Penetration Testing and Ethical Hacking with Kali Linux

Learn how to conduct a practical penetration test using Kali Linux.
Course info
Rating
(217)
Level
Advanced
Updated
Sep 2, 2015
Duration
6h 3m
Table of contents
Installing and Configuring Kali Linux
Pre-penetration Testing Checklist
Information Gathering
External Pen-testing
Website Penetration Testing
Internal Network Penetration Testing
Network Sniffing
Exploitation
Social Engineering
Wi-Fi Penetration Testing
Brute Force Attack Testing
Advanced Penetration Testing
Description
Course info
Rating
(217)
Level
Advanced
Updated
Sep 2, 2015
Duration
6h 3m
Description

This course introduces ethical hackers and penetration testers to Kali Linux. This course will show IT professionals how to use the ethical hacking techniques and how to conduct a professional penetration test workflow using the Swiss Army Knife operating system Kali Linux.

About the author
About the author

Gus is an IT expert specialized in programming and security. He's a passionate blogger, geek, and loves what he's doing.

More from the author
More courses by Gus Khawaja
Section Introduction Transcripts
Section Introduction Transcripts

Installing and Configuring Kali Linux
Hi I'm Gus Khawaja, I would like to welcome you the series of Penetration Testing with Kali Linux. In this course I will share with you how to become a professional Pentastor consultant. We will cover all you need to know about how to test an environment as a professional ethical hacker. In the next demos, we will see how to install Kali Linux operating system from scratch. Are you ready for this? Let's begin.

Pre-penetration Testing Checklist
A pre-penetration testing checklist is an essential step for all penetration testers. This checklist covers technical, pencil nail, and legal issues that must be taken care of before beginning the penetration test. Using it will ensure that the test runs smoothly and that all unforeseen events can be handled with relative ease. All the penetration testers should keep this list handy when starting a project.

Information Gathering
Hi, this is Gus Khawaja. Welcome to the information gathering module, are you excited? This is our first hacking in action module. Gathering information is the first step when conducting a penetration test. You will dedicate up to 60% or maybe more of the overall work effort by gathering information about your client. This step is also called a reconnisense phase. We are going to analyze information that is openly available on the internet, usually from the target itself or from public resources as well. We need to make sure that our information gathering techniques are similar as much as possible to a black hat hacker for better results. Now let's start.

External Pen-testing
External penetration testing tests the security surrounding externally connected systems from the internet. Controlled tests are used to gain access to internet resources and ultimately to the DMZ, which is an internal network by going through and around firewalls from the internet. External penetration testing also involves the finding and exploitation of actual known and unknown vulnerabilities from the perspective of an outside attacker.

Website Penetration Testing
Hi this is Gus Khawaja and welcome to the website penetration testing module. Every company in these days has an official website that needs to be protected. In this module we will cover all the steps required to conduct a penetration test against the organizations website. Using burpsuite and other interesting tools in Kali Linux, are you ready for this? Let's see some action.

Internal Network Penetration Testing
Hi, this is Gus Khawaja. Now it is the time for the internal network penetration testing phase. In this module we will scan the internal network infrastructure that our client have in place. The information that we gathered during this process are very critical. And they could lead use later to exploit some vulnerabilities found in the network. Let's start.

Network Sniffing
Hi, this is Gus Khawaja and welcome to the Network Sniffing module. We are going to see how to take a look on the wire and see what's happening. Also, we are going to see cool stuff that investigators use after a real hack. After finishing this module, you should be able to have an idea how to detect any malicious activity in your clients' network. Let's start.

Exploitation
Hi, this is Gus Khawaja, and I'm very glad that you are watching this exciting module. Exploitation is the heart of ethical hacking. By exploiting vulnerabilities we can start making assumptions how dangerous it is to keep these services. We already covered how to scanned internal network in the previous modules. I invite you to go back and watch it in case you did not yet. Let's start.

Social Engineering
Hi, this is Gus Khawaja, and I'm very happy that you're watching this module. Social Engineering is an important technique that you should be aware of. We will see how hackers use the social engineering applications after tricking the victim into executing the vulnerable trap. Let's start.

Wi-Fi Penetration Testing
Hi, this is Gus Khawaja, and I would like to welcome you to the Wi-Fi Penetration Testing module. Wi-Fi is a local area wireless computer networking technology that allows electronic devices to communicate with each other, mainly using the 2. 4 Ghz and 5 Ghz radio bands. In fact, Wi-Fi can be less secure than wired connections, such as Ethernet, precisely because an intruder does not need a physical connection. Unencrypted internet access can easily be detected and hijacked by intruders because of this -- Wi-Fi has adopted various encryption technologies. In this module we are going to pentest these encryption technologies using Kali Linux. Let's get started.

Brute Force Attack Testing
Brute-Force consists of systematically checking all possible keys, or passwords, until the correct one is found. In the worst case, this would involve traversing the entire search space. Hi, this is Gus Khawaja, and I would like to welcome you to the Brute-Force Testing module. Password guessing is very fast when used to check all short passwords. But for longer passwords, other methods, such as the dictionary attack are used because of the time a Brute-Force takes.

Advanced Penetration Testing
The final module is here, folks. Hi, this is Gus Khawaja, and I would like to welcome you to our final adventure. In this module, we are going to see more interesting topics so you can deepen your knowledge and move it to the next level. Let's start.