آموزش جامع هک اخلاقی با Kali Linux نسخه 2025

Introduction

Theory to Hacking

Essential knowledge to be a Ethical Hacker

Installing VirtualBox

Installing Kali Linux

First Adjustments

Using SSH via PowerShell on Windows

Docker Installation

Understanding OSINT

Service Enumeration with DNSenum

Determine network range

Using Maltego

Using Recon-ng

Using EyeWitness

Getting detailed information from an IP

Capturing information with theHarvester

Capturing information with RiskIQ

Using GooFuzz

Using Maigret

Installing Nessus

Finding Network Vulnerabilities with Nessus

Finding Vulnerabilities in Linux with Nessus

Finding vulnerabilities in Windows with Nessus

Installing and Configuring OpenVAS GVM

Finding Vulnerabilities with OpenVAS

Using Nikto

Installing BodgeIt and Juice Shop.

Downloading a page and analyzing it with Wget

Downloading the page for offline analysis with HTTrack

Using Burp Suite to crawl a website

Obtaining and modifying cookies

Initial setup of ZAP-Zed Attack Proxy

First ZAP settings

Fuzzer Concept

Fuzzing in practice

Crawler-Spider Test

AJAX Spider Test

Getting to know Metasploit

Performing a vulnerability scan with Metasploit

Exploring and gaining access

Post-invasion exploration

Post-invasion exploration 2

Using XSS and Metasploit to obtain a remote shell

Hacking Windows systems

Privilege Escalation

Installing Metasploitable3

Exploring SSH Access

Metasploitable Tomcat

Introduction to the Bypass Antivirus section

How do Antiviruses work

Bypassing Antivirus with Veil

Creating a payload for Powershell

Testing various Bypass methods

What is Google Hacking

Understanding the Google search engine

Types of dorks for searching

Capturing application banners with Netcat

Capturing application banners with Python

Capturing application banners with Dmitry

Capturing banners with Grabbb

Service Identification with NMAP and AMAP

Identifying Operating Systems with Scapy

Identifying Operating Systems with Python

Identifying Operating Systems with Nmap and xProbe2

Exploring WEB applications and whatweb

What is a DoS

Doing a DoS test part 1

Doing a DoS test part 2

Prevention Methods

Preparations for our scenario

WLAN and its inherent insecurities

Monitoring the Air

Changing our MAC Address

Locating and taking down hidden networks

Hacking Hidden Networks and Bypassing MAC Address Restrictions

Using Handshake and Brute-Force with Wi-Fi WPA2

Evil twin

Hacking Wi-Fi WEP

Hacking the WPS PIN

What is SQL Injection

Installing DVWA and testing

SQL Injection Step by Step

SQL Injection with SQLMap

LFI and RFI Vulnerabilities

XML External Entity injection

XSS Vulnerability

Obtaining cookies through XSS

Introduction to the section

Password Lists

John the Ripper

Creating our Wordlists

Discovering passwords with Hydra

Creating passwords with CUPP

Introduction to Man in the Middle Attacks

Setting up a spoofing attack with Ettercap

Introduction to Client Attacks and Social Engineering

Creating a password harvester with SET

Exploring WordPress Flaws

Enumeration in wordpress

Using WPScan

Analyzing vulnerable plugins

Analyzing vulnerable plugins part 2

Using Burp in Wordpress

Understanding the Tor network and how it works

Installing Tor

Using ProxyChains with Tor

Discovering hidden services with OSINT tools

Installation and use

Environmental variables and PATH

The first Python script

Reserved words

Global and local variables

Modules and Imports

Studying variables

Decision Structures

The for command

Lists Matrices and Dictionaries

Creating Functions

DNS Enumerations

Whois

TCP Client UDP Client

Creating a Netcat

Testing our Netcat

Creating a Packet Sniffing

Making an IP Decoder

Decoding ICMP

Installing NMAP

Scanning hosts on your network

Using the Scripting Engine

Listing open ports of a host

Listing specific ports

Fingerprinting Services

Using NSE Scripts against our targets

Running NMAP with its own list

Collecting information from WEB Servers

Monitoring Servers with Ndiff

Using Multiple Scripts with Zenmap

Hacking Weak Passwords with Ncrack

Using Broadcast NSE

Introduction to Section

Listing HTTP supports

Hacking Files on Web Servers

Hacking Login Names on Web Servers

Brute-force authentication

Firewall Detection in Web Servers

Using SQL injection with NMAP

Auditing SSL encryption

Hacking Valid Emails

Getting information from SMB

SMB Security Level

Finding vulnerabilities in Windows

Finding all the ports of the E-mail Servers

Testing passwords by brute force

Listing all the features of Email-Servers

Generating Reports with NMAP

Generating a report in HTML-CSS

Introduction to Wireshark

Starting the first capture

Installing W4SP Lab

First settings

Performing an ARP MitM attack

Performing a DNS MitM attack

Running a VSFTP Exploit

Decrypting SSL-TLS

Introduction to Bug Bounty

Main Tools in Bug bounty

Getting to know the main platforms

Getting to know the main platforms - part 2

Getting to know the main platforms - part 3

Improving pentest tests with the GPT Shell