Learn Social Engineering From Scratch – Zaid Sabih

Salepage link: At HERE. Archive: https://archive.is/wip/jDHL5

Learn Social Engineering From Scratch

Learn how to hack Windows, Mac OS X, Linux & Android Using Social Engineering & how to secure yourself from hackers

Welcome to my comprehensive course on Social Engineering! In this course, you will start as a beginner with no previous knowledge about penetration testing or hacking, we will start with the basics of social engineering, and by end of it you’ll be at an advanced level being able to hack into all major operating systems (windows, OS X and Linux), generate different types of trojans and deliver them using smart social engineering techniques.

This course is focused on the practical side of penetration testing without neglecting the theory . Before jumping into penetration testing, you will first learn how to set up a lab and install needed software to practice penetration testing safely on your own machine, then the course is divided into the four main sections:

1. Information Gathering – This section will teach you how to gather information about your targetweather it is a company, website or just a person. You will learn how to discover anything that is associated with your target such as websites, links, companies, people, emails, phone numbers, friends, social networks accounts …etc, you will also learn how to graph all of this information and use it to build a smart attack strategy.

2. Generating Evil Files – In this section you will learn how to generate evil files (files that do tasks you want on the target computer), this includes backdoors, keyloggers, credential harvester and more, you will learn how to generate these files for Windows, OS X and Linux, not only that but you’ll also learn how to enhance these files to make them bypass all anti-virus programs, and make them look and function just like any other file such as an image or a pdf, you’ll also learn how to embedthese files in legitimate Microsoft Office documents.

3. Deliver Methods – In this section you will learn a number of social engineering methods to deliver trojans to the target, you will learn how to create fake websites that look identical to websites the target trusts, send emails that appear like they’re coming from people the target trusts and use fake login pages and fake updates to hack into the target system, not only that but you’ll also learn advanced social engineering techniques that would lure the target into visiting an evil URL and hack into the target system without even interacting with them.

4. Post Exploitation – In this section you will learn how to interact with the systems you compromised so far. You’ll learn how to access the file system (read/write/upload/execute), maintain your access, escalate your privileges, spy on the target, use the target computer as a pivot to hack other computer systems and more!

Finally at the end of the course you will learn how to protect yourself and your systems from these attacks.

All the attacks in this course are practical attacks that work against real computers, in each technique you will understand the theory behind it and how it works, then you’ll learn how to use that technique in a real life scenario, so by the end of the course you’ll be able to modify these techniques or combine them to come up with more powerful attacks and adopt them to different scenarios and different operating systems.

Course Curriculum

First Section

• What Is Social Engineering (3:14)
• Teaser – Hacking An Android Phone & Accessing The Camera (5:34)
• Course Overview (4:16)

Preparation – Creating a Penetration Testing Lab

• Lab Overview & Needed Software (3:27)
• Installing Kali 2017 As a Virtual Machine Using a Ready Image (8:32)
• Installing Windows As a Virtual Machine (3:21)
• Installing Ubuntu As a Virtual Machine (7:05)

Preparation – Linux Basics

• Basic Overview Of Kali Linux (4:37)
• The Linux Terminal & Basic Linux Commands (9:06)
• Creating & Using Snapshots (6:08)
• Updating Sources & Installing Programs (4:42)

Information Gathering

• Introduction (1:52)

Information Gathering – Gathering Info About A Company/Website

• Maltego Overview (6:02)
• Discovering Domain Info & Emails Associated With Target (7:24)
• Discovering Information About Hosting Company, Support Team Emails & Admin Email (6:55)
• Discovering Files, Links, Websites & Other Companies Related To Target (5:12)
• Using The Gathered Info To Build An Attack Stratigy (4:16)

Information Gathering – Gathering Info About A Person

• Discovering Websites, Links & Social Networking Accounts (9:28)
• Discovering Twitter Friends & Associated Accounts (4:57)
• Discovering Emails Of The Target’s Friends (4:39)
• Analysing The Gathered Info & Building An Attack Stratigy (8:41)

Windows Evil Files

• Introduction (2:14)

Windows Evil Files – Generating Undetectable Backdoors

• Installing Veil 3.0 (7:49)
• Veil Overview & Payloads Basics (7:20)
• Generating An Undetectable Backdoor Using Veil 3 (9:44)
• Listening For Incoming Connections (7:25)
• Hacking A Windows 10 Machine Using The Generated Backdoor (7:12)
• Installing The Fat Rat (6:18)
• Generating An Undetectable Backdoor Using TheFatRat (11:29)
• Installing Empire (4:27)
• Creating An Empire Listener (6:01)
• Crating a Windows Powershell Stager & Hacking Windows 10 (7:29)
• Modifying Backdoor Source To Bypass All Anti-virus Programs (8:13)

Windows Evil Files – Spying

• What Is A Keylogger ? (6:23)
• Creating A Remote Keylogger (4:55)
• Using A Remote Keylogger To Capture Key Strikes Including Passwords (7:16)
• Password Recovery Basics (7:29)
• Recovering Saved Passwords From Local Machine (3:17)
• Recovering Saved Passwords From A Remote Machine (11:51)

Windows Evil Files – Enhancing Evil Files

• Bypassing All Anti-Virus Programs By Modifying Hex Vales (10:35)
• Download & Execute Payload (6:18)
• Creating The Perfect Spying Tool (6:49)

Windows Evil Files – Converting Evil File To A Trojan

• Windows Evil Files – Converting Evil File To A Trojan (10:14)
• Running Evil Files Silently In The Background (9:13)
• Changing Trojan’s Icon (8:19)
• Spoofing File Extension from .exe to anything else (pdf, png ..etc) (11:33)
• Download & Execute Payload (Method 2) (6:20)
• Embedding Evil Files With Any File Type Like An Image Or PDF (Method 2) (6:44)
• Embedding backdoor In A Legitimate Microsoft Office Document (8:45)
• Embedding Any Evil File In A Legitimate Microsoft Office Document (10:20)

Mac OS X Evil Files

• Introduction (3:11)
• Hacking Mac OS X Using A Meterpreter Backdoor (12:04)
• Hacking Mac OS X Using An Empire Stager (6:35)
• Converting Basic Backdoor To An Executable (3:33)
• Embedding A Normal File With Backdoor (9:20)
• Download & Execute Payload (6:49)
• Changing Trojan’s Icon (6:34)
• Configuring The Trojan To Run Silently (6:14)
• Embedding Backdoor In A Legitimate Microsoft Office Document (6:10)

Linux Evil Files

• Hacking Into Linux-Like Systems Using One Command (8:54)
• More Advanced Linux Backdoor (6:35)
• Generating A Persistant Remote Keylogger (4:39)
• Using A Remote Keylogger To Capture Key Strikes Including Passwords (6:43)
• Recovering Saved Passwords From A Local Machine (7:12)
• Execute & Report Payload (6:57)
• Recovering Saved Passwords From A Remote Machine (6:53)
• Embedding Evil Code In A Legitimate Linux Package – Part 1 (12:37)
• Embedding Evil Code In A Legitimate Linux Package – Part 2 (4:59)
• Backdooring a Legitimate Android App (9:45)

Delivery Methods

• Introduction (1:51)
• Preparing Evil Files To Be Delivered Via A URL (6:03)
• Email Spoofing – Send Emails As Any Email Account (7:20)
• Hacking OS X & Linux Using Pure Social Engineering Without Sending Any Files (10:09)
• Creating A Replica Of Any Website / Login Page (6:03)
• Stealing Login Info Using Fake A Login Page (9:00)
• BeEF Overview & Basic Hook Method (7:08)
• Injecting BeEF’s Hook In Any Webpage (4:57)
• Luring Target Into Accessing Evil URL Without Direct Interaction (10:44)
• Basic BeEF Commands (4:24)
• Stealing Credentials/Passwords Using A Fake Login Prompt (2:17)
• Hacking Windows 10 Using A Fake Update (4:40)
• Hacking Mac OS X Using A Fake Update (4:29)
• Hacking Linux Using A Fake Update (4:45)

Using The Above Attacks Outside The Local Network

• Overview of the Setup (5:55)
• Ex1 – Generating a Backdoor That Works Outside The Network (5:24)
• Configuring The Router To Forward Connections To Kali (6:58)
• Ex2 – Using BeEF Outside The Network (5:49)

Post Exploitation

• Introduction (2:11)
• Upgrading Basic Shell Access To A Meterpreter/Empire Access (9:06)
• Automatically Execute Commands When A Reverse Shell Is Spawned (6:03)

Post Exploitation – Meterpreter

• Meterpreter Basics (6:22)
• File System Commands (5:09)
• Maintaining Access Basic Methods (5:07)
• Maintaining Access – Using a Reliable & undetectable Method (6:53)
• Spying – Capturing Key Strikes & Taking Screen Shots (2:39)
• Pivoting – Theory (What is Pivoting?) (7:07)
• Pivoting – Exploiting Devices on The Same Network As The Target Computer (8:11)
• Controlling Android Phone & Accessing Mic, Camera, Messages, File System & More (8:43)
• Maintaining Access On OS X (10:28)

Post Exploitation – Empire

• Basics Of Empire Agents (6:30)
• File System Commands (6:43)
• Upload & Execute Shell Commands (4:33)
• Injecting Backdoor Process In System Processes (9:38)
• Stealing root Password & Escalating Privileges On OS X (7:16)
• Maintaining Access On OS X (5:34)

Security

• Detecting Fake/Spoofed Emails (6:08)
• How to Protect Against BeEF & Other Browser Exploits (4:17)
• Detecting Trojans Manually (5:32)
• Detecting Trojans Using a Sandbox (3:16)