📚 TCM Security - Practical Ethical Hacking

Learn how to hack like a pro by a pro. 25 hours of up-to-date practical hacking techniques with absolutely no filler.

🚀 Start Your Journey

📖 Course Overview

Welcome to this course on Practical Ethical Hacking! All you need is a positive attitude and a desire to learn. No prior hacking knowledge required.

In this course, you'll learn the practical side of ethical hacking. We focus only on tools and topics that will make you successful as an ethical hacker. The course is incredibly hands-on and covers many foundational topics.

🛠️ Requirements:

• Basic IT knowledge
• For Mid-Course Capstone: Minimum 12GB of RAM suggested
• For Wireless Hacking: Wireless adapter that supports monitor mode (links provided in course)
• For Active Directory Lab Build: Minimum 16GB of RAM suggested (Students can still participate with less but may experience slow lab environments)

📚 Course Topics:

1. A Day in the Life of an Ethical Hacker 🕵️‍♂️
2. Effective Notekeeping 📝
3. Networking Refresher 🌐
4. Introductory Linux 🐧
5. Introductory Python 🐍
6. Hacking Methodology 💡
7. Reconnaissance and Information Gathering 🔍
8. Scanning and Enumeration 📡
9. Exploitation Basics 💣
10. Mid-Course Capstone 🏆
11. Active Directory 🗂️
12. Post Exploitation 🔓
13. Web Application Penetration Testing 🌐
14. Wireless Attacks 📶
15. Legal Documentation and Report Writing 📝
16. Career Advice 💼

🛡️ Course Details:

🔍 A Day in the Life of an Ethical Hacker

• What does an ethical hacker do daily?
• Potential earnings and types of assessments.

📝 Effective Notekeeping

• Tools for keeping notes and being successful in the course and field.

🌐 Networking Refresher

• Concepts of computer networking, common ports and protocols, the OSI model, subnetting, and a network build using Cisco CLI.

🐧 Introductory Linux

• Basics of Linux and building Bash scripts.

🐍 Introductory Python

• Learn Python 3, build a port scanner, and write exploits.

💡 Hacking Methodology

• Overview of the five stages of hacking.

🔍 Reconnaissance and Information Gathering

• Use open-source intelligence, extract breached credentials, and gather information with Burp Suite.

📡 Scanning and Enumeration

• Hunt down open ports, research vulnerabilities, and use essential tools.

💣 Exploitation Basics

• Exploit your first machine with Metasploit and manual exploitation.

🏆 Mid-Course Capstone

• Challenge yourself with 10 vulnerable boxes of increasing difficulty.

🗂️ Active Directory

• Build and exploit your own Active Directory lab. Learn attacks and tools like mimikatz, Bloodhound, and PowerView.

🔓 Post Exploitation

• Transfer files, pivot, maintain access, and clean up after exploitation.

🌐 Web Application Penetration Testing

• Automate enumeration with Bash scripting and dive into the OWASP Top 10.

📶 Wireless Attacks

• Perform wireless attacks against WPA2 and compromise a wireless network.

📝 Legal Documentation and Report Writing

• Dive into legal documents and report writing with a sample report from an actual client assessment.

💼 Career Advice

• Tips for finding a job in the field and advancing your career.

📋 Important Notes:

• Educational Purposes Only: All attacks shown were performed with permission. Do not attack a host unless you have permission.

❓ Questions & Answers Team Availability and Rules

1. Encourage and Help Each Other: The support team is here to help but is not staffed 24/7.
2. Course-Related Material Only: Use course tools and methods in labs; for other queries, refer to appropriate channels outside of #course-chat.
3. Avoid Mid-Course Capstone Spoilers: Do not provide direct answers/solutions.
4. Be Kind and Patient: This field requires patience, self-motivation, and lots of Googling.

🌟 Testimonials

• Ty Atkin: "Most outstanding. There is no better course on this topic. After completing this course I crushed 3 different Red Team interviews and received two offers."
• Azeer Esmail: "It was such a pleasure learning from Heath. He has the skill, experience, and right attitude to teach."
• Mike Roberts: "Even as a veteran and IT business owner, this was the most helpful and well-polished course I've ever taken to advance my security knowledge."

---

Course Curriculum

Before We Begin

• Special Thanks & Credits
• START: PNPT Certification Path Progression

Introduction

• Course Introduction (7:24)
• PREVIEW: Course Discord (Important) (2:45)
• START: A Day in the Life of an Ethical Hacker (20:55)

Notekeeping

• Effective Notekeeping (7:39)
• PREVIEW: Screenshots for the Win (4:16)

Networking Refresher

• Introduction (1:11)
• IP Addresses (13:06)
• MAC Addresses (3:13)
• TCP, UDP, and the Three-Way Handshake (5:12)
• Common Ports and Protocols (6:09)
• The OSI Model (5:30)
• Subnetting Part 1 (26:59)
• PREVIEW: Subnetting Part 2 (4:13)

Setting Up Our Lab

• Installing VMWare / VirtualBox (6:15)
• Configuring VirtualBox (3:16)
• Installing Kali Linux (5:32)

Introduction to Linux

• Exploring Kali Linux (3:28)
• Sudo Overview (5:12)
• Navigating the File System (18:12)
• Users and Privileges (16:54)
• Common Network Commands (8:26)
• Viewing, Creating, and Editing Files (6:21)
• Starting and Stopping Services (6:17)
• Installing and Updating Tools (11:53)
• Scripting with Bash (22:34)

Introduction to Python

• Introduction (2:19)
• Strings (7:24)
• Math (5:44)
• Variables and Methods (10:20)
• Functions (8:58)
• Boolean Expressions and Relational Operators (8:33)
• Conditional Statements (6:58)
• Lists (12:12)
• Tuples (2:11)
• Looping (4:29)
• Advanced Strings (12:39)
• Dictionaries (6:24)
• Importing Modules (5:58)
• Sockets (7:39)
• Building a Port Scanner (18:33)
• User Input (8:38)
• Reading and Writing Files (9:56)
• Classes and Objects (7:51)
• Building a Shoe Budget Tool (14:19)

The Ethical Hacker Methodology

• The Five Stages of Ethical Hacking (5:16)

Information Gathering (Reconnaissance)

• Passive Reconnaissance Overview (7:32)
• Identifying Our Target (3:33)
• Discovering Email Addresses (15:48)
• Gathering Breached Credentials with Breach-Parse (7:17)
• Hunting Breached Credentials with DeHashed (11:55)
• Hunting Subdomains Part 1 (5:31)
• Hunting Subdomains Part 2 (4:48)
• Identifying Website Technologies (7:06)
• Information Gathering with Burp Suite (8:48)
• Google Fu (5:31)
• Utilizing Social Media (5:37)

Scanning & Enumeration

• Installing Kioptrix (6:17)
• Scanning with Nmap (19:46)
• Enumerating HTTP and HTTPS Part 1 (15:01)
• Enumerating HTTP and HTTPS Part 2 (15:08)
• Enumerating SMB (14:19)
• Enumerating SSH (4:09)
• Researching Potential Vulnerabilities (14:49)

Vulnerability Scanning with Nessus

• Scanning with Nessus Part 1 (10:34)
• Scanning with Nessus Part 2 (6:09)

Exploitation Basics

• Reverse Shells vs Bind Shells (7:00)
• Staged vs Non-Staged Payloads (3:21)
• Gaining Root with Metasploit (7:40)
• Manual Exploitation (12:40)
• Brute Force Attacks (7:49)
• **Credential Stuffing and Password Spr

aying** (9:18)

Mid-Course Capstone

• Introduction (2:33)
• Mid-Course Capstone (10 Machines) (3:03)

Active Directory

• Intro to Active Directory (4:27)
• Active Directory Components (13:57)
• Building an Active Directory Lab (5:39)
• Installing and Configuring DC (4:55)
• Configuring Domain Settings (2:59)
• Installing and Configuring Server 2 (2:58)
• Configuring DHCP (2:44)
• Configuring Windows 10 (3:10)
• Joining Server 2 to the Domain (5:41)
• Joining Windows 10 to the Domain (5:32)
• Adding Domain Users and Groups (6:02)
• Kerberos Authentication Overview (2:31)
• Enumerating Users via RPC (8:05)
• Password Spraying and Authentication Capture with Responder (12:55)
• Enumerating Users via Kerberos (11:16)
• Over-Pass the Hash (8:18)
• Kerberoasting (8:55)
• Exploiting GPP (9:12)
• DCSync Attack (12:37)
• Abusing ACLs (10:35)
• Abusing Unconstrained Delegation (14:15)
• Pass Back Attack (10:29)
• Lateral Movement with WMI (12:04)
• Lateral Movement with PowerShell Remoting (8:39)
• Lateral Movement with SMB (8:45)
• Maintaining Access with Impacket (14:18)
• Building Custom Payloads (7:44)
• Evading Defender Part 1 (13:28)
• Evading Defender Part 2 (5:42)
• Defense Evasion with C# (16:29)

Post Exploitation

• Transferring Files (9:32)
• Data Exfiltration (8:07)
• Pivoting with Chisel (13:23)
• Maintaining Access with Metasploit (12:17)
• Maintaining Access with Crontab (5:32)
• Maintaining Access with Backdoors (6:27)
• Cleaning Up (6:13)

Web Application Penetration Testing

• Introduction (2:57)
• Understanding the OWASP Top 10 (8:05)
• Building Your Own Web Application Lab (6:31)
• Cross-Site Scripting (XSS) (9:24)
• SQL Injection (12:48)
• Cross-Site Request Forgery (CSRF) (8:15)
• Insecure Deserialization (5:22)
• Security Misconfiguration (4:55)
• Broken Authentication and Session Management (9:37)
• Sensitive Data Exposure (5:21)
• Using ZAP for Automated Scanning (12:39)
• Manually Testing for Injections with Burp Suite (14:42)
• Testing IDOR (10:27)
• Web Application Capstone (14:13)

Wireless Attacks

• Introduction (2:24)
• Understanding WPA2 (4:35)
• Capturing the 4-Way Handshake (9:15)
• Cracking WPA2 Passwords (14:32)
• Man-In-The-Middle Attacks (11:41)
• Deauth Attacks (8:32)

Legal Documentation and Report Writing

• Legal Documents Overview (10:45)
• Writing a Report Part 1 (15:12)
• Writing a Report Part 2 (9:18)
• Sample Report (15:45)

Career Advice

• Finding Your First Job (8:35)
• Building Your Resume (9:28)
• Interview Tips (12:47)

---

Conclusion

Thank you for joining this course on Practical Ethical Hacking. We hope it has equipped you with the skills and knowledge to advance in your cybersecurity career. Happy hacking! 🖥️🔒