In the Ethical Hacking and Penetration Testing course, I gained a comprehensive understanding of the theory and practical techniques used to assess the security of IT systems. Through hands-on exercises and capture-the-flag challenges, I learned how to perform penetration testing by identifying and exploiting security vulnerabilities across various platforms. The course covered the entire penetration testing process, from information gathering and network reconnaissance to engaging and attacking services such as FTP, DNS, and SMTP.
Additionally, I gained valuable experience in web hacking, learning about client-side attacks like Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF), as well as server-side vulnerabilities such as SQL injection, template injections, and session manipulation. I also explored advanced topics in binary exploitation, including stack overflows and return-oriented programming, which provided me with the skills to exploit software vulnerabilities at the binary level.
The course also covered internal network hacking, social engineering attacks like phishing and spear phishing, and wireless network hacking, broadening my understanding of the various methods cyber attackers use to infiltrate systems. By the end of the course, I not only gained practical skills in modern penetration testing techniques but also a deeper understanding of how to defend against these attacks and protect systems from potential breaches.