Applied Ethical Hacking with Rules of Engagement

Advanced Level

Practical tools Certificate

Applied Ethical Hacking with Rules of Engagement

By Skilific .

Master ethical hacking and forensics with a hands-on curriculum. Learn Linux essentials, exploit real-world vulnerabilities, and solve CTF challenges. Dive into advanced topics like Active Directory attacks, red team operations, and threat hunting.

Buy $69.00 Cijena: $69.00 + PDV

39.8 Hours

53 Total Lessons

External Assets

Your Path to Success Begins with the Right Knowledge and Training

Flexible Learning

Study at your own pace with hands-on lessons designed for real-world application.
Lifetime Access

Learn at your own pace with unlimited access to course materials anytime, anywhere.
Completion Certificate

Earn a recognized certificate to showcase your skills and enhance your resume.

Applied Ethical Hacking with Rules of Engagement: Course Breakdown

1. Crash Course: Linux Essentials

Objective: Build a solid foundation for cybersecurity operations.
Key Takeaways:

Setting up virtual environments for hands-on practice.
Installing and configuring Kali Linux with essential tools like ZSH, TMUX, and Terminator.
Mastering core Linux commands and Docker basics.
Hands-on exercises to navigate Linux environments effectively.

2. Hands-On Practice Labs

Objective: Bridge the gap between theory and real-world application.
Key Takeaways:

Introduction to ethical hacking tools (VSCode, Kali Linux).
Working with vulnerable labs such as DVWA, WebGoat, and Metasploitable.
Engaging in Capture The Flag (CTF) challenges to enhance problem-solving skills.

3-6. Ethical Hacking Core Concepts

Attack Vectors and Reconnaissance

Understanding attack methodologies.
Scanning networks using tools like Nmap and Metasploit.
Utilizing OSINT techniques for information gathering.

Vulnerability Scanning

Implementing OpenVAS-GVM for security assessments.
Advanced threat analysis and multi-layered scanning.

Exploitation and Post-Exploitation

Working with Metasploitable environments.
Conducting password attacks and privilege escalation techniques.

Network Attacks

Wired and wireless attacks, including MITM, sniffing, and spoofing.

7. Social Engineering Attacks

Objective: Master human-centric attack strategies.
Key Takeaways:

Understanding social engineering psychology.
Running phishing campaigns using Gophish.
Simulating client-side attack scenarios.

8. Web Application Penetration Testing (OWASP Top 10)

Objective: Strengthen web security expertise.
Key Takeaways:

Familiarity with OWASP standards.
Hands-on practice with Burp Suite.
Exploiting vulnerabilities like XSS, SQL Injection, and CSRF.

9. Python Scripting for Cybersecurity

Objective: Develop coding skills for security automation.
Key Takeaways:

Learning Python fundamentals (data types, loops, functions).
Building security tools such as port scanners and malware command servers.

10. CTF Challenges & Practical Pentesting

Objective: Apply hacking skills in real-world simulations.
Key Takeaways:

Solving beginner-to-advanced CTF challenges.
Tackling scenarios like NoSQL injections, reverse shells, and privilege escalation.

11. Security Standards & Methodologies

Objective: Understand industry-recognized security frameworks.
Key Takeaways:

Exploring MITRE ATT&CK, OWASP, PTES, and OSSTMM.
Applying these methodologies in professional security audits.

12. Red Team Operations with Cobalt Strike

Objective: Master advanced offensive security techniques.
Key Takeaways:

Setting up red team infrastructure.
Executing sophisticated C&C operations and lateral movement strategies.

13. Active Directory Attacks

Objective: Learn how to simulate real-world AD breaches.
Key Takeaways:

Setting up vulnerable Active Directory environments.
Executing attacks like credential replay and Golden Ticket exploitation.

14. MITRE ATT&CK Framework

Objective: Explore adversary tactics across the attack lifecycle.
Key Takeaways:

Understanding reconnaissance, execution, and impact stages within MITRE ATT&CK.

15-17. Defensive Security & Threat Hunting

Introduction to Defensive Security

Core security concepts: SOC vs. SIEM, defense-in-depth strategies.
Overview of OSSIM Open Threat Exchange.

SIEM with Elastic Stack & Wazuh

Setting up Elasticsearch, Kibana, and Wazuh Manager.
Integrating security systems for centralized monitoring.

Threat Hunting with Wazuh

Implementing file integrity monitoring and vulnerability detection.
Identifying malware and Indicators of Compromise (IoCs).

18. Programming Custom Wazuh Rules

Objective: Tailor security tools to specific needs.
Key Takeaways:

Writing decoders and custom rules in Wazuh for enhanced threat detection.

19. Real-World Threat Simulation

Objective: Apply cybersecurity knowledge in realistic scenarios.
Key Takeaways:

Simulating attacks like Shellshock and SSH brute force.
Detecting IoCs and developing incident response workflows.

🚀 Start Your Ethical Hacking Journey Today!
Gain hands-on experience and build a career in cybersecurity. Enroll now and take the first step toward becoming a cybersecurity expert!

Lessons

1. 001 Virtual Environment
2. 002 Kali Linux Installation _ Environment
3. 003 Power Up Your Linux Shell_ TERMINATOR-ZSH-TMUX
4. 004 Linux Basics _ Commands
5. 005 Docker on Linux
6. 005 cmd
7. external-assets-links
1. 001 Disclaimer
2. 002 VSCode IDE For Your Scripts!
3. 003 Intro to Ethical Hacking Basic Concepts and Terminologies
4. 004 Vulnerable Labs -1_ dvwa, bwapp, webgoat, juiceshop, metasploitable2
5. 005 Read Me!
6. 006 Vulnerable Labs -2_ metasploitable3
7. 007 Capture The Flags(CTF)_ HTB and others
8. 008 cmd
9. 009 cmd
10. 010 Resources
11. 011 Installation
12. external-assets-links
1. 001 Understanding Attack Vectors
1. 001 Initial Reconnaissance with OSINT Framework
2. 002 Scanning with ZENMAP
3. 003 Scanning with NMAP in Command Line _ in Python
4. 004 Scanning with Metasploit AUX _ CENSYS
5. 005 Metasploitable Environment Preparation
6. 006 Enum with NMAP Part 1
7. 007 Enum with NMAP Part 2
8. 008 Enum with Metasploit and other tools
9. external-assets-links
1. 001 Introduction to Vulnerability Scanning and Analysis
2. 002 Setting up OpenVAS-GVM
3. 003 Vulnerability Assessment with OpenVAS-GVM
4. 004 Vulnerability Analysis in Action
5. 005 Second Opinion Vulnerability Scanning with NMAP NSE Scripts
6. 006 Third Opinion Vulnerability Scanning with Metasploit
7. external-assets-links
1. 001 Initial Presentation
2. 002 Metasploitable2 - Part 1
3. 003 Metasploitable2 - Part 2
4. 004 Metasploitable2 - Part 3
5. 005 Metasploitable2 - Part 4
6. 006 Metasploitable3 Ubuntu - Part 1
7. 007 Metasploitable3 Ubuntu - Part 2
8. 008 Metasploitable3 Ubuntu - Part 3
9. 009 Metasploitable3 Ubuntu - Part 4
10. 010 Metasploitable3 Win2k8 - Part 1
11. 011 Metasploitable3 Win2k8 - Part 2
12. 012 Metasploitable3 Win2k8 - Part 3
13. 013 Password Hash Crack - Part 1
14. 014 Password Hash Crack - Part 2
15. external-assets-links
1. 001 Man in the Middle Attacks (Sniffing _ Spoofing) - Part 1
2. 002 Man in the Middle Attacks (Sniffing _ Spoofing) - Part 2
3. 003 Wireless Attacks - Part 1
4. 004 Wireless Attacks - Part 2
5. external-assets-links
1. 001 Social Engineering Concepts - Part 1
2. 002 Social Engineering Concepts - Part 2
3. 003 Gophish Framework - Reaching the Target - Part 1
4. 004 Gophish Framework - Reaching the Target - Part 2
5. 005 Social Engineering Client Side Attacks - Part 1
6. 006 Social Engineering Client Side Attacks - Part 2
7. external-assets-links
1. 001 Web App Pentesting Concepts - Part 1
2. 002 Web App Pentesting Concepts - Part 2
3. 003 Web App Pentesting Concepts - Part 3
4. 004 Web App Pentesting Concepts - Part 4
5. 005 Burp Suite Basics - Part 1
6. 006 Burp Suite Basics - Part 2
7. 007 Damn Vulnerable Web Application Lab - Part 1
8. 008 Damn Vulnerable Web Application Lab - Part 2
9. 009 Damn Vulnerable Web Application Lab - Part 3
10. 010 Damn Vulnerable Web Application Lab - Part 4
11. 011 Damn Vulnerable Web Application Lab - Part 5
12. 012 OWASP Webgoat Lab - Part 1
13. 013 OWASP Webgoat Lab - Part 2
14. 014 OWASP Mutillidae II Lab - Part 1
15. 015 OWASP Mutillidae II Lab - Part 2
16. 016 Metasploitable 3 Vulnerable Web App
17. 017 bWAPP - Buggy Web Application Lab
18. 018 PortSwigger - Online Vulnerable Web Apps - Part 1
19. 019 PortSwigger - Online Vulnerable Web Apps - Part 2
20. external-assets-links
1. 001 Basics 1_ Installation _ Config , Basic Operations, Binary Operations
2. 002 Basics 2_ Loop Statements, Flow Control and Modules
3. 003 Basics 3_ Data Types and Functions
4. 004 Classes and Objects, Mini Project I_ Writing a Port Scanner
5. 005 Mini Project II_ Writing a Malware Command _ Control (C_C) Server_Client
6. external-assets-links
1. 001 Intro to Hack the Box (HTB) CTF
2. 002 Easy 1 - BLUE (Enumeration, Exploitation, Hash Dump and Impacket Framework)
3. 003 Easy 2 - DEVEL (Indirect Web Shell Upload, Local Exploit Suggester, Priv. Esc.)
4. 004 Easy 3 - NETMON (PRTG Exploit with Python, Creds Discovery _ Guessing) - Part 1
5. 005 Easy 3 - NETMON (PRTG Manual Exploit with Nishang Reverse Shells) - Part 2
6. 006 Medium 1 - POPCORN (Dirbuster Enum, Upload Abuse, Nix PAM, DirtyCow Exploit)
7. 007 Medium 2 - BLUNDER (Gobuster, Bludit CMS exploits) - Part 1
8. 008 Medium 2 - BLUNDER (Hashcat, LinPEAS Priv Esc., sudo Exploit) - Part 2
9. 009 Medium 2 - BLUNDER (CSRF_Anti-Bruteforce Bypass with Python Scripting) - Part 3
10. 010 Medium 3 - SNIPER (SMB Enum, LFI RFI, Gain Rev Shell) - Part 1
11. 011 Medium 3 - SNIPER (RFI RCE, Local Enum, Priv Esc, CHM Weaponization) - Part 2
12. 012 Medium 3 - SNIPER (CrackMapExec, Impacket, Cookie Poisoning) - Part 3
13. 013 Medium 4 - MANGO (Recon, NoSQL MongoDB Injection) - Part 1
14. 014 Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 2
15. 015 Medium 4 - MANGO (Write NoSQL Injector with Python) - Part 3
16. 016 Medium 4 - MANGO (LinPEAS, GTFOBins Priv. Esc. Attack Vectors) - Part 4
17. 017 Hard 1 - CONTROL (Manual SQL Injection, SQLmap) - Part 1
18. 018 Hard 1 - CONTROL (Read _ Write Webshells with SQLMap, winPEAS) - Part 2
19. 019 Hard 1 - CONTROL (Windows Priv. Esc Abusing SDDL Perms, Service Exec) - Part 3
20. external-assets-links
1. 001 MITRE ATT_CK and Cyber Kill Chain
2. 002 OWASP TOP 10, ASVS, MASVS, PTES, ISSAF and OSSTMM
3. external-assets-links
1. 001 Introduction to Red Teaming - Part 1
2. 002 Introduction to Red Teaming - Part 2
3. 003 Red Teaming Operations - Part 1
4. 004 Red Teaming Operations - Part 2
5. 005 Red Teaming Infrastructure - Part 1
6. 006 Red Teaming Infrastructure - Part 2
7. 007 Red Teaming Infrastructure - Part 3
8. 008 Red Teaming Command and Control (C_C) - Part 1
9. 009 Red Teaming Command and Control (C_C) - Part 2
10. 010 Red Teaming Command and Control (C_C) - Part 3
11. 011 Red Teaming Command and Control (C_C) - Part 4
12. 012 Red Teaming Command and Control (C_C) - Part 5
13. 013 Red Teaming Weaponization (DDE _ Micro Attacks) - Part 1
14. 014 Red Teaming Weaponization (HTA Attack, Droppers, File Format Exploits) - Part 2
15. 015 Red Teaming Initial Access Attack Scenarios
16. 016 Red Teaming Post Exploit (Proc Injection _ Bypass UAC, Token Tampering) - Part 1
17. 017 Red Teaming Post Exploit (Keylogger, Screen Spy, Cobalt Strike Ops) - Part 2
18. 018 Red Teaming Post Exploit (Pivoting, Session Passing, RDP Tunnel) - Part 3
19. external-assets-links
1. 001 Active Directory Attacks Concepts - Part 1
2. 002 Active Directory Attacks Concepts - Part 2
3. 003 Active Directory Attacks Concepts - Part 3
4. 004 Active Directory Setup on Metasploitable VM
5. 005 Vulnerable AD Lab Preparation
6. 006 AD Enumeration, Credentials Replay Attacks, Over-PTH, Secretsdump and Evil-WinRM
7. 007 AS-REP Roast, Hashcat, Pass The Ticket Attacks
8. 008 Golden Tickets, Kerberoasting against User SPNs and Mimikatz Attacks
9. external-assets-links
1. 001 Introduction to MITRE ATT_CK - Part 1
2. 002 Introduction to MITRE ATT_CK - Part 2
3. 003 Reconnaissance
4. 004 Resource Development
5. 005 Initial Access
6. 006 Execution
7. 007 Persistence
8. 008 Privilege Escalation
9. 009 Defense Evasion
10. 010 Credential Access
11. 011 Discovery
12. 012 Lateral Movement
13. 013 Collection
14. 014 Command and Control
15. 015 Exfiltration
16. 016 Impact
17. external-assets-links
1. 001 SIEM vs. SOC
2. 002 How SIEM works
3. 003 What are SIEM Use-Cases and Common Mistakes_
4. 004 Threat Intelligence _ OSSIM Open Threat Exchange (OTX) P1
5. 005 Threat Intelligence _ OSSIM Open Threat Exchange (OTX) P2
6. 006 SIEM vs. SOAR vs. UEBA
7. 007 How secure is secure enough_
8. 008 Defense-in-Depth Architecture Part 1
9. 009 Defense-in-Depth Architecture Part 2
1. 001 Installation Note
2. 002 Architecture, Installation _ Configuring Wazuh Manager Server
3. 003 Installation _ Configuring Elasticsearch
4. 004 Installation _ Configuring FileBeat _ Kibana
5. external-assets-links
1. 001 Integrating Windows Endpoint in Wazuh Manager
2. 002 Automated Roll-out of Wazuh Agent on a Network of Windows Workstations
3. 003 Integrating Linux Endpoint in Wazuh Manager
4. 004 Integrating Fortigate Firewall in Wazuh Manager
5. 005 Changing Password of the Read-Only Admin Account
6. external-assets-links
1. 001 Wazuh Index State Management (ISM) _ Storage Productivity
2. external-assets-links
1. 001 File Integrity Monitoring (FIM)_ Alert when Critical Files Touched
2. 002 Linux System Calls Monitoring_ Alert when Auditctl Rules are met
3. 003 Continuous Enterprise Vulnerability Monitoring
4. 004 CIS Hardening Monitoring with Wazuh SCA (Less is More Principle)
5. 005 Windows Defender in Wazuh_ Centrally Monitor Malware _ Actions across Endpoints
6. 006 Use Sysinternals Sysmon with Wazuh_ The Swiss Army Knife for Windows Monitoring
7. external-assets-links
1. 001 Programming Decoders and Rules in Wazuh Part 1
2. 002 Programming Decoders and Rules in Wazuh Part 2
3. external-assets-links
1. 001 Run _ Detect SSH _ RDP Brute Force Attack - Linux _ Windows Endpoint
2. 002 Run _ Detect Shellshock Attack - Linux Endpoint
3. 003 Run _ Detect MSHTA Session initiation Attack
4. 004 Run _ Detect Spawn Session and Process Injection
5. 005 Run _ Detect Priv Esc, Lateral Mov. _ Exec using PSExec WMIC (Windows Endpoint)
6. 006 Run _ Detect Mimikatz _ Pass The Hash Attacks
7. 007 Run _ Detect Log Tampering IoC (Someone is deleting his traces)
8. external-assets-links

Trusted by Learners Worldwide

The best way to judge us? Hear it straight from our students!

Ethan Walker

"Skilific provides some of the best online learning experiences I’ve had. The content is structured so well that even complex topics feel easy to understand. I feel like I’ve gained real, practical knowledge that I can actually use."

Emma Wilson

"I love how engaging and well-organized the lessons are. No unnecessary jargon—just clear, to-the-point explanations. Learning online has never been this smooth!"

Wei Zhang

"The platform is easy to use, and the lessons are incredibly informative. I appreciate the hands-on approach—it makes learning so much more effective!"

Aarav Verma

"I was looking for a high-quality learning platform that wouldn’t just throw a bunch of theory at me. Skilific exceeded my expectations with its well-paced, structured content and real-world applications."

Arjun Nair

"I’ve taken multiple online courses in the past, but nothing compares to Skilific. The instructors actually take the time to break things down in a way that makes sense, even for beginners. Highly recommended!"

Mei Ling Tan

"What I love about Skilific is that you can learn at your own pace without feeling overwhelmed. The explanations are simple, clear, and engaging. I’m definitely coming back for more courses!"

Dylan Carter

"I’ve always been skeptical about online learning, but this experience changed my mind. Everything was so well-explained, and I never felt lost. This platform is truly a game-changer!"

Ryan Mitchell

"The balance between theory and hands-on practice is perfect. It’s not just about memorizing things—you actually get to understand and apply what you learn. That’s what makes Skilific stand out!"

Harish Gupta

"Finally, an online learning platform that delivers what it promises! The lessons are well-structured, engaging, and full of valuable insights. No fluff, just pure learning!"

Olivia Brown

"I love the flexibility of being able to learn at my own pace. The course material is excellent, and the explanations are crystal clear. Definitely worth it!"

Invest in yourself - Learn, Grow and Succeed!

Enroll Now

Flexible Learning

Lifetime Access

Completion Certificate

Applied Ethical Hacking with Rules of Engagement: Course Breakdown

1. Crash Course: Linux Essentials

2. Hands-On Practice Labs

3-6. Ethical Hacking Core Concepts

Attack Vectors and Reconnaissance

Vulnerability Scanning

Exploitation and Post-Exploitation

Network Attacks

7. Social Engineering Attacks

8. Web Application Penetration Testing (OWASP Top 10)

9. Python Scripting for Cybersecurity

10. CTF Challenges & Practical Pentesting

11. Security Standards & Methodologies

12. Red Team Operations with Cobalt Strike

13. Active Directory Attacks

14. MITRE ATT&CK Framework

15-17. Defensive Security & Threat Hunting

Introduction to Defensive Security

SIEM with Elastic Stack & Wazuh

Threat Hunting with Wazuh

18. Programming Custom Wazuh Rules

19. Real-World Threat Simulation

Lessons

Chapter 1 Poglavlje 1 01 Crash Course_ Linux

Chapter 2 Poglavlje 2 02 Get Your Hands Dirty

Chapter 3 Poglavlje 3 03 Ethical Hacking 1_ Understand Attack Vectors

Chapter 4 Poglavlje 4 04 Ethical Hacking 2_ Information Gathering & Enumeration

Chapter 5 Poglavlje 5 05 Ethical Hacking 3_ Vulnerability Scanning & Analysis

Chapter 6 Poglavlje 6 06 Ethical Hacking 4_ Exploitation, Post Exploitation and Password Attacks

Chapter 7 Poglavlje 7 07 Ethical Hacking 5_ Network Attacks (Wired & Wireless)

Chapter 8 Poglavlje 8 08 Ethical Hacking 6_ Social Engineering Attacks

Chapter 9 Poglavlje 9 09 Ethical Hacking 7_ Web App Pentesting (OWASP-TOP 10)

Chapter 10 Poglavlje 10 10 Crash Course_ Python Scripting (incl. 2x Mini Projects)

Chapter 11 Poglavlje 11 11 Practical Pentest with CTFs (Let's Capture The Flags)

Chapter 12 Poglavlje 12 12 Security Standards and Methodologies

Chapter 13 Poglavlje 13 13 Cobalt Strike_ Operations & Development

Chapter 14 Poglavlje 14 14 Active Directory Attacks in Depth

Chapter 15 Poglavlje 15 15 MITRE ATT&CK Framework

Chapter 16 Poglavlje 16 16 Introduction to Defensive Security

Chapter 17 Poglavlje 17 17 Setting Up Our SIEM with Elastic-Stack & Wazuh Manager

Chapter 18 Poglavlje 18 18 Integrating Endpoints in Elastic-Stack & Wazuh Manager

Chapter 19 Poglavlje 19 19 Index Life-Cycle Management (ILM) in Elasticsearch & Wazuh Manager

Chapter 20 Poglavlje 20 20 Applying Wazuh Capabilities for Security Monitoring

Chapter 21 Poglavlje 21 21 Programming Rulesets (Decoders & Rules) in Wazuh

Chapter 22 Poglavlje 22 22 Practical Attacks & Threat Hunting IoC Use-Cases with Wazuh

Ethan Walker

Emma Wilson

Wei Zhang

Aarav Verma

Arjun Nair

Mei Ling Tan

Dylan Carter

Ryan Mitchell

Harish Gupta

Olivia Brown

Chapter 1

Poglavlje 1

01 Crash Course_ Linux

Chapter 2

Poglavlje 2

02 Get Your Hands Dirty

Chapter 3

Poglavlje 3

03 Ethical Hacking 1_ Understand Attack Vectors

Chapter 4

Poglavlje 4

04 Ethical Hacking 2_ Information Gathering & Enumeration

Chapter 5

Poglavlje 5

05 Ethical Hacking 3_ Vulnerability Scanning & Analysis

Chapter 6

Poglavlje 6

06 Ethical Hacking 4_ Exploitation, Post Exploitation and Password Attacks

Chapter 7

Poglavlje 7

07 Ethical Hacking 5_ Network Attacks (Wired & Wireless)

Chapter 8

Poglavlje 8

08 Ethical Hacking 6_ Social Engineering Attacks

Chapter 9

Poglavlje 9

09 Ethical Hacking 7_ Web App Pentesting (OWASP-TOP 10)

Chapter 10

Poglavlje 10

10 Crash Course_ Python Scripting (incl. 2x Mini Projects)

Chapter 11

Poglavlje 11

11 Practical Pentest with CTFs (Let's Capture The Flags)

Chapter 12

Poglavlje 12

12 Security Standards and Methodologies

Chapter 13

Poglavlje 13

13 Cobalt Strike_ Operations & Development

Chapter 14

Poglavlje 14

14 Active Directory Attacks in Depth

Chapter 15

Poglavlje 15

15 MITRE ATT&CK Framework

Chapter 16

Poglavlje 16

16 Introduction to Defensive Security

Chapter 17

Poglavlje 17

17 Setting Up Our SIEM with Elastic-Stack & Wazuh Manager

Chapter 18

Poglavlje 18

18 Integrating Endpoints in Elastic-Stack & Wazuh Manager

Chapter 19

Poglavlje 19

19 Index Life-Cycle Management (ILM) in Elasticsearch & Wazuh Manager

Chapter 20

Poglavlje 20

20 Applying Wazuh Capabilities for Security Monitoring

Chapter 21

Poglavlje 21

21 Programming Rulesets (Decoders & Rules) in Wazuh

Chapter 22

Poglavlje 22

22 Practical Attacks & Threat Hunting IoC Use-Cases with Wazuh