1: Introduction

This transcript is also available as a PDF download within the files tab.

Introduction

Hello and welcome. My name is Zaid. I’m an ethical hacker, a computer scientist and I’ll be your instructor in this course.

This course is going to be highly practical but it won’t neglect the theory, so we’ll start by covering some terminology. Then I’m going to show you how to install the needed software in order to write Python programmes and practice hacking safely. Throughout the course, we’re going to learn by example, so we’ll never have any boring plain program and lectures. We will always be building something exciting and I’m going to teach you programming as we build these exciting programs. The first program we’ll write is a MAC changer. This is a very simple program that can be used to change the MAC address. Don’t worry if you don’t know what a MAC address is or why you’d want to change it. We will cover all of that later on.

Basically, the whole point of writing this program is to introduce you to python basics such as writing functions, variables, handling, user input, rejects and so on. In here, you’ll learn how to properly model a problem, write an algorithm to solve this problem, and then write python code to implement this solution. Once we have the basics covered, we’re going to start writing a little bit more complex programs, so we’ll start with a network scanner, which as a program that can discover all clients connected to the same network and display their IP address and mark address. In here, I’m going to introduce you to escape and I’m going to teach you how to send and receive RFP responses and analyze them. I will also introduce you to dictionaries and lists and we’ll see how to use them and all the operations that we can invoke on them.

Next we’ll dive deeper into networking. We’re going to learn what arp is, what it’s used for, what is arp spoofing, and how to write a python program to run an Erp spoofing attack. As we do this, you’ll learn more about KP, analyzing network layers, handling exceptions, noobs and more. Then we’re going to die even deeper and networking. So you’re going to learn how to sniff data sent or received by any computer connected to the same network as us. This means we’ll be able to see visited websites, login information, passwords, and pretty much everything they do on the Internet. You’ll also learn how to analyze data sent in the different layers in each pocket and how to modify this data. So we’ll be able to inject and HTML pages loaded by any computer on the same network. We’ll be able to replace downloads and even spoof DNS requests to any destination we want.

We’ll learn all of this by writing a sniffer at the end as poor for a code injector and a file interceptor. Once done with all of this, we’ll move to a really exciting section where you’ll learn how to write malware. We’ll start with writing simple evil programs, so programs that can download the file, execute code, sent a report by email, and then I’m going to show you how to combine all of these programs to suit different scenarios and execute powerful attacks. Then we’re going to advance into writing more complex malware and we’ll start by writing a backdoor. A backdoor is a program that gives you full control over the system that it gets executed on. We’re going to implement this using sockets and you’re going to learn how to establish a connection between two devices and transfer data between them. This is very useful because it can be used in so many other scenarios other than hacking so you can use it to create a web server, a chat program and so on.

Then we’re going to build more cool features in this back door so that we can use it to execute system commands remotely on the target computer, download and upload files and maintain our access even if the system restarts. Then we will implement a key logger, which is a program that registers every keystroke entered on the keyboard and send us a report by email. As we do this, I’m going to teach you about recursive functions, threading on object-oriented programming. In the last part of the section, I’m going to show you how to package all of the programs that we built so far so that they can run on any operating system on windows, os x and Lennox. Not only that, but I’m also going to show you how to convert these programs into Trojans, so the look and function just like any other file type, like an image or a pdf. Finally, we’ll move to the website tracking section where you learn how websites work and how to communicate with websites, use in python, and then we’ll build a number of information gathering programs that can be used to discover files, directories, and subdomains. Then we’re going to write a program that can be used to guest the login information of any login page. As we do this, you’re going to learn how to read the HTML code of any webpage, analyze it, and extract the useful parts from it.

Finally, we’re going to build a genetic vulnerability scanner. This is a program that takes a website as an input and scans the whole website for weaknesses and vulnerabilities. Once done, it’s going to show us our report of all the discoveries and we’re going to write this program in a way so that it can discover any type of vulnerability. As we write this, you’re going to learn more about object-oriented programming and how to structure your program in a way so that it can be easily extended.