Learn Ethical Hacking Full Course 50 hours | Live Project work In Cybersecurity | Zero to Hero |

Learn Ethical Hacking Full Course 50 hours |  Live Project work In Cybersecurity | Zero to Hero |

Show Video

so i am sharing my presentation so very first uh during whole this journey whatever the knowledge i will provide you please never use this knowledge for any analytical purpose otherwise it will be treated as a crime we will also fill up one of the undertaking from all teammates all the students by which uh if they perform certain crime then they will be totally responsible for it and so this is a disclaimer given over here after that this is about me some of the parts in this training is repeated from a demonstration so please don't get hesitate for this sorry for that i have to turn 11 years of experience out of which nine years of teaching and six years of industrial experience presently i am associated with 22 companies as a cyber security and splunk trainer these are my achievements i am presently working as a senior security consultant in capgemini 25 plus training i have conducted 18 plus industrial training i have conducted two book chapters faith papers copyright security topper gate score qualified in many phd industries won many prices and acting as a reviewer so very first we are going to see model number one introduction to ethical hacking okay so how many of you are from out of india out of 28 people okay few people are from out of india also i can see in a participant list okay so no problem so there are many cyber crime news are happening in our day-to-day environment some of the cyber crime news are given over here so many hackers are doing cyber crime nowadays and uh if you become a cyber security professional then you will get a very huge package which is shown over here you can see okay so at least you can get half million or one million per year package if you become a cyber security professional after learning this course after practicing these skills you become a cyber security professional so some of the jobs job roles are given over here after completion of this course you can join on these various roles technical trainer information security engineers liquid engineer cyber security executive etc these are some of the career options when you complete this course you can join different posts which are given over here security analyst security architect security software okay there must be some problem i think if you find any interruption please inform it to me okay immediately so all these are the roles you can join now uh what do you know about certified ethical hacker can anybody give me the answer anybody please you can raise your hand or directly give you the answer no problem would you like to give me the answer no okay so certified ethical hacker is a ch okay so this person is finding a vulnerabilities or loopholes we can say loopholes in computer networks network mobile phones etc okay so this person is a main role of this question is finding a vulnerabilities and loopholes in all these computerized systems so certified ethical hacker is one of the course which i am going to teach you here this is a basic course of a cyber security if you want to learn any other course of cyber security the basics course you must know complete syllabus of a certified ethical actor then only you can learn or you can understand any other course so regarding this course i can say that this is the information okay regarding this course very first this exam is taken by ec counsel usa okay this is one of the organization in the usa okay this exam has a total 125 number of questions okay this exam has a four hours of duration all the questions are in a multiple choice format mcq questions and this exam has a three years of validity so these are the features of this certified ethical hackers exam so i'm going to teach you the complete syllabus of a certified ethical exam course okay now why we require cyber security probation because there are many cyber crimes going in all over the world if you want to see you can check it over here this is one of the website and this website is called map dot check point get didn't go on here sorry is there any problem hello i am audible to you clearly correct all of you okay your silence i'm taking as a yes okay good one person has raised a hand who is that oppo a15s do you want to ask any question oppo a15s please unloot yourself and ask me the question i'm not able to listen no so what has happened in all over the world many cyber attacks are happening yes i have muted everyone ravi thank you for your nice suggestion okay yeah background noise will not be happen henceforth in a training so there are many cyber attacks are occurring in all over the world you can see that united states doing attack on our georgia then india then many countries are doing attack on each other because of this cyber attack they are breaching the confidentiality availability and integrity of each and every country so you can see the name of the attacks on a left hand side you can see the top targeted countries on the right hand side mongolia nepal georgia indonesia you can see top targeted industries there is education government communication on the right hand side so in this way because there are very huge number of attacks are happening hence the cyber security professional is very much required okay we respect your suggestion definitely everybody will mute no i have muted everybody actually i have clicked on mute all button so do you know anything about the cyber law in india cyber blog okay so according to indian government in 2000 they have created some of the cyber months for each and every country there are different cyclones so what is the use of this cyber map this cyber law is used to prevent any offense okay you can see there are different punishments for various things suppose any hacker tempers any computer source document of any other person then this hacker will get three years of punishment and two lap rupees okay if any person hack the complete computer system then three years of imprisonment and two lap requests if in publishing any photo any video of any person without his permission then five years of imprisonment and tool aggregate so these kind of various punishments and a fine are allocated to the different kinds of hacking attacks or crimes we can see that's why hacking is very dangerous and even if you have a knowledge you should never use it for any unethical purpose for any kind of a crime there are six types of a hacking very first hacking is a website id okay what is website suppose you are accessing taking unauthorized control over a web server okay suppose for example google is a web server okay suppose you are taking the control over the google server and you are doing some kind of attack for example you are taking their financial information you are downloading their information you are getting some of the data off of google then it can be said that website it is called as a website okay network hacking very first what is network network means group of computers which are connected with each other suppose you are a hacker or any hacker please yes anybody wants to say anything you have unlimited your mic do you want to say anything okay network hacking network hacking means the computer network group of a computer suppose some hacker hacks the computer network tried to capture the information of all the computers connected in any group then it is called as a network it can be possible using a telnet ns lookup ping tracert netstat like email hacking now this hacking is very much popular you have also realized this thing you have received many emails nowadays okay like hey you won a lot okay i think so that there must be some problem with the internet is it fine now my internet is stable now am i available to you clearly okay there is one question from walker hassan is there any prerequisites to sit in the exam so no prerequisites are there okay there are no any prerequisites if you have a knowledge of this thing certified critical hacker then you can sit for this example you need at least 18 years of age should be 18 years okay in this one so network hacking means suppose anybody okay i have created network hacking so suppose somebody is sending any email to you and doing any fraud with you it is called as email ethical hacking ethical hacking means suppose any person is using the skills of a hacking for any good sake for securing certain organization company or finding some of the solution to some of the problems then it is called as an etiquette password hacking means suppose some person is trying to recover the secret password from data that is stored it is called as a password then computer hacking computer hacking means suppose some person is stealing the information of any computer then it is called as a computer okay do you have any question up to here anybody has any question please ask me the question yes you can directly unmute yourself and ask how about security versus ch security plus okay versus ch okay security clauses ch both these certifications are good but i recommend to complete the security ch issue of security why is it so because in a certified ethical hacker the more detailed contents are given means more detail syllabus is there and if you find in all over the world in a job opportunities then everybody is asking for a certified ethical hacker certification instead of security plus certification definitely joy trust technology or i will only teach you the certified ethical hacker course we will not provide any kind of easy counsel certification if you want to opt for ec council certification then you should attempt the exam and you can take this certification you can achieve this but i want to tell you one another thing nowadays there are many four kind of things are happening for example many people are directly purchasing a certification of a certified ethical hacker without any knowledge so with a zero knowledge also anybody can purchase certified ethical liquor certification these things are happening this mall functioning is happening nowadays so what companies are looking for companies are looking for a knowledge not a certification if you have a knowledge and you don't have an ec council certified ethical hacker certification you can inform to the company i will opt for a certification within few months or within 15 days after my journey in this way so knowledge is more important as compared to the certification remember this thing so jama i think i have given answer to your question is there any another question to anybody else or jama okay thanks a lot so i'm treating your silence as a no question okay shall we move further okay so we are going to see advantages of a hacking basic knowledge and requirements for these folks okay first no programming this message okay no networking all networking knowledge is needed okay third is you should have pc with windows 10 os and at least i3 processor 8 gb of ram and with at least i am saying here at least 8 cp of ram and 250 gb of hardness this is the requirement of this course okay i'm sharing this thing in a chat box i have shaped this so very first we will discuss about this why programming knowledge is not essential because i will teach you multiple linux command we can say that multiple required linux commands i will teach you multiple required linux commands here that's why programming knowledge is not essential why networking knowledge is not essential because i will teach you basic networking concepts of course required is a neutral step for this course why this thing is required pc with the windows 10 os and at least i3 processor because we are going to install kali linux os in vmware workstation vmware one station okay so to run for the os we need above configuration run both these os we need our configuration that's why these are the important thing according to this course if you want to join this course at least you should have this kind of a pc configuration i have shared this thing in a chat boxes so i think most of the things are clear for you do you have any other question i come from civil engineering background there is one question from a forum i come from civil engineering background but i have this interest in i.t field especially in cyber security we life has any difficulty learning this course since my background is different is this enough for you yes what what of s uh fcs so before before that i need to give answer to the fire so far even though you are from any stream okay you are from any engineering background you can join this course knowledge and also did a good job industry so why is it so why i'm saying like this to the forum because what has happened today there is the scarcity of a cyber security engineer so even though there is a very huge demand for a cyber security engineer so if you have a cyber security knowledge if you have a certified ethical knowledge basic knowledge then also you can enter into this field because there is no any engineering stream okay nowadays many engineering streams are there but uh two three years before there is no any injury stream which gives you the knowledge of a cyber security so that's why till the next three years at least you can complete this course and you can gain the knowledge and you can join the job after three years what will happen many cyber security engineers many professionals will be there so it will be difficult for you to enter into this field with the civil engineering or any other background that's why today is a very good scenario today means within next six months one year there is a very good positive scenario for you while you can join this course okay second question i want to give the answer for michael a is this enough for you to become a cyber security engineer what of cssp and the cisa so this is the question okay so i am writing to the michael okay what has happened there are many courses in a market but to start a career as a cyber security professional you should have a basic ceh certification okay without cea certification you cannot join you cannot run you cannot admit or you cannot go for you can't go for any other certification so what it means it means that there are many courses in a market so you need to join for cyber security certified identification you can go for other courses otherwise you cannot go and whether you will become a complete cyber security engineer with a ch course no answer is no you will get enough knowledge to enter into this field okay to enter into any field at least you should start from somewhere so you are starting from certificate and for cissp or any cisa any course you require at least three year to five industrial experience of a cyber security professional then only you can join this course and you can gain the knowledge okay so certified identical hacker is obviously a start and without this type you cannot directly jump into any other course after that jama jama has asked one question which one you recommend cyber security or cloud jobs okay so i recommend force cyber security as well as cloud okay to the jama i'm saying why i am recommending both because both these have enough knowledge of both these have uh enough opportunities today even if you join cyber security and if you join cloud okay the aws cloud azure our many clouds are very much essential there and cyber security we can say it is a unique kind of a stream okay so because of this unix stream you will get a very huge package if you become a cyber security engineer okay but a cloud engineer is not that much unique we can say okay so there are many already proficient people are uh present for a cloud knowledge with the cloud knowledge so the package in a cyber security is more as compared to the uh cloud so if you want i can recommend both of them you can go for anywhere for any course and you can grow up your curry after that ruby ravi has given one of the website to me i am going to open this website and see what is that ch versus the issp okay versus crsa okay so ravi uh i know all these websites and the final conclusion is that without ch you cannot go for any other course for understanding the description or knowledge or gaining the knowledge of tissp and cisa you should at least have a knowledge of a certified ethical hacker course then only you can go for other courses otherwise you can't go for any course and you will not get any knowledge there even if you directly go for any other this is the answer to that is there any another question jama is completed okay some samsung okay samsung phone samsung ganesh phone to everyone will you cover cloud security in this course so definitely i will not cover cloud security in this course okay i will not cover cloud security in this course i will only cover the required topics which are there in a stratified ethical course i will not cover any other topic other than certified ethical hack sorry for that sorry for interruption please listen to me very carefully very first if certified ethical hacker has a cloud security then i will teach you this concept only i will not cover complete cloud security only for a conceptual basis and for a few practical basis i will teach you okay you can say right i just share yes share what all the topics you will be covering in this course since actually i was just uh joined a little bit uh late so sorry for that so i'm not sure if you have covered that or not after completion of this session today i will share all the topics to the amit of the characters technology you can take all this topic from amin okay i will ever share all the topics pki is a part of cyber security yes pki is a part of cyber security kvr but pki i will not cover in this course because this is not a topic of a certified ethical hacker course okay i will cover all the topics which are given there in a certified report not a pkr okay is there any another question shall we move further or you have any other questions okay i'm moving forward your silence are taking as a no question which are the advantages of a hacking if you know hacking then you can recover the last information what are the advantages of hacking we are going to see now okay very first we can say if you know hacking then you can recover the lost information okay like a last password any lost documents anything like that you can perform penetration testing to strengthen your comp penetration testing is one of the thing do you know penetration testing is there anybody who knows penetration testing and vulnerability assessment nobody knows that i don't know i'm gonna okay you don't know okay no so i'm going to take it see that v-a-p-t vip is vulnerability assessment and penetration based in a va means vulnerability assessment what we are doing every cyber security professional try to find vulnerability try to find vulnerabilities or loopholes in a computer network phone it is okay try to find vulnerabilities in a computer network it is without doing any attack without doing any attack any cyber attack okay but in a penetration testing miss pt in a penetration testing what a hacker or what cyber security professional is doing okay he is doing all the attacks and try to find whether the computer or network or mobile phones atc are vulnerable susceptible to this attack or not so this is the difference okay in a penetration testing you are doing all the attacks and you are checking whether this thing this computer this network is vulnerable or susceptible to these attacks or not you know assessment you are merely checking from outside without doing any attack you are finding that loopholes in a computer networks or any mobile phone this is the difference so tell me which is so basically both are required so mike uh i have one question so will you cover like a rubination part also or just scanning part in this course yes i will cover uh remediation part also i will also both va and pt right yes v and pt both the things i am going to cover okay so what does happen we are using different software tools okay we are not doing any manual penetration testing and vulnerability adjustment this is the completely different kind of of course if i cover all this thing i will cover different proper tools i will teach you in an actual industry how they are performing vapt activity they are using nasa's tool they are using acura test tool they are using verbs tool they are using wireshark tool okay so i will teach you all these tools multiple tools i'm going to teach you okay so will you also teach like uh customization of those templates in those tools because each and every organization have their own benchmarks right so definitely but actually the customization is not your part customization of a tool is not a cyber security professional work okay they will only tell you hey uh if you are around hey ram please uh try to find out whether this network our network is vulnerable or not please try to find out which different kinds of vulnerabilities are there this kind of a question they will ask you so even you can do this thing manually even you can do this thing with the help of a tool this is your decision how would you need to do this okay but very first in this course what i will teach you which are different attacks how these attacks are performed i will teach you the complete demonstration of this attack then i will teach you how to remediate how to secure your network against this attack so these kind of things i'm going to teach you this is the very important thing to know if you know this then you can go in industry and you can work in a similar manner in industry so the deviation part also will you teach like let's say some of the um scanned or maybe vulnerable report right so customers don't want to implement that they may have some deviations right so use that report having all critical items right so we need to deviate different states definitely so i will teach you how to scan your network your computer how to create a report how to send this report how to make changes in this report okay and which are the different cyber security measures to do to remediate or to uh to counter measure uh to overcome this kind of vulnerabilities i will teach you all these things so definitely the vulnerability assessment is less dangerous why is it so because we are not directly doing attack on a computer system or a network and this thing that is a pt means penetration testing is very dangerous why is it so because we are directly doing the attack and because of this cyber attacks this system may get break okay system may get break system may get susceptible to the different kind of causes so i will teach you vulnerability assessment and penetration testing now there must be second question so before that we will complete this advantages of if there are two more advantages of a hacking uh if you know hacking then you can use any security measures to put adequate measures to prevent any breach if you are working in certain company and they ask you to prevent security breaches there you can use these measures to prevent the speech to have a computer system that prevent malicious hackers from gaining access okay you can secure your own system through by hacker this is the second advantage next advantage so all these are the advantages which are the disadvantages of a hacking we are going to see this now see that if any person knows he can perform massive security breach he can preach whole network complete computer system complete website and he can perform many illegal kind of criminal activities he can gain unauthorized system access of any system he can have a privacy violation he can violate the price of any computer network hampering system operation he can hamper the system operation he can perform daniel of service attack he can become a malicious he can perform malicious attack on the system so these kind of things are possible if any person becomes a hacker okay these are the disadvantages of ahead after that what is the purpose of the hacking there are various purposes of hacking we can see here the purposes okay very first many people are doing hacking just for a fun they don't want to trouble anybody they don't want to irritate anybody but they're only doing hacking for a fun many people are doing hacking for a show off they want to show that hey see i know how to hack a wi-fi network i know how to hack android mobile they are stealing the important information they want to steal important information that's why they are doing hacking they are they want to damage the system computer networks that's why they are doing acting they want to have the privacy okay they want to take a revenge of any person and they want to hamper the privacy so this is the one another uh use of a hacking many people are doing they want to perform money extortion okay they are doing hacking you know do you know ransomware attack ransomware attack is one kind of attack where hacker is hacking your network taking a complete control over your documents encrypt all your documents and asking a money from a victim or you and in return of that money he will provide you the security key of this encrypted document by which you can get all the information and you can get your document back so by this hacking also many hackers are doing money exhaustion next is a system security testing okay system security testing also they can do to break the policy compliance they can also break the policy compliance okay with the help of a hacking many people are breaking the policies which are assigned by the companies so these are the purposes of a hacking what are the types of ahead very first is a blackhead blackhead hacker is definitely a bad person who performs the hacking for a financial okay they only want to break the network steal the financial information and then sell these information or sell some data and perform and uh earn the money this is the purpose of a black attack so these are a bad guy okay they are very dangerous to your business and your customers yes is there any question anybody no question okay second type of hacker is the boy daddy what is the use of a white hat actor what is the purpose of a white attacker this person is using this hacking skill for a good sake okay they are using the hacking skill for a good purpose they are helping the business to grow they are doing for they are helping business to find the loopholes in their business okay they are helping organizations so these people are productive kind of people and they are doing hacking for a good sec is a great idea what is the use of creating grad hacker are doing hacking for a personal enjoyment because they don't have any other purpose they are only enjoying they don't want to they don't care about stealing from people nor do they particularly want to help people if they are they don't want to steal any data or any money extort anything also they don't want to help any person any business any company they are only doing hacking for their personal injury okay they like to play with the system and enjoy the challenge in finding the gaps in a system okay this is the purpose of a grad anchor next type of a hacker we are going to see here which are a red attack suppose you are in the u.s i am in india okay u.s government has informed you to help u.s government you want to perform attack on indian websites so according to us government you are a white hat correct because you are helping u.s government so you are a white house but according to indian government you are a black hat hacker why black attacker because you are doing some unauthorized activity on indian websites so this is called as a red attacker which is a mixture of both white hat and black hat so do you have any question in this any confusion most of the time people have no confusion in this concept any question any confusion or i should go ahead do you understand what is red at hacker okay as no questions are there so i can think that you are you have understood this so what is reddit hacker once again i am repeating this suppose you are working for a us government and you are a white hat hacker u.s government informed you that

hack some of the website or find some of the data of indian website in illegal manner then for indian government or indian people you are a black hat hacker but for the us government or u.s people you are a white attacker so this mixture of a red hat and white hat sorry black hat and white attacker is called as a redhead understood as this okay that's correct after that blue attack what is blue hat blue at me is a hacker is someone outside computer security consulting okay very first condition is outside of computer security consulting is outside of your organization and he is doing work test of a software or system you are launching prior of its launch okay suppose you have created some software okay you want to test this software with the help of a hacker whether the software is secure or not then you are taking a help of a blue hacker and blue hacker will help you to find is there any bug in this software or in the system and after his help after his suggestion you are trying to overcome all these bugs and after overcoming the bugs you are going to launch this system or software this is called as a blue additive understood as this is there any question okay tell me if you understood please tell me yes you have understood or then i can understand whether you have understood it or not yeah we understand that's great thanks a lot okay so next is a light hack light hacker means what electric is a person who is the most killed who have a 15 year 20 years of experience you know many hacking skill multiple huge hacking skills so this is called as a elite hacker and this person has a very huge reputation in a hacker's community community okay this is a lighthearted scriptkd scriptkd means what scriptkd is a non-expert hacker means he know nothing okay he is using youtube video with the help of a youtube video and some other videos he is doing hacking he is trying hacking okay he is only using automated tools free package tools and doing it and he also know what this tool is doing exactly he is only trying trying and doing some kd kind of a thing that's why it is called as a scripture okay then next is a neophyte what is new neophyte it is also called as an n double zero b or a newbie or a green attack what it means it means that this person is new to the hacking or freaking skill this person has a zero experience he has never tried any kind of a hacking no any experience yes this is called as a neophyte so which hacker does the uh botnet uh hiking board attacking okay fortnite is always uh i think done by few of the hacker like a wide attacker we can say okay because what is botnet botnet means uh i will teach you this concept of abortion it is very interesting concept uh what you are doing you are using one malicious computer you are injecting or connecting this computer to the network and by connecting this computer this computer spreads the malicious files to all other network devices so botnet is like a zombie army okay so definitely either white attacker or black attacker can use this botnet because he has enough knowledge elite hacker can also use this bottle correct okay because he is a very intelligent person so neo fight is a green attacker who is very new to hacking he knows uh he has no any knowledge and he has no any experience zero experience here he has never performed a hacking in actual network and here i will show you the hacking in an actual network else so how i will show you i will explain you after something next is a hacktivist hacktivist is a person who wants to spoil the environment means we want to spread some social messages some uh ideological some religions some political messages and we want to spoil the mind of people okay so this is called as a hacktivist okay so many activists are there what is the one way of acting is do you know any activities what they are doing nowadays do you know anything any method of spreading the messages wrong messages no okay so there is one method nowadays which is very popular they are yes are you referring to the organization yes correct so can you please explain this better well the organization uses the hacking platform to you know to provide messages of propaganda as well as insight whistleblowing and other stuff to the general public correct this is also one of the method very good answer thank you very much so many people what they are doing they are only changing a voice or they are only changing a words of a video okay means for example narendra modi is very popular person in our india he is our prime minister respected prime minister so what they are doing there is one method of activist i am saying i'm telling you for example narendra modi tells some day at uh or no okay this is one word uh spoken by narendra modi on other day in their speech narendra modi said murko will come in stupid people he naruto to some other people who are doing some kind of a scam who are a bad people okay so what this hacker what this activist is doing activist is joining a video like that if anybody's watching a video he can see that bio orbano okay means all these words are tell by narendra modiji only but these words are used by naruti for some different different purposes and they have joined all these words in audio and they have shown this audio on any other video of another modi so whoever will watch the video he will see that he is saying that so actually has never said this kind of a thing but activists can do this kind of thing for spreading some kind of social wrong messages for spreading some kind of a social noise correct next which are the phases of hacking before starting this do you have any question anybody has any question please ask me the question no question okay 24 people are there i'm going to ask you one question because only i am speaking you are not saying anything question is suppose you want to steal some data some jewelry some amount some cash some furniture some television from anybody's home how you can do this which are your steps for stealing operation you have any answer for this and entering into the home very good that's great what is your name ganesh ganeshi thank you entering into the home i'm writing here the steps okay see that entering into the oh this is the first step okay which is the second step finding the the required stealing things like furniture and um required things to speed which is the next step then grabbing it and finding a way to go out this is the next step grabbing the things um and then going the same way or the different way yes going out of the home very fantastic steps are given by ganesh g thank you very much so uh actually there are there is some kind of a small hypothetical please share my number to everyone my number okay what is your number okay are you amit i mean are you there we will allow only enrolled people for tomorrow okay so i want to give one answer to you people who have enrolled for this course only these people will allow for the tomorrow session when the other person will join this session so please enroll it if you want to chat and i want to give you the number of amirji if you want to ask any question for this course you can ask to the amici amit is my friend from a joint race technology and you can ask any difficulty to this person and you can join you can enter this course by contacting to the amit okay this is the number of amit i have given nine five four zeros double six two eight zero six so uh so these are the answers given why these steps we have performed to steal some things from any form these are mistakes so very fantastic so which will be my steps first what i will do i will care all the knowledge of this home okay example what is the example how many doors windows okay i will not directly enter okay you are try is very good because i uh with the help of your trial your steps we can say that you have never steal anything from anybody's home because you are not a master in that that's why your tries good genuine my try may be wrong because i am a hacker okay please don't mind so i will gain all the knowledge of this home like how many dollars windows people how many people are there how many videos are there etc etc my second step will be my second step is i will get i will find the date then when less people are there how to enter into the home okay i will find the date when the less people are there and i will find out how to enter into the home which door is open which window is open like that okay which window is open on which day uh by by which way i can go into the home this is the next way next thing i'm gonna do i will start i will enter into the home on decided and steal all the data all the data or things okay this is my third step and fourth step okay i will maintain the access of this home for a time i want help of my friend how i will do that i will ask my friend please come with me i will give you half of the amount and we will go we both will go there and then we will steal the some things i will give you uh some amount your task is only to monitor whether any person is coming into that home or not if anybody is coming please inform me once anybody if you find anybody is coming we will run away in a very faster manner by this nobody can catch us this will be my first and my fifth step will be i will remove all the proofs of my stealing operation right this is my fourth okay so why i will remove all the proofs because of that like fingerprints okay footprints exit why i will do that so if anybody is coming to the home they cannot find me even though they will contact to the police they can't find me because of that these are my steps so do you feel that this is a perfect kind of a stealing operation or is there any other thing is remaining tell me that okay i think one more step like um if somebody catches right so what is the backup plan for him like how to get out of that catching so definitely organizations will have their own scanning mechanisms right to scan the hackers and all current current so if somebody catches to avoid the cash to avoid the preventive measures their plan is not there okay they will remove all the logs by which nobody can catch them okay so another thing now we will relate these five steps with our hacking so these are the steps of hacking okay these five steps are called as a now i am writing here steps of hacking the first step is i will gain all the knowledge of this home yes i am doing the same thing i am gaining the knowledge of network which knowledge i am gaining okay what is the website ura okay what is the ip address okay mac address okay who is honor okay these knowledge i will gain and this first step is called as a reconsist i think my spelling will be wrong you will copy this spelling from here it will be better for me recurses or information gathering this is the first step of a hacking okay this is the first step of hacking many consists or information gathering which is the second stage second step in the second step i will find data when less people are there how to enter into the home so in a hacking case what we are doing i will find open ports okay where i can do the attack do the cyber attack okay so this step is called as the scanning this is the second step of a hacking scanning state okay scanning is a second step you can see first step is the reconsist second step is scanning in this scanning step what i am doing it collects information like active ports active host which ports are active which hosts are running which are the security measures there which is operating system there used by this uh victim all these information i'm getting there third phase is exploitation what is exploitation in the exploitation phase excuse me before that i'm just sorry to interrupt so just to understand so uh in the information gathering said if we are hitting a firewall so if that is blocking from there onwards means we will be on stop right so we won't be getting any other we won't be able to go next so do we have anything on that uh very uh nice question you have given nice question you have asked yes if we are hitting a firewall then we cannot go beyond that but yes we can break up firewalls okay and every company one more thing one more thing just to clarify so if we are not directly hitting the firewall as well but some lord balancer for that uh because to secure that direct firewall so if organization is doing that means there will be again a uh again there will be a chance we will be stuck in uh to understand more on firewall cases because we are just hitting the alert balance or something like that so got correct correct so what we can do we are not directly hitting the firewall okay what we are doing we are contacting to this company as a customer as a client hey i want uh your information okay like uh i i want to purchase something from you in this manner we are contacting and while purchasing all while doing this operation we are getting some other information and every company every network must have must some of the open ports for their services if they don't have open ports they can't connect with other network other outside world correct so we can use this open course for purpose of a hacking hacker is using okay i will not cover complete the performance program but i will teach you how to perform uh the penetration testing vulnerability assessment various attacks you can use the same knowledge of attack and knowledge uh for performing the attacks on above bounty websites okay this i will teach you many attacks i found uh 20 30 attacks i'm going to teach you in this course around 30 attacks we can say so uh you can perform these structure texts on these websites uh which are there for above and you can gain your knowledge you can uh get the uh all of the amount in about so the third step is i will enter into the home on decided date and steal all the data or things so in this third step what i am doing in the hacking i will exploit with it okay i am actually doing a hacking this first in my hacking okay i am downloading the details copying i'm doing various things in this third phase and this is called as exploitation this step is called as a exploitation and this is the third step of a ethical hacking exploitation okay then fourth step is i will maintain the access for this home for a time i want to help with the help of my friend so this is called as a maintaining access and this is the fourth step of hacking what we are doing in a maintaining access we can launch we can mount some back door by reach whenever you want to access you can access this network or you can bypass the login and authentication and you can create a new user or escalate the privileges you can use good kits you can use frozen to maintain the access whenever you want or to maintain the excess for some time so this is the fourth step of maintaining access and the fifth step is i will remove all the proofs of my steering operation like fingerprint footprints so this fifth step is called as a covering track what i am doing in a covering track in the hacking i am writing here see that i can remove my oh what is this happening okay i can remove my identity i can hide my identity by this covering track what i will do i will clear the caching cookies okay i will damp sorry i will delete all the log files which are generated i will temper the log file information i will close all the codes which i have opened i will stop all the services which i have used and i have started so i will remove all my identity in this fifth phase of hacking and this phase is called as a covering track so just to interrupt that so is it possible really possible to tamper all the locks because in organizations and all we will be having different siem tools to catch up the log files in different uh different servers or different locations so is it really possible for that to get information on that log fair locations all these things and so is there anybody else uh has some uh method to tamper the log files without capturing into the sim tool anybody has any method for that no method okay i'm telling you one method what i would do suppose uh yes thank you for picking me up so what you can do okay uh see that sim tool uh like a splunk qradar okay all these are getting a data from ip addresses correct okay okay so suppose i am jamming the ip address for few minutes or hour okay doing all my attacks okay and storing the previous log file before jam okay before jam and restoring the lock file is restoring the previous log file after the complete attack okay so if i am doing this kind of operation then what sim tool will see as i will see only the log file which i have shown to them i have stored all the previous block files which are actual which are genuine and i will delete all my log files which are generated during the operation and i will restore the log files which are uh previously i have stored and which are genuine log files so sim tool will take this log file after 15 minutes and within 15 minutes i have performed the attack and i am also working with so on doubt like so in case uh how we will maintain that uh access that is not possible right so it is not possible because what has happened i am myself is working with a splunk so splunk has informed that splunk has informed that there may be 15 to 20 minutes of delay in receiving the locks from the forwarder so 15 to 20 minute delay is acceptable by splunk they have themselves informed so within that 15 minute delay anybody can perform the attack okay and within that 15 minutes anybody can steal the information and then uh even though our network will be disturbed for 15 minutes nobody taking care because of what everybody is saying thinking that yes the slump has a default 15 minute of delay in the log file so there is no only problem uh there must be a default plan problem not any attacker is there correct so anybody thinks like that and hacker can do the attack on these uh servers also without capturing it themselves into the splunk understood so this can be possible so what is my work here my work is in this training i will teach you all these five phases reconsist scanning exploitation okay maintaining access and covering tracks all these five phases in this course okay i will teach you the complete practice on the covering side you will be uh you will be just covering these different scenarios like this right yes you know yes in a covering track i will show you how to uh delete the cache files how to delete the generated cookies file temper tempering the log files how to close the open ports like that we can do that anybody knows that what is the name of attack perfect perfect name thank you very much attack daniel of service attack or distributed any service attack this is the name of jam any ip address by denial of service or distributed denial of solution what is the difference between both of them in a deliver of service attack we are using one computer to jam the ip address to flew to the ifb alternative distributed daniel of service attack we are using multiple computers means what you are doing you are deciding we are we all are deciding how many people are there initially there are over 28 people now 18 people no problem so all the 18 people have decided to perform attack service attack on a particular web server at the 6 pm perfect so we are doing denial of service attack from different location so this is called as a daniel distributed service attack because we all are doing from a different location and we are doing the same kind of attack so i'm going to teach you this attack how to perform denial of service and distributed service attack okay this is the part of part of my syllabus but definitely i'm again once again telling you that please never use this knowledge for any kind of a illegal purpose prerequisites to become a hacker if you know linux it is very good if you don't know that i will definitely teach you the linux command okay very important pre-requisites you should have a uh measure you should learn this thing you should enjoy this thing you should practice this thing so only your hard work and positive contribute will help you to become a hacker because there are many courses on youtube also that would be also many many things but if you are not enjoying that you are not asking any doubt and you are just listening to me then you can never learn any course so you should involve yourself for learning this course next is how to disable firewall i will teach you when it is required during the course next these are some of the websites which we are going to use during this course these websites are given by us government and they have given this website to perform the hacking if you have this website then this cannot be treated as a crime okay these are this is a completely legal thing to have this website so we will use this website for practicing our hacking skills okay then hacking method once again certain so do we only have that website so or we have some systems or we have some networks open to try the skills yes what i will do very good question again asked by you i think you know hacking do you know anything about hiking no actually i am just reading some okay uh not something like that before that before joining this course so i'm really proud of you because you know many things so i will use a damn vulnerable web application also these dbwa application we are going to use to practice our hacking skill and this application we are creating on our local network so this is like a website we are creating our own website with the help of a damn vulnerable web application i will teach you how to install it how to create it and then we will hack this damn vulnerable web application to practice our hacking skill i will also show you how to install xampp application what is zap application this application i will teach you to practice your ow asp top day asp means open web application security project okay this is one of the organization which has created some of the top 10 vulnerable things vulnerable items in after every three four years so i will teach you how to install a zab application and practice your hacking skill on a zab application for a top 10 ows okay i will also teach you all the top 10 aws actually top 10 owsp is not a part of this course but i realize that this knowledge is very much important for my students because these questions are will be asked to you in an interview definitely and if you don't know the answer then you will be failed this interview to avoid this i will teach you top 10 rwsp in a practical manner also okay so will that cover the uh the practice session for a system or remote system or a remote network something like that yes definitely i will cover that for a remote network for a remote android phone etc how to hack these how to secure yourself by hacking i will teach all these things but definitely all these things only to become ethical not to become a black hat hacker okay i want that you all you should become a good white hat hacker and not a black attractor is there any another question no actually uh so uh i'm i'm into an iem practice environment so i see like uh some of the attack happened to some of the im servers and they just penetrate and create uh they have actually copied the da access and created test users on that so i would like to know how they are performing so that would be i can just do a re-engineering on that to block that case so that's why actually i just asked on on a system in memory and a token moment how we will do so can we do a practice on that in like scenario if we have or not so just to cover that i ask this yes yes see that what i will do i want to clear your concept in a very good manner what i'm going to do i will teach you my concepts my syllabus suppose 1 to 30 concepts are there okay i i am not here to solve your problems to to understand your problems and to solve them because i am not a consultant okay i am a trainer okay so what my students are doing usually my students are learning all these 30 concepts from me and they are using this knowledge to correlate to correlate the problems based by them they are using this knowledge to correlate their problems to correlate their issues and then they are trying to solve their issue by understanding these concepts okay so suppose anybody will come tomorrow and anybody will tell that in my industry i'm facing this x y z problem so can you teach me this x major so no it is not possible for me to teach any xyz concept to you i will teach you only the what has happened to increase the number of students to gain my profit to earn a huge amount i can tell you yes yes no problem i can teach you any concept you can ask me any concept i will solve all the problems i can promise you a lot but if i will not fulfill my promise then my reputation will be bad in front of you i don't want to make my reputation bad even if i earn less amount no problem i'm happy with that but i don't want to make any fake promises that's why my answer is i will teach you all the concepts which are there into the certified ethical health course but i will not teach you anything beyond that this thing should be very much clear in between all the new people and being correct is there any another question yeah so you said you'll teach on the uh on-premise prospective right so i think if you could teach on the hacking cloud perspective because now it is right it's all modernized so because what are the possible ways of ways of hacking uh the cloud uh infrastructure that that will help actually okay our security is only one part or one concept in ph course okay so i will take this concept okay but i will not all the hackings on a cloud environment this must be very clear i will not teach all the types of hiking on a cloud environment because this is not the part of my scope okay i will only teach you the cloud security this is one of the concept so i will teach you this concept for a 15-20 minute 30-minute maximum i will not teach you beyond that okay okay okay what has happened i don't want to uh i don't want 100 students i want 10 students where their concepts and my concepts should be very much clear because there should not be any misunderstanding between you and me okay because i don't want to uh spoil our relation we want to maintain our relation for next five years at least okay during your working also you can ask me a question hey this is our problem how to solve this problem i i'm really happy to help you for that okay but i don't want to do any false promises to you all right so just to ask one thing uh for this cloud security or anything on the hacking perspective on the cloud security do we have any course or something like that or uh as uh understanding this dirty concept so we can call it and we can act upon the uh issues or something on the cloud part as well we have a different course for that i don't know about that whether any course is there for cloud security or not i don't know i'm really sorry for that but there must be some course you need to search yeah it's it's pretty much similar like you know whether you're doing on-prem and cloud the hacking will be same fundamental but what i'm saying like um uh it will you know if you cover uh this cloud security site like there are a lot of advanced valve rules and also how to deviate and get into the environment uh by hacking so that that's where we wanted to know actually i wanted to know specifically your position is really very good i will uh definitely try to implement this suggestion from my next training after six months after one year when i will learn the cloud security and hacking on this but in this training i will not cover uh i will not perform any kind of a hacking on any cloud environment i know this is very much similar because in day-to-day life also i am using the cloud environment but i don't want to try any new thing i want to teach you all the things which i know which are essential for speakers to become a correct so is there any another question my question so one question from me ganesh um so we have pda prospective um so you will uh guide through right like how to run the va how to run the pt uh in vulnerability assessment so you can use these tools if you want i can share you the names okay and you can check on a nokia.com or any other website okay okay pursuit i will teach you wireshark i will teach you then nessus i will teach you then uh acunetix i will teach you then these are the important tools and many other tools also i'm going to teach but you can find all of this many jobs are there uh for the people who know about fire shark necessary okay so i will teach you these important tools to perform be a pretty kind of scale okay okay so this is my training because today many people who have not enrolled these people have also joined this training that's why i want to end up this training for today and from tomorrow i will conduct the training for people who have enrolled for this course so do you have any other question or i should stop this training here one last question so uh hacking is a piece of code right that you send to the um on the the where you want to hack uh to the organization so that piece of

2022-04-19 20:23

Show Video

Other news