Skip to main content

Practical Ethical Hacking on Udemy, Course Review and Thoughts

During my preparation for the CEH, I used one resource that was very useful, Practical Ethical Hacking by Heath Adams on Udemy.



This was such a good course. While studying for the CEH, I watched only the first few modules which covered the basics which I needed. Watching how the tools worked and how people use it was very useful in learning the methodology and the workings of the tool.

After I passed the CEH, I decided to complete the Practical Ethical Hacking course because I really enjoyed it and learnt a lot while doing it. So I continued doing it and it is one of the best resources I have used to learn.

The course covers the following:
  • Networking
  • Linux
  • Python
  • Information Gathering
  • Reconnaissance
  • Scanning & Enumeration
  • Exploitation
  • Post Exploitation
  • Web App Penetration
  • Wireless Penetration
  • Exploit Development(Buffer Overflows)
  • Active Directory
There was a small refresher on Networking, I didn't have a problem with that as I already knew everything from studying for the CCNA and my networking knowledge was pretty strong.

For Linux, I learnt a few commands that were really useful and the course had basics of bash scripting which got me really interested and I started doing my own research to learn more about this.

The course teaches you basic Python and how it is used in Hacking. I already had experience with Python so this was no big deal.

From the CEH, I had learnt the theory and methodology of ethical hacking, but the course showed all the tools used and how its done. This was really helpful. The course also guides you along as you can practice on your own by the resources provided. It has a lab building module where you build a lab to practice all the tools and methods.

The Buffer Overflow section was very well explained and we could follow along in which I learnt a lot.

The Active Directory section is beautiful. It compromises of almost 25% of the course. It starts from building an AD lab to exploiting it and post exploitation. The AD section was very well thought so I could learn easily.

This course keeps up with the latest tools and methods so you will be learning attacks that are currently working.

I took tons of notes using CherryTree. I took notes on every module and added stuff to it by googling too. I will be referring to these notes a lot because they contain so much information.

The end also has a few videos on report writing and Career advice, this is knowledge that will be really helpful when working for a company.

Overall, this course was absolutely amazing. 10/10. I learnt a lot through this and can't wait to try out his other courses.

I think this course will help a lot in the preparation for the OSCP which I will be taking near the beginning of next year.

So what next?
I enjoy TryHackMe as it is very helpful to do stuff practically. I will be doing as many rooms on THM as I can.
I have plan on reading The Web App Hackers Handbook and similar books so I can get better at WebApp hacking and start doing bug bounties.


Thanks for reading!

AZID
Labels:

Comments

Post a Comment

Most Viewed Content:

Best Reddit Subreddits for Cybersecurity and Hacking!

Reddit is a very useful website for discussions about everything. For cybersecurity and hacking too, it has useful subreddits, in which, you will learn a lot of things you previously had no knowledge of. So, I have compiled a list of security related subreddits. 1. Active and Most helpful subreddits: /r/netsec /r/AskNetsec /r/netsecstudents These three are pretty much it. They have very active communities and are very helpful. I, personally use  /r/netsecstudents a lot because I'm still in the process of learning and that subreddit(if you look properly) will tell you how to make a career in every security field. 2. Security Certification Subreddits: r/CompTIA (for Security+) r/ccna (for CCNA and CCNA Security, also r/ccnp for CCNP) r/CEH (for CEH) r/cissp (Certified Information Systems Security Professional) r/oscp (Offensive Security Certified Professional) Really helpful if you're doing any of these Certs. 3. Other
Post a Comment
Read more

OverTheWire Bandit: Level 0-14

Bandit Levels Levels 0-14 Levels 14-25 Levels 25-33 Please use Ctrl+F to find your desired Level. Level 0 Bandit Level 0 Level Goal The goal of this level is for you to log into the game using SSH. The host to which you need to connect is bandit.labs.overthewire.org, on port 2220. The username is bandit0 and the password is bandit0. Once logged in, go to the Level 1 page to find out how to beat Level 1. Commands you may need to solve this level 2/31 ssh kali@kali:~$ ssh bandit0@172.9.9.176 -p 2220 password: bandit0 Level 0 -> Level 1 Level Goal The password for the next level is stored in a file called readme located in the home directory. Use this password to log into bandit1 using SSH. Whenever you find a password for a level, use SSH (on port 2220) to log into that level and continue the game. Commands you may need to solve this level ls, cd, cat, file, du, find Password for next level: boJ9jbbUNNfktd78OOpsqOltutMc3MY1 Level 1 -> Level 2 Level Goal The password for the next le
Post a Comment
Read more

OverTheWire Bandit: Level 14-25

Please Ctrl+F to find your desired level. Levels Levels 0-14 Levels 14-25 Levels 25-33 Level 14 -> Level 15 Level Goal 11/31 The password for the next level can be retrieved by submitting the password of the current level to port 30000 on localhost. bandit14@bandit:~$ cat /etc/bandit_pass/bandit14 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e This is the current level password. Now, to find the password of the next level. bandit14@bandit:~$ telnet localhost 30000 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e Correct! BfMYroe26WYalil77FoDi9qh59eK5xNr Connection closed by foreign host. The password for the next level is BfMYroe26WYalil77FoDi9qh59eK5xNr We can ssh bandit15@localhost Level 15 -> Level 16 Level Goal The password for the next level can be retrieved by submitting the password of the current level to port 30001 on localhost using SSL encryption. Helpful note: Getting “HEARTBEATING” and “Read R BLOCK”? Use -ign_eof and r
Post a Comment
Read more