1 00:00:00,360 --> 00:00:06,660 Welcome to the complete ethical hacking course, in this course, we will be covering everything you 2 00:00:06,660 --> 00:00:08,820 need to know as an ethical hacker. 3 00:00:09,270 --> 00:00:15,360 From theory to the practical examples, we'll start with basics first. 4 00:00:15,360 --> 00:00:21,210 And the further we go in the course, the more intermediate and advanced stuff we will cover. 5 00:00:22,020 --> 00:00:28,380 Knowing theory and practicing different attack methods that we will learn will eventually make you a 6 00:00:28,380 --> 00:00:30,780 master in ethical hacking. 7 00:00:31,140 --> 00:00:33,540 But wait, wait a second. 8 00:00:34,460 --> 00:00:41,750 We just started the course and I'm already talking about being a master in ethical hacking, let's slow 9 00:00:41,750 --> 00:00:42,620 down a little bit. 10 00:00:43,340 --> 00:00:49,310 What even is ethical hacking and what does an ethical hacker do? 11 00:00:50,170 --> 00:00:55,000 Or you might also wonder, can I get in trouble by doing this? 12 00:00:56,210 --> 00:00:56,870 Don't worry. 13 00:00:57,170 --> 00:01:00,090 Remember, we are ethical hackers. 14 00:01:00,530 --> 00:01:08,600 This means we're hard to hack into a network or a device or in general, we want to find as many vulnerabilities 15 00:01:08,600 --> 00:01:12,640 inside the target system, but not to do bad things. 16 00:01:13,040 --> 00:01:14,010 Quite the opposite. 17 00:01:14,390 --> 00:01:16,400 We want to secure them. 18 00:01:17,260 --> 00:01:24,070 An ethical hacker who is hard to find as many vulnerabilities in a certain system is also known as a 19 00:01:24,070 --> 00:01:25,660 white hat hacker. 20 00:01:26,350 --> 00:01:30,420 Now, I mentioned upward system quite a few times by now. 21 00:01:30,910 --> 00:01:34,610 What do I mean by finding vulnerabilities in a system? 22 00:01:35,350 --> 00:01:38,110 Well, system can be anything. 23 00:01:38,470 --> 00:01:44,540 It can be a network of multiple computers or it could be just one single computer. 24 00:01:45,160 --> 00:01:50,020 It could also be some company server that they keep their important data on. 25 00:01:50,450 --> 00:01:53,590 We could also be targeting a Web page or a website. 26 00:01:54,400 --> 00:02:01,090 Availability, on the other hand, is anything that could allow someone to have an unauthorized access 27 00:02:01,090 --> 00:02:01,850 to that system. 28 00:02:02,470 --> 00:02:05,700 We are there to discover them and secure them. 29 00:02:06,460 --> 00:02:08,230 But why are we doing this? 30 00:02:08,860 --> 00:02:15,690 Well, as you know, there are the bad guys or also known as black hat hackers. 31 00:02:16,510 --> 00:02:21,590 Their goal is also to find vulnerabilities in the system, but not to secure them. 32 00:02:22,100 --> 00:02:28,270 Instead, they want to perform malicious activity once they gain access to that system. 33 00:02:29,170 --> 00:02:33,940 That is difference between a white hat hacker and a black hat hacker. 34 00:02:34,880 --> 00:02:41,180 A white hat hacker is there to find vulnerability, notify the person that hired him and let him know 35 00:02:41,210 --> 00:02:46,220 of a possible unauthorized access, you can think of us as a cyber police. 36 00:02:46,460 --> 00:02:49,820 We are there to protect our black hat. 37 00:02:49,820 --> 00:02:55,790 Hacker, on the other hand, is there to perform malicious activity, such as stealing your data. 38 00:02:56,000 --> 00:02:58,370 They could also try to steal your online money. 39 00:02:59,000 --> 00:03:03,980 They could install a virus or a key logger on your PC and track everything that you do. 40 00:03:04,820 --> 00:03:09,120 They can go as far as doing something like stealing your identity. 41 00:03:09,680 --> 00:03:14,900 However, the methods white hat and black hat hackers use can be quite similar. 42 00:03:15,350 --> 00:03:17,540 The differences we as white had. 43 00:03:17,540 --> 00:03:24,920 Hackers must make sure that we have our permission to target a certain system and example would go like 44 00:03:24,920 --> 00:03:25,310 this. 45 00:03:25,940 --> 00:03:28,550 We get hired by a certain company. 46 00:03:29,300 --> 00:03:35,690 That company could have a website, different networks with computers inside the building where, for 47 00:03:35,690 --> 00:03:37,040 example, employees work. 48 00:03:37,730 --> 00:03:43,430 It could also have large servers and databases holding important company data. 49 00:03:44,030 --> 00:03:51,890 And as we already know, our goal is to make sure that data is secured from cyber attacks that also 50 00:03:51,890 --> 00:03:55,010 employees and their machines are also in a secure network. 51 00:03:55,250 --> 00:04:00,770 And that website doesn't have any bugs that could present a threat to that company. 52 00:04:01,700 --> 00:04:02,960 How do we do all of this? 53 00:04:03,320 --> 00:04:10,580 Well, we do it by attacking the company, we act as a black hat hacker with but with a different goal. 54 00:04:11,270 --> 00:04:13,550 OK, but he would come to another problem. 55 00:04:13,940 --> 00:04:20,150 You might be wondering, well, how am I going to learn this or how am I going to practice this? 56 00:04:20,780 --> 00:04:24,490 I just said that we need permission to attack any system. 57 00:04:24,500 --> 00:04:24,880 Right. 58 00:04:25,770 --> 00:04:33,390 Well, don't worry, we will simulate all of these targets with the help of our home devices and also 59 00:04:33,390 --> 00:04:37,760 with the help of virtual machines, it will be exactly the same. 60 00:04:37,770 --> 00:04:43,320 Just this way, you won't be breaking any law while you practice, since the targets that you will attack 61 00:04:43,320 --> 00:04:44,490 will be yours. 62 00:04:45,180 --> 00:04:47,590 OK, more about virtual machines later. 63 00:04:48,030 --> 00:04:51,120 Right now, I want to give you a small challenge. 64 00:04:52,010 --> 00:04:56,000 One of the biggest online cyber attacks is something called phishing. 65 00:04:56,540 --> 00:05:02,420 In most cases, phishing is an act of black hat hackers tricking you into entering some of your private 66 00:05:02,420 --> 00:05:07,610 data, such as usernames and passwords, into a webpage that isn't to be trusted. 67 00:05:08,120 --> 00:05:11,090 This is one of the ways how they steal online accounts. 68 00:05:11,810 --> 00:05:12,560 Let me show you. 69 00:05:13,870 --> 00:05:22,630 Here I have two Twitter login pages, one of these two that you can see right here is a fake login page 70 00:05:22,630 --> 00:05:23,890 and the other one is real. 71 00:05:24,520 --> 00:05:26,070 Let's take a quick look at them. 72 00:05:26,290 --> 00:05:28,370 So let's take a look at first one. 73 00:05:29,140 --> 00:05:29,790 Here it is. 74 00:05:30,430 --> 00:05:32,980 And if we take a look at the second one. 75 00:05:33,980 --> 00:05:36,440 They appear to be exactly the same, right? 76 00:05:37,250 --> 00:05:40,510 Have you figured out which one is real and which one is fake? 77 00:05:41,330 --> 00:05:48,000 The first one that we saw is the fake login page, while the second one right here is real. 78 00:05:49,110 --> 00:05:55,020 Let's mention some of the obvious reasons why this page right here that you're looking at is a fake 79 00:05:55,290 --> 00:06:01,230 login page that can be used to steal your account, even though they're identical at first glance. 80 00:06:01,450 --> 00:06:07,560 If we take a closer look, we can see it doesn't really have Twitter dot com as the website name. 81 00:06:08,100 --> 00:06:11,850 Instead, we have some random IP address in our search tab. 82 00:06:11,850 --> 00:06:18,450 And this is the biggest indication that this page is indeed a fake page and that you shouldn't enter 83 00:06:18,450 --> 00:06:20,090 any private information here. 84 00:06:20,820 --> 00:06:24,270 The original page should be Twitter dot com. 85 00:06:25,670 --> 00:06:31,940 Another thing we can notice is that next week, the website name on the real page, we have this green 86 00:06:32,150 --> 00:06:40,280 lock right here and this green lock indicates that this is an HTTP page, or in other words, it is 87 00:06:40,280 --> 00:06:47,090 secured, as it says right here, secure connection, usually phishing websites, one being https. 88 00:06:47,090 --> 00:06:49,650 And they won't have this green lock right here. 89 00:06:49,910 --> 00:06:54,160 However, these two can be forged in a more advanced phishing attack. 90 00:06:54,530 --> 00:06:59,630 And just to compare, our fake login page doesn't have the screen lock. 91 00:07:00,080 --> 00:07:03,910 If we click right here, it says, connection is not secure. 92 00:07:04,490 --> 00:07:09,860 And even though many of you probably knew these things already, if you were in a hurry and you got 93 00:07:09,860 --> 00:07:14,300 redirected to this fake login page, you could potentially enter your password here. 94 00:07:14,300 --> 00:07:20,300 And little, you know, in just a few seconds, your account has been compromised and stolen by the 95 00:07:20,300 --> 00:07:28,460 bad guys since the information that you enter right here on this page gets sent to them and not to Twitter 96 00:07:28,460 --> 00:07:28,990 dot com. 97 00:07:29,840 --> 00:07:34,940 But don't worry, if you aren't familiar with these type of attacks throughout the course, we will 98 00:07:34,940 --> 00:07:40,370 learn not only how to secure ourselves from these attacks and how these attacks work, but also we will 99 00:07:40,370 --> 00:07:42,890 learn how to perform the attacks themselves. 100 00:07:43,550 --> 00:07:48,070 And by the way, we also have a discourse channel where we answer your questions. 101 00:07:48,080 --> 00:07:53,960 So if you haven't already, feel free to come and join us in this court, since that is where we notify 102 00:07:53,960 --> 00:07:57,200 everyone about any new course updates that will come out. 103 00:07:57,200 --> 00:08:02,820 And that is also where you can reach out to us in case you run into any problem during the course. 104 00:08:03,590 --> 00:08:05,920 Nonetheless, I welcome you once again. 105 00:08:05,930 --> 00:08:08,220 And let's get straight into the course.