- Virtual Environment
- Kali Linux Installation & Environment
- Power Up Your Linux Shell: TERMINATOR-ZSH-TMUX
- Linux Basics & Commands
- Docker on Linux
Online
₹ 799
Quick facts
particular | details | |
---|---|---|
Medium of instructions
English
|
Mode of learning
Self study
|
Mode of Delivery
Video and Text Based
|
Course overview
Applied Ethical Hacking and Rules of Engagement Course is an online certification developed by Seyed Farshid Miri, a Network and Cyber Security Expert, that will facilitate the learners to get an overview of ethical hacking. In this course, the students can delve into many aspects of ethical hacking such as Cyber Security, Penetration Testing, Python Hacking, Wazuh SIEM on Elastic Stack and the like along with practical knowledge. Applied Ethical Hacking and Rules of Engagement Online Course recommends that the students can take full advantage of the programme if they have the basic IT skills.
Offered by Udemy, Applied Ethical Hacking and Rules of Engagement Certification will talk about strategies and techniques of Red-Teaming, Elastic Stack Wazuh Manager (SIEM), Threat Hunting and much more. The candidates will be provided with a 30-day money-back guarantee and they can withdraw from the course if they are not content. The students can enrol in the programme by providing the Udemy-prescribed fee.
The highlights
- Online course
- Downloadable resources
- Full lifetime access
- Access on mobile and TV
- Certificate of completion
- English videos
- 30-Day Money-Back Guarantee
Program offerings
- 40 hours on-demand video
- 3 articles
- 19 downloadable resources
- Full lifetime access
- Access on mobile and tv
- Certificate of completion
Course and certificate fees
Fees information
certificate availability
certificate providing authority
What you will learn
By the end of Applied Ethical Hacking and Rules of Engagement Online Certification, the students will study Blue-Teaming, Python Scripting for Security, Attack Vectors, Vulnerability Scanning, Web App Pentesting, MITER ATT&CK, Kali Linux, python scripting, and much more.
The syllabus
Crash Course: Linux
Get Your Hands Dirty
- Disclaimer
- Intro to Ethical Hacking Basic Concepts and Terminologies
- Vulnerable Labs #1: dvwa, bwapp, webgoat, juiceshop, metasploitable2
- Read Me!
- Vulnerable Labs #2: metasploitable3
- Capture The Flags(CTF): HTB and others
- VSCode IDE For Your Scripts!
Ethical Hacking 1: Understand Attack Vectors
- Understanding Attack Vectors
Ethical Hacking 2: Information Gathering & Enumeration
- Initial Reconnaissance with OSINT Framework
- Scanning with ZENMAP
- Scanning with NMAP in Command Line & in Python
- Scanning with Metasploit AUX & CENSYS
- Metasploitable Environment Preparation
- Enum with NMAP Part 1
- Enum with NMAP Part 2
- Enum with Metasploit and other tools
Ethical Hacking 3: Vulnerability Scanning & Analysis
- Introduction to Vulnerability Scanning and Analysis
- Setting up OpenVAS-GVM
- Vulnerability Assessment with OpenVAS-GVM
- Vulnerability Analysis in Action
- Third Opinion Vulnerability Scanning with Metasploit
- Second Opinion Vulnerability Scanning with NMAP NSE Scripts
Ethical Hacking 4: Exploitation, Post Exploitation and Password Attacks
- Initial Presentation
- Metasploitable2 - Part 1
- Metasploitable2 - Part 2
- Metasploitable2 - Part 3
- Metasploitable2 - Part 4
- Metasploitable3 Ubuntu - Part 1
- Metasploitable3 Ubuntu - Part 2
- Metasploitable3 Ubuntu - Part 3
- Metasploitable3 Ubuntu - Part 4
- Metasploitable3 Win2k8 - Part 1
- Metasploitable3 Win2k8 - Part 2
- Metasploitable3 Win2k8 - Part 3
- Password Hash Crack - Part 1
- Password Hash Crack - Part 2
Ethical Hacking 5: Network Attacks (Wired & Wireless)
- Man in the Middle Attacks (Sniffing & Spoofing) - Part 1
- Man in the Middle Attacks (Sniffing & Spoofing) - Part 2
- Wireless Attacks - Part 1
- Wireless Attacks - Part 2
Ethical Hacking 6: Social Engineering Attacks
- Social Engineering Concepts - Part 1
- Social Engineering Concepts - Part 2
- Gophish Framework - Reaching the Target - Part 1
- Gophish Framework - Reaching the Target - Part 2
- Social Engineering Client Side Attacks - Part 1
- Social Engineering Client Side Attacks - Part 2
Ethical Hacking 7: Web App Pentesting (OWASP-TOP 10)
- Web App Pentesting Concepts - Part 1
- Web App Pentesting Concepts - Part 2
- Web App Pentesting Concepts - Part 3
- Web App Pentesting Concepts - Part 4
- Burp Suite Basics - Part 1
- Burp Suite Basics - Part 2
- Damn Vulnerable Web Application Lab - Part 1
- Damn Vulnerable Web Application Lab - Part 2
- Damn Vulnerable Web Application Lab - Part 3
- Damn Vulnerable Web Application Lab - Part 4
- OWASP Webgoat Lab - Part 1
- OWASP Webgoat Lab - Part 2
- OWASP Mutillidae II Lab - Part 1
- OWASP Mutillidae II Lab - Part 2
- Metasploitable 3 Vulnerable Web App
- bWAPP - Buggy Web Application Lab
- PortSwigger - Online Vulnerable Web Apps - Part 1
- PortSwigger - Online Vulnerable Web Apps - Part 2
- Damn Vulnerable Web Application Lab - Part 5
Crash Course: Python Scripting (incl. 2x Mini Projects)
- Classes and Objects, Mini Project I: Writing a Port Scanner
- Mini Project II: Writing a Malware Command & Control (C&C)
- Server/Client
- Basics 1: Installation & Config , Basic Operations, Binary
- Operations
- Basics 2: Loop Statements, Flow Control and Modules
- Basics 3: Data Types and Functions
Practical Pentest with CTFs (Let's Capture The Flags)
- Intro to Hack the Box (HTB) CTF
- Easy 1 - BLUE (Enumeration, Exploitation, Hash Dump and Impacket Framework)
- Easy 2 - DEVEL (Indirect Web Shell Upload, Local Exploit Suggester, Priv. Esc.)
- Easy 3 - NETMON (PRTG Exploit with Python, Creds Discovery & Guessing) - Part 1
- Easy 3 - NETMON (PRTG Manual Exploit with Nishang Reverse Shells) - Part 2
- Medium 1 - POPCORN (Dirbuster Enum, Upload Abuse, Nix PAM, DirtyCow Exploit)
- Medium 2 - BLUNDER (Gobuster, Bludit CMS exploits) - Part 1
- Medium 2 - BLUNDER (Hashcat, LinPEAS Priv Esc., Sudo Exploit) - Part 2
- Medium 2 - BLUNDER (CSRF/Anti-Bruteforce Bypass with Python Scripting) - Part 3
- Medium 3 - SNIPER (SMB Enum, LFI RFI, Gain Rev Shell) - Part 1
- Medium 3 - SNIPER (RFI RCE, Local Enum, Priv Esc, CHM Weaponization) - Part 2
- Medium 3 - SNIPER (CrackMapExec, Impacket, Cookie Poisoning) - Part 3
- Medium 4 - MANGO (Recon, NoSQL MongoDB Injection) - Part 1
- Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 3
- Medium 4 - MANGO (LinPEAS, GTFOBins Priv. Esc. Attack Vectors) - Part 4
- Hard 1 - CONTROL (Manual SQL Injection, SQLmap) - Part 1
- Hard 1 - CONTROL (Read & Write Webshells with SQLMap, winPEAS) - Part 2
- Hard 1 - CONTROL (Windows Priv. Esc Abusing SDDL Perms, Service Exec) - Part 3
- Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 2
Security Standards and Methodologies
- MITRE ATT&CK and Cyber Kill Chain
- OWASP TOP 10, ASVS, MASVS, PTES, ISSAF and OSSTMM
Cobalt Strike: Operations & Development
- Introduction to Red Teaming - Part 1
- Introduction to Red Teaming - Part 2
- Red Teaming Operations - Part 1
- Red Teaming Operations - Part 2
- Red Teaming Infrastructure - Part 2
- Red Teaming Infrastructure - Part 3
- Red Teaming Command and Control (C&C) - Part 1
- Red Teaming Command and Control (C&C) - Part 2
- Red Teaming Command and Control (C&C) - Part 4
- Red Teaming Command and Control (C&C) - Part 5
- Red Teaming Weaponization (DDE & Micro Attacks) - Part 1
- Red Teaming Weaponization (HTA Attack, Droppers, File Format Exploits) - Part 2
- Red Teaming Initial Access Attack Scenarios
- Red Teaming Post Exploit (Proc Injection & Bypass UAC, Token Tampering) - Part 1
- Red Teaming Post Exploit (Keylogger, Screen Spy, Cobalt Strike Ops) - Part 2
- Red Teaming Post Exploit (Pivoting, Session Passing, RDP Tunnel) - Part 3
- Red Teaming Infrastructure - Part 1
- Red Teaming Command and Control (C&C) - Part 3
Active Directory Attacks in Depth
- Active Directory Attacks Concepts - Part 1
- Active Directory Attacks Concepts - Part 2
- Active Directory Attacks Concepts - Part 3
- Active Directory Setup on Metasploitable VM
- Vulnerable AD Lab Preparation
- AD Enumeration, Credentials Replay Attacks, Over-PTH,
- Secretsdump and Evil-WinRM
- AS-REP Roast, Hashcat, Pass The Ticket Attacks
- Golden Tickets, Kerberoasting against User SPNs and Mimikatz Attacks
MITRE ATT&CK Framework
- Introduction to MITRE ATT&CK - Part 1
- Introduction to MITRE ATT&CK - Part 2
- Reconnaissance
- Resource Development
- Initial Access
- Execution
- Persistence
- Privilege Escalation
- Defense Evasion
- Credential Access
- Discovery
- Lateral Movement
- Collection
- Command and Control
- Exfiltration
- Impact
Introduction to Defensive Security
- SIEM vs. SOC
- How SIEM works
- What are SIEM Use-Cases and Common Mistakes?
- Threat Intelligence & OSSIM Open Threat Exchange (OTX) P1
- Threat Intelligence & OSSIM Open Threat Exchange (OTX) P2
- SIEM vs. SOAR vs. UEBA
- How secure is secure enough?
- Defense-in-Depth Architecture Part 1
- Defense-in-Depth Architecture Part 2
Setting Up Our SIEM with Elastic-Stack & Wazuh Manager
- Installation Note
- Architecture, Installation & Configuring Wazuh Manager Server
- Installation & Configuring Elasticsearch
- Installation & Configuring FileBeat & Kibana
Integrating Endpoints in Elastic-Stack & Wazuh Manager
- Integrating Windows Endpoint in Wazuh Manager
- Integrating Linux Endpoint in Wazuh Manager
- Integrating Fortigate Firewall in Wazuh Manager
- Changing Password of the Read-Only Admin Account
- Automated Roll-out of Wazuh Agent on a Network of Windows Workstations
Index Life-Cycle Management (ILM) in Elasticsearch & Wazuh Manager
- Wazuh Index State Management (ISM) & Storage Productivity
Applying Wazuh Capabilities for Security Monitoring
- File Integrity Monitoring (FIM): Alert when Critical Files Touched
- Linux System Calls Monitoring: Alert when Auditctl Rules are met
- Continuous Enterprise Vulnerability Monitoring
- CIS Hardening Monitoring with Wazuh SCA (Less is More Principle)
- Windows Defender in Wazuh: Centrally Monitor Malware & Actions across Endpoints
- Use Sysinternals Sysmon with Wazuh: The Swiss Army Knife for Windows Monitoring
Programming Rulesets (Decoders & Rules) in Wazuh
- Programming Decoders and Rules in Wazuh Part 1
- Programming Decoders and Rules in Wazuh Part 2
Practical Attacks & Threat Hunting IoC Use-Cases with Wazuh
- Run & Detect SSH & RDP Brute Force Attack - Parrot OS & Windows Endpoint
- Run & Detect MSHTA Session initiation Attack
- Run & Detect Spawn Session and Process Injection
- Run & Detect Priv Esc, Lateral Mov. & Exec using PSExec WMIC (Windows Endpoint)
- Run & Detect Mimikatz & Pass The Hash Attacks
- Run & Detect Log Tampering IoC (Someone is deleting his traces)
- Run & Detect Shellshock Attack - Linux Endpoint
Bonus: Sample Cybersecurity Job Interview Q&A
- Sample Cybersecurity Job Interview Questions
Instructors
Mr Seyed Farshid Miri
Network and Cyber Security Expert
Freelancer