1
00:00:00,330 --> 00:00:02,370
Instructor: Welcome to the Complete Ethical

2
00:00:02,370 --> 00:00:06,000
Hacking Course, in this course, we will be covering

3
00:00:06,000 --> 00:00:09,270
everything you need to know as an ethical hacker

4
00:00:09,270 --> 00:00:13,230
from theory to the practical examples.

5
00:00:13,230 --> 00:00:16,350
We will start with basics first and the further

6
00:00:16,350 --> 00:00:18,900
we go in the course, the more intermediate

7
00:00:18,900 --> 00:00:22,020
and advanced stuff we will cover.

8
00:00:22,020 --> 00:00:25,380
Knowing theory and practicing different attack methods

9
00:00:25,380 --> 00:00:28,230
that we will learn will eventually make you

10
00:00:28,230 --> 00:00:32,700
a master in ethical hacking, but wait,

11
00:00:32,700 --> 00:00:35,790
wait a second, we just started the course

12
00:00:35,790 --> 00:00:38,880
and I'm already talking about being a master

13
00:00:38,880 --> 00:00:43,350
in ethical hacking, let's slow down a little bit.

14
00:00:43,350 --> 00:00:46,440
What even is ethical hacking and

15
00:00:46,440 --> 00:00:50,190
what does an ethical hacker do?

16
00:00:50,190 --> 00:00:55,143
Or you might also wonder can I get in trouble by doing this?

17
00:00:56,220 --> 00:01:00,510
Don't worry, remember, we are ethical hackers.

18
00:01:00,510 --> 00:01:03,750
This means we are hard to hack into a network or

19
00:01:03,750 --> 00:01:07,410
a device or in general, we want to find as

20
00:01:07,410 --> 00:01:10,740
many vulnerabilities inside the target system

21
00:01:10,740 --> 00:01:13,380
but not to do bad things, quite

22
00:01:13,380 --> 00:01:17,310
opposite, we want to secure them.

23
00:01:17,310 --> 00:01:19,680
An ethical hacker who is hard to find

24
00:01:19,680 --> 00:01:22,440
as many vulnerabilities in a certain system

25
00:01:22,440 --> 00:01:26,370
is also known as a white hat hacker.

26
00:01:26,370 --> 00:01:30,930
Now I mentioned a word system quite a few times by now,

27
00:01:30,930 --> 00:01:35,370
what do I mean by finding vulnerabilities in a system?

28
00:01:35,370 --> 00:01:39,840
Well system can be anything, it can be a network

29
00:01:39,840 --> 00:01:43,440
of multiple computers or it could be just one

30
00:01:43,440 --> 00:01:47,340
single computer, it could also be some company's server

31
00:01:47,340 --> 00:01:50,520
that they keep their important data on,

32
00:01:50,520 --> 00:01:53,643
we could also be targeting a webpage or a website.

33
00:01:54,780 --> 00:01:57,210
Our ability on the other hand is anything

34
00:01:57,210 --> 00:02:00,420
that could allow someone to have an unauthorized

35
00:02:00,420 --> 00:02:03,450
access to that system, we are there to

36
00:02:03,450 --> 00:02:06,480
discover them and secure them.

37
00:02:06,480 --> 00:02:08,850
But why are we doing this?

38
00:02:08,850 --> 00:02:12,840
Well as you know, there are the bad guys,

39
00:02:12,840 --> 00:02:16,500
or also known as black hat hackers.

40
00:02:16,500 --> 00:02:19,200
Their goal is also to find vulnerabilities

41
00:02:19,200 --> 00:02:22,110
in a system but not to secure them,

42
00:02:22,110 --> 00:02:26,130
instead they want to perform malicious activity

43
00:02:26,130 --> 00:02:29,160
once they gain access to that system.

44
00:02:29,160 --> 00:02:32,370
That is difference between a white hat hacker

45
00:02:32,370 --> 00:02:36,480
and a black hat hacker, a white hat hacker is there

46
00:02:36,480 --> 00:02:39,060
to find vulnerability, notify the person

47
00:02:39,060 --> 00:02:42,090
that hired him and let him know of a possible

48
00:02:42,090 --> 00:02:45,030
unauthorized access, you can think of us

49
00:02:45,030 --> 00:02:49,080
as a cyber police, we are there to protect.

50
00:02:49,080 --> 00:02:51,270
A black hat hacker on the other hand is

51
00:02:51,270 --> 00:02:53,970
there to perform malicious activity

52
00:02:53,970 --> 00:02:56,880
such as stealing your data, they could also try

53
00:02:56,880 --> 00:03:00,450
to steal your online money, they could install a virus

54
00:03:00,450 --> 00:03:03,390
or a keylogger on your PC and track everything

55
00:03:03,390 --> 00:03:07,110
that you do, they can go as far as doing something

56
00:03:07,110 --> 00:03:10,860
like stealing your identity, however the methods

57
00:03:10,860 --> 00:03:13,440
white hat and black hat hackers use

58
00:03:13,440 --> 00:03:16,350
can be quite similar, the difference is

59
00:03:16,350 --> 00:03:18,990
we as white hat hackers must make sure

60
00:03:18,990 --> 00:03:23,280
that we have a permission to target a certain system.

61
00:03:23,280 --> 00:03:27,390
An example would go like this, we get hired

62
00:03:27,390 --> 00:03:30,000
by a certain company, that company

63
00:03:30,000 --> 00:03:33,150
could have a website, different networks

64
00:03:33,150 --> 00:03:35,160
with computers inside the building

65
00:03:35,160 --> 00:03:37,740
where for example employees work,

66
00:03:37,740 --> 00:03:40,920
it could also have large servers and databases

67
00:03:40,920 --> 00:03:44,070
holding important company data.

68
00:03:44,070 --> 00:03:46,800
And as we already know, our goal is to

69
00:03:46,800 --> 00:03:51,210
make sure that data is secured from cyber attacks,

70
00:03:51,210 --> 00:03:54,030
that also employees and their machines are also in

71
00:03:54,030 --> 00:03:57,510
a secure network and that website doesn't have

72
00:03:57,510 --> 00:04:00,873
any bugs that could present a threat to that company.

73
00:04:01,710 --> 00:04:03,330
How do we do all of this?

74
00:04:03,330 --> 00:04:07,320
Well we do it by attacking the company, we act as a

75
00:04:07,320 --> 00:04:11,310
black hat hacker would but with a different goal.

76
00:04:11,310 --> 00:04:13,950
OK, but here we come to another problem,

77
00:04:13,950 --> 00:04:17,790
you might be wondering well how am I going to learn this,

78
00:04:17,790 --> 00:04:20,820
or how am I going to practice this?

79
00:04:20,820 --> 00:04:22,920
I just said that we need a permission

80
00:04:22,920 --> 00:04:27,000
to attack any system, right, well don't worry,

81
00:04:27,000 --> 00:04:29,520
we will simulate all of these targets

82
00:04:29,520 --> 00:04:32,460
with the help of our home devices

83
00:04:32,460 --> 00:04:36,270
and also with the help of virtual machines.

84
00:04:36,270 --> 00:04:38,940
It will be exactly the same, just this way

85
00:04:38,940 --> 00:04:41,430
you won't be breaking any law while you practice

86
00:04:41,430 --> 00:04:45,210
since the targets that you will attack will be yours.

87
00:04:45,210 --> 00:04:48,030
OK, more about virtual machines later,

88
00:04:48,030 --> 00:04:52,020
right now I want to give you a small challenge.

89
00:04:52,020 --> 00:04:54,270
One of the biggest online cyber attacks

90
00:04:54,270 --> 00:04:57,690
is something called phishing, in most cases,

91
00:04:57,690 --> 00:05:00,180
phishing is an act of black hat hackers

92
00:05:00,180 --> 00:05:03,180
tricking you into entering some of your private data

93
00:05:03,180 --> 00:05:04,950
such as usernames and passwords

94
00:05:04,950 --> 00:05:08,070
into a webpage that isn't to be trusted.

95
00:05:08,070 --> 00:05:11,820
This is one of the ways how they steal online accounts.

96
00:05:11,820 --> 00:05:16,820
Let me show you, here I have two Twitter login pages,

97
00:05:18,060 --> 00:05:20,850
one of these two that you can see right here

98
00:05:20,850 --> 00:05:24,510
is a fake login page and the other one is real.

99
00:05:24,510 --> 00:05:26,250
Let's take a quick look at them,

100
00:05:26,250 --> 00:05:30,450
so let's take a look at the first one, here it is,

101
00:05:30,450 --> 00:05:33,153
and if we take a look at the second one,

102
00:05:33,990 --> 00:05:37,290
they appear to be exactly the same, right?

103
00:05:37,290 --> 00:05:38,730
Have you figured out which one

104
00:05:38,730 --> 00:05:41,340
is real and which one is fake?

105
00:05:41,340 --> 00:05:45,540
The first one that we saw is the fake login page

106
00:05:45,540 --> 00:05:48,183
while the second one right here is real one.

107
00:05:49,110 --> 00:05:51,510
Let's mention some of the obvious reasons

108
00:05:51,510 --> 00:05:54,270
why this page right here that you're looking at

109
00:05:54,270 --> 00:05:58,770
is a fake login page that can be used to steal your account.

110
00:05:58,770 --> 00:06:01,470
Even though they are identical at first glance,

111
00:06:01,470 --> 00:06:04,980
if we take a closer look, we can see it doesn't really

112
00:06:04,980 --> 00:06:08,130
have twitter.com as the website name,

113
00:06:08,130 --> 00:06:10,920
instead we have some random IP address in

114
00:06:10,920 --> 00:06:14,010
our search tab and this is the biggest indication

115
00:06:14,010 --> 00:06:16,860
that this page is indeed a fake page

116
00:06:16,860 --> 00:06:20,820
and that you shouldn't enter any private information here.

117
00:06:20,820 --> 00:06:24,363
The original page should be twitter.com.

118
00:06:25,740 --> 00:06:27,570
Another thing we can notice is that

119
00:06:27,570 --> 00:06:30,420
next with the website name on a real page,

120
00:06:30,420 --> 00:06:33,960
we have this green lock right here

121
00:06:33,960 --> 00:06:36,870
and this green lock indicates that this is

122
00:06:36,870 --> 00:06:41,220
an HTTPS page or in other words, it is secured,

123
00:06:41,220 --> 00:06:43,800
as it says right here, secure connection.

124
00:06:43,800 --> 00:06:47,070
Usually phishing websites won't be HTTPS

125
00:06:47,070 --> 00:06:50,610
and they won't have this green lock right here, however,

126
00:06:50,610 --> 00:06:54,570
this too can be forged in a more advanced phishing attack.

127
00:06:54,570 --> 00:06:58,230
And just to compare, our fake login page

128
00:06:58,230 --> 00:07:01,650
doesn't have this green lock, if we click right here,

129
00:07:01,650 --> 00:07:04,560
it says connection is not secure

130
00:07:04,560 --> 00:07:06,930
and even though many of you probably knew these things

131
00:07:06,930 --> 00:07:09,840
already, if you were in a hurry and you got

132
00:07:09,840 --> 00:07:12,240
redirected to this fake login page,

133
00:07:12,240 --> 00:07:14,250
you could potentially enter your password here

134
00:07:14,250 --> 00:07:17,280
and little do you know in just a few seconds

135
00:07:17,280 --> 00:07:19,470
your account has been compromised

136
00:07:19,470 --> 00:07:22,230
and stolen by the bad guys since the information

137
00:07:22,230 --> 00:07:25,470
that you enter right here on this page

138
00:07:25,470 --> 00:07:29,880
gets sent to them and not to twitter.com.

139
00:07:29,880 --> 00:07:32,010
But don't worry if you aren't familiar

140
00:07:32,010 --> 00:07:34,620
with these type of attacks, throughout the course

141
00:07:34,620 --> 00:07:36,990
we will learn not only how to secure ourselves

142
00:07:36,990 --> 00:07:39,540
from these attacks and how these attacks work

143
00:07:39,540 --> 00:07:41,670
but also we will learn how to perform the

144
00:07:41,670 --> 00:07:44,700
attacks themselves, and by the way,

145
00:07:44,700 --> 00:07:46,920
we also have a Discord Channel where we

146
00:07:46,920 --> 00:07:49,980
answer your questions, so if you haven't already,

147
00:07:49,980 --> 00:07:52,050
feel free to come and join us in Discord

148
00:07:52,050 --> 00:07:54,450
since that is where we notify everyone

149
00:07:54,450 --> 00:07:56,820
about any new course updates that will come

150
00:07:56,820 --> 00:07:59,130
out and that is also where you can reach out

151
00:07:59,130 --> 00:08:03,630
to us in case you run into any problem during the course.

152
00:08:03,630 --> 00:08:05,970
Nonetheless I welcome you once again

153
00:08:05,970 --> 00:08:08,403
and let's get straight into the course.