Learning Path

Ethical Hacking

Learn the techniques used by malicious hackers to assess your vulnerabilities.

What you will learn

This learning path teaches you the necessary hacking skills to conduct a formal penetration test. As you progress through 12 courses, you’ll build core pentesting skills such as intelligence gathering, reconnaissance, device exploitation, stealth techniques and more. Upon completion, you’ll have the knowledge and skills to carry out a penetration test against an organization to identify weaknesses and potential avenues of attack.

Wistia video thumbnail


Understanding TCP/IP Communications

Course — 01:13:38

K0119, K0206, K0221, K0301, K0342, K0471, K0565, S0046, S0051

In this course, you’ll explore TCP/IP communications specifically for ethical hackers. You’ll take a look at TCP, UDP and ICMP, and examine TCP communications through in-depth demonstrations in Wireshark.

Ethical Hacking Process

Course — 01:08:29

K0004, K0119, K0177, K0206, K0342

Introduce yourself to ethical hacking with this course covering concepts, terminology and the ethical hacking process, step-by-step from passive reconnaissance to post-exploitation and reporting.

Sandworm APT Exercise

Course — 02:42:00

In this lab we’ll take a look at and emulate some of the techniques that Sandworm APT has used in the past to compromise, pivot from, and destroy a server.

Exploiting Common Web Application Vulnerabilities

Course — 02:28:10

K0070, K0119, K0177, K0206, K0318, K0342, K0624, S0001, S0051, S0081

Learn how to carry out ethical hacks such as cross-site scripting and SQL injection.

Using Trojans and Backdoors

Course — 00:44:45

K0129, K0177, K0318, K0342, K0536, S0051, S0267

Ethical hackers need to be familiar with hackers’ tricks, and even be able to use them for helpful purposes. With this course, you’ll look at using Trojans and backdoors in an ethical hack, both hiding and detecting backdoor activity. Includes demonstrations.

Cracking Passwords

Course — 00:48:39

K0177, K0342, K0362, K0536, S0051, S0067

Cracking a password effectively opens the door into an account or system. Explore the details of cracking passwords, including understanding and capturing Windows passwords and useful tools such as Cain & Abel.

Finding and Exploiting Vulnerabilities

Course — 02:57:20

K0070, K0119, K0165, K0177, K0342, K0362, K0480, K0536, K0604, S0001, S0051

A vulnerability is as good as another tool for an ethical hacker. Learn the fundamentals of finding and exploiting vulnerabilities with this course covering exploits, buffer overflows, DLL hijacking and much more.

Network Reconnaissance

Course — 01:23:45

K0119, K0221, K0318, K0342, K0565

You can’t launch an attack without some careful reconnaissance. In this course, you’ll look at network reconnaissance goals and concepts, including host discovery, port scanning and service identification. Includes an in-depth demonstration.

Passive Intelligence Sources, Tools and Techniques

Course — 02:12:55

K0119, K0206, K0342, K0409, S0051

Get to grips with the crucial tools and techniques associated with passive intelligence gathering. Explore intelligence-gathering goals, sources and concepts. Includes vocabulary and definitions.

Penetration Testing Cyber Range

Course — 08:06:00

S0001, S0025, S0044, S0046, S0051, S0052, S0078, S0081, S0094, S0137, S0156, S0167, S0221, S0267, S0293, S0295

Purple Team Web Application Security Project

Project — 02:34:16

This project contains three labs focused on understanding, exploiting and mitigating a real vulnerability found in a real web application.

Exploit Writing Fundamentals: Basic Buffer Overflow Exploit

Course — 01:05:04

K0070, K0119, K0177, K0206, K0318, K0342, S0001, S0051, S0081

Get to grips with the basic buffer overflow exploit in this course. Modules cover understanding memory, initial discovery, fuzzing, vulnerability identification and more. Includes demonstrations.

Covert Channels and IDS Evasion

Course — 01:28:44

K0177, K0184, K0305, K0324, K0342, K0403, K0493, K0536, S0051, S0092

An intrusion detection system, or IDS, can be a problem for an ethical hacker. In this course, you’ll get to grips with the use of covert channels and evading an intrusion detection system. Includes demonstrations.


Course — 01:38:01

K0058, K0061, K0108, K0111, K0119, K0177, K0342, K0446, K0536, S0051, S0052, S0156

There are a number of ways to carry out sniffing, or subtly intercepting useful data. In this course, you’ll explore what it takes to sniff internet traffic, as well as sniffing techniques with packetrecorder, useful tips for sniffing on public Wi-Fi networks and more.

Stealthy Network Reconnaissance

Course — 00:49:29

K0111, K0119, K0177, K0206, K0221, K0318, K0342, K0565, S0001, S0051, S0081

Reconnaissance isn’t much good if you’re spotted while you’re doing it. Explore what it takes to carry out stealthy network reconnaissance with this course covering strategies and stealthy scanning methods.

Advanced Adversary Tactics – Privilege Escalation XSS

Lab — 00:30:00

This lab will cover using XSS techniques to steal tokens from other users and using these tokens to escalate to admin privileges.

CTF 4: Privilege Escalation

Lab — 00:03:00

Test your privilege escalation skills as you practice in the Penetration Testing Cyber Range.

CTF 2: Attacking FTP

Lab — 00:04:00

Test your sniffing and password cracking skills as you practice in the Penetration Testing Cyber Range.

Advanced Adversary Tactics – Persistence 2

Lab — 00:30:00

This lab covers multiple techniques related to persistence including creating a malicious browser extension and modify system processes.

Advanced Adversary Tactics – Reconnaissance and Resource Development

Lab — 00:30:00

The first steps of the MITRE ATT&CK chain focus on learning about a target and gathering information for future attacks. This sort of information gathering can be instrumental to the success of future operations. For example, learning that a target uses a standard IT management software could cause an APT to target this software in a supply-chain vulnerability attack later on. In this lab we’ll take a look at some of the social engineering techniques and tools that can help aid Reconnaissance and Resource Development.

Advanced Adversary Tactics – Defense Evasion

Lab — 00:30:00

This lab covers multiple techniques related to defense evasion including crashing an antivirus to avoid detection, modifying PAM to allow for a backdoored password, and going through multiple methods of identifying virtual environments.

CTF 3: Web Application Exploitation

Lab — 00:04:00

Test your web application hacking skills as you practice in the Penetration Testing Cyber Range.

CTF 1: DNS and SNMP Reconnaissance

Lab — 00:04:00

Test your DNS and SNMP reconnaissance skills as you practice in the Penetration Testing Cyber Range.

Advanced Adversary Tactics – Pivoting with Proxychains

Lab — 00:30:00

This lab covers configuring and using proxychains to pivot between machines on a network. The lab simulates pivoting that might occur were a raspberry pi or similar device added to a network.

Advanced Adversary Tactics – Persistence

Lab — 00:30:00

This lab covers multiple techniques related to persistence including tampering with desktop autostart application, .bashrc files, trojanizing binaries, and infecting a USB drive.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every lnfosec Skills subscription so your team can skill up however they learn best.

Plans & pricing

  • Infosec Skills Personal

    $299 / year

    • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Custom certification practice exams (e.g., CISSP, Security+)
    • Skill assessments
    • Infosec peer community support
  • Infosec Skills Teams

    $799 per license / year

    • Team administration and reporting
    • Dedicated client success manager
    • Single sign-on (SSO)
      Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
    • Integrations via API
      Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
    • 190+ role-guided learning paths and assessments (e.g., Incident Response)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Create and assign custom learning paths
    • Custom certification practice exams (e.g., CISSP, CISA)
    • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

You're in good company


We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.

Caleb Yankus


This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.

Daniel Simpson


We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.

Infosec Skills Teams client