Book Image

Learn Ethical Hacking from Scratch.

By : Zaid Sabih
5 (1)
Book Image

Learn Ethical Hacking from Scratch.

5 (1)
By: Zaid Sabih

Overview of this book

This book starts with the basics of ethical hacking, how to practice hacking safely and legally, and how to install and interact with Kali Linux and the Linux terminal. You will explore network hacking, where you will see how to test the security of wired and wireless networks. You’ll also learn how to crack the password for any Wi-Fi network (whether it uses WEP, WPA, or WPA2) and spy on the connected devices. Moving on, you will discover how to gain access to remote computer systems using client-side and server-side attacks. You will also get the hang of post-exploitation techniques, including remotely controlling and interacting with the systems that you compromised. Towards the end of the book, you will be able to pick up web application hacking techniques. You'll see how to discover, exploit, and prevent a number of website vulnerabilities, such as XSS and SQL injections. The attacks covered are practical techniques that work against real systems and are purely for educational purposes. At the end of each section, you will learn how to detect, prevent, and secure systems from these attacks.
Table of Contents (24 chapters)
Discovering Vulnerabilities Automatically Using OWASP ZAP

What's in this book?

In this book, you will learn how to become an ethical hacker from scratch. We'll assume that you have no experience in ethical hacking, and, by the end of the book, you will be at an intermediate (to high) level.

Here is a quick overview of what will be covered in this book:

  • Preparation
  • Penetration testing
  • Protecting your own system


In the first part of this book, you will learn how to create your own lab, so that you can practice ethical hacking on your own computer. You will also learn the installation of Linux systems and how to interact with them, as well as how to set up other systems to try to hack into them.

Penetration testing

In this part of the book, we will cover the most important penetration testing fields. In each of these sections, we will first illustrate how a particular system works, and will then test the security of that system. In the following sections, we will introduce the types of penetration testing that will be seen in this book.

Network penetration testing

In network penetration testing, the first things that we will learn are how networks work and how devices interact with each other.

First, we will learn more about the networks around us; we will gradually proceed by setting up a fake access point and luring people into connecting to networks so that we can capture data that is sent or received through them. We will then learn how to get the password for any Wi-Fi network, whether it uses WEP, WPA, or WPA2 encryption.

We will also go over a large number of powerful attacks that will allow us to gain access to any account that is accessed from any computer in a network. We will be able to capture usernames, passwords, images, and pictures that computers on a network send or receive.

Gaining access

In this part of the chapter, we will learn how to gain access to computer systems. There are two methods to hack a computer:

  • Server-side attacks
  • Client-side attacks

When learning about server-side attacks, you will see how to discover weaknesses in the programs installed on the target computer, and how to use those weaknesses to gain full access to the computer.

In the client-side attacks, you're going to learn how to use social engineering to hack into the target, you'll learn how to create undetectable backdoors, backdoors that look like images and pictures, and so on. We will also learn how to gain access to any computer if that computer exists in our network by using fake updates or by using fake downloads.

Post exploitation

In this section, we look at post exploitation, learning how to control the devices that we hacked. So, we're going to see how to open a system's webcam, manage its filesystems, and download or upload files to it. We will also learn how to capture all of the key strikes that the person enters on their keyboard, or even use that computer as a pivot to hack into other computers.

Website penetration testing

In the final sections, which will be about website penetration testing, we will learn how to gather very comprehensive information about websites, including how to discover, exploit, and mitigate a large number of serious vulnerabilities.

Protecting your system

Finally, we will learn how to protect ourselves (and our systems) from the attacks discussed in the preceding sections.