🤖 AI & Machine Learning
Ethical Hacking
This comprehensive, practitioner-focused course progresses from core information security principles to advanced, AI-aug...
5131
Views
Sections
1. Introduction to Ethical Hacking and AI-Driven Threats92 views
Establish foundational security concepts, ethics, frameworks, and the dual impact of Generative AI on offense and defense.
14 topics (15 versions)
1.1CIA Triad and Security Principles
43
1.2Authentication, Authorization, and Accounting (AAA)
21
1.3Threat Actors and Hacker Classes
1.4Ethical Hacking Scope and Rules of Engagement
1.5Hacking Methodologies and Phases
1
1.6Security Frameworks: NIST CSF and ISO/IEC 27001
1
1.7MITRE ATT&CK and Defense-in-Depth
1.8Risk Management and Threat Modeling Basics
5
1.9Incident Management and Response Overview
3
1.10AI/ML in Security Operations
4
1.11Generative AI for Automated Exploit Generation
2
1.12AI-Augmented Detection and Response
2
1.13Information Security Acts and Global Cyber Laws
1.14Responsible Disclosure and Ethics
2. Footprinting and Reconnaissance17 views
Plan and conduct lawful OSINT using search engines, social networks, registries, and automated collection at scale.
15 topics (15 versions)
2.1Footprinting Goals and Scope Control
10
2.2OSINT Methodologies and Frameworks
2.3Advanced Search Operators and Google Dorking
2.4People Search and Public Records
2.5Social Media and Corporate Presence Mapping
2.6Whois and RDAP Enumeration
2.7DNS Records and Subdomain Discovery
2.8BGP, ASN, and Netblock Reconnaissance
2.9Email Harvesting and Validation
2.10Metadata Extraction and Document Mining
2.11Breach Data Correlation and Exposure Analysis
2.12Internet Research Services and Dark Web Context
1
2.13Social Engineering Pretexting for Recon
2.14Footprinting Tools Overview
2.15Automating OSINT with Python and APIs
3. Network Scanning and Evasion Techniques17 views
Discover hosts, services, and OS details while understanding evasion strategies and defensive countermeasures.
15 topics (15 versions)
3.1Scanning Strategy and Target Selection
3.2Host Discovery and ARP/ICMP Techniques
3.3TCP Connect and SYN Scanning
3.4UDP Scanning Considerations
1
3.5Service and Version Detection
2
3.6OS Fingerprinting and Stack Quirks
2
3.7Banner Grabbing and Fingerprinting
3.8Timing, Rate Control, and Noise Reduction
3.9IDS/IPS Evasion Fundamentals
3.10Fragmented Packet Scanning Concepts
3.11Decoys, Spoofing, and Scan Obfuscation
1
3.12Proxy Chains and Anonymization
1
3.13Web Application Firewall Evasion Concepts
1
3.14Scan Validation and False Positives
1
3.15Defensive Scanning Countermeasures
1
4. Enumeration of Hybrid Environments514 views
Enumerate traditional networks and cloud identities to expose misconfigurations and attack paths.
15 topics (15 versions)
4.1Enumeration Fundamentals and Goals
201
4.2NetBIOS and SMB Enumeration
165
4.3SNMP Community and OID Discovery
136
4.4LDAP Querying and Directory Objects
2
4.5Active Directory Reconnaissance Basics
1
4.6Kerberos and SPN Discovery
2
4.7NTP Information Exposure
2
4.8NFS Shares and Export Analysis
4.9SMTP VRFY, EXPN, and Banner Review
4.10DNS Zones, Transfers, and Records
1
4.11IPsec, IKE, and VPN Discovery
1
4.12VoIP/SIP and PBX Enumeration
1
4.13RPC, WMI, and Service Enumeration
1
4.14Linux/Unix Native Enumeration
1
4.15Cloud IAM Role Discovery and Policies
5. Vulnerability Analysis and DevSecOps Integration21 views
Classify, prioritize, and operationalize vulnerabilities, integrating automated scanning into CI/CD pipelines.
15 topics (15 versions)
5.1Vulnerability Types and Taxonomy
5.2CVE, NVD, and Intelligence Sources
5.3CVSS v3.1 Scoring and Context
5.4Risk Rating and Business Impact
1
5.5Vulnerability Management Lifecycle
1
5.6Authenticated vs Unauthenticated Scanning
1
5.7Network and Host-Based Scans
1
5.8SAST, DAST, and IAST Overview
1
5.9Container and Image Scanning
1
5.10Infrastructure as Code Scanning
2
5.11Tool Selection and Lab Setup
1
5.12Finding Validation and Triage
1
5.13Reporting and Stakeholder Communication
1
5.14Remediation and Verification
2
5.15CI/CD Pipeline Integration
1
6. System Hacking: Access and Privilege Escalation12 views
Examine access vectors, privilege escalation paths, persistence, and EDR-aware tradecraft.
15 topics (15 versions)
6.1Attack Surface Mapping and Initial Access
6.2Credential Harvesting and Reuse Risks
6.3Exploitation Fundamentals and Payloads
6.4Client-Side and Phishing-Based Access
6.5Lateral Movement Concepts
1
6.6Windows Privilege Escalation Techniques
1
6.7Linux Privilege Escalation Techniques
1
6.8Kernel Exploit Concepts
6.9DLL Hijacking Concepts
1
6.10Token Impersonation and UAC Bypass Concepts
1
6.11Persistence Mechanisms Overview
1
6.12Remote Access and Tunneling Concepts
1
6.13Rootkit Types and Behaviors
1
6.14EDR Fundamentals and Bypass Concepts
6.15Hardening and Detection Considerations
1
7. System Hacking: Covert Operations and Persistence5 views
Apply antiforensics, steganography, LotL, and OPSEC to minimize detection while preserving ethics.
15 topics (15 versions)
7.1Steganography Concepts and Use Cases
7.2Steganalysis and Detection Signals
7.3Antiforensics Techniques Overview
7.4Timestomping and Log Manipulation
7.5Data Exfiltration Channels and OPSEC
7.6Fileless Techniques and Memory Residency
7.7Living off the Land with PowerShell
7.8Living off the Land with WMI
7.9Abusing Scheduled Tasks and Services
1
7.10Covert Command-and-Control Concepts
7.11Local and Domain Persistence Patterns
7.12EDR and SIEM Evasion Considerations
7.13Cleanup and Evidence Minimization
7.14Blue Team Detection Strategies
7.15Ethical Guardrails and ROE
8. Web Application Hacking and API Security7 views
Identify and test common web flaws, modern API risks, and automation strategies for discovery.
15 topics (15 versions)
8.1OWASP Top 10 Overview
8.2Threat Modeling for Web Applications
8.3Authentication and Session Weaknesses
8.4SQL Injection Categories
8.5Cross-Site Scripting (XSS) Types
8.6Cross-Site Request Forgery (CSRF) Mechanics
8.7File Upload and Path Traversal Risks
8.8Server-Side Request Forgery (SSRF)
8.9Insecure Deserialization and Logic Flaws
8.10REST API Security Pitfalls
8.11GraphQL Attack Surface and Controls
2
8.12JWT Implementation Pitfalls
8.13OAuth and OIDC Misconfigurations
8.14Automated Crawling and Endpoint Discovery
8.15Secure SDLC and DevSecOps Practices
1
9. Malware Threats and Sandbox Evasion8 views
Survey malware families, analysis workflows, evasion, and the economics of RaaS in modern campaigns.
15 topics (15 versions)
9.1Malware Taxonomy and Capabilities
9.2Infection Vectors and Propagation
9.3APT Lifecycle and Tradecraft
9.4PUAs, Adware, and Grayware
1
9.5Trojans, Viruses, and Worms
1
9.6Fileless Malware Techniques
9.7AI-Generated Malware Concepts
9.8Static Analysis Workflow
9.9Dynamic Analysis Workflow
9.10Sandboxing Fundamentals
9.11Sandbox Evasion Techniques
9.12Ransomware Economics and RaaS Models
9.13Detection Strategies and Heuristics
1
9.14Endpoint Protection and EDR Capabilities
1
9.15Malware Incident Response Basics
10. Sniffing and Encrypted Traffic Analysis5 views
Understand packet capture, LAN attacks, encrypted sessions, and detection with defensive controls.
15 topics (15 versions)
10.1Packet Capture Fundamentals and Tools
10.2NIC Modes and Tap/Mirror Concepts
10.3ARP Poisoning Concepts
10.4MAC Flooding and DHCP Attacks
10.5Spoofing Techniques Overview
10.6DNS Poisoning and Cache Risks
10.7Wireless Sniffing Basics
10.8TLS Handshake and PKI Review
1
10.9SSL/TLS Stripping Concepts
10.10HSTS and Certificate Pinning
10.11Decrypted Traffic Analysis Considerations
10.12Sniffing Detection Techniques
10.13Network Segmentation and NAC
10.14Secure Protocols and Encryption Hygiene
10.15Monitoring, Alerting, and Telemetry
11. Social Engineering and Deepfake Manipulation20 views
Explore human, technical, and mobile vectors, with AI-enabled deception and resilient countermeasures.
15 topics (15 versions)
11.1Psychology of Influence and Bias
11.2Human-Based Social Engineering
11.3Computer-Based Social Engineering
11.4Mobile-Based Social Engineering
2
11.5Pretext Development and OSINT
2
11.6Phishing and Spear-Phishing Lifecycle
1
11.7Vishing and Smishing Techniques
1
11.8Physical Assessments and Tailgating
1
11.9Deepfake Generation Concepts
1
11.10Deepfake Detection and Verification
1
11.11BEC Attacks and Executive Impersonation
1
11.12Security Awareness and Training Programs
1
11.13Out-of-Band Verification and MFA
1
11.14Legal and Ethical Considerations
2
11.15Measuring and Reducing Human Risk
1
12. Denial of Service and Botnet Orchestration6 views
Analyze DoS/DDoS classifications, tooling, IoT botnets, case studies, and enterprise mitigation patterns.
15 topics (15 versions)
12.1DoS/DDoS Fundamentals and Taxonomy
12.2Volumetric Attack Patterns
12.3Protocol and State-Exhaustion Attacks
12.4Application-Layer Low-and-Slow Attacks
1
12.5Reflection and Amplification Mechanics
12.6Botnet Architecture and C2 Models
1
12.7IoT Botnets such as Mirai
12.8Traffic Generation Tools Overview
1
12.9Anycast, Scrubbing, and CDN Defenses
1
12.10Rate Limiting and WAF Tuning
12.11Anomaly Detection and Telemetry
12.12DoS/DDoS Case Studies and Lessons
12.13BCP38 and Ingress Filtering
12.14Incident Response for DDoS Events
12.15Resilience Engineering and Capacity Planning
13. Cloud Infrastructure and Container Security7 views
Apply shared responsibility, identity controls, and container/Kubernetes hardening with serverless assessments.
15 topics (15 versions)
13.1Shared Responsibility Model (AWS, Azure, GCP)
13.2Identity and Access Management Controls
13.3Common Cloud Misconfigurations
13.4Cloud Logging, Monitoring, and Telemetry
1
13.5Cloud Network Segmentation and microsegmentation
13.6Secrets Management and KMS
13.7Container Security Fundamentals
13.8Kubernetes Security Building Blocks
1
13.9Container Breakout Concepts
13.10Supply Chain Risks and Image Provenance
13.11Serverless Function Security Assessments
13.12Cloud-Native Scanning and CSPM
13.13Policy as Code and Guardrails
13.14Multi-Cloud Governance and Drift
1
13.15Cloud Incident Response and Forensics
14. IoT and OT (Operational Technology) Hacking12 views
Examine IoT/ICS architectures, protocols, firmware, and defenses for cyber-physical resilience.
15 topics (15 versions)
14.1IoT and ICS/SCADA Architecture Overview
14.2Embedded Device Attack Surfaces
14.3MQTT Security Considerations
14.4Zigbee and Z-Wave Risks
1
14.5Bluetooth and BLE Security
14.6Industrial Protocols: Modbus and DNP3
14.7Cyber-Physical Attack Impacts and Safety
1
14.8Firmware Extraction Techniques
1
14.9Firmware Reverse Engineering Basics
1
14.10Hardware Interfaces: JTAG and UART
14.11RF Analysis and SDR Basics
1
14.12Smart Home and IIoT Assessments
1
14.13Automotive and Transportation Considerations
14.14Device Lifecycle, Patching, and SBOM
14.15Defense-in-Depth for IoT/OT
1
15. Threat Modeling, Risk, Incident Response, and Reporting with AI7 views
Unify governance, modeling, and response with AI-enabled analytics, measurement, and ethical practice.
15 topics (15 versions)
15.1Threat Modeling Methodologies (STRIDE, PASTA)
15.2Attack Trees and Data Flow Diagrams
15.3Risk Assessment and Prioritization Frameworks
15.4Security Control Selection and Validation
1
15.5Incident Response Lifecycle and Playbooks
15.6Digital Forensics Fundamentals
15.7Purple Teaming and Continuous Validation
15.8Adversary Emulation and MITRE Profiles
15.9AI-Assisted Detection Engineering
15.10AI Governance, Model Risk, and Bias
2
15.11Security Metrics, KPIs, and KRIs
15.12Executive and Technical Reporting
15.13Coordinated Vulnerability Disclosure
15.14Legal, Compliance, and Policy Alignment
15.15Ethical Hacking Career Path and Professionalism