)
Reflected XSS (10:46)
Stored XSS (11:56)
Changing HTML code with XSS (7:28)
XSSer and XSSsniper (13:32)
WPA2 Wireless Cracking
Wireless attack theory (10:49)
Putting network card in monitor mode (4:39)
Capturing handshake with airodump (14:35)
RockYou.txt (13:53)
Cracking with Aircrack (15:31)
Cracking with Hashcat (14:55)
Making password lists with Crunch (18:20)
Making password lists with Cupp (7:10)
Rainbow tables part 1 (16:34)
Rainbow tables part 2 (5:37)
Installing Fluxion (6:17)
Finding and cracking hidden networks (8:18)
Preventing wireless attacks (7:57)
Man in the Middle Attacks
ARP protocol basics (10:28)
Man in the middle attack theory (7:18)
Installing MITMf (6:36)
Manual ARP spoofing (12:46)
Problems while installing MITMf (6:18)
HTTP traffic sniffing (8:29)
DNS spoofing and HTTPS password sniffing (24:18)
Hooking browsers with BEEF (16:01)
Screenshotting targets browser (11:00)
Cloning any webpage (8:53)
Ettercap basics (6:57)
System Hacking
MSFconsole environment (16:05)
Metasploit modules explained (12:11)
Bruteforcing SSH with Metasploit (15:17)
Attacking Tomcat with Metasploit (8:49)
Getting Meterpreter with command injection (25:05)
PHP code injection (5:43)
2 Metasploitable injections (6:56)
Wine installation (12:01)
Creating Windows payloads with Msfvenom (10:00)
Encoders and Hex editor (18:42)
Windows 10 Meterpreter shell (11:56)
Meterpreter environment (11:25)
Windows 10 privilege escalation (11:28)
Preventing privilege escalation (6:21)
Post exploitation modules (14:10)
Getting Meterpreter over internet with port forwarding (10:39)
Eternalblue exploit (20:15)
Persistence module (13:14)
Hacking over the internet with Ngrok (10:24)
Android device attack with Venom (9:54)
The real hacking begins now! (2:25)
Python Crash Course
Variables (13:40)
Raw input (10:46)
If-else statements (10:17)
For loops (6:30)
While loops (8:23)
Python lists (8:03)
Functions (14:32)
Classes (10:20)
Importing libraries (6:59)
Files in Python (11:42)
Try and except rule (5:11)
Coding an Advanced Backdoor
Theory behind reverse shells (6:47)
Simple server code (12:40)
Connection with reverse shell (7:07)
Sending and receiving messages (10:46)
Sending messages with while true loop (7:52)
Executing commands on target system (9:36)
Fixing backdoor bugs and adding functions (20:08)
First test using our backdoor (17:59)
Trying to connect every 20 seconds (12:23)
Creating persistence part 1 (6:09)
Creating persistence part 2 (16:45)
Changing directory (11:51)
Uploading and downloading files (22:29)
Downloading files from the internet (22:42)
Starting programs using our backdoor (6:44)
Capturing screenshot on targets PC (18:43)
Embedding backdoor in an image part 1 (13:27)
Embedding backdoor in an image part 2 (8:37)
Checking for administrator privileges (12:10)
Adding help option (8:51)
Creating a Keylogger for the Backdoor
Importing Pynput (10:19)
Simple keylogger (9:55)
Adding report function (10:32)
Writing keystrokes to a file (13:59)
Adding the keylogger to our reverse shell part 1 (22:59)
Adding the keylogger to our reverse shell part 2 (7:39)
Final project test (14:24)
Basic Authentication Bruteforcer
Printing banner (11:19)
Adding available options (11:12)
Starting threads for bruteforce (8:23)
Writing function to run the attack (11:02)
Bruteforcing router login (9:37)
Bypassing antivirus with your future programs (13:40)
Sending malware with spoofed email (15:13)
BONUS – Building a Career in Cyber Security
What will you learn in this section? (2:33)
Why is ethical hacking a valuable skill? (23:00)
What is the best ethical hacking certification? (16:31)
Tips for getting your first job as an ethical hacker (18:23)
How I started my career as an ethical hacker (14:11)
How to price your work (10:46)

Certified Ethical Hacker Boot Camp for 2017!

Certified Ethical Hacker Boot Camp

Instructor: Joseph Delgadillo

OverviewDescriptionAbout

Gain the knowledge required to pass the CEH exam and move on to a career as a professional pentester!

Welcome to the Certified Ethical Hacker Boot Camp for 2018!

Welcome to the Certified Ethical Hacker Boot Camp for 2018! This course was designed for information security professionals who wish to take the CEH exam and move on to a career as a professional pentester. It is our goal with this course to give you the knowledge to not only pass the CEH exam, but also give you insight into the day to day workflow of a certified ethical hacker.

Here is what you will receive upon enrolling in this course:

  • 19+ Hours of HD Video
  • Lessons on how to think like a hacker
  • Live hacking demonstrations
  • A blueprint for conducting your own penetration test
  • Links to additional resources to continue your education
  • 1 on 1 assistance from a certified ethical hacker

What topics will this course cover?

  • Hacking terminology
  • Passive & active reconnaissance
  • Scanning & enumeration
  • Network mapping
  • Sniffing and spoofing
  • Windows and Linux hacking
  • Social engineering basics
  • Credential harvesting
  • Website cloning
  • Anti-virus evasion
  • Hacking demonstrations with tools such as
  • Maltego, FOCA, Harvester, Recon-ng,Nmap, masscan, tcpdump, Wireshark, Ettercap, Burp Suite, Scapy, Mimikatz, Hashcat, Konboot, Hydra, and much more!

Thank you for taking the time to read this, and we hope to see you in the course!

Joseph Delgadillo
Joseph Delgadillo is the founder of JTDigital Courses, an education technology company. He has been active in the online learning community since 2015 and has worked with multiple startups. As of 2020, over 1 million students across the globe have enrolled in his courses covering ethical hacking, Python programming, web development and more.

He graduated with honors from Central Washington University.

19:25  Hours

100 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction to Ethical Hacking
What is an ethical hacker? (7:22)
Terminology crash course pt.1 (9:24)
Terminology crash course pt.2 (13:29)
Terminology crash course pt.3 (8:25)
Confidentiality, integrity, and availability (13:18)
Legal considerations (11:29)
Section 1 – Powerpoint
Reconnaissance – Surveying the Attack Surface
Surveying the attack surface (10:24)
Recon types and goals (7:44)
Passive recon pt.1 (7:21)
Passive recon pt.2 (10:02)
Active recon (15:01)
Recon walk-through and tools summary (14:08)
Section 2 – Powerpoint
DEMO – Maltego real world example (7:04)
DEMO – FOCA to examine metadata (4:57)
DEMO – Harvester (2:02)
DEMO – Information collection using Recon-ng (6:24)
Scanning and Enumeration – Getting Down to Business
Scanning & enumeration (8:10)
Identifying active hosts pt.1 (9:45)
Identifying active hosts pt.2 (13:17)
Identifying active services (18:23)
OS and services fingerprinting (14:41)
Network mapping (9:46)
Final thoughts (11:04)
Section 3 – Powerpoint
DEMO – Nmap syntax pt.1 (14:21)
DEMO – Nmap syntax pt.2 (15:32)
DEMO – Nmap hosts discovery (12:19)
DEMO – Nmap service discovery (17:10)
DEMO – Nmap scripts (11:17)
DEMO – masscan (10:57)
Network Presence
Network insecurity (4:01)
Sniffing and spoofing (12:45)
Sniffing tools (8:57)
Spoofing, crypto, and wifi (15:00)
Section 4 – Powerpoint
DEMO – tcpdump (10:53)
DEMO – Wireshark (11:24)
DEMO – Ettercap (12:55)
DEMO – Burp Suite (15:12)
DEMO – Scapy (10:15)
Attacking
Security overview pt.1: Windows architecture (17:51)
Security overview pt.2: credentials security (15:32)
Security overview pt.3: memory corruption & exploitation (15:31)
Windows hacking basics (20:08)
Local access and privilege escalation (20:13)
Dumping hashes and cracking passwords (18:12)
Linux attacking basics pt.1 (12:44)
Linux attacking basics pt.2 (13:50)
References (5:25)
Section 5 – Powerpoint
DEMO – Windows msf exploit pt.1 (13:05)
DEM) – Windows msf exploit pt.2 (15:20)
DEMO – Post exploitation activities (13:13)
DEMO – Mimikatz (7:09)
DEMO – Dumping hashes (3:23)
DEMO – Hashcat (8:21)
DEMO – Konboot (12:57)
DEMO – Post exploitation Windows cmd (14:08)
DEMO – Post exploitation Windows powershell (13:09)
DEMO – Online password cracking pt.1 (14:51)
DEMO – Online password cracking pt.2 (12:02)
DEMO – Attacking Linux targets pt.1 (10:07)
DEMO – Attacking Linux targets pt.2 (12:35)
Web Hacking
Introduction to web hacking (2:47)
Web security architecture overview pt.1 (16:40)
Web security architecture overview pt.2 (12:20)
Attacking the web server pt.1 (10:28)
Attacking the webserver pt.2 (10:59)
Attacking the platform pt.1 (18:33)
Attacking the platform pt.2 (8:13)
Attacking the technology pt.1 (21:00)
Attacking the technology pt.2 (17:20)
OWASP top 10 pt.1 (9:21)
OWASP top 10 pt.2 (21:12)
Attacking the business logic pt.1 (10:37)
Attacking the business logic pt.2 (15:07)
Tools and methodology (20:15)
References (7:41)
Section 6 – Powerpoint
DEMO – OWASP Mutillidae (8:50)
DEMO – SQL injection (7:04)
DEMO – SQLMAP intro (8:21)
DEMO – SQLMAP practice (25:04)
DEMO – Burpsuite (37:03)
DEMO – Burpsuite XSS Hunter (16:12)
DEMO – mitmproxy (10:27)
DEMO – Skipfish pt.1 (4:30)
DEMO – Skipfish pt.2 (4:29)
Social Engineering – Hacking Humans
Social engineering basics (14:41)
Social engineering methods (15:44)
Tools and techniques pt.1 (14:35)
Tools and techniques pt.2 (11:49)
Tools and techniques pt.3 (9:04)
Physical security considerations (12:53)
Final thoughts (5:15)
Section 7 – Powerpoint
DEMO – Social engineering intro (10:43)
DEMO – Social engineering toolkit prep (9:01)
DEMO – Credential harvesting (2:06)
DEMO – Website cloning (6:19)
DEMO – Automating an attack (2:59)
DEMO – Anti-virus evasion pt.1 (8:17)
DEMO – Anti-virus evasion pt.2 (11:43)

WordPress Security 2017 Secure Your Site Against Hackers!

WordPress Security 2017: Secure Your Site Against Hackers!

Instructor: Rob Cubbon

OverviewDescriptionAbout

The Complete WordPress Security Course. From The Most Fundamental To The Most Advanced Up-To-Date Security Hacks

Fact: over 30,000 websites are hacked everyday. Fact: cybercrime costs the global economy over $450 billion. Fact: over 1.5 million WordPress sites were hacked in a single day this year due to a single vulnerability.

Fact: over 30,000 websites are hacked everyday. Fact: cybercrime costs the global economy over $450 billion. Fact: over 1.5 million WordPress sites were hacked in a single day this year due to a single vulnerability.

Don’t think website security isn’t important.

Cyber-criminals are out there using sophisticated software to scan the internet for any type of vulnerable website.
Hackers don’t care if your website is big, small, a non-profit, or profit making. A hacked website is worth money to them as they can either extort money from a website owner, or place links or code on the site to support some other type of criminal activity.

Online security is of paramount importance to every human being on this planet. This course is for everybody. There is very little use of technical terminology or advanced online procedures. Anyone with basic computer skills can protect any WordPress website by following this course.

The course starts with the two biggest causes of hacks on websites and shows you the simple and non-technical ways to protect yourself. The two biggest causes of hacks on WordPress websites are:

  1. easily guessed or stolen usernames and password
  2. out of date software
    I show how to use secure and unguessable passwords that are different on every site.
    I continue to explain how to ensure all the software that’s used to run your site, not only the WordPress software, is not only up-to-date but kept up-to-date. We also cover home directory and webroot hygiene as well as disabling directory listing and error reporting.

I then show how to set up and install the Wordfence Security plugin which will:

  • protect a site with a cloud-based firewall
  • scan your site everyday for known vulnerabilities and changes in the WordPress code
  • block malicious IPs and requests
  • and much more
    I demonstrate how to set up and schedule back-ups. So if anything goes wrong in the future you can restore your site back to an early copy.

I then go on to explain step-by-step technical methods to really lock down a WordPress website.

Don’t think that online security doesn’t matter to you. Your online security is as important as your physical security.

My name’s Rob Cubbon and I have run a web and graphic design business for over a decade. I have built countless WordPress websites for myself and others.

However, I have been hacked!

This was a chastening experience. Not only was this attach to one of my websites extremely costly in terms of money and time, but I was also shocked at my ignorance of many website security procedures.

Online security, website security, and WordPress security are now topics I take extremely seriously. I want to prevent other people from having a similarly terrible experience.

Rob Cubbon
I have over 25 years experience in graphic design, web design and marketing. I have run my own business since 2005.

I am an Amazon bestselling author of seven books, bestselling Udemy instructor and all-round good guy who wants success for you and your business.

Being your own boss is an incredibly liberating experience but it can be difficult as well. There never seems to be enough time for what we want to do.
I’m driven to help people experience the positive side of entrepreneurship, not the negative.

I also build brands, create websites and run marketing campaigns for my clients.

My mission statement: I want to help and inspire people to build sustainable online businesses, earn passive income and experience greater freedom and happiness in their lives.

2:50  Hours

35 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction
Introduction to the technical section (0:57)
Username and Password Security
intro to Username & password section (1:01)
username and password security
Make your usernames hard to guess (5:04)
Introduction to wordpress security (3:49)
more great advice on password security (5:35)
Improving the Security of the WordPress Admin User (11:03)
An easy way to change your username with Username Changer plugin (3:20)
How to Enable 2 Step Authentication to your WordPress Login – edited (4:27)
Keeping Software Up-to-Date and Understanding Basic “Webroot Hygiene”
intro to software updating section (1:17)
updating software
How To Make Sure You’re Running Up To Date Software (7:49)
deleting unnecessary plugins through the wordpress backend – edited (2:01)
deleting unnecessary themes through the wordpress backend – edited (1:56)
Webroot Hygiene And Accessing Sites Files (11:48)
home directory and webroot hygiene
Webroot Hygiene And Accessing Sites Files
Checking Permissions (3:01)
Checking Permissions
Disable Directory Listing (3:22)
Wordfence security plugin
Introduction to the Wordfence Security Plugin (0:38)
Why the Wordfence Security Plugin is so awesome (4:58)
Activating Wordfence Security Plugin for WordPress Initial Essential Steps (13:54)
Checking up on Wordfence 24 hour later (5:38)
Making sure the firewall is enabled in Wordfence and more about the plugin (5:53)
Further Tweaks To Wordfence Security Plugin (3:03)
What to do if you get locked out of WordPress by Wordfence Security Plugin (3:57)
Backing Up
introduction to backing up (0:45)
An Introduction to Backing-up and Restoring WordPress Websites (4:47)
Recommended WordPress Plug-ins for Backing-up and Restoring WordPress Sites (3:33)
Sheduling Database and File Backups to the Cloud using a free plugin (6:33)
How to Restore a WordPress Website from a Backup (7:59)
Extra WordPress Security Tasks – Really Lock Down Your Site
setting up wordpress manually – edited (4:33)
Get the Secure padlock on an SSL website (8:58)
how to disable error reporting in WordPress (4:50)
Disable File Editing in the WordPress Dashboard (1:10)
Protecting WP-Includes Folder and WP-Config.php (2:23)
Prevent PHP Execution in the Uploads Directory and Reminder to Update Plugins, Themes, and Software (4:22)
Conclusion
Conclusion to the course (0:28)
WordPress Security 2017 all slides

Java Cryptography Architecture Secure Password Hashing

Java Cryptography Architecture: Secure Password Hashing

Instructor: Frank Hissen

OverviewDescriptionAbout

Learn how to implement secure hashing for Java Web, Backend and Desktop Applications as well as Android Apps

Learn how to implement secure hashing for Java Web, Backend and Desktop Applications as well as Android Apps

In this course, you will learn how to implement document hashing and secure password hashing into Java applications using the Java Cryptography Architecture. This applies to Web applications and Java-based Desktop applications (e.g., Swing, AWT, SWT/RCP, JavaFX), but also database and backend applications as well as Android apps.

Get practical security background information from an IT security expert. Learn how to encode hashes in-memory and stream-based. Learn how to use salt and iteration count for secure password hashing following PBKDF2 from the security standard PKCS#5.

You should be an experienced Java developer to take this course. We will do hands-on coding examples that can be directly used within your enterprise applications.

Frank Hissen
Frank Hissen successfully studied Computer Science at Darmstadt University of Technology (Germany) focusing on IT security. For over 22 years, he works as IT consultant and software engineer; for over 16 years, he also works in various positions as security expert in IT development and consulting projects. He mainly worked for large businesses but also medium-sized companies.

He develops software and system architectures for complex systems and implements them or supervises the implementation. Moreover, he creates studies and function specifications.

In the area of IT security, Mr. Hissen is specialized in applied and technical IT security . For major as well as smaller companies, he equally developed and implemented security solutions and accompanied processes for secure product and software development.

In the area of cryptography and encryption, Mr. Hissen developed security solutions as Senior Solution Engineer at SECUDE before he became self-employed in 2009. Since then he works as freelancing expert in the area of web and cloud application security. He creates secure conceptual designs of system architectures but also takes care of their secure implementation and corresponding security requirements. One other focus is the technical examination and validation of the actual implementation.

Until now, Mr. Hissen worked in various projects amongst others for Deutsche Telekom AG, SECUDE, Allianz AG, ITO Darmstadt UT and SAP Research.

For his services and background, he can be reached through HissenIT – IT Consulting & Software Development.

2:50  Hours

35 Lessons

Lifetime Access

Course Curriculum

Preview Course

Basic Introduction
Introductory Lecture (2:17)
Setup (3:02)
Java Cryptography Architecture: MessageDigest, MAC and PBKDF2
Simple Hashing Example (4:44)
Real-world Hashing Example (7:24)
Efficient stream-based Hashing (2:25)
Message Authentication Code (MAC) (5:25)
Secure Password Hashing with PBKDF2/PKCS#5 (9:43)
Quiz 1 Strong Hashing Algorithms
Outro
Commercial Wrapper Libraries: Demo (3:03)
JCE Unlimited Strength Policy File Installation (2:32)

File Encryption Basics and Practices with CrococryptFile

File Encryption Basics and Practices with CrococryptFile

Instructor: Frank Hissen

OverviewDescriptionAbout

Learn how to use CrococryptFile, learn what file encryption means on the technical level.

In this course, you will learn how to use CrococryptFile, the open-source file encryption solution. Learn what encryption means on the technical level – as a background information to choose the right file encryption method for your case. If you care about privacy and if you are willing to do something about it, you are already on the right track. This applies for enterprise and private users alike.

In this course, you will learn how to use CrococryptFile, the open-source file encryption solution. Learn what encryption means on the technical level – as a background information to choose the right file encryption method for your case. If you care about privacy and if you are willing to do something about it, you are already on the right track. This applies for enterprise and private users alike.

First, you will get an introduction on encryption in general to understand the characteristics of the different existing technologies. Then, we will go through the application family step-by-step: Windows, Linux, Web-based and Command-line interface.

IT background would be a plus but is not required to take this course.

Frank Hissen
Frank Hissen successfully studied Computer Science at Darmstadt University of Technology (Germany) focusing on IT security. For over 22 years, he works as IT consultant and software engineer; for over 16 years, he also works in various positions as security expert in IT development and consulting projects. He mainly worked for large businesses but also medium-sized companies.

He develops software and system architectures for complex systems and implements them or supervises the implementation. Moreover, he creates studies and function specifications.

In the area of IT security, Mr. Hissen is specialized in applied and technical IT security . For major as well as smaller companies, he equally developed and implemented security solutions and accompanied processes for secure product and software development.

In the area of cryptography and encryption, Mr. Hissen developed security solutions as Senior Solution Engineer at SECUDE before he became self-employed in 2009. Since then he works as freelancing expert in the area of web and cloud application security. He creates secure conceptual designs of system architectures but also takes care of their secure implementation and corresponding security requirements. One other focus is the technical examination and validation of the actual implementation.

Until now, Mr. Hissen worked in various projects amongst others for Deutsche Telekom AG, SECUDE, Allianz AG, ITO Darmstadt UT and SAP Research.

For his services and background, he can be reached through HissenIT – IT Consulting & Software Development.

0:43  Hours

6 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction and Basics
Introduction to Encryption and File-encryption (17:04)
CrococryptFile in Practice
CrococryptFile Windows Installation (2:07)
Password-based Encryption, Decryption and WebDecrypt (4:10)
Token-based Encryption with Windows Keystore and OpenPGP (4:10)
Forensics on Headerless encrypted Files (9:53)
Linux, Unix and Command-line usage (5:35)

Introduction to Encryption - Terminology and Technology

Introduction to Encryption - Terminology and Technology

Instructor: Frank Hissen

OverviewDescriptionAbout

Understand the terms and expressions of encryption technologies and learn to apply encryption properly

AES-128, Public Key, Certificates? What do symmetric and asymmetric encryption actually mean? Where are these used? This course provides a basic introduction to the field of encryption.

AES-128, Public Key, Certificates? What do symmetric and asymmetric encryption actually mean? Where are these used? This course provides a basic introduction to the field of encryption.

The course explains the common terminology but also the technical background. This course is right for everybody who wants to understand what encryption means in practice and what to watch out for. Smattering knowledge can be challenged, practical insights will be provided.

If you care about data security and privacy – likewise on the enterprise level and in private life – you are already on the right track. This course can deepen your knowledge and turn your focus where to look at.

General background knowledge in IT is an advantage but not required.

Frank Hissen
Frank Hissen successfully studied Computer Science at Darmstadt University of Technology (Germany) focusing on IT security. For over 22 years, he works as IT consultant and software engineer; for over 16 years, he also works in various positions as security expert in IT development and consulting projects. He mainly worked for large businesses but also medium-sized companies.

He develops software and system architectures for complex systems and implements them or supervises the implementation. Moreover, he creates studies and function specifications.

In the area of IT security, Mr. Hissen is specialized in applied and technical IT security . For major as well as smaller companies, he equally developed and implemented security solutions and accompanied processes for secure product and software development.

In the area of cryptography and encryption, Mr. Hissen developed security solutions as Senior Solution Engineer at SECUDE before he became self-employed in 2009. Since then he works as freelancing expert in the area of web and cloud application security. He creates secure conceptual designs of system architectures but also takes care of their secure implementation and corresponding security requirements. One other focus is the technical examination and validation of the actual implementation.

Until now, Mr. Hissen worked in various projects amongst others for Deutsche Telekom AG, SECUDE, Allianz AG, ITO Darmstadt UT and SAP Research.

For his services and background, he can be reached through HissenIT – IT Consulting & Software Development.

0:38  Hours

12 Lessons

Lifetime Access

Course Curriculum

Preview Course

Introduction
Overview (1:13)
Motivation: Why do why encrypt? (4:17)
What does Encrypting mean? (2:50)
Basics of common Encryption Technologies
Basics: Symmetric and asymmetric Encryption (3:39)
Hybrid Encryption (3:26)
Password-based Encryption (1:00)
Technical Aspects of Encryption
Algorithms (1:46)
Quiz 1: Public Key Technology
Quiz 2: Symmetric Encryption
Technical Parameters for Encryption I (7:24)
Technical Parameters for Encryption II (3:07)
Cryptographic Key Formats (1:22)
File and System encryption
File and System encryption (6:43)
Conclusion
Conclusion (1:19)

$39

$19.50