Ethical Hacking Foundation

2 days

Comprehensive introduction to Ethical Hacking

This beginner’s course offers an intensive hands-on introduction to ethical hacking. During the course, you will understand how hackers think and work, and you will try your hand at various hacking techniques including Wi-Fi hacking, web vulnerability scanning, SQL injection, password cracking and file inclusion. At the end of the course, you will use your newly acquired hacking skills to perform a basic black-box penetration test in a Capture the Flag format. This is an entry level ethical hacking course. If you’re looking for an advanced course in professional penetration testing, we’d recommend you to have a look at the Ethical Hacking Practitioner training.

Authors & Lead Trainers

Bas van den Berg
Author & Trainer

Ethical Hacker
CTO at Skopos.AI

Alper Başaran
Trainer

Chief Hacking Officer
CEO at SPARTA

Mikko Laaksonen
Trainer

Ethical Hacker
CEO at Responsible Cyber

At a Glance

Entry level

Ethical Hacking Foundation

2 days

Anyone looking for a comprehensive introduction in ethical hacking

Solid understanding of how a hacker thinks, what an ethical hacker does, and what skills an ethical hacker needs, hacking ethics and the legal implications of hacking

How different types of penetration tests are performed and how to report issues found during a pen test

Perform the basic steps of reconnaissance

Perform fundamental steps of attacking techniques including a basic black-box penetration test in Capture the Flag format on the last day of training

Syllabus

Day 1 – Introduction, Network Hacking & Penetration I

Topics:

  • Introduction to the course
  • Definition of ethical hacking
  • The hacking cycle
  • Kali Linux

Topics

  • Wireless networking including BSSID and ESSID, open and closed networks and WPA/WEP security
  • Find information about a wireless network adapter, configure and use it in WiFi hacking
  • Packet capturing using airodump and injection in order to capture and crack a WEP key
  • Use nmap and the zenmap GUI for network discovery scanning

Topics:

  • Introduction to dirb and nikto and how to interpret the initial results of a dirb and nikto scan
  • Launch a vulnerability scan with Vega and analyse / interpret results
  • Practice Basic SQL commands, introduction to some more advanced SQL commands
  • Find a SQL Injection vulnerability
  • Execute an automated SQL Injection with SQLmap
  • Crack a password hash with John The Ripper
  • Use hydra to brute-force a web-based login form

Day 2 – Penetration part II and Capture the Flag

Topics:

  • Manipulate parameters in web-pages including GET and POST parameters
  • Client and server-side validation
  • OWASP ZAP and Burpsuite ar
  • Use ZAP/BURP to bypass client-side validation
  • Use ZAP/BURP with cookies
  • Local file inclusion
  • Remote file inclusion
  • Using these techniques to gain shell access

Using the techniques learned, you’ll break into the wireless network of our company (in a safe environment). You’ll discover interesting hosts and identify what services run on them. Lastly you will access and eventually exploit these services to gain access to the systems

Collect your badge of honor

Exam

  • Language: English
  • Delivered: Online via a certified proctor
  • Questions: 40 multiple choice questions
  • Time: 60 minutes

Dates & locations

Online Live

3 days

4 hours a day

Find a Local Training Partner

Organize a class dedicated for your team