What is Ethical Hacking and what is it used for?
Ethical hacking involves a hacker agreeing with an organisation or individual who authorises the hacker to levy cyber attacks on a system or network to expose potential vulnerabilities. An ethical hacker is also sometimes referred to as a white-hat hacker. Many depend on ethical hackers to identify weaknesses in their networks, endpoints, devices, or applications. The hacker informs their client as to when they will be attacking the system, as well as the scope of the attack. An ethical hacker operates within the confines of their agreement with their client. They cannot work to discover vulnerabilities and then demand payment to fix them. This is what gray hat hackers do. Ethical hackers are also different from black hat hackers, who hack to harm others or benefit themselves without permission.
What are the career options for a Computer Engineer or Ethical Hacker?
Chief Information Security Officer | Incident Analyst | Responder | Information Security Analyst | Senior Security Consultant | Software code Analyst | Digital Forensic Expert | Cryptographer | Risk Controller International Trainer | Penetration Tester | Security Architect | Security Engineer | Researcher | Exploit Developer | Ethical Hacker
Why study Ethical Hacking with Steam Labs?
We employ staff that have a real passion for educating students on Ethical Hacking and are able to break down very complex topics for learners of all abilities. All of our staff are not only CEH Certified Ethical Hackers from EC-Council, they are qualified teachers that specialise in educating students all over the world. Our trainers a strong background in Cyber Security as well as education, both of these skills allow our trainers to get the very best results from all of our students.
We Provide Professional training that includes real-world challenges. All programs are ONLINE.
- What topics are covered in Level 1?
- Learn ethical hacking, its fields & the different types of hackers.
- Install a hacking lab & needed software (on Windows, OS X and Linux).
- Hack & secure both WiFi & wired networks.
- Understand how websites work, how to discover & exploit web application vulnerabilities to hack websites.
- Use hacking tools such as Metasploit, Aircrack-ng, SQLmap
- Discover vulnerabilities & exploit them to hack into servers.
- Hack secure systems using client-side & social engineering.
- Secure systems from all the attacks shown.
- Install & use Kali Linux – a penetration testing operating system.
- Learn Linux basics.
- Learn Linux commands & how to interact with the terminal.
- Learn Network Hacking / Penetration Testing.
- Network basics & how devices interact inside a network.
- Run attacks on networks without knowing its key.
- Control Wi-Fi connections without knowing the password.
- Create a fake Wi-Fi network with internet connection & spy on clients.
- Gather detailed information about networks & connected clients like their OS, ports …etc.
- Crack WEP/WPA/WPA2 encryptions using a number of methods.
- ARP Spoofing / ARP Poisoning.
- Launch various Man In The Middle attacks.
- Access any account accessed by any client on the network.
- Sniff network traffic & analyse it to extract important info such as: passwords, cookies, urls, videos, images ..etc.
- Intercept network traffic & modify it on the fly.
- What topics are covered in Level 2?
- Discover devices connected to the same network.
- Redirect DNS requests to any destination (DNS spoofing).
- Secure networks from the discussed attacks.
- Edit router settings for maximum security.
- Discover suspicious activities in networks.
- Encrypt traffic to prevent MITM attacks.
- Discover open ports, installed services, and vulnerabilities on computer systems.
- Hack servers using server-side attacks.
- Exploit buffer overflows & code execution vulnerabilities to gain control over systems.
- Hack systems using client-side attacks.
- Hack systems using fake updates.
- Hack systems by backdooring downloads on the fly.
- Create undetectable backdoors.
- Backdoor normal programs.
- Backdoor any file type such as pictures, pdf’s …etc.
- Gather information about people, such as emails, social media accounts, emails and friends.
- Hack secure systems using social engineering.
- Send emails from ANY email account without knowing the password for that account.
- Analyse malware.
- Manually detect undetectable malware.
- Read, write download, upload and execute files on compromised systems.
- Capture keystrokes on a compromised system.
- What topics are covered in Level 3?
- Use a compromised computer as a pivot to hack other systems.
- Understand how websites & web applications work.
- Understand how browsers communicate with websites.
- Gather sensitive information about websites.
- Discover servers, technologies & services used on target website.
- Discover emails & sensitive data associated with a specific website.
- Discover subdomains associated with a website.
- Discover unpublished directories & files associated with a target website.
- Discover websites hosted on the same server as the target website.
- Exploit file upload vulnerabilities to gain control over target website.
- Discover, exploit and fix code execution vulnerabilities.
- Discover, exploit & fix local file inclusion vulnerabilities.
- Discover, exploit & fix SQL injection vulnerabilities.
- Bypass login forms and login as admin using SQL injections.
- Exploit SQL injections to find databases, tables & sensitive data such as usernames, passwords…etc
- Read / Write files to the server using SQL injections.
- Learn the right way to write SQL queries to prevent SQL injections.
- Discover reflected XSS vulnerabilities.
- Discover Stored XSS vulnerabilities.
- Hook victims to BeEF using XSS vulnerabilities.
- Fix XSS vulnerabilities & protect yourself from them as a user.
- Discover MITM & ARP Spoofing attacks.