Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.
Awesome Lists | Featured Topics | Projects
https://github.com/samsar4/ethical-hacking-labs

Practical Ethical Hacking Labs 🗡🛡
https://github.com/samsar4/ethical-hacking-labs
ethical-hacking-labs hacking linux penetration-testing pentesting security security-tools tutorial tutorials
Last synced: 2 days ago
JSON representation
Practical Ethical Hacking Labs 🗡🛡
Host: GitHub
URL: https://github.com/samsar4/ethical-hacking-labs
Owner: Samsar4
Created: 2019-12-04T20:16:11.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2024-04-23T20:08:56.000Z (9 months ago)
Last Synced: 2025-01-03T10:05:47.232Z (9 days ago)
Topics: ethical-hacking-labs, hacking, linux, penetration-testing, pentesting, security, security-tools, tutorial, tutorials
Homepage:
Size: 275 KB
Stars: 2,804
Watchers: 75
Forks: 702
Open Issues: 13
Metadata Files:
- Readme: README.md
Awesome Lists containing this project

README

        # 
Ethical Hacking Labs



![h](https://gist.githubusercontent.com/Samsar4/62886aac358c3d484a0ec17e8eb11266/raw/89f706846f97cd3e59880dbc03e4f1d5f8023783/header-ehl.jpg)

This is a collection of tutorials and labs made for  ethical hacking students, cybersecurity students, network and sys-admins. These tutorials accompany the resources of CEH content and different resources across the internet.

⌨️ The tutorials is very practical/hands-on. Don't worry if you are a completely noob, you don't need to be an expert to start learn ethical hacking. **Google is always your best friend.** This repo will guide you very carefully from basics to more advanced techniques.

**✅ Prerequisites**:

* Any computer with at least 8GB RAM (16GB recommended)

* At least 80GB of free disk space available

* Hardware-based virtualization support

* * *

> **⚠️ Disclaimer**:

*This is purely for educational purposes only. DO NOT try these techniques with any public network. Because if you are find guilty for causing any harm to any individual, government, corporate body, non-profit etc you will be sued with serious charges of cyber crime. I recommend you to practice the lessons in this course on your owned system and your own data in a private or local network.*

* * * 

## ⚙️ Core Knowledge

First things first, you really need to understand how things work before start to disassembly and look for vulnerable components. The more you understand how things works, a better hacker you'll be. The 'Core Knowledge' (module 0) is just a jumpstart to these topics.

**Core Knowledge provides a jumpstart to networking, linux systems, virtualization, lab building, scripting and also information security topics. If you are familiar on these topics you can skip it straight to Ethical Hacking module.**

* [Networking 101](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/0-Core-Knowledge/0-Networking-101.md)

* [Lab Building / Virtualization](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/0-Core-Knowledge/1-Lab-Building.md)

* [Introduction to Linux](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/0-Core-Knowledge/2-Intro-to-Linux.md)

* [Scripting]

* [Information Security 101](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/0-Core-Knowledge/4-Infosec-101.md)

## ⚔️ Ethical Hacking

1. **Footprinting and Reconnaissance**

    * [Introduction](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/1-Footprinting-and-Reconnaissance/0-What-is-Footprinting.md)

    * [Windows command line](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/1-Footprinting-and-Reconnaissance/1-Windows-CommandLine.md)

    * [Maltego basics](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/1-Footprinting-and-Reconnaissance/2-Maltego-Basics.md)

    * [Recon-ng](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/1-Footprinting-and-Reconnaissance/3-Recon-ng.md)

    * [OSRFramework](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/1-Footprinting-and-Reconnaissance/4-OSRFramework.md)

    * [Metasploit](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/1-Footprinting-and-Reconnaissance/5-Metasploit-Basics.md)

    * [theHarvester](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/1-Footprinting-and-Reconnaissance/6-theHarvester.md)

    * [Another tools for Recon](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/1-Footprinting-and-Reconnaissance/7-Other-Tools.md)

2. **Scanning Networks**

    * [Introduction](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/2-Scanning-Networks/0-Scanning-a-Target-Network.md)

    * [hping3](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/2-Scanning-Networks/1-hping3.md)

    * [Detect OS's by TTL using Wireshark](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/2-Scanning-Networks/2-TTL.md)

    * [Mega Ping](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/2-Scanning-Networks/3-MegaPing.md)

    * [Nmap Basics](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/2-Scanning-Networks/4-Nmap.md)

    * [Avoid Detection with Nmap](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/2-Scanning-Networks/5-NmapDecoyIP.md)

    * [More Windows GUI Tools](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/2-Scanning-Networks/6-WindowsTools.md)

3. **Enumeration**

    * [Introduction](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/3-Enumeration/0-Introduction.md)

    * [Enumeration with Nmap](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/3-Enumeration/1-Enumerating-with-Nmap.md)

    * [SNMP Enumeration](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/3-Enumeration/2-SNMP-Enumeration.md)

    * [Enum4Linux](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/3-Enumeration/3-Enum4linux-Win-and-Samba-Enumeration.md)

    * [More Windows GUI Tools](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/3-Enumeration/4-Windows-EnumerationTools.md)

4. **Vulnerability Analysis**

    * [Overview and Tools](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/4-Vulnerability-Analysis/Overview-and-Tools.md) 

5. **System Hacking**

    * [Introduction](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/0-Introduction.md)

    * [LLMNR / NBT-NS Spoofing](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/1-LLMNR-NBT-NS.md)

    * [Dumping and Cracking SAM hashes](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/2-SAM-Hashes.md)

    * [Rainbow Tables](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/3-Rainbow-tables.md)

    * [Establishing a VNC Session](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/4-VNC-Session.md)

    * [Escalating Privileges](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/5-Escalating-Privileges.md)

    * [Hacking Windows with MS Word file](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/6-Hacking-Windows-with-Doc-file.md)

    * [Hacking Windows with Msf/Meterpreter - Post Exploitation](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/7-Hacking-Windows-with-Metasploit-PostExploitation.md)

    * [Hiding Data - NTFS streams](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/8-NTFS-Streams.md)

    * [Hiding Data - Steganography](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/9-Steganography.md)

    * [Using Covert_TCP](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/10-Covert_TCP.md)

    * [Auditpol basics](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/11-Auditpol.md)

    * [More Windows GUI Tools](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/5-System-Hacking/12-WindowsTools.md)

6. **Malware** 

    * [Introduction](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/6-Malware/0-Introduction.md)

    * [njRAT](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/6-Malware/1-Using-njRAT.md)

    * [HTTP RAT Trojan](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/6-Malware/2-HTTP-Trojan.md)

    * [Obfuscating a Trojan using SwayzCryptor](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/6-Malware/3-Obfuscating-Trojan-SwayzCryptor.md)

    * [Malware Analysis Lab](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/6-Malware/4-Malware-Analysis-Lab.md)

    * [Windows Tools](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/6-Malware/5-Windows-Tools.md)

7. **Sniffing**

    * [Introduction](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/7-Sniffing/0-Introduction.md)

    * [MITM using BetterCAP](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/7-Sniffing/1-MITM-with-Bettercap.md)

    * [MAC Address Spoofing](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/7-Sniffing/2-Spoofing-MAC-address.md)

    * [Windows Tools](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/7-Sniffing/x-Windows-Tools.md)

8. **Social Engineering**

    * [Introduction](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/8-Social-Engineering/0-Introduction.md)

    * [Using SET](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/8-Social-Engineering/1-Using-SET.md)

    * [Tools](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/8-Social-Engineering/X-Tools.md)

9. **Denial-of-Service**

    * [Introduction](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/9-Denial-of-Service/0-Introduction.md)

    * [SYN Flooding](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/9-Denial-of-Service/1-SYN-Flooding.md)

    * [DDoS using HOIC](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/9-Denial-of-Service/2-DDoS-using-HOIC.md)

    * [Detecting DoS Traffic](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/9-Denial-of-Service/3-Detecting-DoS-Traffic.md)

10. **Session Hijacking**

    * [Introduction](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/10-Session-Hijacking/0-Introduction.md)

    * [Using ZAP - Zed Attack Proxy](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/10-Session-Hijacking/1-Using-ZAP.md)

    * [Intercepting HTTP Traffic](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/10-Session-Hijacking/2-Intercepting-HTTP-Traffic.md)

11. **Bonus - 🔬 The Forensic Approach**

    * [TCPDump](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/11-Bonus/TCPDump-Tutorial.md)

    * [Dissecting Packets](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/11-Bonus/Dissecting-packets.md)

    * [ExifTool](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/11-Bonus/ExifTool-Tutorial.md)

    * [hdparm & dd command](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/11-Bonus/Using-hdparm-and-dd-command.md)

    * [Recovering a Deleted Partition](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/11-Bonus/Recovering-Deleted-Partition.md)

    * [Recovering Deleted Files](https://github.com/Samsar4/Ethical-Hacking-Labs/blob/master/11-Bonus/Recovering-Deleted-Files.md)

* * * 

**💭 To Do**:

- ![](https://img.shields.io/badge/status-in%20progress-orange)

- Add Foundational level modules (~~networking~~, ~~virtualization~~, crypto, linux kernel and scripting).

- Bonus modules to add:

    - ~~Introduction to Infosec terms and methodologies (from [CEH Study Guide](https://github.com/Samsar4/CEH-v10-Study-Guide))~~

    - More Reconnaissance techniques.

    - Active Directory: Lab build and attack vectors.

    - Web application: Enumeration and exploitation using some OWASP Top 10 vulnerabilities and Bug Bounty techniques.

    - Wireless hacking (WPA)