Learning Path

Ethical Hacking


  • Understanding TCP/IP Communications Course — 01:13:38
    • K0119, K0206, K0221, K0301, K0342, K0471, K0565, S0046, S0051

      In this course, you’ll explore TCP/IP communications specifically for ethical hackers. You’ll take a look at TCP, UDP and ICMP, and examine TCP communications through in-depth demonstrations in Wireshark.

  • Ethical Hacking Process Course — 01:08:29
    • K0004, K0119, K0177, K0206, K0342

      Introduce yourself to ethical hacking with this course covering concepts, terminology and the ethical hacking process, step-by-step from passive reconnaissance to post-exploitation and reporting.

  • Sandworm APT Exercise Course — 02:42:00
    • In this lab we’ll take a look at and emulate some of the techniques that Sandworm APT has used in the past to compromise, pivot from, and destroy a server.

  • Exploiting Common Web Application Vulnerabilities Course — 02:28:10
    • K0070, K0119, K0177, K0206, K0318, K0342, K0624, S0001, S0051, S0081

      Learn how to carry out ethical hacks such as cross-site scripting and SQL injection.

  • Using Trojans and Backdoors Course — 00:44:45
    • K0129, K0177, K0318, K0342, K0536, S0051, S0267

      Ethical hackers need to be familiar with hackers’ tricks, and even be able to use them for helpful purposes. With this course, you’ll look at using Trojans and backdoors in an ethical hack, both hiding and detecting backdoor activity. Includes demonstrati

  • Cracking Passwords Course — 00:48:39
    • K0177, K0342, K0362, K0536, S0051, S0067

      Cracking a password effectively opens the door into an account or system. Explore the details of cracking passwords, including understanding and capturing Windows passwords and useful tools such as Cain & Abel.

  • Finding and Exploiting Vulnerabilities Course — 02:57:20
    • K0070, K0119, K0165, K0177, K0342, K0362, K0480, K0536, K0604, S0001, S0051

      A vulnerability is as good as another tool for an ethical hacker. Learn the fundamentals of finding and exploiting vulnerabilities with this course covering exploits, buffer overflows, DLL hijacking and much more.

  • Network Reconnaissance Course — 01:23:45
    • K0119, K0221, K0318, K0342, K0565

      You can’t launch an attack without some careful reconnaissance. In this course, you’ll look at network reconnaissance goals and concepts, including host discovery, port scanning and service identification. Includes an in-depth demonstration.

  • Passive Intelligence Sources, Tools and Techniques Course — 02:12:55
    • K0119, K0206, K0342, K0409, S0051

      Get to grips with the crucial tools and techniques associated with passive intelligence gathering. Explore intelligence-gathering goals, sources and concepts. Includes vocabulary and definitions.

  • Penetration Testing Cyber Range Course — 08:06:00
    • S0001, S0025, S0044, S0046, S0051, S0052, S0078, S0081, S0094, S0137, S0156, S0167, S0221, S0267, S0293, S0295

  • Purple Team Web Application Security Project
  • Exploit Writing Fundamentals: Basic Buffer Overflow Exploit Course — 01:05:04
    • K0070, K0119, K0177, K0206, K0318, K0342, S0001, S0051, S0081

      Get to grips with the basic buffer overflow exploit in this course. Modules cover understanding memory, initial discovery, fuzzing, vulnerability identification and more. Includes demonstrations.

  • Covert Channels and IDS Evasion Course — 01:28:44
    • K0177, K0184, K0305, K0324, K0342, K0403, K0493, K0536, S0051, S0092

      An intrusion detection system, or IDS, can be a problem for an ethical hacker. In this course, you’ll get to grips with the use of covert channels and evading an intrusion detection system. Includes demonstrations.

  • Sniffing Course — 01:38:01
    • K0058, K0061, K0108, K0111, K0119, K0177, K0342, K0446, K0536, S0051, S0052, S0156

      There are a number of ways to carry out sniffing, or subtly intercepting useful data. In this course, you’ll explore what it takes to sniff internet traffic, as well as sniffing techniques with packetrecorder, useful tips for sniffing on public Wi-Fi netw

  • Stealthy Network Reconnaissance Course — 00:49:29
    • K0111, K0119, K0177, K0206, K0221, K0318, K0342, K0565, S0001, S0051, S0081

      Reconnaissance isn’t much good if you’re spotted while you’re doing it. Explore what it takes to carry out stealthy network reconnaissance with this course covering strategies and stealthy scanning methods.

  • Advanced Adversary Tactics – Privilege Escalation XSS Lab — 00:30:00
    • This lab will cover using XSS techniques to steal tokens from other users and using these tokens to escalate to admin privileges.

  • CTF 4: Privilege Escalation Lab — 00:03:00
    • Test your privilege escalation skills as you practice in the Penetration Testing Cyber Range.

  • CTF 2: Attacking FTP Lab — 00:04:00
    • Test your sniffing and password cracking skills as you practice in the Penetration Testing Cyber Range.

  • Advanced Adversary Tactics – Persistence 2 Lab — 00:30:00
    • This lab covers multiple techniques related to persistence including creating a malicious browser extension and modify system processes.

  • Advanced Adversary Tactics – Reconnaissance and Resource Development Lab — 00:30:00
    • The first steps of the MITRE ATT&CK chain focus on learning about a target and gathering information for future attacks. This sort of information gathering can be instrumental to the success of future operations. For example, learning that a target uses a standard IT management software could cause an APT to target this software in a supply-chain vulnerability attack later on. 

      In this lab we’ll take a look at some of the social engineering techniques and tools that can help aid Reconnaissance and Resource Development.

  • Advanced Adversary Tactics – Defense Evasion Lab — 00:30:00
    • This lab covers multiple techniques related to defense evasion including crashing an antivirus to avoid detection, modifying PAM to allow for a backdoored password, and going through multiple methods of identifying virtual environments.

  • CTF 3: Web Application Exploitation Lab — 00:04:00
    • Test your web application hacking skills as you practice in the Penetration Testing Cyber Range.

  • CTF 1: DNS and SNMP Reconnaissance Lab — 00:04:00
    • Test your DNS and SNMP reconnaissance skills as you practice in the Penetration Testing Cyber Range.

  • Advanced Adversary Tactics – Pivoting with Proxychains Lab — 00:30:00
    • This lab covers configuring and using proxychains to pivot between machines on a network. The lab simulates pivoting that might occur were a raspberry pi or similar device added to a network.

  • Advanced Adversary Tactics – Persistence Lab — 00:30:00
    • This lab covers multiple techniques related to persistence including tampering with desktop autostart application, .bashrc files, trojanizing binaries, and infecting a USB drive.


What you will learn

This learning path teaches you the necessary hacking skills to conduct a formal penetration test. As you progress through 12 courses, you’ll build core pentesting skills such as intelligence gathering, reconnaissance, device exploitation, stealth techniques and more. Upon completion, you’ll have the knowledge and skills to carry out a penetration test against an organization to identify weaknesses and potential avenues of attack.

Wistia video thumbnail

Meet the author

At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certification and skills training. We also empower all employees with security awareness training to stay cybersecure at work and home. Driven by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. lnfosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every lnfosec Skills subscription so your team can skill up however they learn best.

Plans & pricing

  • Infosec Skills Personal

    $299 / year

    • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Custom certification practice exams (e.g., CISSP, Security+)
    • Skill assessments
    • Infosec peer community support
  • Infosec Skills Teams

    $799 per license / year

    • Team administration and reporting
    • Dedicated client success manager
    • Single sign-on (SSO)
      Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
    • Integrations via API
      Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
    • 190+ role-guided learning paths and assessments (e.g., Incident Response)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Create and assign custom learning paths
    • Custom certification practice exams (e.g., CISSP, CISA)
    • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

You're in good company


We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.

Caleb Yankus


This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.

Daniel Simpson


We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.

Infosec Skills Teams client