Ethical Hacking

K0119, K0206, K0221, K0301, K0342, K0471, K0565, S0046, S0051

In this course, you’ll explore TCP/IP communications specifically for ethical hackers. You’ll take a look at TCP, UDP and ICMP, and examine TCP communications through in-depth demonstrations in Wireshark.

K0004, K0119, K0177, K0206, K0342

Introduce yourself to ethical hacking with this course covering concepts, terminology and the ethical hacking process, step-by-step from passive reconnaissance to post-exploitation and reporting.

In this lab we’ll take a look at and emulate some of the techniques that Sandworm APT has used in the past to compromise, pivot from, and destroy a server.

K0070, K0119, K0177, K0206, K0318, K0342, K0624, S0001, S0051, S0081

Learn how to carry out ethical hacks such as cross-site scripting and SQL injection.

K0129, K0177, K0318, K0342, K0536, S0051, S0267

Ethical hackers need to be familiar with hackers’ tricks, and even be able to use them for helpful purposes. With this course, you’ll look at using Trojans and backdoors in an ethical hack, both hiding and detecting backdoor activity. Includes demonstrations.

K0177, K0342, K0362, K0536, S0051, S0067

Cracking a password effectively opens the door into an account or system. Explore the details of cracking passwords, including understanding and capturing Windows passwords and useful tools such as Cain & Abel.

K0070, K0119, K0165, K0177, K0342, K0362, K0480, K0536, K0604, S0001, S0051

A vulnerability is as good as another tool for an ethical hacker. Learn the fundamentals of finding and exploiting vulnerabilities with this course covering exploits, buffer overflows, DLL hijacking and much more.

K0119, K0221, K0318, K0342, K0565

You can’t launch an attack without some careful reconnaissance. In this course, you’ll look at network reconnaissance goals and concepts, including host discovery, port scanning and service identification. Includes an in-depth demonstration.

K0119, K0206, K0342, K0409, S0051

Get to grips with the crucial tools and techniques associated with passive intelligence gathering. Explore intelligence-gathering goals, sources and concepts. Includes vocabulary and definitions.

S0001, S0025, S0044, S0046, S0051, S0052, S0078, S0081, S0094, S0137, S0156, S0167, S0221, S0267, S0293, S0295

This project contains three labs focused on understanding, exploiting and mitigating a real vulnerability found in a real web application.

K0070, K0119, K0177, K0206, K0318, K0342, S0001, S0051, S0081

Get to grips with the basic buffer overflow exploit in this course. Modules cover understanding memory, initial discovery, fuzzing, vulnerability identification and more. Includes demonstrations.

K0177, K0184, K0305, K0324, K0342, K0403, K0493, K0536, S0051, S0092

An intrusion detection system, or IDS, can be a problem for an ethical hacker. In this course, you’ll get to grips with the use of covert channels and evading an intrusion detection system. Includes demonstrations.

K0058, K0061, K0108, K0111, K0119, K0177, K0342, K0446, K0536, S0051, S0052, S0156

There are a number of ways to carry out sniffing, or subtly intercepting useful data. In this course, you’ll explore what it takes to sniff internet traffic, as well as sniffing techniques with packetrecorder, useful tips for sniffing on public Wi-Fi networks and more.

K0111, K0119, K0177, K0206, K0221, K0318, K0342, K0565, S0001, S0051, S0081

Reconnaissance isn’t much good if you’re spotted while you’re doing it. Explore what it takes to carry out stealthy network reconnaissance with this course covering strategies and stealthy scanning methods.

This lab will cover using XSS techniques to steal tokens from other users and using these tokens to escalate to admin privileges.

Test your privilege escalation skills as you practice in the Penetration Testing Cyber Range.

Test your sniffing and password cracking skills as you practice in the Penetration Testing Cyber Range.

This lab covers multiple techniques related to persistence including creating a malicious browser extension and modify system processes.

The first steps of the MITRE ATT&CK chain focus on learning about a target and gathering information for future attacks. This sort of information gathering can be instrumental to the success of future operations. For example, learning that a target uses a standard IT management software could cause an APT to target this software in a supply-chain vulnerability attack later on. In this lab we’ll take a look at some of the social engineering techniques and tools that can help aid Reconnaissance and Resource Development.

This lab covers multiple techniques related to defense evasion including crashing an antivirus to avoid detection, modifying PAM to allow for a backdoored password, and going through multiple methods of identifying virtual environments.

Test your web application hacking skills as you practice in the Penetration Testing Cyber Range.

Test your DNS and SNMP reconnaissance skills as you practice in the Penetration Testing Cyber Range.

This lab covers configuring and using proxychains to pivot between machines on a network. The lab simulates pivoting that might occur were a raspberry pi or similar device added to a network.

This lab covers multiple techniques related to persistence including tampering with desktop autostart application, .bashrc files, trojanizing binaries, and infecting a USB drive.