What will you learn?
- 9Understand how hackers work, how a penetration test is performed, and what agreements to make to safely carry out a penetration test;
- 9Use open-source intelligence, sniffing and port scanning tools and techniques to gain valuable information on a target;
- 9Gain hands-on experience in vulnerability scanning, SQL injection, password cracking, XSS, and remote and local file inclusion with realistic TryHackMe lab challenges.
- 3 course days, 1pm – 5.30pm CEST
- 8.5 hours of self-study
- R 1 CPE credit per study hour
Ethical Hacking Foundation Course – Learn the basics of penetration testing from expert hackers
In our Ethical Hacking Foundation course, you will learn to think like a hacker and immerse yourself in the techniques and tools hackers use to break into networks and systems. Designed by experienced hackers, the course guides you through the penetration testing process and challenges you to practice your hacking skills at every step of your journey.
In this beginner’s penetration testing training, you will learn hacking by doing it. Throughout the course, you will perform basic penetration testing tasks in a TryHackMe lab environment. You will try your hand at network sniffing, port scanning, SQL injection, password cracking, local and remote file inclusion, and cross-site scripting (XSS). At the end of the course, you will use your newly acquired hacking skills to carry out a basic black-box penetration test (Capture the Flag challenge).
This is an entry-level ethical hacking course for beginners with little or no programming experience. Are you looking for advanced penetration testing training? Our Ethical Hacking Practitioner course will challenge you with more complex hacking exercises to test networks, devices, access control, software and databases.
This is a complete beginner’s penetration testing training. You don’t need any previous hacking knowledge or experience to participate. However, we strongly recommend you to have a basic understanding of Linux. Are you new to Linux? If you want to participate in our hacking exercises, please consider taking a one-day Linux Introduction course before signing up for Ethical Hacking Foundation.
Who should join Ethical Hacking Foundation?
This course is an ideal choice for anyone interested in exploring “the hacker mindset” and getting a solid understanding of basic penetration testing techniques.
We especially recommend this course if:
- You are considering starting a career in ethical hacking, and you would like to get basic hacking skills and credentials before following more advanced trainings;
- You would like to learn penetration testing fundamentals to succeed in a SOC analyst or IT security role.
What is included in this Ethical Hacking Foundation course?
- Official SECO-Institute course materials developed by experienced hackers;
- Training from passionate instructors who are active in the penetration testing industry;
- Access to SECO’s hacking lab environment
- Practice exam and exam syllabus to fully prepare for your Ethical Hacking Foundation certification exam;
- Certification exam voucher;
- Access to the (S)ECO-system, a professional community website where you will find additional resources and exclusive knowledge events.
Ethical Hacking Foundation Course Modules
Module 1: Penetration Testing – Preparation
- Understand the difference between hacking and ethical hacking
- Understand the legal implications of hacking
- Know what agreements to make in the intake phase to safely carry out a penetration test
- Understand the difference between white box, grey box and black box testing
- Understand the penetration testing process
- Learn to use Kali Linux for penetration testing
Module 2: Reconnaissance
- Understand the difference between passive and active reconnaissance
- Use common open-source intelligence (OSINT) tools to carry out passive reconnaissance and find useful information on the target
- Identify relevant information to be found about the target
- Make a plan for keeping track of the findings
- Use Shodan.io to gather information on a target
- Geolocate images to gather information on a target
- Use basic sniffing and scanning techniques to perform active reconnaissance and gather more useful information on the target
- Use Wireshark to sniff network traffic and filter relevant information
- Use Nmap to map the target network infrastructure and services
- Perform TCP Connect, SYN “Half-open”, and UDP scans using Nmap
- Use Dirb and Nikto to scan for web content and web server vulnerabilities
Module 3: Web Application Attacks
- Find web application vulnerabilities with Zap
- Perform a basic web parameter tampering attack
- Perform a basic XSS attack
- Perform a basic SQL attack
- Crack hashed passwords
- Perform a basic file inclusion attack
Module 4: Capture the Flag
Use the techniques learnt in Modules 1-3 to break into a (simulated) company’s wireless network. Discover interesting hosts and identify the services running on them. Finally, access and exploit these services to gain access to the company’s systems.
Ethical Hacking Foundation Certification Exam
The Ethical Hacking Foundation (EHF) certification exam is conducted by the SECO-Institute, Europe’s leading security and continuity certification body. The exam voucher is included in the course fee, but you need to schedule your exam with the SECO-Institute. Upon successful completion of the exam, you will receive an exam certificate and an invitation to register your official SECO-Ethical Hacking Foundation (S-EHF) certification title free of charge. By activating your certification title, you will become a certified professional in your field and you will receive a shareable digital badge to verify your competence to clients, employers and fellow professionals.
- Exam language: English
- Exam delivery: Online exam with remote proctoring
- Exam format: 40 multiple-choice questions
- Duration: 60 minutes
Why take the certification exam?
By passing the SECO-Ethical Hacking Foundation certification exam and earning a SECO-Ethical Hacking Foundation (S-EHF) certificate, you demonstrate your ability to:
- Understand the basics of the penetration testing process and the legal precautions needed for penetration testing;
- Use basic network sniffing and port scanning techniques;
- Use web application vulnerability scanners (Dirb, Nikto and Vega) to find potential vulnerabilities;
- Interpret the results of a basic vulnerability scan;
- Run an automated SQL injection attack using SQLmap;
- Crack a password hash with John the Ripper;
- Brute-force a web-based login form;
- Bypass client-side validation;
- Use basic local file inclusion and remote file inclusion techniques to gain shell access and execute commands on the system;
- Perform a basic black-box penetration test.
What are the benefits of an S-EHF certificate?
Your SECO-Ethical Hacking Foundation certificate and digital badge demonstrate that you have been tested on your understanding of the penetration testing process and your ability to use fundamental penetration testing techniques. Your professional S-EHF credentials verify your competence to clients, employers and peers, and qualify you for career opportunities that require proof of basic penetration testing skills. If you are looking to build a career in cyber security, these credentials may be your first step towards a rewarding career in the industry.
Authors & Lead Trainers
In-company training tailored to your needs
Schedule this training as in-company. Upskill your entire team in the most cost-effective way!