Learn Practical Attacks Against Network Clients

Lab Overview & Needed Software Preview 05:54

In this course, we will be using a number of operating systems, Kali for hacking and a victim or target machine, in this section you will learn how to install these machines as virtual machines inside your current operating system, this allow use to use all of the machines at the same time, it also completely isolates these machines from your main machine therefore your main machine will not be affected if anything goes wrong.

This lecture will give you an overview of the lab that we will need to set up for this course.

Initial Preparation Preview 08:55

This lecture will introduce you to the hacking operating system that we will be using throughout the course; Kali Linux. You will learn what it is, how to download it, and how to enable virtualisation on your system to run it as a virtual machine.

Installing Kali Linux as a VM on Windows Preview 08:55

This lecture will teach you how to install Virtual Box on Windows.
Virtual Box is the software that we will use to install different operating systems inside our current operating system as virtual machines. This will be very useful as you can use it to test and practice what you learn in this course.

Installing Kali Linux as a VM on Apple Mac OS Preview 09:38

This lecture will teach you how to install Virtual Box on Mac OS.
Virtual Box is the software that we will use to install different operating systems inside our current operating system as virtual machines. This will be very useful as you can use it to test and practice what you learn in this course.

Installing Kali Linux as a VM on Apple M1 Computers Preview 09:08

This lecture will teach you how to install Kali Linux as a virtual machine using Parallels Desktop on Apple computers that use the M1 chip. Parallels Desktop is the software that we will use to install different operating systems inside our current operating system as virtual machines. This will be very useful as you can use it to test and practice what you learn in this course.

Installing Kali Linux as a VM on Linux Preview 10:46

This lecture will teach you how to install Virtual Box on Linx.
Virtual Box is the software that we will use to install different operating systems inside our current operating system as virtual machines. This will be very useful as you can use it to test and practice what you learn in this course.

Kali Linux Overview Preview 05:10

In this lecture we will have a basic look on Kali linux just to get you comfortable with using it.

You will also learn how to connect your external wifi card to the virtual machine, this is extremely important for future videos.

Linux Terminal & Basic Commands Preview 13:06

Network Basics Preview 04:28

In this lecture we shall talk about some basics that we need to understand before we can start learning how to test network's security.

Connecting a Wireless Adapter To Kali Preview 05:09

This video will teach you how to connect a USB device to Kali, as an example I will be connecting a wireless adapter to it so I can interact with wireless networks and try to hack them form Kali.

What is MAC Address & How To Change It Preview 08:03

In this lecture you shall learn what do we mean by MAC address, what are they used for and how to change your MAC address.

Installing Windows As a Virtual Machine Preview 06:09

Discovering Connected Clients using netdiscover Preview 08:39

Gathering information is one of the most important steps in penetration testing. In this lecture we will learn how to use netdiscover to discover connected devices to our network.

Gathering More Information Using Zenmap Preview 06:45

In this lecture we shall learn how to use zenmap (the GUI for nmap) to discover all connected devices and gather detailed information about these devices, such as their operating system, open ports and even services using these ports.

Gathering Even More Information Using Zenmap Preview 08:08

In this lecture we shall learn how to use zenmap (the GUI for nmap) to discover all connected devices and gather detailed information about these devices.

ARP Poisoning Theory Preview 09:04

In this video we shall learn about one of the most dangerous and effective attacks that you can launch on a network; (Man In The Middle Attacks) , we shall learn the theory behind ARP poisoning and why it is it so dangerous and effective.

ARP Poisonning Using arpspoof Preview 06:30

In this lecture we will learn how to use arpspoof to do a basic ARP poisoning attack and redirect the flow of packets in the network. 

Bettercap Basics Preview 07:43

This video shows you how to properly install bettercap on Kali Linux, and gives you a basic overview on how to start it and interact with it.

ARP Poisonning Using Bettercap Preview 08:17

In this lecture you will learn how to configure and use modules in bettercap.

As an example you'll learn how to ARP poison a target client using the arp spoof module.

Spying on Network Devices (Capturing Passwords, Visited Websites...etc) Preview 05:11

In this lecture you'll learn how to configure and use the sniff module in bettercap to spy on devices on the same network, so you'll learn how to see all urls they load, images, usernames, passwords and more!

Creating Custom Spoofing Script Preview 09:42

In this lecture you'll learn how to create your own MITM scripts, also known as bettercap caplets, in this example you'll learn how to create a caplet to automatically spoof clients on your network to place you in the middle of the connection and start a sniffer to spy on these clients and see all the data they send/receive including usernames and passwords.

Bypassing HTTPS Preview 11:12

In this lecture we shall learn how to bypass HTTPS/SSL so that we can sniff passwords from HTTPS enabled web pages such as facebook and yahoo.

Bypassing HSTS Preview 10:09

Really big websites such as Facebook and Twitter use Strict Transport Security (HSTS),  modern browsers come with a list of websites that they can only browse as HTTPS, so when we use the method shown in previous lectures the browser will either refuse to load HSTS websites OR load them over HTTPS.

In this lecture you'll learn how to use a custom version of the hstshijack caplet to partially bypass HSTS, this will allow you to capture data sent to and from websites that use HSTS such as Facebook.

DNS Spoofing Preview 10:51

In this lecture we shall learn how to control DNS requests made targets, this allows us to redirect requests to any other place, this can be very useful as it can be used to redirect computers to fake websites, fake updates, fake logins ...etc. 

Injecting Javascript Code Preview 10:26

In this lecture you will learn how to inject Javascript code into the target browser, this is vey dangerous as it allows us to run a large number of attacks using javascript codes (more on this later), in this lecture we'll focus on injecting a simple javascript code.

Doing All of The Above Using a Graphical Interface Preview 10:29

This video teaches you how to run all of the attacks shown above using a graphical user interface that is easy and intuitive to use.

Basic Overview & How To Use It With MITM Attacks Preview 08:24

Wireshark is a network protocol analyser, in this lecture we will have a basic overview on it, you will learn why is it useful and how to use it with MITM attacks or use it to analyse a capture file that contains data that you already sniffed.

Sniffing & Analysing Data Preview 05:30

I this lecture you will learn how to use Wireshark to sniff & analyse data (traffic) sent/received by any client in your network.

Using Filters, Tracing & Dissecting Packets Preview 06:28

In this lecture we will continue using Wireshark, you will learn how to analyse the captured data, trace packets and read details of each.

Capturing Passwords & Anything Sent By Any Device In The Network Preview 07:48

In this lecture you'll learn how to filter sniffed data and extract useful information such as usernames and passwords.

Installing Veil Framework Preview 03:56

In this lecture you will learn how to download and install Veil Framework.

Creating An Undetectable Backdoor Preview 10:19

In this lecture you will learn how to create a backdoor that is not detectable by antivirus programs, this is very important in client side attacks as we will be using this backdoor in future videos to try and gain control over the target system.

Listening For Incoming Connections Preview 07:18

In this lecture you will learn how to listen for connections coming from the backdoor we generated in the previous lecture.

Using A Basic Delivery Method To Test The Backdoor & Hack Windows 10 Preview 07:12

Finally we will test the backdoor that we generated on a Windows machine and make sure that it works as expected.

Creating a Fake Update & Hacking Any Device In The Network Preview 11:48

This lecture will teach you how to gain full access over a target computer by serving it a fake update for an existing program, once the target user installs the update you will gain full access to their computer.

Note: you need to be the man in the middle for this method to work.

-------------

Note: The latest version of evilgrade does not work properly, so don't download evilgrade using the git clone command in the installation commands, instead download it from the following link:

https://www.dropbox.com/s/vr1mpesah1ybuai/evilgrade.zip?dl=1

Detecting ARP Poisoning Attacks Preview 05:05

In this lecture we shall learn two methods to detect ARP poisoning attacks.

Detecting Suspicious Activities using Wireshark Preview 05:41

In this lecture we shall learn how to use Wireshark to detect ARP Poisoning attacks and other suspicious activities in the network, we will also learn how to protect against ARP Poisoning attacks.

Bonus Lecture - Discounts Preview 02:28