Module 00: Welcome onBoard

Module 1: Introduction to Ethical Hacking & Cybersecurity Basics

Introduction to Ethical Hacking and Penetration Testing

Legal and Ethical Aspects of Ethical Hacking

Ethical Hacking, Penetration Testing, and Vulnerability Assessment Explained

Key Cybersecurity Concepts: CIA Triad, Risk Management

Understanding Vulnerability, Threat, and Exploits.

Understanding Africa's Cyber Threat Landscape

Offensive vs. Defensive Security: Balancing Acts in Cybersecurity

Red Teams and Blue Teams: Collaborative Defense in Cybersecurity

Career in Cyber Security

Penetration Testing Methodology

Case Study: Cyber Attack on a Major African Bank

Module 2: Home Hacking Lab Setup

Understanding the importance of a dedicated hacking lab

Minimum System Requirements

Home Lab vs. Virtual/Cloud Hacking Labs

Introduction to virtualization technologies (VMware, VirtualBox, etc.)

Installing Oracle VirtualBox

Setting up our Attacking Machine (Kali Linux Virtualbox)

Setting up vulnerable machines for testing (Windows on VMware)

Setting up vulnerable machines for testing (Virtualbox)

Understanding VirtualBox Network Settings

Installing VMware Player

Setting up our Attacking Machine (Kali Linux VMware)

Setting up vulnerable machines for testing (Metasploitable on VMware)

Setting up our Attacking Machine (Kali Linux)

Module 3: Introduction to Kali Linux (Hackers Delight)

Overview of Kali Linux and its Features

Introduction to Linux Operating System

Kali Linux Package Manager

Understanding Linux File System

Basic Commands and Operations

Overview of Kali Linux Tools

Module 4: Introduction to Metasploit Framework

Overview of Metasploit Framework

Metasploit Architecture and Modules

Module 5: Networking Fundamentals

Introduction to Networking

The OSI Model and Importance for Pentester

TCP/IP protocol suite and its components

Understanding Ports and Services

Understanding Network topologies and architectures

What is IP addressing and subnetting?

Wireless Networking Fundamentals

Basic Networking Commands (Windows and Linux)

Network Infrastructure Challenges in Africa

Module 6: Reconnaissance Techniques

Introduction to reconnaissance and information gathering

Passive and active reconnaissance techniques

Identifying and Profiling Targets

Information gathering techniques on Individual and Organisations

DNS enumeration and footprinting techniques

Information gathering techniques on Network and Systems

Module 7: Scanning and Enumerations Techniques

Understanding scanning and enumeration techniques

Discovering Live Hosts using ICMP (Ping Sweep)

Performing port scanning to identify open ports and services

Leveraging Metasploit's auxiliary modules for scanning and enumeration

SMTP User Enumeration

Module 8: Vulnerability Assessment

Introduction to Vulnerability Assessment

Types of Vulnerabilities

Vulnerability Assessment Tools

Manual vs. Automated Assessment

Identifying common vulnerabilities and exposures (CVEs)

Prioritizing vulnerabilities based on severity and exploitability

Vulnerability scanning and assessment technique with Nmap

Using OpenVAS for Vulnerability Assessment

Module 9: Exploitation and Gaining Access

Understanding the exploitation phase in penetration testing

Introduction to common exploitation techniques (Windows and Linux)

Exploitation with Msfvenom

Exploiting Remote Windows system With Reverse Shell (MSFVenom)

PowerShell Attack Techniques

Office Macro-Based Attacks

Exploiting Misconfigurations - FTP Backdoor Exploitation

Exploiting SMB Service - Command Injection Vulnerability

Powershell vs Executable. vs Malicious doc

Password Cracking with Hydra

Metasploit Metepreter Basics

Introduction to Veil Framework

Generating Backdoor for Windows

Basic Delivery Method: Hacking Windows 10

Backdoor Delivery to Target

Meterpreter Fundamentals

Understanding Anti-virus Evasion Techniques

Module 10: Post Exploitation and Maintaining Access

Post Exploitation and Lateral Movements Fundamentals

Overview of persistence techniques

Understanding privilege levels in systems

Windows Persistence Technique

Windows-specific privilege escalation techniques

Automating Post-Exploitation Tasks

Module 11 Web Site Hacking Techniques

Introduction to Web Technologies

Understanding common web application vulnerabilities

Exploiting Unrestricted File Upload Vulnerability (PHP Web Shell)

Exploiting SQL Injection Vulnerability

Exploiting Cross-Site Scripting (XSS) Vulnerability

Module 12: Cryptography, Encryption, and Obfuscation

Introduction to Cryptography

Symmetric and Asymmetric Encryption

Hashing and Digital Signatures

Cryptanalysis and Breaking Encryption

Case Study: Cryptographic Attacks on an African Financial Institution

Case Study: Using Cryptography in African Digital Payment Systems

Module 13 Social Engineering Attacks and Frauds

Introduction to Social Engineering

Overview of common social engineering techniques

Phishing Attacks: Email, SMS

Pretexting, Baiting, and Tailgating

Setting Up SMTP Server

Phishing Attack Simulation - Cloning any website

Email Spoofing Technique

Social Engineering Prevention and Awareness

Hacking Outside your Network (Port Fort wording)

Case Study: Social Engineering in African Corporations

Module 14: Evading IDS, Firewalls, and Honeypots

Introduction to IDS, Firewalls, and Honeypots

Techniques for Evading IDS and Firewalls

Honeypot Detection and Avoidance

Tools for Evasion: Nmap, Metasploit

Case Study: Evading Detection in a Nigerian Government Network

Module 15 Denial-of-Service (DoS) Attacks

Introduction to DoS and DDoS Attacks

Techniques for Conducting DoS Attacks

Tools for DoS Attacks: LOIC, HOIC

Mitigation Strategies for DoS Attacks

Case Study: DoS Attack on an African Telecommunications Company

Case Study: DoS Attacks on African Online Services

Module 16: Operating System Security

Windows Security: User Management, Group Policies

Linux Security: User Permissions, SELinux/AppArmor

Patch Management and System Hardening

Access Control and Identity Management

Case Study: Preventing Unauthorized Access in a Kenyan Financial Institution

Module 17: Certification Preparation (Bonus)

Overview of Certification Exams: CEH, CompTIA PenTest+

Study Strategies and Exam Tips

Practice Exams and Study Guides

Lab 1: Practice Exam for CEH

Lab 3: Practice Exam for CompTIA PenTest+

Module 18 Capstone Project

Project Planning and Scoping

Conducting the Penetration Test

Reporting and Documentation

Presenting Findings and Recommendations

Capstone Project: Comprehensive Security Assessment of a Medium-Sized African Enterprise

Resources

Video Lectures: Recorded sessions by Ehinomhen Okawele.

Tools and Software: Access to necessary cybersecurity tools and platforms for hands-on practice.

Continuing Education

Nebitex Blog

Community and Support

Instructor Support

Forums, chat groups, and social media

Peer Support and Collaboration

Exploiting SQL Injection Vulnerability

SQL Injection (SQLi) is a common vulnerability in web applications that allows an attacker to interfere with the queries that

You are unauthorized to view this page.

Ethical Hacking Unleashed: Mastering Penetration Testing from Scratch

Exploiting SQL Injection Vulnerability