Network Penetration Testing For Absolute Beginners | Penetration Testing Tutorial 2026 | Simplilearn

Simplilearn · Beginner ·🔐 Cybersecurity ·10mo ago

Key Takeaways

This video teaches network penetration testing for beginners using tools like Nmap and Metasploit

Full Transcript

[Music] Hey everyone, welcome to a penetration testing full course by Simply Learn. Let's face it, cyber threats are evolving fast and in 2025, data breaches, ransomware, and fishing attacks are more common and more dangerous. So, how do we fight them back? The answer is penetration testing. Pentesting is all about thinking like a hacker to find and fix vulnerabilities before real attackers can exploit them. It's a must-h have skill in today's cyber security world and it also opens the door to high paying high impact career. So whether you're just starting out or looking to sharpen your skills, this course will walk you through all the essentials in a hands-on practical way. No fluff, just the real stuff you need to know. Here's a quick look at what we will cover in this video. First, we'll start with the basics of penetration testing and a quick breakdown of network protocols. Then, we'll explore the role of ethical hacking in cyber security. You'll also learn about fishing attacks. Get a beginner friendly wireshark tutorial and find out what a penetration tester really earns. We'll also go over key interview questions and check out the top seven most dangerous hacking gadgets. And by the end of this video, you'll have a strong foundation and a clear path forward in your journey to become a penetration tester. So let's get started. Now, if you want to watch similar videos like this, do hit the notification bell and subscribe for more such content by simply learn. Now, if you're interested in stepping into the one of the most in demand fields in 2025, the advanced executive program in cyber security by simply learn is the perfect opportunity for you. In just six months, you'll gain expertise in ethical hacking, penetration testing, ransomware analysis, and advanced defense strategies through a hands-on industry relevant approach. This program offered in collaboration with triple IT Bangalore and IBM features live interactive classes, real world projects and industry recognized certification. You'll also benefit from master classes by top triple IT Bangalore faculty and an XNPCRI expert diving into cuttingedge topics like generative AI with cyber security. So whether you're looking to start your career or advance your career in cyber security, this course will make you job ready with practical tools, projects, and certifications to help you stand out. So what are you waiting for? Hurry up and enroll now and you can find the course link below. >> In recent years, the cost of data breaches has steadily risen. The additional vulnerabilities that occur due to the move to a remote workforce dramatically enhanced the chances for cyber attacks and introduced several weak points for hackers to exploit. Additionally, automated hacking assaults and the capacity to exchange bitcoins via ransomware have increased the cost of cyber crime in general. Companies work forces have transition to full-time work from home models which gives rise to new attack surfaces. Threat actors target the people who are most vulnerable by taking advantage of current events and shifting situations. To better understand this growth in digital crime, let us go through a few statistics. 2020 brought with it a slew of new problems for both businesses and consumers. In the midst of a worldwide epidemic, forest fires, and political instability, it's easy to overlook a serious, albeit less, physical threat. It set a record for data loss due to cyber attacks as well as the sheer volume of attacks. 2020 is already outpacing its predecessor. The graph below denotes the percentage of companies that fell victim to at least one cyber attack in the respective year. With numbers growing steadily, we are yet to see the true crux of this digital revolution. In situations like these, penetration testing has been a gift for organizations worldwide. While security testing cannot guarantee a 100% solution, it can go a long way in securing those critical data from falling into the wrong hands. Hey everyone, this is Babub from Simple Learn. Welcome to this tutorial on penetration testing. Let's go through some of the topics we will be covering today. We start by learning about penetration testing and ethical hacking and the different use cases in the IT industry. Next, we know about the benefits of penetration testing and how the help organizations save money in the long run. Moving on, we familiarize ourselves with the different types of penetration testing or ethical hacking with each serving a different category of personnel. In the next section, we read about the five distinct phases in every ethical hacking campaign and how they help clear up the extensive report at the end of every penetration testing session. Finally, we have a live demonstration on how we can check for vulnerabilities and the ways hackers can break into devices without adequate security measures in place. Let's start by learning about penetration testing. In general, organizations can define penetration testing based on the objectives of the test. All networks, applications, devices, and physical security components are included. It imitates the behavior of harmful individuals or the hackers. Experienced cyber security specialists use penetration testing to strengthen a company's security posture and eliminate any weaknesses that leave it vulnerable to attacks. Penetration testing, when done correctly, goes beyond simply preventing thieves from gaining unauthorized access to a company's systems. It generates realistic scenarios that demonstrate how well a company's present defenses might perform in the face of a full-scale cyber assault. The simulation aids in the discovery of the sites of exploitation and the testing of IT breach security. Businesses may acquire professional unbiased third party input on the security procedures by conducting frequent penetration testing. Pen testing while relatively time consuming and costly can aid in the prevention of highly destructive and expensive breaches. A white hat hacker employs hacking talents to find security flaws in hardware, software or networks. On the other hand, white hat hackers follow the rule of law when it comes to hacking instead of blackhead hackers. They assist firms in conducting penetration tests to analyze their security index and make the necessary improvements. Ethical hacking provides a full audit of your security policies and in the case of bug bounties can assist you in identifying holes in existing operational systems. It takes a far broader approach to cyber security than penetration testing. Whereas penetration testing focuses on system flaws, ethical hacking allows actors to utilize any attack tactics available to them. They can take advantage of system misconfigurations, send fishing emails, launch brute force password assaults, breach physical boundaries, or do whatever else they feel will get them access to critical information. Because thieves are progressively changing up the approaches and launching multi-layered complex attacks, this is incredibly useful for determining just how exposed the organization is to cyber threats. Considering the vast domain that is ethical hacking, we have multiple categories of penetration testing methodologies. Let's cover them in the next section. When configuring a security system, testing is critical to preventing hackers from penetrating the perimeter. There are three sort of tests. Black box, gray box, and white box. In the blackbox testing, the tester receives no information during the penetration test. In this case, the pentester takes the method of an unprivileged attacker from initial access and execution until exploitation. This scenario is the most realistic, showcasing how an attacker with no inside knowledge may target and compromise an organization. However, because of this, it is also the most expensive alternative. Whitebox penetration testing, which is also known as crystal box testing, entails sharing all network and system information with the tester, which includes network maps and passwords. This saves time and lowers the overall cost of a project. A white box penetration test effectively simulates a focused assault on a given system using as many attack paths as feasible. In a gray box penetration test, also known as a transparent box test, very restricted information is present with the tester. Graybox testing is beneficial for understanding the extent of access a privileged person may get and the possible damage they could wreck. Grayok test achieve a mix between depth and efficiency and may be used to mimic either an insider danger or an assault that has infiltrated the network parameter. Now that we covered the basics of penetration testing and the relative categories, one must know how these testing campaigns benefit the organizations conducting them. Let us go through a few perks of penetration testing. Regular penetration testing helps your business assess the security of online applications, internal networks, and external networks. It also assists you in understanding what security measures are required to achieve the degree of protection your company needs to protect its people and assets. Prioritizing these risks offer firms an advantage in anticipating hazards and preventing harmful assaults. Penetration testing is similar to a real life hacker rehearsing for a real life hack. Regular penetration testing helps you be proactive in your real world approach to reviewing the security of your IT infrastructure. The process identifies gaps in your security, allowing you to correct any flaws before an actual attack happens. It is undeniably expensive to recover from the effects of a data breach. Legal fees, ID cleanup, consumer protection programs, lost revenue, and dissatisfied customers may cost businesses millions. Penetration testing regularly is a proactive strategy to remain on top of your security and may assist in preventing financial damage from a breach while safeguarding your brand and image. Penetration testing aid in meeting the compliance and security duties imposed by industry standards and regulations such as PCI, HIPPA, FISMA and ISO 27001. Having these tests done regularly help demonstrate due care and your commitment to information security all while avoiding the significant fines associated with the non-compliance with the entire process seeming to be a lengthy ordeal. What are the multiple phases in the process? Theoretically we have to follow a five-stage process. Reconnaissance is the first phase of the penetration test. In this phase, the security researcher collects information about the target. It can be done actively, meaning you are collecting information by sending a request directly to the target and interpreting it. Passively, where you're collecting data without contacting the target or both. It helps security firms gather information about the target system, network components, active machines, etc. This activity can be performed by using information available in the public domain and using different tools. The scanning phase is more tool oriented rather than performed manually. The penetration tester runs one or more scanner tools to gather more information about the target by using scanners such as war dialers, port scanners, network mappers, and vulnerability scanners. The penetration tester collects as many vulnerabilities which help in turning to attack a target in a more sophisticated way. The third phase is gaining access of the system. In this phase, the penetration tester tries to connect with the target and exploit the vulnerabilities found in the previous stage. The exploitation may buffer overflow attacks, denial of service DOSs attacks, session hijacking and many more. Pentest extracts information and sensitive data from the servers by gaining access using different tools. In the fourth stage, the hacker has to maintain access. The penetration tester tries to create a back door for himself. It helps the penetration tester to identify hidden vulnerabilities in the system and can later access the machine should the need arise. In the final phase of clearing and covering tracks, the penetration tester removes all logs and footprints which help the administrator identify his presence. This allows the penetration tester to think like a hacker and perform corrective actions to mitigate those activities. With the cost of cyber security platforms going up, trained penetration testers receive an excellent level of remuneration for the efforts. As per reports, the average yearly salary for a penetration tester is 6 lakh Indian rupees of $110,000 in the American counterpart. Finally, let's go over some of the ways hackers can identify vulnerable positions on a system to gather information in a live demonstration. In this demo, we will start by setting up a VPN connection that will allow us to access to a vulnerable network by creating a local virtual group over the internet. We then try to scan the victim machine for breachable entry points, find the username and password of the user in question and eventually grab the root password from the device. To start our demonstration, we're going to need a vulnerable machine to work on. Now this vulnerable machine can be found on the website known as try hackme which is a service catered towards penetration testers. Before we connect to the machine, we need to join the network where the machine is located. We can do that using an OVPN file which is short for OpenVPN protocol. To connect to this OVPN file, we're going to go into a new workspace on par security. We're going to activate the root access and we're going to connect to it actVPN. Once we see the message initiation sequence completed, we can be sure that we have connected to the network which has the vulnerable machine. Now to start the vulnerable machine, we're going to click this button and wait for a few seconds. As you can see, it gives a 1 minute countdown before it shows you the IP address. Now remember, whatever the IP address we receive here, it is a machine being launched on the Tri Hackme servers. But we can access that machine because of the OVPN connection that we have just set up using this file. This OVPN file can be found on the try hackme servers profile section which I downloaded beforehand. As you can see, we now have the IP address of Havictim machine. Let's try if we can reach this machine or not. We're going to copy the IP address and we're going to try and ping to the machine. If the connection is successful and we have joined the network, we should be able to see some response over here. As you can see, we're receiving uh request pings from the victim machine, which means that we have already joined the victim network. Now that we are confirmed we are able to access the vulnerable machine, let's run the first step in a penetration test which is reconnaissance. Let's run up and map scan. We're going to use the flag of SV so that we can know which version of the service it is running. We're going to take up the IP address and paste it here. This scan will only be possible if the OpenVPN connection is up and running. As you can see, it is still running. And we have our results over here. We're running the scan so that we can find the services running on the host machine that we will run N map against. We conclude that a web service is running actually on port 80 as we can see over here which is using the Apache server system. In addition to this, there is a SMB sambar service as well running on ports 139 445. Now that we know we have an Apache server, we can use this IP address to open it on the browser. Okay, since the current homepage is not accessible, we can use some other URLs as well. As far as Apache servers are concerned, there are a certain set of URLs that can be used to open. However, if we go to the URL, which is IP address/ development, this opens up a new folder. If we try to check the contents of these files, this is for the dev.txt. You can see the version of the Apache HTTP server that is being run. This is the dev.ext. If we go back and we check the second file as well, it says the content shadow has the credentials. Okay, if we go back again, SMB has been configured which we have already found at N map that it is running a sambar server. Now with this version of the Apache server we can find version specific exploits that can be run on metasloit but there is sometimes no no need of that we can use another technique as we now know that there are multiple users that is being run over here we can use a tool known as enum for Linux what it does this is acts and enumerates the windows and assembar systems to run that command we're going to use enum for Linux minus a and we're going to take IP address of the machine. Going to paste it here. What this will essentially do is provide usernames that are being stored in the victim machine. It's going to take some time to find out the usernames. Once we find those out, we can run the necessary attacks. As we have already seen on the N map, it is also happening in SSH port. So if you find the username and we find a single hash that can be cracked, we can use the SSH to get inside the machine. Right now we have to wait for the results of the enum for Linux command. as you can see we have found two users of the machine known as K and Jan. I think we can stop the enumeration right now since we have the two users of this machine. Next step what we can do is we can try to SSH into the machine. Now to run the SSH command, we're going to need the password of one of the users. For this example, let's say we go with the user of Jan. To brute force, we're going to use the Hydra tool. This is like an example command. This is how we can use. Let me just copy this and paste it over here. All right. Hydra minus L user. As we have already decided, we're going to use the user Jan and we're going to use SSH. For the IP address, we're going to copy it from here. and paste it here. Now for the password list, we're going to use a word list which has a few passwords already present in it. For this example, I'm going to use the roq.txt file which has like millions of passwords already stored in it. What the hydra will do is will try to bypass the SSH console on the machine using the passwords present in the rock.ext text file. We will give the path of rock q over here like this and we're going to run it. As you can see it's mentioned that it's attacking SSH at this IP address. Now this attack is going to take a while and after this attack is done we are going to get the SSH password which is basically the credentials of the JAN user in the victim machine. For now I'm going to stop this attack. What I would recommend is for you to run this attack and write down the password that you received in the comment section below. The password that we received from here can be used to login into the machine. Let's try that once. To SSH into the machine, we're going to write SSH user at the rate IP address. We're going to write yes and press enter. Now we're going to enter the password that we have found after running the hydra command. I'm going to type the password and press enter. And we have logged in as you can see. Now if we try to look around there are no directories over here. Okay. So let's go one step back. Give a space over here. Okay. Let's go to the second users folder. Okay. These are the contents of the K folder. And you can see there's a SSH folder over here. So we're going to enter that. Let's have a look the files in this folder. And we can file an RSA ID over here which if I'm not wrong should be an RSA private key which can be used to SSH into the machine. Here we go. We can see it's a big RSA private key and it should end here as well. Now what this private key does this hash will be used to log SSH into the machine when using the user K. Once this hash is cracked using Hydra or any other cracking software like John the Ripper, we can easily use the passphrase to login into the machine with the user of K. What I'm going to do is copy this private key. I'm going to launch a new terminal. Going to create a new file known as Nano ID. Paste the private key over here and save it. As you can see, we have saved the file over here. Now, this hash can later be used to crack into the machine using the user of K. This hash can be cracked using either John the Ripper, Hydra or there are other cloud mechanisms that can be used to crack this machine. After it is cracked, we can use the passphrase derived from it to SSH into the machine. To perform the SSH entry, we're going to use this command SSH minus I. We're going to use the same file which we received. We're going to write the username which is K 10.10. We can just copy it from the here. Right. Minimize this and paste the IP address over here. Or or we can do one more thing. We're going to use a pseudo command together as well. It's better. Sudo SSH. Enter the system password. This passphrase is the one that we received after cracking the hash in this ID file. Whichever password you received after cracking this using Hydra or John the Ripper, please write the password in the comment section so that we can know that we have successfully cracked the password. We're going to write the passphrase over here. Press enter. And as you can see, we have entered the system of K. Here we're going to press ls and we find the backup file of the password. We're going to write cat password back and here is the final root password. So as you can see we have now a we have now received the final root password of the primary user and we have already cracked the password of the other user that is Jan. So this is the entire process of how you can use N mapap to find out the vulnerable points. You can see which are the softwares that are running, which versions they are running, and which of those versions have a legitimate claim as an insecur exploit. In today's digital age where technology fills every aspect of our lives, the dark and rebell of the digital realm is growing concern. Cyber threats and attacks are on the rise, targeting everything from personal data to critical infrastructure. In response, organizations are investing heavily in fortifying their digital defenses, spurring a surge in demand for cyber security professionals. Among these experts are penetration testers or ethical hackers who specialize in identifying vulnerabilities before malicious hackers can exploit them. This video delves into the fascinating realm of penetration tester salaries, examining the factors that influence their earnings and evolving trends that shape the cyber security job market. So these are the topics that we will be covering in this video. The role of a penetration testers, factors influencing penetration salaries, trends in penetration tester salaries and salary of a penetration tester. Now before moving forward and understand the role of a penetration tester, let me ask you a quick question. So what is the primary goal of a penetration tester? A developing new software. B finding vulnerabilities in systems. C providing customer support or D creating marketing strategy. You can select the correct option and write in the comment section below. You can pause this video and answer in the comment section. Now let's move forward and understand the role of a penetration tester. So a penetration tester is like a computer detective. They pretend to be a bad guys to find weak points in computer stuff like systems, networks, and apps. This helps stop real bad guys from using those weak points. But the testers follow strict rules and only do this with the permission from the companies they help. Their main job is to find problems early so companies can fix them and be better protected from cyber attacks. So this is the role of a penetration tester. Next let's understand the factors influencing penetration tester salaries. So several factors contribute to to the wide range of salaries seen in the field of penetration testing. First would be experience. As with any profession, experience plays a pivotal role in determining a penetration tester salary. Individuals entering the field and limited experience might command a lower salary compared to seasoned professionals who have proven track record of identifying critical vulnerabilities. Next factor is skill set. The depth and breadth of penetration testers skill set directly impact their earning potential. Proficiency in various tools, programming languages and methodologies used in cyber security assessments can lead to higher compensation. Third is certifications. Industry recognized certifications carry considerable weight in cyber security field. For example, post-graduate program in cyber security by simply learn. With the help of this course, you can become an expert in the dynamic realm of cyber security. This course is designed to empower you with essential skills and this course ensures you're wellprepared to thrive in this rapidly evolving field. Stay ahead of the curve by learning about the latest cyber security trends and advancements. Elevate your career prospects and secure your future with this specialized program. Enroll now to embark on a journey towards becoming a sought- after cyber security professional. All right. Now coming to the next factor which is geographical location. The geographical location in which a penetration tester works can significantly influence their salary. Tech hubs and cities with high concentration for business tend to offer higher salaries to attract and retain top talent. However, the cost of living also comes into play as higher salaries in some areas might be offset by higher living expenses. At last, we have is specialization. Penetration testers can specialize in various areas such as web applications, network security or mobile devices. Specialization can lead to higher salaries as organizations seek experts with an indepth understanding of specific vulnerabilities. So these were the factors that were influencing penetration tester salaries. Now let's move forward and understand the trends in penetration tester salaries. So the dynamic nature of the cyber security landscape is reflected in the salary trends for penetration testers. So first would be rapid salary increases. The increasing frequency and service of cyber attacks have heightened the demand for skilled cyber security professionals including penetration testers. This demand has led to a steady forward trajectory in penetration tester salaries over the past decade. Second is remote work revolution. The coid9 pandemic has catalyzed the acceptance of remote work across various industries including cyber security. This shift has expanded the talent pool allowing organizations to hire penetration testers from different geographic locations. Consequently, salary negotiations might be influenced by factors beyond traditional office locations. Next is shortage of skilled professionals. The shortage of skill penetration testers remains a significant challenge for organizations seeking to strengthen their cyber security defenses. The scarcity of qualified candidates has created a competitive job market prompting companies to offer enticing compensation packages to attract and retain top talent. So these were the trends in penetration tester salaries. Now let's come to the interesting part which is salary of a penetration tester. So according to various sources the salary of a penetration tester can vary depending on the location, experience, skills and certification of the individual. Here are some average salary estimates for penetration testers in India and US. First India the average salary for a penetration tester in India is five lakhs perom the salary range is from four lakhs to 20 lakhs perom the pay also depends on the skills and certifications of the penetration tester. The next is USA. The average salary for a penetration tester in US is $128,000 per year. The salary range is from $17,000 to $166,000 per. The pay also depends on the location, experience, skills, and certifications of the penetration tester. So, as you can see, penetration testing is a rewarding career option for those who are interested in cyber security. However, it also requires a lot of technical knowledge, creativity, problem solving skills, and ethical standards. If you're considering becoming a penetration tester, then do check out our course. The link is mentioned in the description box. >> Hello tech wizards and digital explorers. Welcome to a journey into the core of Linux, the operating system powering over 2.3% of desktop computers globally and a staggering 96.3% of the world's top 1 million servers. I'm Abisar and today we are delving into one of the most vital components of Linux, its file systems. Imagine a world where every piece of digital information is meticulously organized, where every bite of data has its own unique place. That world exists right inside your Linux machine. So buckle up as we dive deep into the intricate maze of Linux file systems, exploring how they work, why they are important, and what makes them so unique in the realm of operating systems. In the realm of Linux, file systems like ext4, XFS, and BTRFS aren't just names. They are sophisticated architectures that manage how billions of bytes of data are stored, accessed, and organized. These systems are the unsung heroes, ensuring data integrity and efficiency in a digital world. Today we will uncover how these file systems support everything from your personal blogs to the largest data centers hosting pabytes of information. We will explore inodes journaling mounting and more terms that might sound complex but are incredibly fascinating once you get to know them. And now Linux offers a diverse area of file systems each tailored to specific requirements. And now let's explore some prevalent Linux file systems. So starting with EX2 and then we have EX3, EXT4, XFS, BTRFS, ZFS, JFS and then we have Riser FS. So now starting with the first one that is ext2. So extended file system 2 that is one of the Linux earliest and most commonly used file systems. Exta choice for many Linux distributions. It's known for its stability and suitability for small to medium-sized partitions. Though it lacks a journaling feature which can complicate file recovery post. Now moving to the next file system that is ext3 extended file system 3. Building on ext2. Extroduces journaling to track file system changes reducing data loss risk after crashes. It's a popular choice for its stability, reliability and performance. And now move to the next that is ext4 extended file system 4. As the evolution of ext3, ext4 addresses some of its predecessors limitations. It supports larger files, quicker file system checks and enhance performance for larger disk. Features like journal check summing also enhances data integrity. Ext4 is a default file system in many modern Linux distributions. Now moving to the next file system that is XFS. So XFS that is X file system that is designed for large scale storage and XFS excels in performance and is suitable for file systems up to 16 exabytes. It's a top choice for large data centers offering scalability, reliability and featuring like general and file level languages. Now moving on to the next file system that is BTRFS. B3 file system a newer Linux file system. BTRFS supports copy on write snapshots and sub volumes allowing for multiple file systems within a single partition. It also includes rate and compression support. BTRFS is still under development and isn't as commonly used as other file systems. Next we have is ZFS. ZFS Zetabyte file system initially developed for Solaris. ZFS is a robust system with features like snapshots, data compression, reduplication and built-in rate. Renowned for its data integrity and self-filling capabilities, ZFS is not typically included in Linux distributions due to licensings but can be installed separately. Now moving to the next file system that is GFS. GFS journal file system that is developed by IBM. GFS is known for its performance and reliability. It offers journaling, file level compression and online resizing making it a strong choice for high performance systems. And now the next one that is resizer FS. So targeted at high performance computing, resizer FS includes features like journaling, file level encryption and support for larger files. While known for its speed and reliability, it's less common compared to other file systems listed here. Now moving to key Linux file system directories. So the Linux operating systems file management is predominantly handled through directories commonly known as folders. These elements are crucial in the Linux file system serving not just as file holders but also as organizational tools. Imagine directories as virtual boxes each capable of storing files and other directories. Directories in Linux play a vital role in providing an ordered hierarchal framework for file arrangement. This hierarchy commences at the root directory denoted as slash and extends into various subdirectories. This approach allows for a logical and systematic organization of complex systems enhancing the ease of file management and access. So key Linux file system directories each directory in the Linux file system serves a distinct purpose. Here are some of the signant directories. Starting with the number one that is root directory. So root directory is the highest level in the Linux file system hierarchy. All other directories and files are nested within this root. Now moving to the next directory that is bin standing for binaries. This directory contains essential command line utilities and programs vital for basic system management. And then we have boot. So here lies the bootloadader files and the kernel images necessary for system startup. And then we have dev. This directory host device files representing both physical like printers and disk and virtual devices like terminals. And then we have etc directory that is home to system configuration files. These are utilized by various applications and services. And then we have home directory. It houses individual users directories providing personal space for file and setting storage. And then we have library directory. This directory stores shared library files needed by system programs. Next we have media directory. A mounting point for removable media such as USB drives, CDs and DVDs. And then we have Mnt that is mounting directory that is used for temporarily mounting file systems like network file systems or disk images. Next we have OPD directory a location for additional software packages that are not part of the standard system. And then we have standard bin directory a directory for system binaries and administrative tools essential for system upkeep. And then we have user directory that contains user level programs, libraries, documentation and shared data files. So these were the directories in Linux file distribution system. And now here are the key concepts in file systems. Starting with journaling file system. So these systems maintain a log referred to as journal. This log records changes to files that are not yet permanently saved on the disk. This feature is particularly useful for recovering lost changes in the event of a system failure. And the next we have is versioning file systems. These systems preserve earlier versions of files. Essentially they save file copies based on their previous states at specific intervals offering a backup mechanism that could be based on minute or hourly updates. And next we have index nodes. And I note symbolizes a file or directory detailing attributes like size, permissions, ownership and physical locations. And now we'll see the demo for the Linux file distribution system. So for that we will open the terminal with control D. And now first we'll see in which directory we currently are in. So we are in home abisarja. So first we'll move to the root directory. For that we'll write the command cd space/. So now we have moved to the root directory and here we'll see what types of directories we have. We have bin dev boot etc opt swap file. So now we'll move to the bin directory. So in bin directory it contains binaries or essential executable files. So these are the binaries and executable files that we can use in the terminal only. So now as I will show you there's a bin and there's s bin also. This is sbin. So now we'll move to the sbin directory. For that we'll write the command cd sbin. And here we see the directories of sbin. So what does sbin contain? It contains system binaries like mount or delete and the user that are used by the root user. So these binaries can be used by the root user only. And then we have other directories that is library. So to move to the library directory we'll write the command cd lib and now we'll see its directories. So what does it contains? It stores common libraries between bin and spin. So many directories are stored in the library directory only. So then we have another directory that is user directory under the root only. So to move to that we'll write cd user. So it says that. So first we'll move back to the root directory. and then we'll move to the user directory. So it says that no such file or directory is present here. We'll just check. I think it's USR for user. Yeah, it's USR. So user directory is named as USR. we'll move to the user directory and to see the directories inside user. So these are the directories in user. So user has its own bin and sbin directory and the binaries here are non-essential binaries and there's a local directory under user. So it contains binaries that you can combine manually. So these are all the directories under root and you can go to other directories also as I have shown you the diagram of all the directories under user or under the root that I have shown in the previous thing. So you can check it out. So in conclusion the Linux file system with its directory structure is a cornerstone of the operating system. It facilitates efficient data management while upholding system stability and security. Linux file system is characterized by its hierarchical treel like structure with the root directory at its apex. Various file systems in Linux cater to different needs each with its pros and cons. The Linux directory structure encompasses an array of directories each designated for specific function like system binaries, boot files, device files, and user files. If you've ever opened a computer's file manager, you have probably seen something familiar on Windows. It's that trusty C drive with neat folders like program files and documents. On Mac, you get applications folder, your desktop and few others. Easy, right? But then you step into Linux and suddenly you're staring at bin, etc. Proc lib and you're thinking what alien planet have I just landed on? Now the truth is Linux organizes its file in a completely different way. No C drive, no fancy icon. Everything starts from a single slash. And every folder hanging from it has a very specific job. And here's the thing, it's not as scary as it looks. In fact, once you understand it, it's beautifully logical. So, in this video, I'm going to walk you through the Linux file system structure step by step in plain simple English. No tech jargon overloaded. And by the end, you'll know exactly what each folder does, where to find your stuff, and how it's different from Windows and Mac. So, in this video, we'll be covering what the Linux file system is, and how it's different from Windows and Mac. Starting in the root directory and exploring key folders like home, bin, dev, lip, temp, and many others. We'll also cover simple Linux commands to navigate and explore the structure and a few quiz questions to make sure you're following along. Now, before we get started, here's a quick quiz question for you. When you first boot up your computer, which part of the Linux file system do you think is responsible for starting the system? Home directory, boot directory, etc. directory. You can drop your guesses in the comment section below. Also, if you haven't subscribed to Simple Learn YouTube channel yet, do hit the notification bell and subscribe for more such content by simply learn. So, let's get started now. Now, before we get started, let's first understand what exactly the Linux file system is. You can think of it as the organization system for your computer. Now, every file, program, and setting on your system is stored somewhere. And the Linux system is responsible for organizing all of that into neat directories and files. It's just like the blueprint for your computer's data storage, telling you where to find things and how they are connected. Just like a library has shelf, labels, and categories to keep all the books organized. In the same way the Linux file system works, but with files and directories instead of books. So why do we need this structure? Well, in Linux, the file system is a hierarchal structure, which means everything is organized in layers starting from the root at the top just like a tree and the branches off into different directories, each serving a specific purpose. It help manage data efficiently, ensuring security and allows the system to run smoothly and quickly. So, why are we diving into the Linux file system today? So whether you're new to Linux or a seasoned user, understanding where files are stored and how everything is organized is very important for troubleshooting and system efficiency. Knowing the purpose of each directory will help you to navigate and manage files easily. This video will give you a solid foundation so you can confidently handle task and feel in control of your Linux system. Let's have a quick comparison between Windows and Linux. So when you're using Windows, everything feels familiar. You've got your C drive, maybe a D or E drive, and all your files and programs are neatly stored there. File paths uses backslashes like users Alex document, and Windows doesn't care about capital letters. So you can see here in the screen, you can see most of the apps are installed and it's end up with C back slashprogram files, right? And also talking about the capital letters now files .txt and files are treated the same. Most apps you install end up with C program file. So it's pretty straightforward. But here in case of Linux it's pretty different. The rules are a little different. There are no drive letters. Everything starts with a single root directory and from there all your folders and files branch out. File paths uses forward slashes like home, Chris, downloads. And it's also case sensitive. So file.txt and file.txt are completely different files here. Now another big difference is in Linux everything your hard drive, your USB sticks, even your keyboard appears somewhere under this slash. You can think of it like this. Now Linux is a giant tree and this slash is the trunk and every folder is a branch out here. the bin etc home opt and everything. Now once you see the pattern it actually becomes easier for you to navigate than in Windows. All right. Now let's talk about the Linux file hierarchy structure or simply how Linux arranges the folders and files. Well in Linux there's something called the file system hierarchy standard or FHS for short. You can think of it as a rule book that tells the system where different types of files should go. Now, this standard is managed by the Linux Foundation. And here's the interesting part. No matter where a file is stored on your computer's hard drive or external drive or even a virtual device in Linux, all of it appears under one main folder, which is the root directory. Now, this root directory is just under a single forward slash. Some folders you'll see only if certain features are installed like the X window system for graphic but most of these folders are present in all Unix space system and they generally work in a very similar way. What we'll be focusing on here is how Linux uses them specifically. So let's dive into the structure and break it down step by step. Let's begin at the top the very first directory in Linux which is the root directory. Now what is a root directory in Linux? Well, the root directory is like the main entry point in Linux. It's represented by a single forward slash and everything else in the system connects to it. You can think of the root directory like the trunk of a tree and all the other directories like branches grow out from it. This is the highest point in the Linux file system and there is nothing above it. It's the starting point for everything. Now, how does the root directory even work? Well, every file folder device or even a network shared in the system is connected with slash. Let's say for example your documents, music files or even your external devices like USB drives. Everything will appear under the folder slash. But only the root user that is the administrator can make changes directly to the slash directory. Normal users won't have the permission to modify things out there without special access. Here's an important clarification to make the root versus this slash the slashroot versus the normal slash. So this is the main root directory and the root is a special directory is the personal home directory to the root user and it's very similar to how the home username in a home directory is used for other people. You can think of root as the roots user personal workspace within the system. Now in Windows we use different letters like C drive, D drive to represent different parts of a system like your hard drive, external storage etc. But in the case of Linux there's no such thing as drive letters. Instead everything connects to a root directory even if it's an external devices like a USB drive. This structure makes Linux more unified and flexible as all the files no matter where they are stored are part of one system which is starting from slash. All right, we are at the trunk of the tree. Let's grab the essential tools we'll need and they are all in the bin folder. Now the second directory we're talking about is the bin which is essential user command. Now the bin directory in Linux it stands for binary and it contains essential commands that every user can use. So whether they are an administrator or a normal user, these commands are the core tools which are required for running the system and doing everyday task for the terminal which is the command line. But why is bin even important? Well, the commands in bin are vital for working with files and managing your system. Let's say for here ls which stands for list the files in a directory. The cp stands for copies file or directories. MV means move or renaming files. RM is removing files or directories. Pink means checking network connectivity. GP searches for specific pattern in files and cat will display the contents of a file. You can see these commands are so fundamental that they are available even in single user mode which is a minimal state where the system can run in often used for maintenance or troubleshooting. So what happens if you don't have bin? If you don't have bin, you wouldn't be able to perform basic file operations like copying, deleting or listing the files from the terminal. Now these actions would be impossible making the system unusable for normal task. If you're familiar with Windows, bin in Linux is similar same as in Windows like how we write this in C drive Windows system 32 folder. System 32 in Windows holds essential tools like command.exe exe and other system utilities which are similar to how bin stores essential Linux command. So bin is critical directory in Linux because it's hold the basic commands that are necessary to interact with the system and manage file. Without these commands, the system wouldn't function properly. But before you can even use bin, Linux needs to actually start up and that's where boot comes in. Let's make sure you're following along. So I have another quiz question for you now. Which of these folders in Linux holds the command that help you manage files like copying and moving them? Your options are home, bin, boot. You can think your answer and you can drop it in the comment section below. Now we'll be talking about the boot directory which is often called the boot loader and kernel files. Now this is where Linux keep everything it needs to start from the system. It contains the Linux kernel, the core of the operating system. It holds the grub which is the bootloadader files the menu you might see when starting the computer. Now it also includes initial RAM disk file which is the initrid or init to help the kernel load drivers before the main system even starts. Now without boot your PC won't even start Linux. Talking about Windows window has boot files like boot mgr and the boot configuration. Okay the engine is running now. Linux needs to talk to hardware as well. keyboards, disk and printers. Now this happens when they are stored in the dev directory. Now dev is for the device files in Linux. So in Linux hardware is treated just like a file. So in hard drives you have folders like dev, SD1, dev, nvm. Then you have USB drive, microphone, speakers, keyboards all have entries over here. Now talking about the two main components. So there are basically two main type of uh device files here. First we've got the block devices which store and transfer data in blocks for example hard drives. Then second we have the character devices which can send data one character at a time for example serial ports and keyboards. In Windows devices appear as EF etc. And in Linux they appear as special files in dev. Now how does Linux knows how to behave? Now that's decided in the ATC directory. This stands for system configuration files. The configuration files, this folder contains all the systemwide settings in plain text. You have your network settings here, the DNS servers. Then you have the user accounts as well, startup services like etc and ID etc. You can also open these files with any text editor because Linux stores configurations as readable text unlike Windows registry which is stored in special database. Now we have seen system settings. Now where do you keep your personal files? That's where we have our home directory which is for personal user directories. Now every user in Linux gets a personal folder under this home. So if your username is John, your folder would be home John and you can store documents, pictures, downloads and even your personal configurations over here. You cannot just modify other users folder without any permission. It's just like the Windows C drive where users join in Windows like how we use it. Now we have seen how this home directory works. Now to run applications, Linux needs shared code and this is where the lib directory comes in which is for shared libraries. So lib basically contains dos shared object files which are similar to dl files in windows. Now these are used by programs in bin and spin to work properly. Let's say for example if bin ls needs to print colored output it might use a library in this lib directory to handle colors. Next we look at the Linux puts removable devices USB drives CDs and that's where media directory comes in. This is also called the automounted devices. So when you plug in a USB or you insert a CD Linux automatically it creates a folder inside media and it mounts it there. For example, we have media John my USB. Now, Windows will just give you the device a new drive letter. Whereas in case of Linux, it will treat it as a part of the single directory tree. Let's move on to next directory. Now, sometimes you don't want Linux to automount devices, right? And that's where the mount comes into play. This is also called the temporary mountpoint uh directory which is used by system admins to manually mount devices or network drives. Also, it's great for temporary use and it also doesn't even affect the media directory from here. Talking about the next directory on our list which is the opt optional software. We all know that some software doesn't come with Linux by default. We keep it that in this optional software directory. Third party software and its files are stored here. Let's say for example installing Google Chrome manually might put it in this opt Google Chrome uh directory. So this was for this directory out here. The next one we've got the sb bin which stands for system administration command. Now for system maintenance admins use special commands. These live in this folder. It contains commands like IP tables, firewall, fisk, disk parting and reboot. So if you want to access the directory, you want to first initially start up and access the root. Next one we've got on the list is srv the service data root directory. So what it does is it basically stores files for services like websites srv www or ftp servers srvtp. Now you must have heard about this uh directory which is the temporary files tmp. This is used by application to store short-term data and also it clears automatically after a reboot. Then we've got this uh user directory user programs and data. So the first one we have is the user local. These programs are installed manually from the source. Second uh user program data directory. We've got a user bin. The user commands which are not in the bin folder. Then we've got the user sbin where the admin commands not in the spin. And then we have the user li which are related to libraries. The next up we've got this process information directory. So this is a virtual file system showing live uh system data. So this particularly will show your CPU details, your memory starts and information about a specific running process. So now that we have covered all the important file directories, I'll show you a quick Linux command cheat sheet. So here first up we've got this ls which stands for list directory content. Second we've got this cd directory which is the change directory. We have pwd which stands for print working directory. cp source desk it stands for copy files or directories. Then we've got MV source desk which is move rename files. RM is for move files or directory. Stop is for displaying system processes. PS is for showing process status. Chod permission file is for changing file permissions. Chow user group file is for changing file ownership. Grep pattern file is for searching text patterns. Gat file is for displaying file content. Ping host is to test network connection. SSH is for securing shell connection and at last we've got WGAT URL to download the files. >> With cyber crime getting more and more complex by the day, corporations are in the need of trained personnel in the field of cyber security. Ethical hacking and penetration testing had always been necessary for organizations and the general public to protect the system against malicious attackers. However, with the exponential growth in cyber attacks, the necessity of being trained in ethical hacking is at an all-time high. Many such professionals tend to use Linux distributions for their penetration testing activities. There are specific operating systems which are catered to ethical hackers. These operating systems come pre-installed with the necessary tools and scripts required for ethical hacking. Probably the most famous operating system in this bracket is Kali Linux. For today's video, we will learn about this distribution made by and for hackers. We take you through the intricacies of its hardware and software specifications. Let's take a look at the agenda for today. We start by learning about Kali Linux and a basic explanation of its purpose. We take a look at the history of Kali Linux from the story of its origin to its current day exploits. Next, we learn a few distinct features of Kal Linux that make it an attractive choice for penetration testers worldwide. Moving on, we take a look at the multiple ways we can install Kal Linux to start our journey in the world of penetration testing. In the next few sections, we compare it to an industry rival operating system by the name of Parrot Security Operating System. We take a look at the OS on a grassroots level. Next, we learn about the standout features of Kali Linux and Parrot Security with their unique offerings. We make a direct comparison between Kali and Parrot Security OS as far as their hardware specifications and all-around usability is concerned. We make a conclusion as to which operating system caters to which category of user. In the next topic, we take a detailed look at how we can install Kali Linux on a Windows 10 system using the VMware virtualization software. Moving on, we go through some of the reasons why people should choose Kali Linux as their primary operating system when it comes to ethical hacking and penetration testing. In the next section, we cover the five different phases of penetration testing where each stage is a crucial segment in the entire cycle of a ethical hacking campaign. We also take a look at the most popular tools installed in Kal Linux that are used regularly by ethical hackers as a part of their professional work. Coming to a few live demonstrations, we start by learning some Linux terminal basic commands. Set up proxy chains to maintain a privacy on the internet. Run a few end mapap scans to find information about our victims. Use Wireshark to detect insecure browser traffic traveling through HTTP web pages. learn about metas-ploit and its components and finally use metas-ploit to hack into a Windows 10 machine and grant ourselves root access or the admin access which basically gives us the key to the entire machine. It's no secret that the majority of our internet usage is set at the risk of being hacked be it via unsafe messaging applications or misconfigured operating systems. To counteract this void of digital security, penetration testing has become the norm when it comes to vulnerability assessment. Kali Linux is an operating system that has become a well-known weapon in this fight against hackers. A Linux distribution that is made specifically for penetration testers. Kali Linux has layers of features that we will be covering in today's lesson. Let's take a look at the topics to be covered in this video. We start by learning about Kali Linux and a basic explanation of its purpose. We take a look at the history of Kali Linux from the story of its origin to its current day exploits. Next, we learn a few distinct features of Kali that make it an attractive choice for penetration testers worldwide. Finally, we take a look at the multiple ways we can install Kali Linux to start our journey in the world of penetration testing. Let's start by learning about Kali Linux. In general, Kali Linux, which is formerly known as Backtrack Linux, is an open-source Linux distribution aimed at advanced penetration testing and security auditing. It contains several hundred tools that are targeted towards various information security tasks such as penetration testing, security research, computer forensics, and reverse engineering. Kal Linux is a multiple platform solution accessible and freely available to information security professionals and hobbyists. Among all the Linux distributions, Kali Linux takes its roots from the Debian operating system. Debian has been a highly dependable and stable distribution for many years providing a similarly strong foundation to the Kali desktop. While the operating system is capable of practically modifying every single part of our installation, the networking components of Kali become disabled by default. This is done to prevent any external factors from affecting the installation procedure which may pose a risk in critical environments. Apart from boosting security, it allows a deeper element of control to the most enthusiastic of users. We did not get Kal Linux since the first day. How did it come into existence? Let's take a look at some of its history. Kal Linux is based on years of knowledge and experience in building penetration testing and operating systems. During all these project lifelines, there have been only a few different developers as the team has always been small. The first project was called Wex, which stands for White Hat NOPX. As can be inferred from the name, it was based on the NOPIX operating system as its underlying OS. Popix had releases ranging from version 2.0 to 2.7. This made way for the next project which was known as WAX or the long hand being White Hat Slack. The name change was because the base OS was changed from Nopix to Slack. Wax started at version 3 as a Nord. It carrying on from Wix. There was a similar OS being produced at the same time auditor security collection often being shorted to just auditor which was once again using Nopix. Its efforts were combined with wax to produce backtrack. Backtrack was based on slackware from version 1 to version 3 but switched to Ubuntu later on with version 4 to version 5. Using the experience gained from all of this, Kali Linux came after Backtrack in 2013. Kali started off using Debian stable as the engine under the hood before moving to Debian testing when Kali Linux became a rolling operating system. Now that we understand the history and the purpose of Kali Linux, let us learn a little more about its distinct features. The latest version of Kali comes with more than 600 penetration tools pre-installed. After reviewing every tool that was included in Backtrack, developers have eliminated a great number of tools that either simply did not work or which duplicated other tools that provided the same or similar functionality. The Kali Linux team is made up of a small group of individuals who are the only ones trusted to commit packages and interact with the repositories. All of which is done using multiple secure protocols. Restricting access of critical code bases to external asset greatly reduces the risk of source contamination which can cause Kali Linux users worldwide a great deal of damage as a direct victim of cyber crime. Although penetration tools tend to be written in English, the developers have ensured that Kali includes true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job. The more comfortable a user feels with the intricacies of the operating system, the easier it is to maintain a stronghold over the configuration and the device in general. Since ARMbased singleboard systems like the Raspberry Pi are becoming more and more prevalent and inexpensive, the development team knew that Kali's ARM support would need to be as robust as they could manage with fully working installations. Kali Linux is available on a wide range of ARM devices and has ARM repositories integrated with the mainline distributions. So the tools for ARM are updated in conjunction with the rest of the distribution. All this information is necessary for users to determine if Kala Linux is the correct choice for them. If it is, what are the ways that they can go forward with this installation and start the penetration testing journey? The first way to use Kali Linux is by launching the distribution in the live USB mode. This can be achieved by downloading the installer image file or the ISO file from the Kali Linux website and flashing it to a USB drive with a capacity of at least 8 GB. Some people don't need to save their data permanently and a live USB is the perfect solution for such cases. After the ISO image is flashed, the thumb drive can be used to boot a fully working installation of the operating system with the caveat that any changes made to the OS in this mode are not written permanently. Some cases allow persistent usage in live USBs, but those require further configuration than normal situations. But what if the user wants to store data permanently in the installed OS? The best and the most reliable way to ensure this is the full-fledged hard disk installation. This will ensure the complete usage of the systems hardware capabilities and will take into account the updates and the configurations being made to the OS. This method is supposed to override any pre-existing operating system installed on the computer, be it Windows or any other variant of Linux. The next alternative route for installing Kal Linux would be to use virtualization software such as VMware or Virtual Box. The software will be installed as a separate application on an already existing OS and Kali Linux can be run as an operating system in the same computer as a window. The hardware requirements will be completely customizable starting with the allotted RAM to the virtual hard capacity. The usage of both a host and guest operating system like Kal Linux allows users a safe environment to learn while not putting the systems at risk. If you want to learn more about how one can go forward with this method, we have a dedicated video where Kali Linux is being installed on VMware while running on a Windows 10 operating system. You can find the link in the description box to get started with your very own virtual machine. The final way to install Kali Linux is by using a dual boot system. To put it in simple words, the Kali Linux OS will not be overwriting any pre-installed operating system on a machine, but will be installed alongside it. When a computer boots up, the user will get a choice to boot into either of these operating systems. Many people prefer to keep both the Windows and Kali Linux installed. So, the distribution of work and recreational activities is also allotted effectively. It gives users a safety valve should their custom Linux installation run into any bugs that cannot be fixed from within the operating system. Professionals in security testing, penetration testing, and ethical hacking utilize Linux as the preferred operating system. Provide several configurable distributions that MU may configure based on your end use. Kali Linux and Parrot OS are two popular penetration testing distributions. While these operating systems each have unique offerings, the overall choice can differ between personnel thanks to the various tools and hardware specifications. Today we will look at both these distributions and settle on the perfect choice for each type of user. Let's go through the agenda for this video. We will learn about Kali Linux and pilot security OS from scratch while understanding their primary selling points as a Linux distribution catered towards penetration testers. Next we know about some features of these operating systems that stand out of their package. Finally we directly compare Kal Linux and Parc OS thereby making a clear-cut conclusion on which OS is perfect on a per requirement basis. So let's start by learning about Kal Linux from a ground level. Kal Linux which is formerly known as Backtrack Linux is an open-source Linux distribution aimed at advanced penetration testing and security auditing. It contains several hundred tools targeted towards various information security tasks such as penetration testing, security research, computer forensics and reverse engineering. Kali Linux is a multiplatform solution accessible and freely available to information security professionals and hobbyists. Among all the Linux distributions, Kal Linux takes its roots from the Debian operating system. Debian has been a highly dependable and a stable distribution for many years providing a similarly strong foundation to the Kali Linux desktop. While the operating system can practically modify every single part of our installation, the networking components of Kali Linux come disabled by default. This is done to prevent any external factors from affecting the installation procedure which may pose a risk in critical environments. Apart from boosting security, it allows a more profound element of security control to the most enthusiastic of users. Now let's take a look at Parrot security operating system. Parent security OS is a Debian based Linux distribution with an emphasis on security, privacy, and development. It is built on the Demian's testing branch and uses a custom hardened Linux kernel. Parrot security contains several hundred tools targeted towards tasks such as penetration testing, computer forensics, reverse engineering, and security research. It is seen as a generally lightweight distribution that can work under rigorous hardware and software specifications. It features a distinct 4N6 mode that does not mount any of the systems hard disks or partitions and has no influence on the host system making it much more stealthy than its regular occurrence. This mode is used on the host system to execute forensic procedures. A rolling release is a paradigm in which software upgrades are rolled out constantly rather than in batches of versions and software development. This ensures that the software is constantly up to date. A rolling release distribution such as parrot security OS follows the same concept. It provides the most recent Linux kernel and software versions as soon as they become available. With the basic introduction to the operating systems out of the way, let us take a look at the unique features of both Kali Linux and Parrot Security OS. The latest version of Kali Linux comes with more than 600 penetration tools pre-installed. After reviewing every tool included in Backtrack, developers have eliminated a significant number of tools that either simply did not work or duplicated other tools that provided the same and similar functionality. The Kali Linux team comprises a small group of individuals who are the only ones trusted to commit packages and interact with the repositories. All of which is done using multiple secure protocols. Restricting access of critical code bases to external assets dramatically reduces the risk of source contamination which can cause Kal Linux users worldwide a great deal of damage as a direct victim of cyber crime. Although penetration tools tend to be written in English, the developers have ensured that Kali includes proper multilingual support, allowing more users to operate in the native language and locate the tools they need for their job. The more comfortable a user feels with the intricacies of the operating system, the easier it is to maintain a stronghold over the configuration and the device in general. Since ARMbased single board systems like the Raspberry Pi are becoming more prevalent and inexpensive, the development team knew that Kali's ARM support would need to be as robust as they could manage with fully working installations. Kali Linux is available on a wide range of ARM devices and has ARM repositories integrated with the mainline distribution. So the tools for ARM are updated in conjunction with the rest of the distribution. Let's take a look at some of the features of Parrot Security operating system. Now along with the giant catalog of scripts, Parrot Security OS has its own hardened Linux kernel modified explicitly to provide as much security and resistance to hackers as possible in the first line of defense. The configurations in the operating system act as the second gateway taking care of malicious requests and dropping them off. This is particularly beneficial since should there be a scenario where the latex Linux kernel is causing some particular issue, the Parrot OS development team will most likely iron it out first before passing it on as an update. If the custom hard kernel wasn't reason enough, Parrot security developers managed to install more hacking tools and scripts to ensure a smooth transition for the Kali Linux users. All the tools you find in Kali are present in parent to us and a few extra ones for good measure and this has been achieved while keeping roughly the same operating system size between both of them. However, it's not all productivity points for pirate OS. They provide a choice between two different desktop environments. Mate, which comes pre-installed by default, and KDE. For those unfamiliar with Linux terminology, you can think of desktop environments as a main UI for a distribution. Being highly modular in nature, one can use parrot security OS while adding another desktop environment that they find appealing. While Kal Linux has only a single option, parrot security has provided two optimized builds with mate desktop and KD desktop. One of the primary advantages of Parrot OS over Kali Linux is that it's relatively lightweight. This implies that it takes significantly less disk space and computing power to function correctly with as little as 320 MB of RAM required. In reality, Parrot OS is designed to operate successfully off a USB stick, but Kali Linux does not work well from a USB Thrive and is generally installed in a virtual machine. Parrot OS is more of a niche distribution. If you're searching for something lighter than Kali Linux, features are great, but what about performance? Real world metrics. Let us compare both these operating systems directly with respect to their hardware specifications and usability. In the end, we can decide on what distribution is fit for each type of user. For our first point of comparison, let's take a look at the RAM required for optimum performance of the operating system which is highly essential when trying to crack hashes or something of similar nature. RAM usage is a very important facet. While Kali Linux demands at least 1 GB of RAM, Paris security can operate optimally with a minimum of 320 MB of RAM for correctly displaying graphical elements. Kali Linux requires GPU based acceleration while this is not the case with parrot security OS which doesn't require any graphical acceleration needed from the user side. Once these operating systems are installed on VMware using the live boot ISOs, they take up a minimum amount of hard disk storage. Both of these operating systems have a recommended disk storage of minimum of 20 GB in Kali Linux and a minimum of 15 GB in par security. So they can install all the tools necessary in the ISO file. When it comes to the category and the selection of tools, Kal Linux has always been the first in securing every single tool available for hackers in the penetration testing industry. Parrot security on the other hand has managed to take it up a notch while specializing in wireless pen testing. Parent security makes it a point that all the tools that Kali Linux provides has been included in the ISO while simultaneously adding some extra tools that many users will have to install from third party sources in Kali Linux. Being a decade old penetration testing distribution, Kali Linux has formed up a very big community with strong support signature. Par security on the other hand is still growing and it is garnering much more interest among veteran penetration testers and ethical hackers. A primary drawback of Kal Linux is the extensive hardware requirement to perform optimally. It requires higher memory than pyro security. It also needs graphical acceleration while demanding more virtual hard storage. Parrot security on the other hand was initially designed to run off a USB drive directly thereby requiring very minimal requirements from a hardware perspective like just 320 MB of RAM and no graphical acceleration needed. This means patch security is much more feasible for people who are not able to devote massive resources to either their virtual machine or on their laptop hard disk directly. With the comparison done between both of these operating systems, let's take a look at the type of users both of these are catered to. One can go with Kal Linux if they want the extensive community support offered by its users. If they want to go with a trusted development team that have been working on this distribution since many years. If they have a powerful system which can run Kal Linux optimally without having to bottleneck performance. And if they are comfortable with a semi-professional environment which may or may not be very useful for new beginners, one can decide to go with parrot security if they want to go with a very lightweight and lean distribution that can run pretty much on all systems. It also has a lot of tools pre-installed and some of them are not even present on Kal Linux. It is much more suitable for underpowered rigs where users do not have a lot of hardware resources to provide to the operating system and thereby it is much more feasible for people with underpowered laptops or no graphical acceleration compared to Kala Linux. Parrot security's desktop environment is also relatively easier to use for new beginners. For people who are just getting into ethical hacking, pirate security does a relatively better job of introducing them to the operating system and to the various tools without having to dump them into the entire intricacies. The installation of Kali Linux. There are multiple ways to install Kali Linux. We can either install it on a normal hard drive in a virtual machine software such as VMware or Virtual Box or we can do that in hard bare metal machines. Now for the convenience of explanation, we're going to install Kali Linux today on a virtual machine software known as VMware. VMware is able to run multiple operating systems on a single host machine, which in our case is a Windows 10 system. To get started with Kali Linux installation, we have to go to the website to download an image file. We go to get Kali and as you can see there are multiple platforms on which this operating system can be inverted. As per our requirement we're going to go with the virtual machine section. As you can see it is already recommended by the developers. This is the download button which will download a 64-bit ISO file. We can download 32-bit, but that is more necessary for hard metal machines or if you're going to use it for older devices which do not support 64-bit operating systems yet. After clicking on the download button, we can see we have a window archive which will have the ISO files. For now, we have downloaded the ISO file and it is already present with me. So, we can start working on the VMS side of things. Once the ISO file is downloaded, we open up VMware Workstation. Go to file and we create a new virtual machine. In these two options, it is highly recommended to go with the typical setup rather than the custom one. The custom is much more advanced and requires much more information from the user which is beneficial for developers and people who are well-versed with virtualization software. But for 90% of the cases typical setup will be enough. Here we can select the third option which will be I will install the operating system later. In some operating systems we can use the ISO file here directly and VMware will install it for us. But right now in the case of Kal Linux the third option is always the safest. Kal Linux is a Linux distribution. So we can select Linux over here and the version as you can see here it have multiple versions such as the multiple kernels. Every distribution has a a parent distribution. For example, Kal Linux has Debian and there are other distributions which are based or forked from some parent distribution. Kal Linux is based off Debian. So we can go with the highest version of Debian which is the Debian 10.x 64bit. Go next. We can write any such name. We can write Kali Linux so that it'll be easier to recognize the virtual machine among this list of virtual machine instances. The location can be any location you decide to put. By default, it should be the documents folder. But anywhere you put it will hold up all the information of the operating system. All the files you download, all the configurations you store, everything will be stored in this particular location that you provide. When we go next, we are asked about the disk capacity. This disk capacity will be all the storage that will be provided to your virtual machine of Kal Linux. Think of your Windows device. If you have a 1 TB of hard drive, you have the entirety of the hard disk to store data on. How much data you give here, you can only store up to that amount of data. Not to mention some amount of capacity will be taken up by the operating system itself to store its programs and applications. For now, we can give around let's say 15 GB of information or if it recommended size for Debian is 20, you can just go ahead with 20. It depends all on the user case. If you are going to use it extensively, you can even go as high as 50 or 60 GB if you have plans to download many more applications and perform multiple different tests. Another option we get over here is storing virtual discs as a single file or storing them into multiple files. As we already know this virtual machine run entirely on VMware. Sometimes when transferring these virtual machine instances, let's say from a personal computer to a work computer, we're going to need to copy up the entire folder that we had mentioned before over here. Instead, all virtual machines have a portability feature. Now, this portability feature is possible for all scenarios except it is much easier if the split the virtual disck into multiple files. Now even if this makes porting virtual machines easier from either system to system or software to software let's say if you want to switch from VMware to virtual box or vice versa the performance takes a small hit. It's not huge but it's recommended to go with storing the virtual disc as a single file if you have no purposes of ever moving the virtual machine. Even if you do it's not a complete stop that it cannot be ported. It's just easier when using multiple files. But in order to get the best performance out of the virtual machine, we can store it as a single file over here. This is a summary of all the changes that we made and all the configurations that have been settled until now. Now, at this point of time, we have not provided the ISO file yet, which is the installation file for the Kal Linux that we downloaded from this website. As of right now we have only configured the settings of the virtual machine. So we can press on finish and we have Kal Linux in the list. Now to make the changes further we press on edit virtual machine settings. The memory is supposed to give the RAM of the virtual machine. the devices with RAM of 8 GB or below that giving high amount of RAM will cause performance issues and the host system if the memory has some amount of free storage left let's say on idle storage my Windows machine takes about 2GB so I have 6GB of memory to provide although if you provide all of the 6GB it will be much more difficult for the host system to run everything properly so for this instance we can keep it as 2GB of memory for the virtual machine instance. Similarly, we can use the number of processors and we can customize it according to our liking. Let's say if we want to use one processor, but we want to use two different cores, we can select them as well. Hard disk is preset up as the SCSI hard disk and it does not need to be changed for the installation of this operating system at all. CDI DVD. This is where the installation file comes. You can think of the ISO file that we downloaded as a pen drive or a USB thumb drive which is necessary to install an operating system. To provide this, we're going to select use ISO image file. We're going to click on browse. Going to go to downloads and select the IMO file over here. Select open. And we can see it is already loaded up. Next. and the network adapter. It is recommended to use NAT. This helps the virtual machine to draw the internet from the host machine settings. If your host machine is connected to the internet, then the virtual machine is connected as well. There are some other options such as host only or custom segments or LAN segments, but those are not necessary for installation. Rest of them are pretty standard which do not need any extra configuration and can be left as it is. Press okay. And now we can power on this virtual machine. In this screen, we can choose how we want to proceed with the installation. We have a start installer option over here. So, we're going to press enter on that. We're going to wait for the things to load from the ISO file. Um the first step in the installation is choosing the language of the operating system. For this we can go with English as standard. This is a location. This will be used for setting up the time and some of the internal settings which depend entirely on the location of the user. So for this we're going to go with India. Configuring the keyboard. It's always recommended to go with the American English first. Many people make a mistake of going with the Indian keyboard if it is possible and it provides a lot of issues later on. So it's always prefer to go with the American English and if later we see some necessity of another keyboard dialect that is ne required we can install it later. But for now we should always stick with American English as a basic. At this point it's going to load the installation components from the ISO file. It is a big file of 3.6GB. So it has a lot of components that need to be put into the virtual machine which can also be used to detect hardware. Once the hardware and the network configuration is done by the ISO file, we are going to write a host name for the system. This host name can be anything which is used to recognize this device on a local network or a LAN cable. Let's say if we use the name Kali domain name we can skip it for now. It's not necessary as such for the installation. This is the full name for the user. Let's say we can provide the name as simply learn as a full name. Next, we're going to set up a username. This username is going to be necessary to identify the user from its root accounts and the subsequent below accounts. For now, we can give it as something as simply 1 2 3. Now, we have to choose a password for the user. Now remember, since this is the first user that is being added onto this newly installed operating system, it needs to be a password for the administrator. We can use whichever password we like over here and use the same password below and press on continue. At this point it's going to detect on the components on which the operating system can be installed. Like here there are multiple options like the use entire disk, use entire disk and setup LVM, use this entire disk and setup encrypted LVM. For newcomers, it is recommended to just use the first one since LVM encryption is something that you can learn afterwards when you're much more hands-on with the Linux operating system. For now, we're going to use the use entire disguided installation and press on continue. When we set up the virtual machine on VMware, we had set up a disk capacity there. We gave a propose 20 GB. That is the hard disk which is being discovered here. Even though it is a virtual disck on VMware, it acts as a normal hard disk on which an operating system can be installed. So we select this one and press on continue. Here there is a multiple partition system. All the operating systems that are installed have different components. One is used for the keeping of the applications, one for the files, other for the RAM management and other things. For newcomers, it is always recommended to keep it in one partition. and we're going to select that and press on continue. This is just an overview of the partition it's going to make. As you can see, it has a primary partition of 20.4GB and a logical partition of 1GB used for swap memory. Now, these kind of naming can be confusing for people who are not wellversed with Linux operating systems or in general virtualization. But for now, we can go ahead and press on continue as this will be fine. We can press on finish partitioning and write changes to disk and continue. It's just a confirmation page. As you can see, it show that SCSI3 is our virtual hard disk of 20 GB disk capacity. Write the changes to the disk. We press yes and click on continue. At this point, the installation has started. Now, this installation will take a while depending on the num amount of RAM provided. the processors provided and how quickly the performance of the system is being hampered by the host machine. On quicker systems, this will be rather quick. While on the smaller ones, this will take a while. Since this is going to take some time to install as it is being run on a virtual machine with only 2 GB of RAM, we're going to speed up this part of the video so we don't have to waste any more time just watching the progress bar. Now that our core installation is completed, it's asking us to configure a package manager. The work of a package manager on Linux operating systems is similar to the Google Play Store on Android mobile devices and on the App Store for the Apple devices. It's an interface to install external applications which are not installed by default. Let's say for Google Chrome or any other browser which can be used to browse the internet. At this point of time, it's ask us to select a network mirror. We're going to select as yes and move forward with this. Next, it's going to ask us for a HTTP proxy, which we can leave it as blank and press it as continue forward. At this point of time, it's looking for updates to the Kali Linux installation. This will fetch the new builds from the Kali server. So, the installation is always updated to the latest version. Now that the package manager is configured, we have the grub boot loader. The grub is used for selecting the operating system while booting up. Its core functionality is to allow the operating system to be loaded correctly without any faults. So at this point of time, if it asks install the grub boot loader to your primary drive, we can select as yes and press continue. Remember the installation was conducted on dev SDA. So we're going to select installation of the grub loader on the same hard disk that we have configured. We press this one and press continue. So now the grub boot loader is being installed. The grub is highly essential because it it shows the motherboard where to start the operating system from. Even if the operating system is installed correctly and all the files are in correct order, the absence of a bootloader will not be able to launch the OS properly. As you can see, the installation is finally complete. So now we can press on continue and it's going to finalize the changes. Now you can see Kal Linux being booted up straight away. It doesn't check for the ISO file anymore since the operating system is now installed onto the virtual hard disk storage that we had configured before. Here we're going to enter our username and password that we had set up before. And we have the Kal Linux system booted up. And this is your homepage. We can see the installed applications over here which are being used for penetration testing by multiple security analysts worldwide. All of these come pre-installed with Kal Linux and others can be installed using the APD package manager that we had configured. We can see a full name over here. And with this, our installation of the Kali Linux is complete. It's no secret that the vast bulk of our internet usage is vulnerable to hacking. Whether it's through hazardous messaging apps or faulty operating systems, penetration testing has become the norm for vulnerability assessment in order to fill this vacuum in digital security. Kal Linux is a well-known operating system in this fight against hackers. Kal Linux, a distribution designed specifically for penetration testers, has layers of features that we will go over in today's lesson and take a look at some of the tools and features that the operating system has to offer. Let's take a look at the videos topics and features that the operating system has to offer. Let's take a look at the videos topics. We start by learning the requirements of an operating system like Kali Linux. We learn more about the core features of the OS and its intricacies. Moving on, we take a look at the five distinct stages of penetration testing that dictate the flow of vulnerability assessment in general. Next, we learn about some important tools that can be found on Kali Linux which are geared specifically for ethical hacking purposes. And finally, we have an extensive demonstration where we work on some basic terminal commands, proxy tools, and a couple of highly regarded software from the crux of the operating system. Choose from over 300 in- demand skills and get access to 1,000 plus hours of video content for free. Visit SkillUp by simply learn. Click on the link in the description to know more. >> Let's start by learning why one should learn Kali Linux in the first place. In today's world, an organization's most valuable asset is its information or data. This is true for all kinds of businesses, be it public or private. On a daily basis, they all deal with enormous amounts of sensitive information. As a consequence, terrorist groups, hacking teams, and cyber thieves often attack them. To ensure the safety and protection, businesses use a variety of security measures and regularly update their index. Organizations must be proactive in this age of digitalization by regularly assessing and updating their security. Everyday hackers discover new methods to breach firewalls. Ethical hackers or white hat hackers provide a fresh perspective on security. They conduct penetration tests to validate security measures. Generally, they will penetrate your networks and give you relevant information about your security posture. Once an organization has this knowledge, it may upgrade its security procedures accordingly. The latest version of Kal Linux comes with more than 600 penetration tools pre-installed. After reviewing every tool that was included in Backtrack, developers have eliminated a great number of tools that either simply did not work or which duplicated other tools that provided the same or similar functionality. Occasionally when conducting penetration testing or hacking we must automate our activities since there may be hundreds of conditions and payloads to test and manually examining everything is timeconuming. To improve our productivity we utilize tools that come prepackaged with Kali Linux. These tools not only save us time but also accurately capture and process the data. The Kylie Linux team is made up of a small group of individuals who are the only ones trusted to commit packages and interact with the repositories. All of which is done using multiple secure protocols. Restricting access of critical code bases to external assets greatly reduces the risk of source contamination. Although penetration tools tend to be written in English, the developers have ensured that Kali includes true multilingual support, allowing more users to operate in the native language and locate the tools they need to do for the job. Since ARM based single board systems like the Raspberry Pi are becoming more and more prevalent and inexpensive, the development team knew that Kali's ARM support would need to be as robust as they could manage with fully working installations. Kali Linux is available on a wide range of ARM devices and as ARM repositories integrated with the mainline distribution. So tools for ARM are updated in conjunction with the rest of the distribution tools. Now that we understand the necessity for an operating system like Kali Linux, let us take a look at some of its core features and offerings to the ethical hacking world. Kali Linux, formerly known as Backtrack Linux, is an open-source Linux distribution which is aimed at advanced penetration testing and security auditing. It contains several hundred tools targeted towards various information security tasks such as penetration testing, security research, computer forensics and reverse engineering. Kali Linux is a multiplatform solution accessible and freely available to information security professionals and hobbyists. Among all the Linux distributions, Kali Linux takes its roots from the Debian operating system. Debian has been a highly dependable and stable distribution for many years providing a similarly strong foundation to the Kali Linux desktop. While the operating system is capable of practically modifying every single part of our installation, the networking components of Kali Linux come disabled by default. This is done to prevent any external factors from affecting the installation procedure which may pose a risk in critical environments. Apart from boosting security, it allows a deeper element of security and control to the most enthusiastic of users. Let us now take a look at the five stages or phases of penetration testing. This is the first stage of the penetration test which is known as the reconnaissance phase. In this stage, the security researcher collects information about the target. It can be done actively which means you are collecting information without contacting the target or even both. It helps security firms gather information about the target system, network components, active machines, open ports and access points, operating system details, etc. This activity can be performed by using information available in the public domain and using different tools. The next phase is more tool oriented rather than performed manually and it is the scanning phase. The penetration tester runs one or more scanner tools to gather more information about the target. The penetration tester runs one or more scanner tools to gather information about the target by using various scanners such as war dialers, port scanners, network mappers, and vulnerability scanners. The tester collects as many vulnerabilities which help to turn an attack in a more sophisticated way. The next stage is known as the gaining access phase. In this phase, the penetration tester tries to establish a connection with the target and exploit the vulnerabilities found in the previous stage. Exploitation may be buffer overflow attacks, denial of service or DOS attacks, session hijacking and many more. Basically, penetration tester extracts information and sensitive data from servers by gaining access using different tools. In the maintaining access phase, the penetration tester tries to create a backdoor for himself. It helps him to identify hidden vulnerabilities in the system and can later act as a gateway to retrieve control of the system. In the final phase of covering tracks, the penetration tester tries to remove all logs and footprints which help the administrator identify his presence. This helps the tester to think like a hacker and perform corrective actions to mitigate those activities. Now that we understand the basics of penetration testing and how ethical hackers go about their way, let us take a look at some notable tools which can be used on Kali Linux. At the top of the chain lies NAPAP. LMAP is a free and open-source utility port scanner which can be used for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. It is most beneficial in the early stages of ethical hacking that a hacker must figure the possible entry point to a system before running the necessary exploits. thus allowing the hacker to leverage any insecure openings and breach the device. It's a part of the scanning phase of the penetration testing. NAP uses raw IP packets in novel ways to determine what hosts are available on the network, what services these hosts are offering, what operating systems they are running and their versions, what type of packet filters and firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks but works fine against single hosts as well. Since every application that connects to a network needs to do so via a port, the wrong port or server configuration can open a can of worms which lead to a thorough breach of the system and ultimately a fully hacked device. Next on the list we have metas-ploit. The metas-ploit framework is a very powerful tool that can be used by cyber criminals as well as ethical hackers to probe systemic vulnerabilities on networks and servers as a part of the third stage of penetration testing. It's an open-source framework which can be easily customized and used with most operating systems. With Metasloit, the ethical hacking team can use a readymade or custom code and introduce it into a network to probe for weak spots. as another flavor of threat hunting. Once these flaws are identified and documented, the information can be used to address systemic weaknesses and prioritize solutions. Once a particular vulnerability is identified and the exploit is fed into the system, there are a host of options for the hacker. Depending on the vulnerability, hackers can even run root commands from the terminal, allowing complete control over the activities of the compromised system as well as all personal data stored on the device. A big advantage of metas-loit is the ability to run full-fledged scans on a target system, thereby giving a detailed picture of the security index of said system. This also provides the necessary exploits that can be used to bypass the firewalls and the anti virus software. Having a single solution to gather almost all the necessary points of attack is very useful for ethical hackers and penetration testers as denoted by the higher rank in this list. At number three, we have Wireshark. Wireshark is the world's foremost and widely used networking protocol analyzer. It lets you see what happening on your network at a microscopic level and is a de facto standard across many commercial and nonprofit enterprises, government agencies and educational institutions. Wireshark is a popular open-source tool to capture network packets and converts them to human readable binary format. It provides every single detail of the organization's network infrastructure. It consists of devices designed to help measure the ins and outs of the network. The information collected through Wireshark can be used for various purposes such as realtime or offline network analysis, identification of the traffic coming onto your network, its frequency, and its latency between specific hops. This helps network administrators generate statistics based on realtime data. Wireshark is also a cross-platform tool that can be installed on Windows, Linux, and Mac systems to enable hackers on all ecosystems to monitor network traffic irrespective of the operating system. The development team is determined to maintain this level of freedom for their users in the foreseeable future. The next tool on our list is Air Garden, which is a part of the third phase of penetration testing. This is a multi-use bash script for Linux systems to hack and audit wireless networks like our everyday Wi-Fi router and its counterparts. Along with being able to launch denial of service attacks on compromised networks, this multi-purpose Wi-Fi hacking tool has very rich features which support multiple methods for Wi-Fi hacking, including multifps hacking modes, all-in-one WP attack, handshake file capturing, evil twin attacks, pixie dust, and so much more. It usually needs an external network adapter that supports monitor mode, which is necessary to be able to capture wireless traffic traversing the air channels. Thanks to its open-source nature, Air Garden can be used with multiple community plugins and add-ons, thereby increasing its effectiveness against a wide variety of routers, both in the 2.4 GHz band and 5 GHz band. The next tool is John the Ripper. John the Ripper is an open-source password security auditing and password recovery tool available for many operating systems. John the Ripper Jumbo supports hundred of hash and cipher types including for use of passwords of operating systems, web apps, groupware, database servers, network traffic captures, encrypted private keys, file systems, and document files. Some of the key features of the tool include offering multiple modes to speed up password cracking, automatically detecting the hashing algorithm used by the passwords and the ease of running and configuring the tool, making it a password cracking script of choice for noviceses and professionals alike. It can use dictionary attacks along with regular brute forcing to speed up the process of cracking the correct password without wasting additional resources. The word list being used in this dictionary attacks can be used from the users end allowing for a completely customizable process. Now that we have covered the basics of Kali Linux, let us take a look at the agenda for our demo today. We start out with a few terminal commands that are a basic part of a Linux operating system. configure our own proxy chains to maintain anonymity while running penetration testing attacks on our victims. Next, we run a few end mapap scans on a local Windows 10 machine to find out the type of information that can be gathered in such a scenario. Moving on, we use Wireshark to monitor internet traffic and understand the importance of encryption and security when browsing the worldwide web. Next, we learn about metas-ploit and its various applications in the line of vulnerability assessment of a device. And finally, we use metas-ploit to take root access of a fully updated Windows 10 computer system. Let's begin with some terminal basics on Kali Linux. When most people hear the term Linux, they envision a complex operating system used only by programmers. However, the experience is not as frightening as it appears. Linux is an umbrella term for a collection of free and opensource Unix operating systems. There are many variants like Ubuntu, Fedora, Debian. These are distributions which is will be a more precise term. When using a Linux operating system, you will most likely utilize a shell which is a command line interface that provides access to the operating system services. The majority of Linux distributions ship with a graphical user interface also known as GUI as their primary shell. This is done to facilitate user interaction in the first place. Having said that, a command line interface is suggested due to its increased power and effectiveness. By entering the commands into the CLI, tasks that require a multi-step GUI procedure may be completed in a matter of seconds. We can start the terminal by clicking on the prompt icon here on top. Once the terminal is opened, we can put up our commands. The first command that we are going to look into is pwd. pwd stands for present working directory. As of right now, what you're seeing is the terminal window by default. If I write pwd and press enter, this shows the directory in which the terminal is being run on. As of right now, it's in the nf folder of my desktop, which is specifically this folder. If I open up this folder, you can see it is currently empty as in it has no contents. If I use another command known as mkdir which is supposed to stand for make directory and I write nf2 shortage for new folder 2. If I open up the nf you can see the new folder is created. This is how the pwd command works. Another important command to change directories. It's called the cd command. Let's say right now if I am in NF, I want to create a new file in NF2 folder or something else in the NF2 folder. I have to shift to cd NF2. Now if I write pwd, it'll show the present working directory of home simply learn desktop NF and inside that I am in NF2. Right now it is done to navigate to the Linux files and dis directories. It requires either the full path or just the name of the directory. If we have to move a completely different folder on a completely different file then we can use the entire path like this. For now CD works. Another few commands is we can write cd dot dot and it'll come back one folder. Now the pwd will be just NF and not NF2. Let's say we are in this folder and we want to go a different file. Let's say if you just go for cd home simpler that's it right now these are the folders in our current present working directory we have the desktop the documents downloads etc from here we can again go to the desktop using the same cd command cross check the changing of directories and check the files again and yes there we go nf How do we know this? What are the command that are used to show the files and folders? That folder is known as the ls command. ls can be used to view the contents of a directory. By default, this command will display the contents of your current working directory. If we add some other parameters, we can find the contents of other directories as well. There are some hidden files as well in Linux which cannot be showed just with ls. For example, if you just go to cdetc which is a configuration folder for Linux. If you write ls now, these are the files that can be seen. If you want to see the hidden files, we'll have to add one more parameter here like ls minus a. And as you can see the number of files have increased this time around. There are other things as well that we can see with Linux. ls minus al will show the hidden files along with some of the parameters and some of the permissions that has been provided for each file. As you can see many of these files have root access. Some of them can write, some of them can read. It differs file to file and the ls minus al command is used to check each of these files permission and change them accordingly if needed. The next command that we can look for is the cat command or concatenate. It is one of the most frequently used commands and it is used to list the contents of a file on the output. For example, let's say if I have a file at the desktop in this NF2 folder, I will create a document. Create an empty file E file. I'll open up the document and I'll write it as hello Kali. I will save this up. Now to change the directories from etc to NF2. We have already discussed how to use the cd command using just the folder name. Now if you want to go through the entire directory we can write cd home. As you can see it is already prompting us to complete the name of the directory. At this point we just have to press tab and it completes it for ourself. Next we already know we have to enter the desktop nf and nf2. And this brings us to the current working directory. Here if we press ls we can find a file over here. Now as discussed for the concatenate it is used to show the contents of a file. So right now if we press cat a t which stands for concatenate e file. As you can see we have written hello kali in the text file and we can see the output right now. We can also use it to create new files. For example, if we write cat any file name such as e file 2 here we can write anything hello kali. Again once we press ctrl c here we can check e file 2 and we have hello kali again printed over here. We can see the same using the concatenate command as well. If I press ls, you can see we have two files here and I can go with cat e file 2 and I have hello kali again. This is how the concatenate command works. Apart from this, it can be used to copy. There is a different command like called cp which is used to copy the files from one place to another. Mind you, this is not moving. This is only going to copy the command. For example, currently our PWD which is the present working directory is in the NF2 folder as you can see over here. Let's copy the E file to the NF folder. We can write CP E file 2 and give the path of the NF folder which will be home simply textto NNF. Now if I press ls I'll find both the files in NF2 since I copied to go back to the NF folder again. We can again use the same command of no uh we can again use the home simply learn desktop and just NF no NF2 this time just NF as you can see this will change back our present working directory. Now when we press ls we will find the e file to file and the nf2 folder and we can confirm this using the gui as well. This is the nf folder and you can see the nf2 folder and the e file 2 document. If I write cat e file 2 cat e file 2, we can see the contents of the file. Now this can be done using moving as well. For example, if I go to cd NF2, which is the inside folder, it has both the document files like E file and E file 2. Let's say I want to move the E file completely from NF2 to NF1. Instead of writing cp the command I'm going to use is mv mv e file and again give the path of the folder into which I have to copy which will be again home simply learn desktop and nf. As you can see, the contents of the NF2 have appeared here. And E file has been moved from NF2 to NF. This is the NF2 and we don't find E file here anymore. If we press CD dot dot and we go back to NF LS right now and we can find both the files, E file that we moved and E file 2 that we copied from the NF2 folder. So this is how copying and moving will work using the terminal. Now this is just a simple oneline statement that might take a couple of clicks when using GUI. This is why the command line interface is considered to be much more streamlined for Linux operating systems. Another very important command for Linux operating system is the pseudo command. Pseudo is short for super user do. The command enables you to perform tasks that require administrative or root permissions. We can think of it as how we run programs as administrator on Windows systems. It is not advisable to use this command for daily use because it might be easy for an error to occur and the permissions of root are very intricate. So new beginners are advised to use the pseudo command only when absolutely necessary. For example, pseudo su. With this command, I am giving this terminal a root permission. This SU stands for this user. At this point, it's going to ask for my admin password. Once I enter my password, and I now have root access. Note how the password that I entered did not show up here. This is a security measure to prevent people from snooping on your root password, which is the end game of all this operating system. As you also can see the symbol changed. If the dollar symbol is showing, it's source as a standard user. When you switch to root, you can easily see a hash symbol. This opens up a separate shell inside this terminal command. For example, we can exit out of the root user to the standard user using the command exit. And once again, we have the dollar sign and the root has vanished over here. There are some commands that will only work with administrative access. For example, when updating the Kali Linux system, we have to use a update. As you can see, it says problem unlinking the file because permission denied. Now, let's try this using pseudo sudo apd update. As you can see, it is updating the package repositories which work as the software installed on the system. This can be done using either writing the pseudo command every time we want to perform a root access or we can just write pseudo su once and write a update alone. The fetching is complete over here. For the second example, let's say I just write pseudo su. And this time it's not going to ask me the password because at this current terminal process, I've already provided the root password once and it is in memory right now. Now when we used to update the system, we had to write pseudo ad update. That was because we were running it as a standard user. Now we are running it as a root user. So all we have to write is a update and it's going to continue its work. There you go. Another command that can be useful is a ping command. It's pretty self-explanatory. It's going to be checking the internet connectivity. You can be used to check internet connectivity or you can see if the there is a local server on your system which needs to be pinged then you can check that for example if we have to write ping and we can use either IP address or domain. Let's say if you want to check that if we can access google.com using this Kali Linux installation or not, we can write ping google.com and you can see it shows the bytes being sent and received and how much time it took to take up the request. This can be done for local systems as well. For example, this installation of Kali Linux is being run on a virtual machine. Once this machine is running, I still have my host machine running over here. The IP address of which is 192.168.29 179. If I try to ping this from here, as you can see, the time to complete the request is drastically low compared to a website on the internet considering this is on the local network. This is how the ping command is worked and it can show you what kind of packages are transmitted, how many are received, if there was any kind of packet loss between the connection window and other details. A very important command when working with the terminal for a long duration is a history command. Pretty self-explanatory. There are so many commands that are being run sometimes people forget what was the change they did or what was the directory name they put. A history command helps to recover some of the commands that you have written. It doesn't go all the way back, but it takes up many commands that were inputed in the last few processes. This is how the history command works. These are some of the most commonly used terminal commands. If you want to learn more about this terminal and every other feature of this, please let us know in the comment section and we'll try to make an in-depth tutorial special repeat. If you want to learn more about the terminal, please let us know in the comment section and we will try to make an in-depth tutorial specifically for terminal commands on Linux. Moving on, we learn how to configure proxy chains on our system. Proxying refers to the technique of bouncing your internet traffic through multiple machines to hide the identity of the original machine. It is a good tool that hackers use to accomplish this goal is proxy chains. Essentially, you can use proxy chains to run any program through a proxy server. This will allow you to access internet from behind a restrictive firewall which hides your IP address. Proxy chains even allows you to use multiple proxies at once by chaining them together. One of the most important reasons that proxy chains is used in a security context is that it's easy to evade detection. Attackers often use proxies to hide their true identities while executing an attack. And when multiple proxies are chained together, it becomes harder and harder for a forensic professional to trace the traffic back to the original machine. When these proxies are located across countries, investigators would have to obtain warranties in the local jurisdictions where every proxy is located. To to see how proxy chain works, let's open Firefox first and check our current IP address. write Firefox. And there we go. As we can see, Firefox is now open. Let's check our current IP address. Right now if you go to an address called my ip.com and you can see it easily detects our country is in India and this is a public IP address. Now if we move to the terminal again here we can now write proxy chains minus h. What this minus h does is it finds a help. It uh it it stands for the help file. This is for help file. What we found out using this is proxy chains has a config file here. etc. proxy chains 4. CF. This is the config file found. Using this config file, we can customize how our proxy chain should work. If we want to open that, we have to use it in a text editor. On Windows, we have Notepad and other things like that, Microsoft Word to edit documents. On Linux, we have a tool called nano. To access the nano, we use the command nano and give the path of the file that we want to check. As of right now, the proxy chains config file is located over here. So, we're going to follow the path there. Chains 4 cf. And here we go. We see the config file. There are three basic types of proxy chaining here. We have a strict chain where all the proxy in the list will be used and they will be chained in order. We have a random chain where each connection made through proxy chains will be done by a random combo of proxies in the proxy list. And you have dynamic chain. It's the same as strict chain but dead proxies are excluded from the chain. And here we can set up whichever type we want. To enable or disable a particular type, we use the hash symbol here. As you can see right now, all the lines have a hashtag symbol at the front except this one, a dynamic chain. This is the current one being used. Let's say if I want to use a strict chain method. So I can add a hash value here and remove the hash here. At one point of time any one of these three four types should be enabled. Let's go for the dynam um dynamic chain. We can disable this strict chain by putting the hashtag in front and removing the dynamic chain. As you can see below we have few commands to how to handle the nano text editor. This symbol is known as the control button on your keyboard. Now if we want to write out which is synonymous to saving the file supposed to go with control O. So if I press Ctrl O on my keyboard it says file name to write and we have to press enter here since we want to overwrite the proxy chains 4.f file. We don't want to create a new file over here. So just press enter and we get a permission denied. This permission denied we're getting is because we have opened this using a standard user. ETC is a system folder. To be able to use make some changes, we have to use it using a pseudo command. To exit this nano, we have to use the controlx command. We use control X. We're going to clear and this time we're going to use the pseudo command. Pseudo nano etc. proxy chains 4. CF and we have the same file open up again. Now this time if you want to make a change, let's say we're going to add a strict chain instead of a dynamic chain, we remove the hashtag from strict, we're going to use control O for the save file option. We're going to press enter and it says wrote 160 lines. Again, if you want to reverse this change, we put the hashtag over here. enable dynamic chain. We press Ctrl O. Press enter and it says root 160 lines. Now we can exit straight away using the control X format. Right now we have not provided any file or a proxy chain. We can have proxy IP addresses from the internet but we have to make sure that they are safe and they don't snoop on our data. When there is no proxy chains being provided personally, it going it's going to use the to network. But for that we have to start to is a service in Linux. To know more about the store, we can write sudo systemct ctl which is used to know the status of services on the Linux operating system and status of to uh system ctl sorry uh instead of STL it should be systemctl status to as you can see it is a to service anonymizing overlay network for TCP connections and it's currently inactive. Now to start this up we have to write sudo systemct ctl start to now if we repeat the same sudo systemct ctl status store as you can see it's active now you can see the green logo over here okay to integrate the firefox and the browser we can use the proxy chains command directly over here we can write proxy chains we can use firefox to launch our web browser and let's say if we want to visit google.com we press enter and the Firefox window is launched and it should open up google.com next and there we go. If we go to myip.com once again as you can see we have a different IP address and the country is unknown as well. So this is how we can use proxy chains to anonymize uh internet usage when using Kali Linux. Next on our agenda is the ability to scan networks using N MAPAP. At its core, NAPAP is a network scanning tool that uses IP packets to identify all the devices connected to a network. Can learn more about N map using the help file. As you can see, these are some of the parameters that can be used when scanning ports of a system. You can see the version and the URL of the of the service over here. The primary uses of N mapap can be broken into three core processes. First, the program gives you detailed information on every IP active on your network and then each IP can then be scanned. Secondly, it can also be used to providing a lot of live hosts and open ports as well as identifying the OS of every connected device. Thirdly, NAPAP has also become a valuable tool for users looking to protect personal and business websites. Using N MAPAP to scan your own web server, particularly if you're hosting your website from home, is essentially simulating the process that a hacker would use to attack your site. Attacking your own site in this way is a powerful way of identifying security vulnerabilities. As we already discussed, the host Windows 10 machine on the system has an IP address of 1921 168 29.179. If you want to test the OS scan of the system, we're going to first get the root permission over here. We use the pseudo command and now we are a root user. We're going to launch the command N map minus O which is supposed to be an OS detection scan. The IP address we can use of the host system 192.168.29.179. In a legitimate penetration testing scenario, we can use the IP address of the vulnerable device over here. We are going to let it scan for a while and it's going to give us some guesses on what can the OS be. As you can see the scan is done and it has shown some of the ports that are open. You can see the MSRPC port open, the HTTPS 443 port open which is used to connect to the internet and it has some aggressive OS guesses as well. For example, it thinks there's a 90% 94% chance that it's going to be a Microsoft Windows XP Service Pack 3. That's partly because a lot of the Windows XP update packages are still prevalent on Windows. Now that the OS detection is confirmed, there are multiple more details that we can gather from N Map. Let's go with the NAP minus A command, which is supposed to capture as much data as possible. There is also a speed setting. You can call it a speed setting or a control setting of the minus t. Minus t ranges from t0 to t1 to t2 all the way up to t5. This basically determines how aggressively the victim is being scanned. If you scan slowly, it'll take more time to provide the results, but it will also give a less chance for the intrusion detection system on the vulnerable machine firewall to detect that someone is trying to penetrate the network. For now, if you want to go with somewhat of a high speed, we can go with the T4 and provide the same IP address of the local machine I am trying to attack. It's going to take a little bit of time since it's trying to capture a lot of information. As you can see, the results are now here. It It launched a scan and took a few top ports that are most likely vulnerable from a Windows XP perspective. And it showed a few ports over here. It has not shown 991 filtered ports which could not be attacked anyway since they were closed for outside access. It shows a few fingerprint settings like the connection policies and the port details. It shows an HTTP options. Some other intricate details that can be used when you attacking its servers. It shows a VMware version that it's running and some few other ports over here. Apart from that, we also have the aggressive OS guesses over here just like we did with the minus O. And you can see this time it is showing Windows 7 as 98%. No exact OS matches since uh if there was any exact o matches we could have seen 100% chances over here. This is a trace route. A trace route will be the time and the path a connection request takes from the source to the destination. For example, this request went from 19 to 168.72.2. to to a destination address. Since this is a local machine, it took only a single step. On multiple occasions, if you're trying to access a remote system, it's going to be a number of trace routes when it jumps from firewall to firewall and router to router. This is how we can use end mapap to find information about a system and find some vulnerable ports we can access. Moving on, we have a tutorial on how to use Wireshark to sniff network traffic. To start using Wireshark, we're going to have to open the application first. Now, during installation of Wireshark, there is an option to enable if nonroot users can be able to capture traffic or not. In my installation, I have disabled that. So, I will be launching Wireshark when using the root user itself. Also to capture data we need an external Wi-Fi adapter. You can see it over here in the VM tab. Removable devices link 802.1 and WLAN. This is a external Wi-Fi adapter which is inserted into my USB system. Can see it over here. If I write IW config, this is the one WLAN zero. This is absolutely necessary because we need to have a monitor mode required. We won't need it for sniffing data on wireshark right now, but it's going to be necessary later on in this tutorial as well as we will see. For now, we can just start up wireshark by writing its name on the command line and it should start the program. Here we go. Here it's going to check which of the adapters we want to use. For example, right now the ETH0 which supposed to stand for ethnet zero port. You can see data is being transmitted up and down. We're going to select ETH0 and we have started capturing data. You can see the data request from the source. the destination and the time and the which protocol it is following everything we can see and we can see the IPv4 flags here as well as you can see over here to capture internet traffic we can try running Firefox if we just write wikipedia.com And you can see the number of requests increasing. Okay, this is spelling mistake. Wikipedia here you can see the application data of all these requests going up and they're connected to a destination server of 103 102 166.224. Now if you even if you check the transmission control protocol flags over here and so many more things we cannot find anything beneficial. As you can see the information over here is gibberish which is supposed to be since it's supposed to be encrypted. Now this is possible due to this being an HTTPS website. Hence you can see the lock symbol over here and connection is supposed to be secure. Now what about HTTP ports? We have seen a many people recommend to not visit HTTP ports. Repeat. We have seen many people recommend to not visit HTTP websites and even if you have to visit to not provide any critical information. For example, let's go to a random HTTP page over here. As you can see this is saying connection is not secure and this is an HTTP HTTP page and not HTTPS. Now let's check for some of the information that is passing through this. This is a login form. Let's say I have a legitimate account over here. If I write my account name and my password is supposed to be password 1 2 3 4. I press login and uh the password does not match because I do not have an account over here. But let's say I did and I was logged in as expected. We can go to wireshark. We can use filters over here. Now all the requests that I'm sending it's a TCP request. So I can write a filter containing TCP contains whatever string if it is being passed. Let's say for the end username I write my account name. So I can just write my account name over here and press enter to find a request over here. Now as you can see there are many flags over here. If I go to the HTT HTML form URL encoded and open up some of its flags, as you can see, I can see my account name and simply learn password over here. This is the same details that I input on the website. Let's say I did have a legitimate account on this website. I would have logged in with no problems. But anyone who would be using Wireshark to sniff on the data can easily get my credentials from here. This is why it's recommended to not provide any information on HTTP pages. The security is not up to the mark and always look for the lock symbol when visiting any website or making any internet transactions or providing any information. This is how we can use Wireshark to detect transmission and sniff packet data that is being transferred through the network adapter. Next, we have to learn about what is Metasploit. The Metasloit project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS development. We can open up the terminal here. We're going to allow root access. And to open up Metasloit, the keyword is MSF console. It's going to take a little bit of time to start it up. [Music] Now the Metasloit console has been loaded. From here we can decide what type of attack we want to launch and what kind of exploits we can launch against vulnerable targets. For example, like we already discussed, I'm running this virtual machine on a Windows 10 host machine. So if I open the command prompt for my Windows 10 over here, if I need to check the IP address once, I go with IP config. Here you can see the IP address of this local machine. Moving on, if we have to attack that machine, let's say we want to see what kind of exploits are going to work over there. Now, we already know that Windows has some common vulnerabilities. One of those vulnerabilities is the HDA server vulnerability. HDA is supposed to be a HTML application but when passed the right payload it can be used to open a back door into a system to start off with the metasloit and accessing such applications. We're going to use the command use exploit and the name of the reverse HDA server is this Windows MISA for miscellaneous HDA server. As you can see, it already found this one. All right. Now, there are some options that we need to set for this exploit to go through. For example, you can see some of the options over here. There's a payload. The payload is supposed to be the malicious file that we are going to send on the HTML application which allows us to give the back door. For example, right now the payload which is the malicious file is a Windows meter reverse TCP. Completely understandable. Now let's set the LHOST. LHost and Rhost and SRV host should be the one where we are going to launch the attack from. For example, if we launched another tab of this console and we just press config, the IP address is 192 + 16872130. So, we're going to set the LH host as 192.168.72.130. And we're going to do the same thing with SRV host. We're going to set a port where we need to capture the backdoor access. Next, the payload has already been set. This payload will launch a backd dooror and give us interpreter access to the system. Metup printer is can be considered as an upgrade of a normal command prompt shell. We will look into it once we get the access in the first place. Now that we have set the commands, we can press on exploit and press enter. Now you can see we have a URL over here. We're going to copy this URL. Once the URL is copied, we take it into the browser and paste it. This will ask us to download this file. Now, as per browser security settings, this file should be blocked by default. We can decide to keep it. And with the correct formulation of this malicious package, even the website browser antivirus softwares will not be able to detect good payloads. We're going to save this file. and we're going to open it. Publisher could not be verified. If we press run and we go back to our meta beta access over here, you can see it has already captured a URL of an HD server and it is writing delivering payload. Just have to wait for a few seconds till the payload is delivered. It has sent this much amount of data. Meet Peter session one is opened and we should get the access soon. There we go. Now to understand where is the session set we can write sessions minus I. As you can see it has a meter over here. We're going to write sessions minus I. The session ID is one. So we're going to write one. And we have the meter access. Now to get a fair idea of the system we're going to write sus info and it's going to the computer name the OS architecture all these things we can write the help command to see what are the things that we can get out of the system we can take screenshots we can control the webcam and start a video chat we can take a lot of things over here there are other commands as well where we can change the file directory like the cat command cd command there are so many things that work in the normal cmd which we can run on the meter interpreter as well. Now, if you want to access the command prompt of the system directly, we can go with this. We have to write shell. And there we go. We are in the downloads folder right now. To see if this is the same computer or not, we're going to write IP config. As you can see, it is our M victim machine with 192 168 29.171. We can just press exit and we're back with a meter access. This is how we can use meta and metas-loit to gain access to a Windows 10 machine. Next, let's take a look at how we can get root access from a Windows 10 system. We just learned how we can get a meter access from a system. We can background this meter session by writing background and pressing enter. We can still we can still see the session session minus I it's still present over here. Now these kind of access are not administrative access. These are the kind of back doors that can be created for standard users. But to get a complete access of a system including the program files, the Windows documents, we need to have root access or administrative access. To do that we're going to use another exploit. Reminder that the Metapita session of the standard access is already present and we're not messing with it right now. We're going to set up another session albeit with the same machine. That exploit name is use exploit Windows local bypass USC event viewer. And there we go. Now if we check the options that we can put in the system, we have to choose an exploit target, we need to put a session as well. Let's say we going to use the session one. This is the session that has the meter access with the standard user. It doesn't have the system user. We're going to write set session one and we're going to run exploit. Run a few commands and it opened a second meter session. As you can see, it is the session two. If I write sis info, you can still see I'm not the system user right now. I'm still just a normal user. How can we check that? If you go to shell, you'll still see see user shabb downloads all these things. If I press exit, go back to the meter. There is a command on meter. Get system it attempts to elevate your privilege to that of the local system which basically means you get promoted into root access. So if we write get system and due to pipe impersonation we now have the system root access as you can see now it has become x64 and we are the admin users. Now if I go to shell I can easily go back windows and I can easily access these things. This kind of control over the windows folders and the program files folders these kind of things are not possible if you are not an admin access or the command prompt has not been run with admin permissions. This is how we can use privilege escalation to get into an admin access system. We use the second exploit which was the bypass US event viewer exploit and essentially used it with the first session. As you can read here, Windows escalation US protection bypass. It was first disclosed on 2016 but it still works on some systems. This is how we can get a root access on a Windows 10 installation. Hope you learned something new today. So, let's talk about hacking and what exactly hacking is. Hacking refers to exploiting weaknesses in a computer network to obtain unauthorized access to information. A hacker is a person who tries to hack into computer systems. Now, here there are some key words that we need to understand. First and foremost, exploit. when you're exploiting weaknesses. Weaknesses are technically called vulnerabilities which are basically design flaws, misconfiguration errors, usage of default usernames and passwords which have not been modified. So any misconfiguration or anything that has been left behind by a security administrator that can be misused which means exploited by a hacker to gain unauthorized access. So the next term is unauthorized access something that you're not allowed to do. And when you say a hacker is a person who tries to hack, it's basically a person with malicious intent trying to gain access to a system or a resource that they are not authorized to access in the first place. How do they do it? They find a vulnerability that is a weakness or a flaw and then they misuse it to gain access to that particular network. So here in the diagram you can see that a sender on the left hand side is trying to send some data to the receiver on the right hand side. The hacker would try to gain unauthorized access to the transmission that is being sent and would try to capture the data packets and read the secrets within. Let's look at a business case scenario into hacking. Now there is an organization uh everybody's going around their own business when they realize that their systems may have been compromised. Now they're trying to look at the customer data to ensure that that has not been compromised and trying to assure the customers. However, they do realize that some customer data has been lost and even the company reports have been modified as well. Now, this is the scenario where there have been some security controls in place and those controls have been identified. They realized that there is an attack that has happened and based on that attack, they have realized that the data has now been compromised and the records have been modified uh by the hacker which means that the data is no longer trustworthy and thus cannot be used by the business for any legal transactions. So then the hacker gives a call to the organization or gets connected to the organization demanding a ransom for the data to be replaced to be taken back into the original state where it was trusted and thus the organization can utilize it for business transactions. The organization has probably no backup. So they decide that they want to pay the lumpsum to the hacker to restore that data so that they can continue on with the business. does money exchanges and the hacker is able to restore that data and the business continues at as usual. However, the activity here of a hacker trying to leverage the misconfiguration of the weaknesses in the organization's security thus being able to hack them and uh make these ransomware demands. So the company then wants to figure out even if having a security system in place how was the hacker able to hack their systems. Thus, one of the employees comes up with a brilliant idea of identifying vulnerabilities in the network uh to proactively search for any flaws that have been left behind uh so that they can plug those flaws and nobody can misuse them. Thus, they figure out that they want to hire a ethical hacker who would help them identify the security posture of the organization, identify the weaknesses, vulnerabilities and flaws and help them remedy those flaws so that in future scenarios these scenarios will not happen. So before we go into an ethical hacker, let's understand what are the types of hackers. So what are the types of hackers? Hacker is a technically skilled person uh who is very adept with computers. They have good programming skills. They understand how operating system works. They understand how networks work. They understand how to identify flaws and vulnerabilities within all of these aspects. and then they understand and know how to misuse these flaws to get a outcome which would be detrimental to the health of the organization. So there are six type of hackers that have been identified. Black hat hackers, white hat hackers, grey hat script kitties, nation sponsored hackers and activists. So blackhat hackers are bas basically uh the malicious hackers who have malicious intent and have criminalistic tendencies. they want to harm the organization by hacking into their infrastructure, by destroying their infrastructure, by destroying their data so that uh they can gain from it from a monetary perspective. Uh these guys are also known as crackers. The main aspect of these uh people are that they have malicious intent. They try to do unauthorized activities and they try it for personal gain. Another important aspect to remember is that a blackhat hacker will always try to hide their identity. uh they will spoof their online digital identity by masking it by spoofing their IP addresses, MAC addresses and try to remain anonymous on the network. A white hat hacker on the other hand is also an ethical hacker or a security analyst who's an individual who will do exactly the same thing that a black hat hacker would do minus the malicious intent plus the intent of helping the organization identifying the flaws and remedying them so that nobody else can misuse those vulnerabilities. So they are authorized to act on the company's behalf. They are authorized to do that activity which would help the company identify those flaws and thus help the company mitigate those flaws improving on their security posture. So these uh these kind of security experts or ethical hackers would help organizations defend themselves against unauthorized attacks. Grey haters is a blend of both white hat and black hat hackers. So here they can work defensively and offensively both. They can accept contracts from organizations to increase their security posture. At the same time, they can also get themselves involved in malicious activities towards other organizations to personally gain or benefit from them by doing unauthorized activity. Script kitties are people uh who are technically not much aware about what hacking is. Uh they rely on existing tools that have been created by other hackers. They have no technical knowledge of what they're doing. It's just a hit or miss for them. So they just get their hands on a tool, they try to execute those tools. Uh if the hack works, it works otherwise it doesn't. So these people are basically who are noobs or newbies who are trying to learn hacking or uh just uh people who with malice's intent who just want to have some fun or trying to impress people around. Then we have the nation or the state sponsored hackers. As the name suggests, these hackers are sponsored by their government. Now this may not be a legitimate job but most of the governments do have uh hackers uh enrolled in their pay on um on their organizations to spy on their enemies to spy on various countries and try to figure out uh the aspirations of those countries. So this is basically a spying activity where you are technically trying to get access to other count's resources and then try to spy on them to figure out what their activities have been or what their future plans have been. And then we have the activists who is an individual who has a political agenda to promote and they promote it by doing hacking. So uh these guys what is the difference between a black hat hacker and a activist? The black hat hacker may try to hide their identity. Activist will claim responsibility of what they have done. So for them it's a political agenda, a political cause and they will try to hack various organizations to promote their cause. They would probably do this by defacing the website and posting the messages that they want to promote on these websites. So what exactly is ethical hacking? Then we have discussed the types of hackers. We have identified a malicious hacker as a black hat hacker with the intent uh of doing harm to an organization's network for personal gain. We have discussed what the ethical hacker is. So an ethical hacker would be doing the same activity but in an authorized manner. So they would have legal contracts that they would be signing with the organization which would give them a definite scope of what they're allowed to do and what they are not allowed to do and the ethical hackers would function within those scopes would try to execute those test scenarios where they would be able to identify those flaws or those system vulnerabilities and then they would be submitting a report to the management of what they have found. They would also help the management to mitigate or to resolve those weaknesses so that nobody else can misuse them later on. They might use the same techniques and the same tools that blackhat hackers do. However, the main difference here is that these guys are authorized to do that particular activity. They're doing it in a controlled manner with the intent of helping the organization and not with the intent of personal gains. So, who's an ethical hacker? Again, an ethical hacker is a highly intelligent, highly educated person who knows how computers function, how programming languages work, how operating systems work. They can troubleshoot. They're technically very adept at computing. They understand the architecture. they understand uh how various components in a computer work. They can troubleshoot those components and they can basically be uh very good with programming as well. Now when I say programming, we don't want the ethical hacker to be a good developer of applications. We want them to understand programming in such a way that they can create scripts, they can write their own short programs like viruses, worms, trojans or exploits which would help them achieve the objective that they have set out for. So uh here you can see the ethical hacker there are individuals who perform a security assessment of their companies with the permission of cons concerned authorities. So what is a security assessment? A security assessment is finding out the exact security posture of the organization by identifying what security controls are in place how they've been configured and if there are any gaps in the configurations themselves. So an organization will hire a ethical hacker. They would give the ethical hacker the information about what information is or what security controls, what firewalls, what IDs, IPSS, introen detection or intro prevention systems, antiviruses are already in place and then they will ask the ethical hacker to figure out a way to bypass these mechanisms and see if they can still hack the organization. What is the need of an ethical hacker? The need of an ethical hacker is proactive security. The ethical hacker would identify all the existing flaws in an organization and try to resolve those flaws to help secure the organization from blackhead hackers. So ethical hackers would prevent hackers from cracking into an organization's network by securing the organization by improving on their security on a periodic basis and they would also try to identify system vulnerabilities, network vulnerabilities or application level vulnerabilities that would have been missed or have already been missed and then try to figure out a way of plugging them or uh resolving them so that they cannot be misused by other hackers. They would also analyze and enhance an organization security policies. Now what are policies? Policies are basically documents that have been created by an organization of rules that all the employees need to follow to ensure that the security of an organization is maintained. For example, a password policy. A password policy would help users in an organization to adhere to the standards the organization has identified for a password complexity. For example, a password when a user is creating them should adhere to standards where they are using random words. They are uh they contain the alphabet A through Z uppercase and lower case 0 through 9 as numeric and special characters and they're randomized so that the password becomes more more stronger to prevent from brute force attacks. So what would an ethical hacker do at this point in time? They would try to test the strength of the passwords to see if brute force attacks or dictionary attacks are possible and if any of these passwords can be cracked. They would ensure that all the employees are following the policies and all the passwords are are as secured as the policies want them to be. If there are any gaps in the policies or the implementation of the policy, it is the ethical hacker's responsibility to identify those gaps and warn the organization about it. Similarly, they would also try to protect any personal information, any data that is owned by the organization that is critical for the functioning of the organization and they'll try to protect it by from falling into the hacker's hands. Now what are the skills that are required of an ethical hacker? These are the following skills. So first and foremost they should have good knowledge with operating systems such as Windows, Linux, Unix and Mac. Now when we say knowledge about operating systems, it's not only about how to use those operating systems, but how to troubleshoot those operating systems, how these operating systems work, how these operating systems need to be configured, how can they be secured. For example, securing an operating system is not only installing a firewall and an antivirus, but you need to configure permissions on an operating system of what users are allowed to do and what users are not allowed to do. For example, limiting the installation of applications. How are we going to do that? We need to go into the system center, the security center of Windows and we need to configure security parameters over there of what are acceptable softwares and what are not. Same with Linux and uh Mac softwares, operating systems. So we need to know how we can secure these operating systems. Similarly, all of these would have desktop versions and server versions of operating systems. As a ethical hacker, we need to know the desktop and server versions both how to configure them and how to provide services within the organization on these servers so that they can be consumed in a secure manner by all the employees. At the same time, they should also be knowledgeable of programming languages or scripting languages such as PHP, Python, Ruby, HTML for programming, if you will, because web servers come into the picture. So again, they should not be great developers where they can create huge applications, but they should be able to develop scripts, understand those scripts, analyze those scripts, and figure out what the output should be of those scripts to achieve the hacking goals that they have set out for. An ethical hacker should have a very good understanding about networking. No matter whether you're in application security, you're in network security or you're in hostbased security. Since a computer will always be connected to a network, either a local area network like a LAN or the internet, we should know how networking works. We should know the seven layers of the OSI model. We should know which protocols work on those seven layers. We should identify the TCP IP model and how OSI model can be mapped to the TCP IP model. We should understand how TCP and UDP work. How uh how each and every protocol is crafted, how they are supposed to behave for us to analyze and understand any network-based attacks. We should be very good in security measures. So we should know where those vulnerabilities would lie. What are the latest exploits available in the market and we should be able to identify them. We should be able to know the techniques and the tools of how to deal with security, how to analyze security and then how to implement security to enhance it as well. Along with that, it is important that a security analyst or ethical hacker is aware of the local security laws and standards. Why is that? Because an organization cannot do any illegal activity. Whatever responses that they have, whatever security mechanisms, whatever security controls they will implement, they need to be adhering to the local law of the land. They should be legal in nature and should not cause undue harm to any of the employees or any of the third party clients that they are dealing with. So the ethical hackers should be aware of what uh security laws are before they implement security controls or even before they start testing for security controls. And all of these should be backed up by having a global certification or a globally valid certification related to networking, related to security, ethical hacking, the law of the land, anything and everything. maybe even programming. Uh it's good to have a certification in PHP, Pearl, Python, Ruby and so on so forth. Why? Because most of the organizations when they hire ethical hackers look out for these certifications especially globally valid certifications so that they can be sure or they can be assured that the person that they are hiring has the required skill set. So let's talk about a few of the tools that a ethical hacker would utilize uh in their testing scenarios. To be honest, there are hundreds of tools out there. What you see on the screen are just a few examples of them. Uh Nessus is a vulnerability scanner. What is a vulnerability scanner? It is an automated tool that is designed to identify vulnerabilities within hosts, within uh operating systems, within networks. So they come with the readym made databases of all the vulnerabilities that have already been identified and they scan the network against that database to find out any possible flaws or any possible vulnerabilities that currently exist on the host or the operating system or on the network. Similarly, there would be application scanners like uh Aunetics or Arachnne that would help you scan applications and identify flaws within those applications as well. Now all of these are automated tools. The essence of ethical hacker is when these tools churn out the reports, the ethical hacker hacker can understand these reports, analyze them, identify the flaws and then craft their own exploits or use existing exploits in a particular manner so that they can get access or they can bypass the access security controls mechanisms that are already in place. How can they do that? With the tool called metasloit. You see that big M there on the right hand side. That M logo is for a tool called metas-loit which is a penetration testing tool. What is a penetration testing tool? It is that tool that will allow a ethical hacker to craft their exploits or choose their exploits for the vulnerabilities that have been identified by Nessus. Since we are interacting with computers, we will always be interacting using tools, right? So the first tool Nessus identifies the flaws and the possible list of vulnerabilities. We do a penetration test using metas-loit to validate those flaws and to verify that those flaws actually exist and try to figure out the complexity of those flaws and that's where metasloit helps us do that. Wireshark would be used in the background while we are doing both the activities using Nessus or Metasloit to keep a track of what packets are being sent and by received on the network which will help us analyze those packets. So whenever I run a Nessus scanner I would run a wireshark in the background. it will capture the data packets and I can go through those data packets and analyze that data packets to identify what Nessuses is actually trying to do. Similarly, when I try to attack a machine using exploit on metas-ploit, I'll keep on wireshark running in the background to capture the data packets that have been sent and the responses that I've received from the victim so that I can also go through those packets and analyze the responses and analyze the attack whether it was successful to what extent was it successful and basically will also give me a validation a proof of the activity that has happened. N MAPAP is another automated tool that allows me to scan for open ports and protocols. So why would I use N MAPAP? Because pro ports and protocols become an entry point for a hacker to gain access to devices. For example, when we connect to a web server, we connect through a web browser, but we automatically connect to port 80 using HTTP and port 443 is using HTTPS. So if I'm connecting to a web server using HTTPS, it is safe to assume that port 443 on the web server is open to accept those connections. Similarly, there would be other services that may be left open on the web server because nobody thought about configuring it or they misconfigured the web server and they left unwanted services running. So end mapap will allow me to scan those ports and services and allow me to understand what services are being offered on that server. So then I can start analyzing that server, identify those flaws within those services and then try to attack them. If the application that I'm analyzing is connected to a database and I want to do a SQL injection attack or if I if Nessus tells me that there is a SQL injection attack that may be possible on that particular application, I can use an automated tool called SQL map or SQL map that would allow me to automatically craft all the queries that are required for a SQL injection attack and help me do that attack at the same time. So here I do not have to manually create my own queries. Uh the SQL map tool would automatically create them for me. What I would do is I would use Nessus to identify that particular flaw. If Nessus reports that flaw, I would then go use the tool SQL map configure it to attack that particular web server. And when I fire off the tool, it will then automatically start directing queries, SQL injection queries to the database to see if those uh databases are vulnerable and if yes, what data can be retrieved from those databases. So all of these tools in a nutshell would help me hack networks, applications, operating systems and host devices. And this is what the ethical hacker does. They use these kind of tool sets. They identify what attacks they need to do. They identify the right tool for that particular attack and they write their exploits. They create those attacks and then they start attacking. Analyze the response and then give a report to the management uh providing them feedback about how the attack was created or crafted, what was the response to that attack and whether the attack was successful or not. If successful, they would also give recommendations of what to do to prevent these attacks from happening in the future. So when we are doing these attacks or when we want to launch these attacks, what is the process that that we would follow? So there are six steps that we would do as a ethical hacker. If you are just a hacker, you probably wouldn't do the sixth step which is a reporting step. So the first step that would be done is the reconnaissance phase which is the information gathering phase which is very important from ethical hacker's perspective or a hacker's perspective because if I want to attack someone or something as a digital device, I need to know what I'm attacking. I need to know the IP address of the device, the MAC address of those devices. I need to know the operating system, the build or the version of that operating systems, applications on top, the versions of those applications. So I know what I'm attacking. For example, if I if I want to attack a server, I assume it's a Windowsbased server and I use a particular tool to attack it, but it actually turns out to be a Linux based server, my attacks are going to be unsuccessful. So I need to focus my attack based on what is there at the other end. So in my information gathering phase, I want to identify all of that information. Once I have that information done, I'm going to scan those servers using tools like end mapap that we just talked about and we're going to try to see the open ports, open services and protocols that are running on that server that can give me possible entry points within the network or within the device or within the operating system. At the same time along with the scanning with N mapap I would run a vulnerability scanner the Nessus vulnerability scanner we talked about or aunetics for applications and then I would try to identify vulnerabilities in those applications operating systems or networks. Once I have identified those vulnerabilities in the scanning phase I would then move on to the gaining phase where I would then craft my exploits or choose existing exploits and start attacking the attacking the victim. At this point in time, if my attack is successful, I will probably have gained access uh by either cracking passwords or escalating privileges or exploiting a vulnerability that I may have found during the scanning phase. Once I have gained my access, I want to maintain my access. Why? Because the vulnerability may not be there for long. Maybe somebody updated the operating system and hence the flaw was no longer exist existing or somebody changed the password that may I may have cracked. Thus, I no longer have access. So what do I do to maintain my access? I install Trojans or backdoor entries to those systems using which I can secretly in a covert manner get access to those devices at my own will at my own time as long as those devices are available over the network. So that's where I maintain my access. I have hacked them. Now I want to maintain my access. So I install a software which would give me a backdoor entry to that device no matter what. Once I have done this I want to clear my track. So whatever activity that I've been doing for example installing a Trojan a Trojan is also a software that would create directory directories and files once installed on the victim's machine. So I want to hide that. If I have access data stores, if I have modified data, I want to hide that activity because if the victim comes to know that something has happened, they would start they would start increasing their security parameters. They might start scanning their devices. They may take them offline. Thus my hack would no longer be efficient. The reason I'm clearing my tracks is that the victim doesn't find out that they have been hacked or they have been compromised. Or even if they do find out that they've been compromised, they cannot trace the compromise back to me. So I would be deleting references of any of the IP addresses or MAC addresses that I may have used to attack that particular device. And this is where I will be able to identify where those logs were created, where those traces are. Once I take off those traces, the victim would not be any wiser of whether they have been compromised or who compromised their system. And if I am successful at all of these stages or what to whatever extent the success that I have achieved in any of these stages, I would then create a report based on that and I would report to the management about the activities that we have been able to do and whatever we have been able to achieve out of those activities. For example, we identified 10 different flaws. There were 20 different attacks that we wanted to do. what attack did we do? What was the outcome of that attack? What was the intended or or the expected output of that attack? I'll create a report which would give a detailed analysis of all the steps that were taken along with screenshots and evidences of what activity was conducted, what was the output, what was the expected output and I would submit that report to the management giving them an idea of what vulnerabilities and flaws exist in their environment or their devices that need to be mitigated so that the security can be enhanced. So these are the six steps that the ethical hacking process would take. uh just going through this the uh reconnaissance is where you're going to use hiking tools like NM map edgepainting to obtain information about targets. There are hundreds of tools out there depending on what information you want. Then in scanning again N map MAPAP Nexpose these kind of tools to be utilized to identify open ports protocols and services. In gaining access you're going to exploit the vulnerability by using the metasloit tool that we talked about in the previous slides. In the maintaining access you're going to install backd doors. You can use metasloit at the same time. uh you can craft your own scripts to create a Trojan and install it on the victim's machine. Once you have achieved that, clearing tracks is where you're going to clear all evidences of your activity so that you do not get caught or the victim doesn't even realize that they have been hacked. And once you have done all of this, we are going to create reports that are going to be submitted to the management to help them understand the current security evaluation of their organization. So now let's see how we can hack using social engineering. Now what is social engineering? Social engineering is the art of manipulating humans into revealing confidential information which they otherwise would not have revealed. So this is where your social skill and your people skills come into the picture. If you're able to communicate effectively to another person, they would probably give up more information that they intended to give out. Let's look at look at examples. Right? If you see on the screen fishing activity, what is fishing? We receive a lot of freakmails on a regular basis. We have always received those emails where we have won a lottery of a few million dollars, but we have never realized that we didn't purchase a lottery to win a lottery in the first place. We have always had those Nigerian frauds where a prince died in some South African country and you out of 7 billion people on the planet have been identified where they want to transfer a few hundred million through your account and they want to give you 50% of that money in return as thank you. So, some very basic attacks where you go on two websites and there's a banner flashing at you saying, "Congratulations, you're the 1 millionth visitor to this website. Click here to claim your prize." All of these are social engineering attacks, fishing attacks, fake websites, fake communications being sent out to users to prey on their gullibility. Most of humans always have that dream of striking it rich, winning a huge lottery once and for all, and living their life lavishly ever after. But sadly in the real world that's not that doesn't happen that often and if you're receiving those mails it is very important that you first research the validity of those those communications before you even want to act upon them. So why are humans susceptible to social engineering? Because humans have emotion. Machines do not. Try pleading with a machine to give you access to a account that you have forgotten a password to. The machine wouldn't even know what you're doing. Try pleading with a human sympathy or empathy where you could try to create a social engineering attack where you can plead with them saying if I do not get access to this account immediately I might lose my job and then that would put my family into problems. Somebody would feel empathy or sympathy towards you and help you reset that password and give you access to that account. It's how good the attack is and how convincing you are for the success of this attack to happen. So what is a familiarity exploit? Attackers interact with victims to gain information which will benefit the attack. uh to crack credentials as passwords. If we want to reset our passwords, what do we have as a mechanism to resetting passwords? We have some security questions that we set up. Those questions are nothing but personal information that we would know. But through a social engineering attack, we it would be easily be able to uh gather the information that you have set for your security questions. The security questions can be as simple as the first school that you attended. you probably have that listed on your LinkedIn profile where a per person can just go in there and see your academic qualifications and identify the school that you were in right similarly uh it might also be a question what was your mother's maiden name that's a very good attack and that's uh I mean if a person can interact with you let's say they're trying to take a survey and they approach you for a feedback on a particular product that you have been utilizing and they ask you these questions you wouldn't think twice before giving those answers as long as the request sounds legitimate to us we are able to justify that request, we do answer those queries. So, it's upon us to verify the authenticity of the request coming in before we answer it. Fishing, as we discussed, would be fraudulent emails which appear to be coming from a trusted source. So, email spoofing comes into mind. Uh fake websites and so on so forth. Exploiting human curiosity. Curiosity killed the cat, right? So there was there's so many physical attacks where hackers just keep pen drives lying around in a parking lot. Now this is open a generic attack. Whoever falls victim will fall victim. So if I just throw around a few USBs in the parking lot obviously with Trojans implemented on them. Some people who are curious or who are looking for a couple of freebies might take up those pen drives plug them in their computers to see what data is on the pen drives. At the same time once they plug in there those pen drives on their computers the virus or the Trojan would get infected and cause harm to their machine. Then exploiting human greed. We just talked about the Nigerian frauds and the lotteryies those kind of attacks the fake money-making gimmicks. Now basically this is where you prey upon the person's uh greed kicking in and they clicking on those links in order to uh get that money that has been promised to them in that email. So one of the safest mechanism to keep data private and to keep yourself secure is using encryption. Now encryption can happen through cryptography. What is cryptography? Cryptography is the art of scrambling data using a particular algorithm so that the data becomes unreadable to the normal user. The only person with the key to unscramble that data would be able to unscramble it and make sense out of that data. So we're just making it unreadable or non-readable by using a particular key or a particular algorithm and then we're going to send the key to the end user. The end user using this uh same key would then decrypt that data. If anybody compromises that data while it is being sent over the network since it is encrypted they would not be able to read it. So the encryption algorithm would be something like this. Now if you see uh the computer word once made into unreadable format would look like eq o r xv gt for a end user it wouldn't make any sense but the person who has a key to unscramble that would be able to convert it back to computer and then understand the meaning of that word. So this is just a substitution cipher that is being shown on the screen. So what is the alphabet? The key is alphabet plus three. So C plus three alphabets that becomes E. O becomes Q. M becomes O. So the key that is utilized to scramble the data is the character that you are at the third character from there would be the corresponding key. So the encrypted message is also known as a cipher. The decryption is just the other way around where you know the key now and you can now figure out what that e correspondent to by going back three characters in the alphabet. Most of the times a certified ethical hacker must decrypt a message without knowing the secret key. So let's say a ransomware has affected your organization or has affected a device and you want to figure out uh or you want to decrypt that data. Now as ethical hacker you wouldn't be for paying a ransom uh to the hacker would you? So it is now your prerogative of how you're going to work around and how you're going to try to crack the encryption mechanism how to crack the cipher to decrypt that message and see what's within it. Right? Decryption without the use of a secret key that is known as a crypt analysis. Cryp analysis is the reversing of an algorithm to figure out what the decryption was without using a key. So cryp analysis can be done using various formats. The first one is a brute force attack. Second is a dictionary attack. The third one is a rainbow table attack. A brute force attack is trying every combination permutation and combination of the key to figure out what the key was. It is 100% successful but may take a lot of time. A dictionary attack is where you have created a list of possible encryption mechanisms, a list of possible cracks and then you try to figure out whether those cracks work or not. Rainbow tables are where you have an encrypted text in hand and you're trying to figure out uh the similarities between the text that you have and the encrypted data that you wanted to decrypt in the first place. So in the brute force attack, you're trying every possible combination permutation of what the key would be. In dictionary attack, you have a word list that would tantamount to the key. And if you're you're trying to match all the words listed in the text file or the word list to see if any of those words are going to work to decrypt that data. Here in the rainbow table, the cipher text is compared with another cipher text. You find out similarities and then you try to work or reverse engineer your way accordingly. So let's have a quick demo on cryptography before we end this session. So to begin with the demo of cryptography, we are on a website called spammimic.com which will help us scramble the message that we created into a completely a format which would be unrelated to the topic at hand. So if I say I want to encode a message, turn a short message into spam. So what this does is you want to send across a secret message, you type in the secret message, a short one and it will convert that into a spam mail. You send it across. So whoever is reading that spam mail would never get an idea of the embedded message within it. So if I want to type in a message here, hi, this is a secret message. The password is at the rate 1 2 3 4. And I want to send this out to people or to one of my colleagues, but I want to send it out in a secret manner so that others are not aware of this. So when I press on encode what the algorithm would do is it will convert this message into a spam mail. So my message hi this is a secret message the password is at the rate 1 2 3 4 or asd at the rate 1 2 3 4 gets converted into this. Now if you read it dear e-commerce professional this letter was specially selected to be sent to you. This doesn't make sense. There is nowhere or no reference to the actual message that I've already said. So if I copy this entire message and I send it let's say via email to the recipient. Now the thing is that the recipient needs to know that I've encoded it using spam mimic. The algorithm rem need needs to remain the same. So once they know that it is spam mimic what they can do is now in this instance what I'm going to do is I'm going to open up a new browser and I'm going to go to the same website and at this point in time I'm going to click on decode. When I click on decode I'm going to paste the message that I've just copied. There we are. And this message is now being copied into a different browser. And if I decode this, you will see that it will convert it back to the original message that there was. So the key is there at spam mimic and uh it is embedded within the message. So whenever we paste the message in the decode factor, it knows what the key was and it can decrypt that message and give me the actual message that was embedded within it. There we are, the entire message. This is what we created in the Google Chrome browser and in the Firefox browser we decoded. Similarly, if I want to protect these kind of messages, there is an aspen encrypt.com website where let's say we use text encryption and I want to encrypt the same message. This is a secret message. The password is ASD at the rate 1 2 3 4. And then I give it a password to protect this message. Let's say the word password. And I use the cipher to scramble this by using let's say AES which is the strongest cipher right now and I say encrypt. So this is what the encryption would look like. And basically uh if I don't have the password over here, if I decrypt it, you would see that the error has occurred. Now if I type in the password over here and then decrypt it, it will be able to convert that back into the unscrambled text and it will give me what the original message was. This is a secret message. The password is ASD at the rate 1 2 3 4. So if I want to keep my data secure from hackers, I want to scramble it in such a way that they would not be able to crack it or it would be very difficult from for them to crack it. And this is one of the first mechanisms that would be recommended by any ethical hacker to keep the data secure. Now let's talk about downloading and installing Kali Linux. Along with that, we'll also be looking at the basic commands that are required for Kali Linux. All right. So I've opened my browser and we want to go to the Kali website. So we want to go to kali.org. og. You can directly type in kali.org and go to the website. I can just do a Google search and say kali download and it will give you the same website but it will directly take you to the downloads pages. So either here and or you can go to the homepage uh cookies are being installed on your machine. So uh see which cookies you want to allow. I'm only going to use the necessary cookies to support this site. And you can see that this gives you the latest Kali Linux news and tutorials. gives you the latest release, what is in that release and gives you a lot of documentation which will help you understand what tools have been developed and what functionality has been given in the latest version. If you want to download, you can directly go here and you can download Kali Linux. Now, Kali Linux is a 2.6 GBTE download. So, it's going to take time. The latest version being 2019.4. And we click over here. I'm using a download manager to manage all these huge downloads. And uh you can see it's pointed to the operating systems folder and it is going to be a 2.57GB download. So we click on download and in the background uh you can see this is going to be downloaded and we're going to minimize this and uh it will take a few minutes for that to download. But this is an ISO image. So we need to install it on a virtual machine. So what we need is we need to use a hypervisor which will allow us to create virtual machines. So we can either use VMware workstation which you can download from here. However, uh this is paid version. So you can see it is around $250 or something for uh this software. But it is a very good software to have. So if you click on download now, it is going to start the download. It's a 30-day trial period if you want to use it. After 30 days, you'll need to enter the key which you'll get after purchasing the software. If you do not want to utilize this the free version that you have, you can either download VMware player but there are some limitations for VMware player that you might want to look at. Does you want to compare these products before you want to purchase them, right? Otherwise, you can download Oracle Virtual Box which is a free hypervisor. It's not as robust as VMware Workstation, but it does the trick, right? So the the free version uh 6.1 is free and you can then create your own virtual machines over there and install operating systems on them. What I do have I already have a VMware workstation installed. So I'm just going to open that up and that's my VMware workstation. As you can see I already have a lot of virtual machines created over here. What we going to do is we going to configure a virtual machine for the Kali Linux operating system that we are downloading which should be somewhere here. Let's see it's at 43%. So all halfway there. Till then let's create the virtual machine. So I click on file create a new virtual machine. I'm going to customize the machine. So click on next. This default we don't want to change that. And then we want to install the operating system later. We don't want to point it out right now. So I'll just click on I will install the operating system later. Click on next. We want to install Linux. Now in the dropown you would not see Kali Linux over here. However you can choose Ubuntu 64-bit. That's what I'm going to choose. There it is. Next. What is the name that we want? I want to give it Kali Linux without the typo. And I want to store it in one of the folders that I have created. By default, it stores on the C drive, which is not a good place to store. Uh you don't want to run out of space on your C drive. So, I'm going to click on this PC. And this is my data. And in here, I'll have a folder called virtual box or virtual machines. There it is. within which he can see the other software that I already created. I'm going to create a new folder and call it Kali 2019 L. L for is is latest for me because you can see already have a Kali Linux. So I'm just going to identify this folder with the L at the end. Going to select it and click on okay. You can see the path being changed over here. Click on next. It's going to ask you how many processors. Now depending on the processor that you have. You can see I've got a 8 core i7. So if I give it 16 cores or 16 processors, that's not going to work. I cannot go beyond what the physicality already is. So for this machine, one processor with one core is more than enough. If you're going to lo use a lot of tools at the same time, you might just want to give it two cores. So we given it two cores. It will ask us for RAM to be provided for this virtual machine. By default, 248 MGB. That's 2 GB of RAM is more than enough. If you require more, we can change this later on. So click on next. We want to use NAT for now. Leave this default. Next. Whatever is recommended. Keep it the way it is. We do not want to change it. Next. Create a new virtual hard disk for this machine. And it is going to ask us the size. 20 GB is more than fine. Store it as a single file. We don't want to use multiple file options. Click on next. And then click on browse where we want to store the VMDK file or the virtual hard disk file. And we go back again to the same folder that we had created virtual machines. and we look at the Kali Linux Kali 2019 L and we want to store the VMDK file over there. Once we save it, we want to click on next and then we want to click on finish. So this is the virtual machine that has been created right here. Right now this is the basic configuration. Now where are we at with the operating system and you can see the operating uh system has been downloaded and it is stored in this particular folder. So we go to E drive. So we're looking for the so the operating system that we have downloaded. we downloaded in the operating systems folder and if we go in here you can see the current one the Kali Linux 2019.4 ISO right here. So what we do we go back to the Kali Linux machine that we have created edit virtual machine settings and we point this virtual machine using the CDDVD and then we point the ISO the one that we downloaded over here. So we go back to E drive we go back to OS and we click on Kali Linux 2019 click on open. So now when this boots up, it will boot up with this ISO and then it will allow us to install the operating system. So click on okay. Then we click on power on this virtual machine. It will start powering on. It will boot through to the ISO and it will start giving us the booting option. So I'm just going to uh enter the full screen mode over here for this to be better visible. And we don't want the live mode. What we want is we want to use the graphical install. And then we highlight that. We press enter. And you can see the setup starting up. We'll wait for the GUI to pop up. There it is. Which language do we want? For now, we want English. Click on continue. Where are we located? Click on continue. And the configure your keyboard. We want the US keyboard, American English. Continue. It is going to detect the hardware. So, as you can see on the screen, it's attempting a auto configuration for most of these uh settings. The network with DHCP. It has identified the network cards uh hardware like uh the processor that has been provided. Now it is asking for a host name. We're going to leave it at default. We're going to click on continue. Domain name. I'm not joining this into a domain as yet. This is going to be a standalone machine. So I can leave this blank. Click on continue. Now it is going to configure the network. It is asking for a password at this point in time. The root password. Type in any password that you want. Ensure that you remember the password. Now by default the uh username for the account is the name is the word root. We are just creating the password for the root account. And then we want to click on continue. Setting of the clock looking at the hard disks. Now here it asks us do we want to use the entire disc the 20GB virtual hard disk that we had provided or do we want to give it a manual configuration or a guided one where we want encryption and a logical volume management coming into the picture. We're just going to use the first option guided you use entire disc. Don't worry, it's only going to use the virtual disc that we had created. Click on continue. It will give us that it's a 21.5GB VMware virtual disc that we had. And click on continue. All files in one partition. That's what we want recommended for new users. Whatever it is, we don't want to change these folders. Continue. And this is what we have configured. Uh once we click on continue, it is going to say you are you sure you want to make these changes? Click on yes. Click on continue. And it will start installing Kali Linux on your device. Now this is going to take a few minutes for the installation to work. All right. So that's the installation that's completed. Now it's asking us to configure a package manager. A network mirror can be used to supplement the software that is included on the installation media. This may also make new versions of software available. Do you want to use a network mirror? We can click no for now and then click on continue. Now this is going to install the grub boot loader. This might take a few minutes as well. Install the group grub loader to the master boot record. Yes. Click on continue. Click the uh hard disk that you have just utilized. This is the one. Click on continue. It will install the grub boot loader running through the last phases of the installation. And now it says the installation is complete. We want to click on continue. Finishing the installation. And then it will do a reboot. All right. And you can see this is starting up. So we are going to you just wait out the boot. And now it started the booting sequence. Just going to maximize the screen. And you can see it's asking me for the password. This is the one that we created. Now that's the that's not the password. That's the username. That's the root and the password that we had created at that point in time. And then click on login. And this is your screen. And now what we need to do here is we need to install VMware tools which will help us manage the screen and help the virtual machine to be a little bit better uh integrated on the system. So that's not mounted yet. So we're just waiting for it to mount. There it is. And what we want to do here is open VMware tools upgrader. All right. So what we want is we want to extract or we want to use this open X archiver. And once we do that we'll see the VMware install.pl. Double click on that. All right. We've got the VMware tools here. What I've done is we have extract to and I've extracted that on the desktop. Right. So what we just did was click on the desktop over here. open and this is what it will do and click on extract. Now the error is happening because I've already extracted this. Open this up. We want to run this VMware install.pl. So what do we do? We open up the terminal window which is the command line interface over here. And now this is where some of the commands come into the picture. So for example pwd it will show us the present working directory. ls will show us the list of the folders that are there. So the folder that we have is on our desktop. So we'll just change directory to desktop. Press enter. Do an ls. That will show us the list. And you can see VMware tools distrib. That's the folder that we have right here. Right. So we want to go into that folder. CD VMware. At this point, you can just click on tab and it will populate everything over there. Press enter. Do an ls. And we want the VMware install.pl to be executed. All right. So we tried executing that command. We had an error over there. So what we need to do is we need to execute this command. So dot /vmware install.pl and it will start creating now uh it will ask you for your input installing VMware tools in which directory do you want to install the binary files. Uh by default it is going to use / usr/bin. If I just press in uh enter it is going to use the default. As you can see the input over here. What directory do you want the init directories? I'm just going to press uh keep on pressing enter for the defaults to come in. This part does not exist. It is going to create it. Default. Yes. Defaults everywhere. And then it tries to start initializing it. Going to maximize the screen. And this is where it is installing. And you can see by just installing that it automatically adjusted the screen. And now we got a full screen of Kali Linux right here. Right. And that is what VMware tools does for us once we have installed the operating system. And now we can see the entire screen. on here you will see the tool sets that are given here. Now why are we using Kali Linux in the first place because this comes in uh with a bundle of thousands of softwares that are ready to be utilized for ethical hacking right and they have been categorized over here for information gathering vulnerability analysis web application analysis and so on so forth. So you can see from foreign sex onwards reporting tools and as you scroll down you can see your development tools graphics coming in internet uh and the system configuration coming into the picture. These are your settings for your operating system. So these are basically your tools. We are right now on the favorites. If I click on information gathering you will see that other tools for information gathering start appearing over here. For vulnerability analysis, we have got Sparta, NM MAPAP, fuzzing tools, web application analysis, we have got comics, skipfish, SQL map, database assessments, password attacks and so on so forth. So if you just go in the favorites, this was the terminal emulator that we utilized. This is the command line that we saw. We used the cd command. We use the pwd command. We did the ls command as well to give us the list of the directory that we are in. Similarly, there would be commands like cat. So let's go to cd downloads. Let's see what they uh what's there. I can see this case sensitive. So if I type in a capital D and then do a tab ls there's nothing over here on download. So CD dot dot will take us back one directory. Now you can see we are back from downloads to root. If I want to go to desktop this is how I go to desktop. Do a ls you can see the VMware tools uh folder over there. CD VMware tools and we go into that folder ls which will give us the list of all those files. Now you can see install is a file that we had edited back then. So if I do a cat install you will see the cat basically is the command that will help us look at the contents of the file. All right without opening of the file or without editing the file. So you can see just uh if I scroll up this is where we gave the cat command. It then uh printed the contents of the file over here and then it exited and gave me back the command line right here. Right now if I want to copy this cp root desktop VMware install and if you want to copy it to root downloads and press enter. Now what we are going to do is we going to see if this file the install file that we just edited over here has been cop copied to the downloads folder. So we do a uh we are currently in the VMware on the desktop VMware tools district folder. We do a cd dot dot that takes us down one directory. So we are still in the desktop. do a cd dot dot. Now you can see we are back in the root and now we're going to do a cd downloads run ls and you can see the copied file right here. So if I do a cat install you can see the same content of that file coming in. So these are some of the commands that we would need to learn as we go ahead. The remove command is let's say we've got install we do a man rm man is the manual page command that uh gives us the pages with the description of how that particular command is to be utilized. So rm is remove files or directories. Synopsis is the description the options hyphen f for force hyphen i for prompt hyphen capital I prompt once before removing more than three files and so on so forth. If you want to exit this, you can press Q to exit and you come back to this page. So if I say rm install ls, you'll see that the install file has now been deleted. So in Windows, we use the deell command. In Linux, it is the rm command. So this is what we wanted to look at the demo for Kali Linux, how to download it, how to install it, and some of the basic commands that we can utilize. All right, let's begin with the fishing uh tutorial. We have the Kali Linux operating system booted up over here. Uh what we going to do is we're going to open up a tool called set social engineering toolkit which you would find in this option and that's the tool that we want. It's a command line tool uh a menudriven tool. We are going to host a fake uh Facebook page and we can see how we can harvest credentials by this kind of an attack. So these are some disclaimers you might want to go through there. Do you want to agree to the terms of service? Yes. Press enter. And that's your social engineering toolkit. And we are talking about a fishing attack which comes under the social engineering attack. So it like I said it's a menudriven tool. So we just have to look at these options and then just type in the number of the option that we want. So we want to do a social engineering attack. So I type in one, press enter. In that it is asking me whether I want a spear fishing attack, a website attack vector. We going to choose a second option. So I type in two, press enter. And then it asks me uh what I want to do. So I want to take the third option here credential harvester attack methodology and we want to do the third attack. Now it is asking whether we want to use the inhouse website templates that it already has or do we want to clone a site or do we have a customized site that we have prepared that we want to

Original Description

️🔥IIITB - Advanced Executive Program in Cybersecurity - https://www.simplilearn.com/pgp-advanced-executive-program-in-cyber-security?utm_campaign=MgVgizCFi3M&utm_medium=DescriptionFirstFold&utm_source=Youtube ️🔥Cybersecurity Expert Masters Program - https://www.simplilearn.com/cyber-security-expert-master-program-training-course?utm_campaign=MgVgizCFi3M&utm_medium=DescriptionFirstFold&utm_source=Youtube ️🔥IITK - Executive Certificate Program In Cyber Security - https://www.simplilearn.com/ai-cybersecurity-course?utm_campaign=MgVgizCFi3M&utm_medium=DescriptionFirstFold&utm_source=Youtube ️️🔥 AI-Powered Cybersecurity Mastery - https://www.simplilearn.com/ai-cybersecurity-course?utm_campaign=MgVgizCFi3M&utm_medium=DescriptionFirstFold&utm_source=Youtube In this Penetration Testing for Beginners course 2026 by Simplilearn, we start by introducing penetration testing and exploring the career path, including salary insights for penetration testers. You’ll then learn the Linux file system and its structure, a key foundation for ethical hacking. The course covers Kali Linux for ethical hacking practices, phishing attack techniques, and an overview of network protocols. We’ll also dive into Wireshark tutorials for beginners to analyze network traffic effectively. Finally, the course wraps up with common cybersecurity interview questions to prepare you for real-world job opportunities. The following are the topics covered in the Penetration Testing Full Course: 00:00:00 - Introduction to Penetration Testing Full Course 2026 00:02:23 - Penetration Testing for beginners 00:27:44 - Penetration Tester Salary 00:35:02 - What is Linux File system 00:48:00 - Linux File System structure explained 01:06:30 - Kali Linux For Ethical Hacking 02:47:18 - Ethical Hacking FC 05:22:44 - Phishing Attacks 05:34:35 - Network protocol explained 05:54:04 - Wireshark tutorials for beginners 06:09:14 - Cyber Security Interview Questions ✅Subscribe to our Channel to learn more about t
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from Simplilearn · Simplilearn · 0 of 60

← Previous Next →
1 Ethical Hacking Full Course 2026 | Ethical Hacking Course for Beginners | Simplilearn
Ethical Hacking Full Course 2026 | Ethical Hacking Course for Beginners | Simplilearn
Simplilearn
2 AWS Full Course 2026 | AWS Cloud Computing Tutorial for Beginners | AWS Training | Simplilearn
AWS Full Course 2026 | AWS Cloud Computing Tutorial for Beginners | AWS Training | Simplilearn
Simplilearn
3 Data Structures And Algorithms Full Course | Data Structures and Algorithms Tutorial | Simplilearn
Data Structures And Algorithms Full Course | Data Structures and Algorithms Tutorial | Simplilearn
Simplilearn
4 SQL Full Course 2026 | SQL Tutorial for Beginners | SQL Beginner to Advanced Training | Simplilearn
SQL Full Course 2026 | SQL Tutorial for Beginners | SQL Beginner to Advanced Training | Simplilearn
Simplilearn
5 Microsoft Azure Full Course 2026  | Azure Tutorial for Beginners | Azure Training | Simplilearn
Microsoft Azure Full Course 2026 | Azure Tutorial for Beginners | Azure Training | Simplilearn
Simplilearn
6 Shopify Tutorial For Beginners 2026 | Shopify Course | shopify dropshipping | Simplilearn
Shopify Tutorial For Beginners 2026 | Shopify Course | shopify dropshipping | Simplilearn
Simplilearn
7 Six Sigma Full Course 2026 | Six Sigma Green Belt Training | Six Sigma Training | Simplilearn
Six Sigma Full Course 2026 | Six Sigma Green Belt Training | Six Sigma Training | Simplilearn
Simplilearn
8 🔥Feeling Stuck? How Upskilling Can Boost Your Career! #shorts #simplilearn
🔥Feeling Stuck? How Upskilling Can Boost Your Career! #shorts #simplilearn
Simplilearn
9 Growth Hacking In Marketing | Learn Growth Hacking Marketing Strategies | Simplilearn
Growth Hacking In Marketing | Learn Growth Hacking Marketing Strategies | Simplilearn
Simplilearn
10 🔥Cracked 3 Job Offers with One AIML Course! | 20–30% Salary Hike #shorts #simplilearn
🔥Cracked 3 Job Offers with One AIML Course! | 20–30% Salary Hike #shorts #simplilearn
Simplilearn
11 Top 10 Must-Have Figma Plugins for UI/UX Designers in 2026 | Figma Plugins | Simplilearn
Top 10 Must-Have Figma Plugins for UI/UX Designers in 2026 | Figma Plugins | Simplilearn
Simplilearn
12 Business Analytics Full Course 2026 | Business Analytics Tutorial For Beginners | Simplilearn
Business Analytics Full Course 2026 | Business Analytics Tutorial For Beginners | Simplilearn
Simplilearn
13 Simplilearn Reviews | Getting future-ready with course in Artificial Intelligence | Roopam’s story
Simplilearn Reviews | Getting future-ready with course in Artificial Intelligence | Roopam’s story
Simplilearn
14 Generative AI Full Course 2026 | Gen AI Tutorial for Beginners | Gen AI Explained | Simplilearn
Generative AI Full Course 2026 | Gen AI Tutorial for Beginners | Gen AI Explained | Simplilearn
Simplilearn
15 Full Stack Developer Course 2026 | Full Stack Java Developer Tutorial for Beginners | Simplilearn
Full Stack Developer Course 2026 | Full Stack Java Developer Tutorial for Beginners | Simplilearn
Simplilearn
16 Simplilearn Reviews | How David Went From Seasoned Engineer to AI Innovator #GetCertifiedGetAhead
Simplilearn Reviews | How David Went From Seasoned Engineer to AI Innovator #GetCertifiedGetAhead
Simplilearn
17 Complete Social Media Marketing Strategy for 2026 | Social Media Marketing Strategy | Simplilearn
Complete Social Media Marketing Strategy for 2026 | Social Media Marketing Strategy | Simplilearn
Simplilearn
18 🔥Top 4 Cybersecurity Certifications You Need! #simplilearn #shorts
🔥Top 4 Cybersecurity Certifications You Need! #simplilearn #shorts
Simplilearn
19 🔥Cloud Engineer Salary in India 2026 | City-Wise Breakdown #shorts #simplilearn
🔥Cloud Engineer Salary in India 2026 | City-Wise Breakdown #shorts #simplilearn
Simplilearn
20 Digital Marketing Full Course 2026 | Digital Marketing Tutorial For Beginners | Simplilearn
Digital Marketing Full Course 2026 | Digital Marketing Tutorial For Beginners | Simplilearn
Simplilearn
21 Full Stack Java Developer Course | Full Stack Java Developer Tutorial for Beginners | Simplilearn
Full Stack Java Developer Course | Full Stack Java Developer Tutorial for Beginners | Simplilearn
Simplilearn
22 Social Media Marketing Full Course | Social Media Marketing Tutorial For Beginners | Simplilearn
Social Media Marketing Full Course | Social Media Marketing Tutorial For Beginners | Simplilearn
Simplilearn
23 How To Create LLM Chatbot Demo 2026 | Build a LLM Chatbot From Scratch | Simplilearn
How To Create LLM Chatbot Demo 2026 | Build a LLM Chatbot From Scratch | Simplilearn
Simplilearn
24 Digital Supply Chain Management Certification | Supply Chain Management Course | Simplilearn
Digital Supply Chain Management Certification | Supply Chain Management Course | Simplilearn
Simplilearn
25 AI Agents Full Course 2026 | AI Agents Tutorial for Beginners | How to Build AI Agents | Simplilearn
AI Agents Full Course 2026 | AI Agents Tutorial for Beginners | How to Build AI Agents | Simplilearn
Simplilearn
26 ITIL Full Course 2026 | ITIL 4 Foundation Course | ITIL Tutorial For Beginners | Simplilearn
ITIL Full Course 2026 | ITIL 4 Foundation Course | ITIL Tutorial For Beginners | Simplilearn
Simplilearn
27 Generative AI Full Course 2026 | Gen AI Tutorial for Beginners | Gen AI Explained | Simplilearn
Generative AI Full Course 2026 | Gen AI Tutorial for Beginners | Gen AI Explained | Simplilearn
Simplilearn
28 ITIL Full Course 2026 | ITIL 4 Foundation Course | ITIL Tutorial For Beginners | Simplilearn
ITIL Full Course 2026 | ITIL 4 Foundation Course | ITIL Tutorial For Beginners | Simplilearn
Simplilearn
29 Simplilearn Reviews | Integrating AI & Music | Diego's Story
Simplilearn Reviews | Integrating AI & Music | Diego's Story
Simplilearn
30 Digital Marketing Full Course 2026 | Digital Marketing Tutorial For Beginners | Simplilearn
Digital Marketing Full Course 2026 | Digital Marketing Tutorial For Beginners | Simplilearn
Simplilearn
31 SEO Full Course 2026 | SEO Tutorial for Beginners | SEO Training | SEO Explained | Simplilearn
SEO Full Course 2026 | SEO Tutorial for Beginners | SEO Training | SEO Explained | Simplilearn
Simplilearn
32 PMP Vs CAPM: Which Certification Should You Choose? | PMP Vs CAPM | Simplilearn
PMP Vs CAPM: Which Certification Should You Choose? | PMP Vs CAPM | Simplilearn
Simplilearn
33 Complete Data Analyst Roadmap 2026 | How To Become A Data Analayst In 2026 | Simplilearn
Complete Data Analyst Roadmap 2026 | How To Become A Data Analayst In 2026 | Simplilearn
Simplilearn
34 Generative AI Full Course 2026 | Gen AI Tutorial for Beginners | Gen AI Explained | Simplilearn
Generative AI Full Course 2026 | Gen AI Tutorial for Beginners | Gen AI Explained | Simplilearn
Simplilearn
35 🔥5 Jobs That Are Most Likely Safe from Layoffs in Today’s Market #shorts #simplilearn
🔥5 Jobs That Are Most Likely Safe from Layoffs in Today’s Market #shorts #simplilearn
Simplilearn
36 🔥Git vs GitHub – What's the Difference?
🔥Git vs GitHub – What's the Difference?
Simplilearn
37 What Goes Behind Building the Likes of Uber and Netflix? | Product Management Tutorial | Simplilearn
What Goes Behind Building the Likes of Uber and Netflix? | Product Management Tutorial | Simplilearn
Simplilearn
38 AI Agents Full Course 2026 | AI Agents Tutorial for Beginners | How to Build AI Agents | Simplilearn
AI Agents Full Course 2026 | AI Agents Tutorial for Beginners | How to Build AI Agents | Simplilearn
Simplilearn
39 Full Stack Developer Course 2026 | Full Stack Java Developer Tutorial for Beginners | Simplilearn
Full Stack Developer Course 2026 | Full Stack Java Developer Tutorial for Beginners | Simplilearn
Simplilearn
40 Product Life Cycle 2025 | Stages Of Product Life Cycle | Product Life Cycle Tutorial | Simplilearn
Product Life Cycle 2025 | Stages Of Product Life Cycle | Product Life Cycle Tutorial | Simplilearn
Simplilearn
41 Project Management Full Course 2026 | Project Management Tutorial | PMP Course | Simplilearn
Project Management Full Course 2026 | Project Management Tutorial | PMP Course | Simplilearn
Simplilearn
42 PCB Design Course 2025 | PCB Designing Explained | How To Make PCBs | Simplilearn
PCB Design Course 2025 | PCB Designing Explained | How To Make PCBs | Simplilearn
Simplilearn
43 Python Full Course 2026 | Python Data Analytics Tutorial For Beginners | Simplilearn
Python Full Course 2026 | Python Data Analytics Tutorial For Beginners | Simplilearn
Simplilearn
44 🔥Top Product Management Skills You Need to Succeed in 2026 #shorts #simplilearn
🔥Top Product Management Skills You Need to Succeed in 2026 #shorts #simplilearn
Simplilearn
45 SQL For Data Analytics 2026 | Essential SQL Commands | SQL Tutorial For Beginners | Simplilearn
SQL For Data Analytics 2026 | Essential SQL Commands | SQL Tutorial For Beginners | Simplilearn
Simplilearn
46 Simplilearn Reviews | Paving Way To Success With AI & ML Course | Soumik’s Upskilling Journey
Simplilearn Reviews | Paving Way To Success With AI & ML Course | Soumik’s Upskilling Journey
Simplilearn
47 Six Sigma Full Course 2026 | Six Sigma Green Belt Training | Six Sigma Training | Simplilearn
Six Sigma Full Course 2026 | Six Sigma Green Belt Training | Six Sigma Training | Simplilearn
Simplilearn
48 Learn Snowflake In 45 Mins | Snowflake Tutorial | What Is Snowflake | Snowflake Explained
Learn Snowflake In 45 Mins | Snowflake Tutorial | What Is Snowflake | Snowflake Explained
Simplilearn
49 🔥ML Career Tip – How to Start Learning Machine Learning in 60 Seconds! #shorts#simplilearn
🔥ML Career Tip – How to Start Learning Machine Learning in 60 Seconds! #shorts#simplilearn
Simplilearn
50 🔥Agile vs Waterfall in 60 Seconds #shorts #simplilearn
🔥Agile vs Waterfall in 60 Seconds #shorts #simplilearn
Simplilearn
51 Excel Full Course 2026 | Excel Tutorial For Beginners | Microsoft Excel Course | Simplilearn
Excel Full Course 2026 | Excel Tutorial For Beginners | Microsoft Excel Course | Simplilearn
Simplilearn
52 What Are AI Agents? | Types Of AI Agents | AI Agents Explained | AI Agents Tutorial | Simplilearn
What Are AI Agents? | Types Of AI Agents | AI Agents Explained | AI Agents Tutorial | Simplilearn
Simplilearn
53 How To Create a Product Roadmap In 2026 | Product Roadmap | What Is Product Roadmap | Simplilearn
How To Create a Product Roadmap In 2026 | Product Roadmap | What Is Product Roadmap | Simplilearn
Simplilearn
54 SQL Full Course 2026 | SQL Tutorial for Beginners | SQL Beginner to Advanced Training | Simplilearn
SQL Full Course 2026 | SQL Tutorial for Beginners | SQL Beginner to Advanced Training | Simplilearn
Simplilearn
55 🔥What Is Phishing? #shorts #simplilearn
🔥What Is Phishing? #shorts #simplilearn
Simplilearn
56 Cloud Computing Full Course 2026 | Cloud Computing Tutorial | Cloud Computing Course | Simplilearn
Cloud Computing Full Course 2026 | Cloud Computing Tutorial | Cloud Computing Course | Simplilearn
Simplilearn
57 Simplilearn Reviews | Overcoming Rejection & career plateau to finding a New Job : Bhaskar Banerji
Simplilearn Reviews | Overcoming Rejection & career plateau to finding a New Job : Bhaskar Banerji
Simplilearn
58 Six Sigma Full Course 2026 | Six Sigma Green Belt Training | Six Sigma Training | Simplilearn
Six Sigma Full Course 2026 | Six Sigma Green Belt Training | Six Sigma Training | Simplilearn
Simplilearn
59 Generative AI Full Course 2026 | Gen AI Tutorial for Beginners | Gen AI Explained | Simplilearn
Generative AI Full Course 2026 | Gen AI Tutorial for Beginners | Gen AI Explained | Simplilearn
Simplilearn
60 VLSI Design Course 2026 | VLSI Tutorial For Beginners | VLSI Physical Design | Simplilearn
VLSI Design Course 2026 | VLSI Tutorial For Beginners | VLSI Physical Design | Simplilearn
Simplilearn

Related Reads

📰
Best Cyber Security Diploma Course After 12th With Certification
Learn about the best cyber security diploma courses after 12th with certification for a career with excellent growth opportunities
Medium · AI
📰
Best Cyber Security Diploma Course After 12th With Certification
Learn about the best cyber security diploma courses with certification after 12th grade and kickstart a career with excellent growth opportunities
Medium · Cybersecurity
📰
You migrated to post-quantum crypto. Is the implementation actually conformant?
Ensure post-quantum crypto implementation conformity with FIPS standards using Quantakrypto's sieve tool
Medium · Cybersecurity
📰
HTB Space Explorer Writeup
Learn to exploit flawed authentication logic in a cybersecurity challenge, Space Explorer, on HackTheBox
Medium · Cybersecurity

Chapters (11)

Introduction to Penetration Testing Full Course 2026
2:23 Penetration Testing for beginners
27:44 Penetration Tester Salary
35:02 What is Linux File system
48:00 Linux File System structure explained
1:06:30 Kali Linux For Ethical Hacking
2:47:18 Ethical Hacking FC
5:22:44 Phishing Attacks
5:34:35 Network protocol explained
5:54:04 Wireshark tutorials for beginners
6:09:14 Cyber Security Interview Questions
Up next
What is DevSecOps Explained with Examples
VLR Software Training
Watch →