Loading...

Ethical Hacking Foundation

Hack like a pro with 30 hours of intensive, hands-on training led by a real hacker. All the prerequisite knowledge for getting started will be provided.

(831 reviews)
Entry Level
30 hours
Author
Created by
Semicolon Academy

ETH-101: Everything You Need to Know – Watch Now!

What you'll learn

  • Principles and basics of cybersecurity and ethical hacking.
  • Setting up and creating a virtual hacking environment using Kali Linux.
  • Conducting WI-FI attacks such as WPA/WPA2 hacking, ARP exploitation, MITM, and more.
  • Network penetration testing, using information gathering, scanning, and tools like Nmap.
  • Exploiting web vulnerabilities like logical vulnerabilities, IDOR, CSRF, XSS, Injections, and more.
  • Understanding theoretical and practical aspects of each attack and how to defend against it.
  • Real-world examples of how we hacked the tech giants (Meta, Google, Tiktok, and others).
  • Fundamentals of bug bounty hunting and how to write professional security reports.
  • How to start making money and build a career in this exciting field.

Upcoming Live Session

Get ready to meet your instructor in the upcoming ETH 101 live session. Enroll now and join on time.

  • kickoff session
  • Monday, October 28, 2024
  • 8:00 PM

Course Syllabus

0
Let's Start

  • ETH 101 Overview
  • Meet Majd Dhainy
  • Extremely Important Instructions ⚠️

1
Chapter 1: Introduction To Cybersecurity

  • Getting Started
  • Demystifying Hacking
  • Red Team vs. Blue Team
  • Black, White, and Gray Hat Hackers
  • Penetration Testing
  • Penetration Testing vs. Bug Bounty Hunting
  • Setting Up The Lab
  • Kali Linux
  • Linux Commands: Part 1
  • Linux Commands: Part 2
  • Linux Commands: Part 3
  • Linux Commands: Part 4
  • Linux Commands: Part 5
  • Protocols, IP & MAC Addresses
  • Port, TCP and UDP Protocols
  • Router
  • Server
  • HTTP & DNS
  • Cryptography
  • Caesar Cipher
  • Cryptography Challenge
  • Hashing
  • Recommended Books & Articles
  • External Resource: Public Key Cryptography
  • External Resource: Learn the 50 most popular Linux commands

2
Chapter 2: Network Security

  • Getting Started
  • Network Adapter: Hardware Specifications
  • Important Notes About The Wireless Adapter
  • Configuring the Wireless Adapter
  • De-authentication Attack: Theoretical
  • De-authentication Attack: Practical
  • WEP Hacking: Theoretical
  • WEP Hacking: Practical
  • WPA/WPA2 Hacking: Theoretical
  • WPA/WPA2 Hacking: Practical - Part 1
  • WPA/WPA2 Hacking: Practical - Part 2
  • WPA/WPA2 Hacking: Building Your Own Wordlist
  • Network Exploitation
  • ARP Protocol
  • Exploit ARP Protocol
  • Man In The Middle Attack
  • Gathering Information with Nmap
  • The Power of Network Pentesting
  • Am I a Pro Network Hacker Now?
  • Recommended Books & Articles
  • External Resource: Network Stacks and the Internet
  • External Resource: Hacking a Professional Drone

3
Chapter 3: Web Application Penetration Testing

  • Getting Started
  • Web Application Pentesting: Introduction
  • URL
  • Client/Server Architecture
  • HTTP Request
  • HTTP Response
  • Cookies
  • Encoding and Decoding
  • SOP and CORS
  • Google Dorking
  • Subdomains Enumeration
  • Directory Brute Forcing
  • ToolKit: What is Proxy?
  • ToolKit: Setting Up Burpsuite
  • Logical Vulnerabilities: Theoretical
  • Logical Vulnerabilities LAB 1: Excessive Trust in Client-Side Controls
  • Logical Vulnerabilities LAB 1: Alternative Possible Scenario - Part 1
  • Logical Vulnerabilities LAB 1: Alternative Possible Scenario - Part 2
  • Logical Vulnerabilities LAB 1: Alternative Possible Scenario - Part 3
  • Logical Vulnerabilities LAB 2: 2FA Broken Logic - Part 1
  • Logical Vulnerabilities LAB 2: 2FA Broken Logic - Part 2
  • Real World Example: Break The Saved Tab
  • Real World Example: Bypassing Break Saved Tab Mitigation
  • Mitigating Logical Vulnerabilities
  • Access Controls Vulnerabilities: Access Controls
  • Access Controls Vulnerabilities: IDOR
  • Retrieving Object IDs
  • Access Controls Vulnerabilities LAB 1: Insecure Direct Object References
  • Real World Example 1: Delete any comment on Facebook
  • Real World Example 2: Editing Instagram Reels Thumbnail
  • Mitigating IDOR Vulnerability
  • Client Side Vulnerabilities: Introduction
  • Cross-Site Request Forgery (CSRF)
  • CSRF Exploit Scenario
  • CSRF LAB 1: No Defenses
  • CSRF LAB 2: Token Presence Validation
  • CSRF LAB 3: Token and User Session
  • Real World Example: CSRF in Facebook Subdomain
  • Mitigating CSRF Vulnerability
  • Clickjacking
  • Clickjacking vs CSRF
  • Clickjacking LAB 1: Clickjacking & CSRF Presence
  • Real World Example: Clickjacking in Google Play
  • Mitigating Clickjacking
  • Cross Site Scripting (XSS)
  • Reflected XSS
  • Reflected XSS LAB 1: HTML Context With Nothing Encoded
  • Reflected XSS LAB 2: Attribute With Angle Brackets
  • Reflected XSS LAB 3: JS String With Angle Brackets
  • Reflected XSS LAB 4: JS String With Single Quote & Backslash Escaped
  • Stored XSS
  • Stored XSS LAB 1: HTML Context
  • Stored XSS LAB 2: Anchor href Attribute
  • Stored XSS LAB 3: Onclick Event
  • Stored XSS LAB 4: Capture Passwords
  • Real World Example: Stored XSS in TikTok
  • Mitigating XSS Vulnerability
  • Server Side Vulnerabilities: Attacking Data Storage
  • Login Example
  • Bypassing Login using SQLI
  • SQLI Pre - LAB 1
  • SQLI LAB 1: Login Bypass - Part 1
  • SQLI LAB 1: Login Bypass - Part 2
  • SQLI Example: Retreive Hidden Courses
  • SQLI Pre - LAB 2
  • SQLI LAB 2: Retrieve Hidden Data
  • SQLI Into Different Statements Types
  • Union Based SQLI
  • Union Based SQLI: Methodology
  • SQLI LAB 3: Determining Columns Numbers
  • SQLI LAB 4: Finding a Column Containing Text
  • SQLI LAB 5: Retrieving Data From Other Tables
  • SQLI LAB 5: Using SQLMAP
  • Boolean Based SQLI (Blind SQLI)
  • SQLI LAB 6: Blind SQLI With Conditional Responses
  • Mitigating SQLI Vulnerability
  • Denial of Service Attack (DoS)
  • Network Based DoS
  • DoS vs DDoS
  • Web Vulnerability Based DoS
  • Web App DoS Exploit Scenario
  • Real World Example: Instagram Livestream Crash
  • Mitigating DoS
  • Recommended Books & Articles

4
Chapter 4: Bug Bounty Hunting

  • Getting Started
  • Bug Bounty Definition
  • Get Started
  • Reporting First Valid Bug
  • Real World Example: Facebook Chat Members
  • Real World Example: Instagram Posts Description
  • Real World Example: Messenger Private Attachements
  • Bug Bounty Advice & Resources
  • Recommended Books & Articles

5
Chapter 5: Execlusive Podcast With Experts

  • Getting Started
  • Kassem Bazzoun: Being on Meta White Hat list since 2015
  • Hassan Saayed: When age is not a barrier to starting ethical hacking
  • Ali Chehab & Ali Kalout: Specializing in hacking GitHub and GitLab
  • Bassem Bazzoun: Regarding bounties in tens of thousands of dollars
  • Ali Ayoub: The secrets of mobile app penetration testing
  • Mohamad Atwi: Hacking the U.S. Department of Health

6
Ending & What's Next!?

  • Ending & What is next & Tips and Tricks
  • Taking Revenge: Hacking into Majd's Device

Learn from real hackers

Majd Dhainy

Course Instructor

Cybersecurity Researcher with a strong background in software engineering, specializing in securing web services, enhancing APIs, and addressing issues from requirements to deployment. Acknowledged for uncovering global vulnerabilities, listed on bug bounty Hall of Fames for Meta, Google, Revolut, LinkedIn, Medium, Trivago, and more.

Cover image
Learn from real hackers

Hassan Al Achek

Course Assistant

Electrical and Telecommunication Engineer, Offensive Security Enthusiast, Programmer, Back-End Web Application Developer.

Students Feedback

Enrolling in Semicolon Academy was a great decision. We acquired a solid understanding of cybersecurity and ethical hacking under the guidance of expert instructors and a supportive community.

I recently took the ETH 101 and was impressed by the wide range of topics covered, skilled instructors and valuable hands-on lab exercises. I highly recommend this course for anyone interested in cybersecurity.

I was torn between investing in the course and purchasing a new phone, but after joining Semicolon Academy, I'm confident that the investment in the course was the right and the best choice.

I recently completed the Ethical Hacking 101 course and it was amazing. The course material was well-organized and the instructors were knowledgeable and supportive.I highly recommend it.

The instructors were top-notch and the course material was engaging and relevant. I have gained a deep understanding of the different hacking techniques and how to protect against them. Highly recommended!

It was a great pleasure meeting your professional team and having the chance to join this course, and thank you for always being by our side and answering our questions even though we've finished the course.

I am now well-versed in ethical hacking thanks to the comprehensive course I took. It was an investment that I never regret. I would highly recommend it to anyone looking to build their skills in this field.

As a student with no prior knowledge in the field, it is challenging to find trainers who can effectively convey information, but your course was an exception, your communication was smooth and effective.

I was blown away by the content of the course, it exceeded my expectations. The academy, the course, and my classmates all contributed to an unforgettable experience that I will always cherish, as they became my family.

The choice to enroll in Semicolon Academy was a decision that paid off immensely, thanks to your engaging teaching style and the supportive and friendly community that developed among classmates.

I had heard of your reputation and accomplishments in the field of ethical hacking, and now, as one of your students, I am determined to make you proud and carry on your legacy of excellence.

I had previously taken multiple courses but never felt fully confident in my understanding of the material. This course was different, it provided a clear and complete understanding, I finally grasp everything 100%

The 101 course was exceptional. The level of detail and the motivational teaching method make it a 5-star experience. The instructors go above and beyond to encourage questions and discussions, even outside of class time.

Still Have Any Questions?

Check out the FAQs.

  • No Linux, programming, or hacking knowledge required.
  • Computer with a minimum of 4GB ram/memory.
  • Operating System: Windows/ OS X/ Linux.
  • Wireless adapter that supports monitor mode for Wi-Fi Hacking.
  • Being passionate about learning security.

  • Beginners
  • Web Application Developers
  • Anyone interested in learning ethical hacking/penetration testing
  • Anyone interested in Web Application Security and Bug Bounty Hunting

  • No, the approach we will take for this course will be a black box approach. Therefore, we do not assume previous coding skills.

  • Hunting for bugs on big companies like Facebook, Google, and Instagram.
  • Become a junior web application penetration tester.
  • If you are a developer of Web applications, you will be able to develop a secure application.
  • You can start your career as a junior penetration tester.

  • Upon successful completion of the course, students will be issued a digital certificate.

  • When learning a skill like hacking, you want to be taught by someone who actually works in the industry and has dedicated their life in this field, not just another online instructor!
Enroll Now For $250 $300

Your Cart (0 items)

Product

{{ eachItem.title }}

      
Includes: {{ singleItem == 'ETH-101' ? 'Ethical Hacking Foundation' : (singleItem == 'WETH-201' ? 'Web Security Professional' : '') }}{{index==eachItem.bundle.length-1?'':', '}}
${{eachItem.price.final}}
${{eachItem.price.main}}
Your cart is empty
Proceed to checkout
Top
promo