IT & Software
Ethical Hacking – Capture the Flag Walkthroughs – V3
You’ve taken the ethical hacking courses, you’ve been introduced to the tools and the methodology. This course brings it all together showing students how to perform an actual pentest and gain root access. More importantly, students learn how to conduct a pentest using the hacker’s methodology.
We learned to walk before we could run and technology and pentesting are no different. This course is designed to introduce students to skills similar to what hackers use in real-life situations and obtain a greater depth of understanding of how vulnerabilities are exploited.
Although there is no specific step-by-step methodology used by all hackers, a typical hacking process comprises of the following steps:
Footprinting – the process of using passive methods of gaining information about the target system prior to performing the attack.
Scanning – the process of taking information obtained from the footprinting phase in order to target the attack more precisely. Some of the methods used in this phase are port scans, ping sweeps, operating systems detection, observation of facilities used by the target, and so on.
Enumeration – the process of extracting more detailed information about the information obtained during the scanning phase to determine its usefulness. Some of the methods used in this step are user accounts enumeration, SNMP enumeration, UNIX/Linux enumeration, LDAP enumeration, NTP enumeration, SMTP enumeration, DNS enumeration, etc.
System hacking – the process of planning and executing the attack based on the information obtained in the previous phases. In this phase, the attacker performs the actual hacking process using hacking tools.
Escalation of privilege – the process of obtaining privileges that are granted to higher privileged accounts than the attacker broke into originally. The goal of this step is to move from a low-level account (such as a guest account) all the way up to an administrator.
Covering tracks – the process of removing any evidence of the attacker’s presence in a system. The attacker purges log files and removes other evidence needed for the owner of the system to determine that an attack occurred.
Planting backdoors – the process of securing unauthorized remote access to a computer, so the attacker can access the system later without being detected. Backdoors are usually computer programs that give an attacker remote access to a targeted computer system.
Students step through each of the Capture the Flags (CTF) walkthroughs looking for clues to help guide. The clues will help the pentester find and exploit the target to gain root access. Each CTF demonstrates the techniques and hacking methodology used by pentesters, and hackers.
Students having completed my Ethical Hacking Courses Parts 1 and 2 can now put to use what they have learned. You’ve seen the tools, heard all the war stories, now learn ethical hacking like you’ve been wanting to.
Don’t cheat yourself! Check out the free preview of the first module of the course. Students have lifetime access and more CTF exercises will be added over time.