Advanced Ethical Hacking Introduction Tutorial

1.1 Welcome

Welcome to the advanced ethical hacking training title. Now, ethical hacking is really all about protecting resources, and what we're going to be going through here is a series of tactics and techniques and strategies as well as the use of tools. In order to help us protect those resources. So we've got strategies and tactics. We've got tools. They'll all be pointers for directions to head in once you've gotten a good handle on The different tools that an ethical hacker might use, as well as the strategies and tactics and ways that you may be able to extend those, and really, this is all about getting your hands dirty, getting into some of these techniques and extending your skill set using those. So that's really what we're going to be going through here and I welcome you to really dig in and get a really solid understanding of what ethical hacking is really all about.

1.2 What This Course Will Cover

Again, welcome to Advanced Ethical Hacking, want to talk a little bit about what the course is going to cover. So first of all, we can't do much of anything without tools and the tools that we're going to be covering in part are going to be things like Metasploit, we're going to look at Dradis, As a framework for storing information so that we can keep all of our notes, and all of our scan results, and everything else in one place. We're going to be looking at the Social Engineering Toolkit, as well as, a number of Browser Plugins. There are a fairly large number of Browser Plugins that are really helpful. Full in doing this type of work. We're going to be looking at different tactics like writing scripts including writing scripts that interface with Metasploit that you can use from inside Metasploit. We're going to be looking at web application testing. So SQL injection and cross-site scripting and that sort of thing. Thing. We're going to be looking a little bit at social engineering, primarily on the technical side, as opposed to making fake phone calls and pretending to be somebody in order to get a password. What we're going to be looking at is using some technical tools in order to do some injection attacks via email and websites. So, we're going to be looking at that a little bit as well. We're going to be looking at the management of data. So you're going to be doing a lot of things that actually yield a lot of results. So you're going to have a lot of information lying around. And managing that data and managing all of your notes and all of the information that you've gotten can be really challenging, particularly if you're doing an entire network as opposed to A couple of sites or maybe you're even doing multiple networks. Being able to manage that, is really important so you know you've done, what you have yet to do, and where you've gone with the different hosts that you've actually discovered maybe vulnerable to different things, so Being able to keep track of that is really important. And so, as I said, we're going to look at Dradis and Metasploit and the ability within Nexpose as an example or Nessus to store some of that data as well.

1.3 System Requirements

So some system prerequisites that you're going to have to be thinking about, as we go through the videos in this title. So one of the things you need to think about, is what operating system are you using? In this case What you will see primarily is me using Mac OS and I have got some virtual machines I use inside MAC OS. Now a lot of tools use Windows and there is absolutely nothing wrong with using Windows as your primary operating system. For personal reasons I happen to use MAC OS but like I said I use virtual machines. In order to get access to Windows and use the Window's specific tools. I also use Linux inside of a virtual machine. There are tools that are really helpful, that run inside Linux primarily or maybe even exclusively. So I use Use virtual machines a lot. So having an operating system that you're comfortable with and having the ability to run virtual machines in order to get access to different operating systems so you can run different tools is really helpful. You don't have to have one operating system, but being able to run virtual machines so that you can run multiple operating systems In order to get access to those specific tools is really helpful. So as I said, I used virtual machines, primarily I used parallels on the system that I am doing the work on right now. I do have other Their systems that run VMWare in addition to parallels. VMWare works fine. Either of these are great tools. You can also use something like Virtual Box which is a free virtual machine software. And anyone of those is going to be pretty good at being able to do your virtual machines for you, but like I said you going to want to probably be using virtual machines unless you just like having allot of Systems in front of you and having a lot of desktops or laptops running. Virtual machines really handy, when it comes to hardware really your looking for a lot of memories as much memory as you can possibly get. So 64-bit Operating Systems and 64-bit hardware as a result Really important so you can put a lot of memory and if you're running a lot of virtual machines or even just one or two virtual machines, having that additional memory will keep your systems running pretty quickly and reasonably responsively. Having speedy hard drives is quick As you can get them. Obviously solid state hard drives are really fast, the downside to them is they tend to be small which means you may not be able to store as much information in your virtual machines in addition to your primary operating system. Or you may not be able to have very many virtual machines around. So getting A regular hard drive, a platter based hard drive, mechanical hard drive that has a pretty high rpm so 7200 rpm is a pretty good rpm rate. So faster hard drives definitely helpful In keeping your machines responsive, particularly as I said, when you're running multiple virtual machines at the same time as your primary operating system.

1.4 Prerequisites

Prerequisites outside of your hardware and software is really about what you should know and have a little bit of experience with. You really should have some basic understanding of operating systems. I know most people have Some understanding of Windows and how it works, and we will be looking at Windows tools. We'll also be looking at tools that run under operating systems other than Windows, so maybe having a little bit of experience with Unix like or Unix based operating systems. Like Linux or Mac OS. Really helpful. We're going to be doing a lot of command line work. Primarily because that's my preference, although some of the tools do have user interfaces as well. A basic understanding of networks, and how networking works. As we're going to be going through this we're going to be communicating a lot over networks and doing a lot of network transmissions so having a basic understanding of networks is really helpful. You should also have a grasp of security testing techniques. So the purposes of ethical hacking. The purposes of ethical hacking are to do testing against an operating system or a network that you have been aft or requested a test and you have Permission to test by the owners of those systems and networks. That's the purpose of doing ethical hacking is to make sure that we've got the operating system or the network hardened enough that it would be difficult for a skilled attacker to penetrate the operating system or the network. And so the purpose of ethical hacking is to help protect those systems and networks. You should have an idea of what the expected outcome is. So an expected outcome would be to be able to Either not get in at all despite exhaustive efforts. Or if you do get in and you need to be able to document exactly what it is you've done in order to prepare the owner of the system or the network for how they can remediate the particular vulnerability that you've turned up. Obviously ethics are really important. So you're not doing something that you don't have permission to do primarily is the biggest thing. Doing something that you don't have permission to do and testing networks that you don't have permission to test is frankly just illegal. So, Something you want to stay away from is not playing around with systems and with networks that you don't have explicit permission to do some testing on. So that's really important and that's a big part of doing ethical hacking. Is just simply being ethical.

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

Request more information

For individuals
For business
Phone Number*
Your Message (Optional)
We are looking into your query.
Our consultants will get in touch with you soon.

A Simplilearn representative will get back to you in one business day.

First Name*
Last Name*
Phone Number*
Job Title*