fbpx
4.67 out of 5
4.67
1638 reviews on Udemy

Mastering Social Engineering From Scratch

Learn how to hack Windows, Mac OS X, Linux & Android using Social Engineering & how to secure yourself from hackers
Instructor:
Zaid Sabih
14,225 students enrolled
English More
Learn what is meant by hacking, social engineering and how it can be useful.
Discover websites, companies, people, emails and social networking accounts associated with a person or a company.
Generate undetectable backdoors for Windows, Mac OS , Linux & Android.
Generate Trojans that would steal all passwords from a target computer and report the results by email.
Manually modify malware to make it bypass anti-virus programs.
Embed evil files inside Microsoft Office documents.
Backdoor legitimate Android applications
Make evil files (backdoor, keylogger) look and function like a normal file (image, pdf or any other file type).
Install hacking lab & needed software (works on Windows, OS X and Linux)
Learn why social engineering is so dangerous.
Install Kali Linux - a penetration testing operating system
Install windows & vulnerable operating systems as virtual machines for testing
Learn linux basics
Gather important information about your target weather it is a company, website or a person.
Learn linux commands and how to interact with the terminal
Build attack strategies based on the gathered info
Generate a remote keylogger that logs every key strike entered on a target computer and sends reports by email.
Generate Keylogger for Linux.
Embed a backdoor inside Debian packages for Linux
Generate OS X backdoors that look and function like normal files (image, pdf ..etc).
Hack OS X and Linux computers by sending using a simple one line command.
Send emails from ANY email account without knowing the password for that account
Create fake websites that look exactly like any other website.
Create a fake login page and use it to stead passwords.
Use smart social engineering techniques to make the target person willingly go and use our fake website.
Deliver evil files as fake updates, fake installers ..etc.
Read, write download, upload and execute files on compromised systems
Capture key strikes on a compromised system
Use a compromised computer as a pivot to gain access to other computers on the same network
Maintain your access to the hacked systems even after they restart
Escalate your privileges to admin.
Analyse files & detect undetectable malware.
Use a sandbox to analyse undetectable malware.
Access messages, social accounts, camera, GPS .....etc of hacked phone.

Welcome to my comprehensive course on Social Engineering! In this course, you will start as a beginner with no previous knowledge in hacking, and by the end of it you’ll be at a high level in social engineering being able hack into all major operating systems (windows, OS X, Linux and Android) like black-hat hackers and secure yourself from hackers.

This course is focused on the practical side of social engineering without neglecting the theory, first you’ll learn how to install the needed software (works on Windows, Linux and Mac OS X), then the course is divided into a number of section to represent the steps you’d take to successfully hack a target using social engineering.

1. Information Gathering – First before doing anything you need to know your target, so in this section you’ll learn how to gather information about your target weather it is a company, website or just a person. You will learn how to discover anything that is associated with your target such as websites, links, companies, people, emails, phone numbers, friends, social networks accounts …etc, you will also learn how to graph all of this information and use it to build a smart attack strategy.

2. Generating Malware  – Now that you gathered enough information about your target and came up with an attack strategy, the next step is create custom malware that is attractive to the target. In this section you will learn how to generate evil files (files that execute tasks you want on the target computer), this includes backdoors, keyloggers, credential harvester and more, these files will work on all operating systems (Windows, OS X, Linux and Android), you’ll also learn how to enhance these files to make them bypass all anti-virus programs, and make them look and function just like any other file such as an image or a pdf,  or even embed them in legitimate Microsoft Office documents.

3. Delivery MethodsNow that you have your custom-made trojan ready, in this section you will learn a number of social engineering techniques to deliver it to the target, you will learn how to create fake websites that look identical to websites the target trusts, send emails that appear like they’re coming from people the target trusts and use fake login pages and fake updates to hack into the target, not only that but you’ll also learn advanced social engineering techniques to lure the target into visiting an evil URL and hack into their system without even interacting with them.

4. Post Exploitation – In this section you will learn how to interact with the systems you compromised weather they use Windows, Linux, OS X or even Android. You’ll learn how to access the file system (read/write/upload/execute), maintain your access, escalate your privileges, spy on the target, use the target computer as a pivot to hack other computers and more! If your target uses Android then you’ll also learn how to read their messages, find their location, access their other accounts (such as Whatsapp, Facebook …etc) and more!

Finally at the end of the course you will learn how to protect yourself and your systems from these attacks.

All the attacks in this course are practical attacks that work against real computers, in each technique you will understand the theory behind it and how it works, then you’ll learn how to use that technique in a real life scenario, so by the end of the course you’ll be able to modify these techniques or combine them to come up with more powerful attacks and adopt them to different scenarios and different operating systems.

With this course you’ll get 24/7 support, so if you have any questions you can post them in the Q&A section and we’ll respond to you within 15 hours.

NOTE: This course is created for educational purposes only and all the attacks are launched in my own lab or against devices that I have permission to test.

 

 

1
What Is Social Engineering

This lecture will give you an brief intro of what social engineering is, why its used in hacking, and why learn it?

2
Teaser - Hacking An Android Phone & Accessing The Camera

This is a teaser lecture showing you an example of what you'll be able to do by the end of the course, don't worry about the technical aspect here, you will learn each step done here later on in the course, so just sit back and enjoy the lecture.

3
Course Overview

This lecture will give you an overview of the whole course, its main sections, and what you'll learn in each of these sections.

Preparation - Creating a Penetration Testing Lab

1
Lab Overview & Needed Software

In this course, we will be using a number of operating systems, Kali for hacking and 2 others as victim or target machines, in this section you will learn how to install all of these machines as virtual machines inside your current operating system, this allow use to use all of the machines at the same time, it also completely isolates these machines from your main machine therefore your main machine will not be affected if anything goes wrong.

This lecture will give you an overview of the lab that we will need to set up for this course.

2
Installing Kali 2019 As a Virtual Machine Using a Ready Image

This lecture will give you an overview of what software you need to install for this course, and how it can be installed.

You will also see how to install Kali as a virtual machine.

3
Installing Windows As a Virtual Machine

In this lecture you will learn how to set up a windows virtual machine so that we can try and hack into it to practice penetration testing.

4
Installing Ubuntu As a Virtual Machine

This lecture will teach you how to install Ubuntu Linux as a virtual machine so that we can use it to practice hacking into Linux 

Preparation - Linux Basics

1
Basic Overview Of Kali Linux

In this lecture we will have a basic look on Kali linux just to get you comfortable with using it.

2
The Linux Terminal & Basic Linux Commands

In this lecture you will learn how to interact with the linux terminal and run linux commands.

3
Creating & Using Snapshots

In this lecture, you will learn how to store the current state of the virtual machines and how to use these restore points, this is very useful because it allows you to go back or forward to different configurations of the operating system.

Information Gathering

1
Introduction

This lecture will give you an overview of what information gathering is, why is it so important and what you'll learn in this section.

Information Gathering - Gathering Info About A Company/Website

1
Maltego Overview

Maltego is a great information gathering tool that we will use during this course, this lecture will give you an overview of this tool and its basic usage.

2
Discovering Domain Info & Emails Associated With Target

In this lecture you will learn how to use Maltego to discover websites, domains, domain info and emails related to a company.

3
Discovering Information About Hosting Company, Support Team Emails & Admin Email

In this lecture you will learn how to discover the hosting company used by the target, their contact info and more.

4
Discovering Files, Links, Websites & Other Companies Related To Target

This lecture will build up on what you learned so far about Maltego, in this lecture you will learn how to discover links, websites, files and other companies associated with your target company.

5
Using The Gathered Info To Build An Attack Strategy

Now that we are done gathering information about the target company, we will analyse all the information we gathered so far in this lecture, and try to come up with attack strategies to hack into this company.

Information Gathering - Gathering Info About A Person

1
Discovering Websites, Links & Social Networking Accounts

In this lecture and the next few ones we will start a new graph and try to gather information about a person not a company or a website, so we will start with a name (Zaid Sabih) and try to discover websites, links and social accounts associated with our target.

2
Discovering Twitter Friends & Associated Accounts

In this lecture you will learn how to gather even more information about our target person, you will learn how to discover potential friends (emails and social network accounts) of people associated with the target person.

3
Discovering Emails Of The Target's Friends

Finally you will learn how to discover emails of the target's friends, these can be very useful later on as we can pretend to be one of these friends and social engineer the target into doing something that would allow us to hack into their system.

4
Analysing The Gathered Info & Building An Attack Strategy

In this lecture we will zoom out and look at the information that we gathered about the target person (Zaid Sabih), we will analyse this info and come up with a number of attack strategies.

Windows Evil Files

1
Introduction

This lecture will give you an overview of the structure of this section and what you'll learn in it.

Windows Evil Files - Generating Undetectable Backdoors

1
Installing Veil 3.1

Veil 3.0  is a framework designed to generate undetectable backdoors, in this lecture we will have an overview of the framework and how to install it.

2
Veil Overview & Payloads Basics

In this lecture you will learn Veil's basics, what do we mean by a payload, and what each part of the payload name means.

3
Generating An Undetectable Backdoor Using Veil 3

This lecture will teach you how to generate an undetectable backdoor, that would give you full control over any Windows computer it gets executed on.

4
Listening For Incoming Connections

This lecture will teach you how to listen for incoming connections so that we can communicate with the machines we hack.

5
Hacking A Windows 10 Machine Using The Generated Backdoor

In this lecture we will test the backdoor we generated before by hacking a Windows 10 machine.

6
Installing The Fat Rat

The Fat Rat is yet another tool that can be used to generate undetectable backdoors, in this lecture you will learn how to install it on Kali Linux.

7
Generating An Undetectable Backdoor Using TheFatRat

In this lecture you will learn how to generate an undetectable backdoor using the fat rat and hack a Windows 10 machine using it.

8
Installing Empire

Empire is a framework that can be used to generate backdoors for Windows, Linux, OS X and more, it uses a completely different approach to bypass anti-virus programs, in this lecture you will learn hot to install it.

9
Creating An Empire Listener

In this lecture you will lean Empire's basics and how to generate a listener to receive connections from the machines you hack.

10
Creating a Windows Powershell Stager & Hacking Windows 10

In this lecture you will learn how to use Empire to generate an undetectable backdoor and use it to hack a Windows 10 machine.

11
Modifying Backdoor Source To Bypass All Anti-virus Programs

In this lecture you will learn how to modify the source code used in Empire stagers to make it bypass all anti-virus programs.

Windows Evil Files - Spying

1
What Is A Keylogger ?

In this lecture you will learn what is a keylogger and how it can be useful.

You will also learn how to install a program called BeeLogger that can be used to generate remote keyloggers.

2
Creating A Remote Keylogger

This lecture will teach you how to use BeeLogger to generate a  remote keylogger.

3
Using A Remote Keylogger To Capture Key Strikes Including Passwords

In this video you'll see the keylogger that we generated before in action, we will test it against a Windows 10 machine and you'll see how ti records all key strikes and sent them by email.

4
Password Recovery Basics

In this lecture we will have an overview on a password recovery tool called LaZagne, this tool can recover saved passwords from Windows and Linux.

5
Recovering Saved Passwords From Local Machine

In this lecture you will learn how to use LaZagne to recover saved passwords from a local machine, this will only work if you already have access to the target machine.

6
Recovering Saved Passwords From A Remote Machine

In this lecture you will learn how to package LaZagne as an evil file so that when executed on a computer, it recovers all saved passwords and send them to use by email.

Windows Evil Files - Enhancing Evil Files

1
Bypassing All Anti-Virus Programs By Modifying Hex Vales

In this lecture you will learn how to modify file's code to get it to bypass all anti-virus programs.

2
Creating The Perfect Spying Tool

In this lecture you will learn how to use the download and execute payload to create the perfect spying tool.

Windows Evil Files - Converting Evil File To A Trojan

1
Download & Execute Payload

In this lecture we will have a look on a very useful yet simple payload, this payload can be used to download and execute any number of files when executed.

2
Embedding Evil Files With Any File Type Like An Image Or PDF

This lecture will teach you how to combine your backdoor with any other file (image, pdf ....etc).

This is the first step to convert our evil file to a trojan; an evil file that looks and functions like trusted file.

3
Running Evil Files Silently In The Background

In this lecture you will learn how to enhance the trojan that we made in the previous lecture and make it run the evil code in the background without showing any suspicious pop ups.

4
Changing Trojan's Icon

Now that we have an evil file that functions like a normal file, we need to make it look like a normal file too, the first step to achieve that is to change the icon to something that represents the file that we are trying to mimc.

5
Spoofing File Extension from .exe to anything else (pdf, png ..etc)

The last step of making a perfect trojan is to spoof its extension so that it has an extension thats relevant to the icon and to the file that the target is expecting.

6
Download & Execute Payload (Method 2)

In this lecture you will learn how to use another download and execute payload, the main advantage of this payload is the fact that you won't need to use any 3rd party software to convert it to exe, this is useful because sometimes some AV programs (usually not popular ones) flag ANY bat file converted to exe using these 3rd party programs as malware, this is obviously wrong and they do fix it after a while, but if you find yourself in a situation where your download and execute is getting detected then you can use this methods instead.

7
Embedding Evil Files With Any File Type Like An Image Or PDF (Method 2)

This lecture will show you how to compile payload we created in the previous lecture to exe and change its icon.

8
Embedding backdoor In A Legitimate Microsoft Office Document

In this lecture you will learn how to embed backdoor code in a legitimate Microsoft Office document, this is different to what you learned so far as we used to generate an exe that downloads and executes the backdoor in the background and display a normal file to the target, then we changed the icon and spoofed the extension to make the trojan look exactly like a normal file, in this method though we will inject the evil code inside the document, so the result is going to be a legitimate Microsoft Office file with a normal icon and a normal extension, but when executed it will display a normal Microsoft Office document and run the evil code in the background.

9
Embedding Any Evil File In A Legitimate Microsoft Office Document

In this lecture you will learn how to embed any evil file with a legitimate Microsoft Office.

Mac OS X Evil Files

1
Introduction

This lecture will give you an overview of what you'll learn in this section, the lab setup that I will use and how to replicate it.

2
Hacking Mac OS X Using A Meterpreter Backdoor

In this lecture you will learn how to use a tool called msfvenome to generate a meterpreter backdoor for OS X.

msfvenom can be used to generate backdoors for all operating systems, so the steps shown in this lecture can be used to generate backdoors for other operating systems other than OS X.

3
Hacking Mac OS X Using An Empire Stager

This lecture will teach you how to generate a basic Empire backdoor for Mac OS X.

4
Converting Basic Backdoor To An Executable

This lecture will teach you how to convert that backdoor that we made in the previous lecture to an executable.

5
Embedding A Normal File With Backdoor

This lecture will teach you how to embed the backdoor that we generated before with any other file such as an image or a pdf.

6
Download & Execute Payload

In this lecture we will have a look on a download and execute payload for OSX, we will use it to generate a trojan that would open a PDF, but at the same time it will execute a meterpreter payload in the background.

7
Changing Trojan's Icon

This lecture will teach you how to change the icon of our trojan to something that represents the file that the target is expecting.

8
Configuring The Trojan To Run Silently

This is the last step of creating our perfect trojan, in this lecture you will learn how to configure the trojan to run silently and only display the file that the target is expecting while running our evil file silently in the background.

9
Embedding Backdoor In A Legitimate Microsoft Office Document

In this lecture you will learn how to embed our backdoor's code inside a legitimate Microsoft Office document.

Linux Evil Files

1
Hacking Into Linux-Like Systems Using One Command

In this lecture you will learn how to agin access to any OS that uses bash (Linux, OS X, Android) using one command!


2
More Advanced Linux Backdoor

This lecture will teach you how to generate a more advanced backdoor for Linux systems.


3
Using A Remote Keylogger To Capture Key Strikes Including Passwords

In this lecture we will test the keylogger we generated in the previous lecture and spy on a Ubuntu Linux machine.

4
Recovering Saved Passwords From A Local Machine

In this lecture you will learn how to use LaZagne to recover saved passwords from a local Linux machine.

5
Execute & Report Payload

In this lecture we will have a look on a very useful payload, this payload can be used to execute any command one the target machine and sent the result to us by email

6
Recovering Saved Passwords From A Remote Machine

 In this lecture we will use the execute & report payload to download and execute LaZagne then send the recovered passwords to us by email.

7
Embedding Evil Code In A Legitimate Linux Package - Part 1

In this lecture you will learn how to embed evil code inside a legitimate .deb file.

8
Embedding Evil Code In A Legitimate Linux Package - Part 2

In this lecture you will learn how to convert that package that we made in the previous video to a deb package, and use it to hack a Linux machine.

9
Backdooring a Legitimate Android App

This lecture will teach you how to embed a backdoor in a legitimate Android app, and hack Android phones using it.

Delivery Methods

1
Introduction

This lecture will give you an overview of the contents of this section.

2
Mail Deliver - Setting up an SMTP Server

Spoofing emails is one of the best methods to communicate with your target , in this lecture you'll learn how to set up your own mail server so that you can send emails to your target and make them appear as if they're sent from any email you want.

3
Mail Delivery - Spoofing Emails
4
Hacking OS X & Linux Using Pure Social Engineering Without Sending Any Files

In this lecture we will consider a scenario where we will use a number of things that we learned so far to hack into OS X or a Linux machine only by sending the target an email.

5
Creating A Replica Of Any Website / Login Page

This lecture will teach you how to make an exact copy of any website you want!

6
Stealing Login Info Using Fake A Login Page

In this lecture you will learn how to create a fake login page identical to the a real login page and social engineer your target to enter their login info in it.

7
BeEF Overview & Basic Hook Method

BeEF is a browser exploitation framework that allows us to run a large number of commands on hooked browser.

In this lecture we will have an overview of the interface, how to start the framework and how to create a hook page and hook targets to it.

8
Injecting BeEF's Hook In Any Webpage

This lecture will teach you how to inject BeEF's hook in any web page you want.

9
Luring Target Into Accessing Evil URL Without Direct Interaction

In this lecture you will learn how to lure your target into browsing an evil URL without communicating with them.

10
Basic BeEF Commands

In this lecture you learn how to run some basic commands on the target machine using beef, so you'll learn how to run any Javascript code, get a screenshot of the page they're browsing and redirect them to any page you want.

11
Stealing Credentials/Passwords Using A Fake Login Prompt

In this video you will learn how to use beef to display a fake login dialog to the target user and steal the password they enter, dialogs can be made for facebook, youtube, microsoft or you can even create your own using the custom option.

12
Hacking Windows 10 Using A Fake Update

In this video we will use BeEF to create a fake clippy tip telling the user that there is a new update, the update is actually a backdoor, so once they install that update we will gain full control over the target machine.

13
Hacking Mac OS X Using A Fake Update

In this video we will use BeEF to create a fake notification bar telling the user that there is a new update, the update is actually a backdoor, so once they install that update we will gain full control over the target machine.

14
Hacking Linux Using A Fake Update

In this lecture we will show a flash pop up telling the target that there is a new update, once they install the update they will install flash and run out backdoor in the background.

Using The Above Attacks Outside The Local Network

1
Overview of the Setup

This lecture will give you an overview of the default setup of networks, how connections are handled and the theory behind what needs to be done to receive connections from outside the network.

2
Ex1 - Generating a Backdoor That Works Outside The Network

In this video we will have an example on how to generate a backdoor that would work outside the network, and how to listen for incoming connections.

3
Configuring The Router To Forward Connections To Kali

This lecture will teach you how to configure the router to forward incoming connections to the Kali machine in order to interact with the reverse shell we created in the previous lecture.

4
Ex2 - Using BeEF Outside The Network

This lecture will give another example on receiving connections from devices outside the network, in this example we'll use BeEF and hook a victim that exists on a completely different network.

Post Exploitation

You can view and review the lecture materials indefinitely, like an on-demand channel.
Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don`t have an internet connection, some instructors also let their students download course lectures. That`s up to the instructor though, so make sure you get on their good side!
4.7
4.7 out of 5
1638 Ratings

Detailed Rating

Stars 5
1125
Stars 4
414
Stars 3
78
Stars 2
11
Stars 1
10