NotSoSecure Hacking 101


Not so Secure Training Courses Certification


See all CoursesProfessional Services & Support


This 1-day course will teach you the foundations of Pen Testing and how to find and exploit vulnerabilities within different technologies.

This introductory course will train attendees in understanding Pen Testing, and provide background information on risks and vulnerabilities associated with different systems and provide insight to how the mindset of a hacker works. Delegates will also get access to an online course environment platform which will be used to practice the concepts taught during the course.

No prior experience is required to take this course

Attendees will gain understanding in the following topics:
Understand different network topologies and addressing schemes
Understand the properties and security of common network protocols and thenetwork protocol stacks.
How to fingerprint, enumerate and exploit common windows and linux
misconfigurations and vulnerabilities.
Differentiate between types of wireless standards and understand the benefits andrisks associated with these standards.
How to exploit common web application security flaws.

Hacking Fundamentals

  • Hacking History 101
  • Hacking in 2018
  • CIA Triad
  • Art of Hacking Methodology
  • Introduction to Kali Linux

Network Security

  • Network Fundamentals
  • MAC Addressing and Network Addressing
  • Introduction to Port Addressing
  • Understanding the OSI Layer and TCP/IP Model
  • Domain Name System (DNS) Attack Surface
  • TCP vs UDP
  • Network Scanning
  • Shodan

Linux Security

  • Introduction to Linux
  • Linux Filesystem Hierarchy
  • Linux File Permissions 
  • Berkeley Rsh/Rlogin Services
  • Network File System (NFS) Security
  • Missing Security Patches
  • Vulnerability Identification
  • Case Study: Shellshock
  • Introduction to Metasploit

Windows Security

  • Windows Fundamentals
  • Windows Password Hashing
  • Workgroups vs Domains
  • Windows Authentication
  • Windows Exploitation 101
  • Client-Side attacks
  • Case Study: WannaCry

Hacking CMS Software

  • Introduction to Content Management Systems
  • Enumerating CMS Platforms
  • Hacking WordPress
  • Joomla Exploitation

Web Security

  • HTTP Protocol Basics
  • Understanding Web Application Attack Surface
  • SQL Injection
  • Case Study: T alkT alk SQL Injection
  • Command Injection
  • Cross-Site Scripting (XSS)
  • Open Redirect

Wireless Security

  • WiFi Security 101 
  • Wired Equivalent Privacy (WEP) 
  • Wi-Fi Protected Access (WPA) 
  • WPA2 Security
  • Wi-Fi Protected Setup (WPS) flaws
  • Rogue Access Points Attacks