Phishing Mastery: Social-Engineering Hacking Masterclass

Focused View

Rencora Security

2:06:44

5 View

1 - Introduction and Course Overview

1 - Course Introduction and Welcome.mp4

03:30

1 - Course-Welcome-Letter.docx

2 - Important Legal and Ethical Disclaimer.html

3 - Defining what a Hacker is in Modern Times.mp4

00:49

4 - A Brief History of Cyber Attacks.mp4

00:57

2 - Phishing User Security Passwords and MFA Fundamentals

5 - The Evolution of Online Security Passwords and Authentication.mp4

04:43

6 - Deep Dive Analysis of MultiFactor Authentication.html

6 - unnamed.zip

7 - Case Study The LinkedIn Phishing Attack.mp4

04:14

8 - Online Security 101 Passwords 2FA Authentication and Modern Attacking Tools.mp4

04:10

9 - A DeepDive into MITM ManintheMiddle Phishing Attacks.mp4

09:58

10 - Modern Amazon Phishing Attack Demo.mp4

02:06

3 - Introduction to Evilginx

11 - Introduction to Evilginx3 and Unveiling Its Beginnings with Creator Kuba Gretzky.mp4

04:30

12 - Evilginx and EvilProxy Context Resource Popular Cyber Attacks.html

13 - Evilginx Compared to Other Phishing Tool Kits Explained.html

14 - Rencora Phishlet Example Code Resource.html

4 - Setting Up Your Environment

15 - Cookie Editor Extension.txt

15 - Domain.txt

15 - Infrastructure Setup.mp4

09:01

15 - VPS.txt

16 - Connecting our Domain to Evilginx VPS Server.mp4

02:28

5 - Session Tokens Authentication Keys and Cookies Explained

17 - Introduction to Cookies.html

18 - What are Session Tokens Authentication Keys and Cookies.mp4

03:51

6 - Setting Up and Deploying Evilginx3

19 - Setting Up and Connecting Your Domain to the Evilginx VPS Server.mp4

02:28

20 - Installing Evilginx3.mp4

10:05

20 - STEP-1.Go-Installation-Resource-Code.docx

20 - STEP-2.Evilginx-Installation.docx

7 - Staging Our First Engagement with Evilginx3

21 - Introducing Phishlets.mp4

08:30

22 - DemoPhishlet.txt

22 - Setting Up our First Engagement with Evilginx3 and Creating First Phishlet File.mp4

07:01

23 - Configure Domain and Generating Phishing Lure.mp4

04:12

24 - How to Use Evilginx3 to Bypass Modern MultiFactor Authentication.mp4

04:00

25 - Catching Phish with Evilginx3 Full Walkthrough.mp4

10:07

26 - Catching More Phish with Evilginx3 Walkthrough 2.mp4

03:24

8 - Best Practices for Post Engagements

27 - Reviewing the Attack Engagement.html

28 - PostEngagement Best Practices.mp4

05:01

29 - PostEngagement Cleanup Domain Settings etc.mp4

03:34

9 - Defensive Section Protecting Against Evilginx Similar Cyber Attacks

30 - Essential Cybersecurity Defensive Checklist.mp4

07:07

31 - Closing Evilginx Ending the Attack Simulation.mp4

02:04

32 - Safeguarding and Protecting 3rd Party Applications.mp4

00:47

33 - Effective Strategies for Strengthening Cybersecurity Defenses Moving Forward.mp4

01:11

10 - Course Wrapup Review and Final Assessment

34 - Course Conclusion.mp4

01:54

35 - Future Courses and Lessons.html

11 - Using Evilginx2 on Githubs Demo Protocol and Enterprise Checklist Review

36 - Bypassing Github Authentication with Evilginx2 Spear Phishing Demonstration 3.mp4

05:02

37 - Security Campaign Management Client Review Checklist.html

37 - Security-Post-Engagement-Client-Questionnaire.docx

Description

Master Phishing Attacks - Learn real hacking and how to bypass all MFA security

What You'll Learn?

In-depth knowledge of phishing fundamentals, MFA vulnerabilities, and modern enterprise 2FA bypass techniques using Evilginx.
This course was designed by hackers to help students land jobs in penetration testing
How to deploy & understand MITM phishing attacks
Building comprehensive defense strategies against MITM attacks, focusing on the utilization of Evilginx and its add-ons.
Insights into the evolution of phishing and cyber attacks, showcasing the shift from simple scams to advanced, targeted tactics.
Comprehensive setup of a pentesting environment, including VPS, domain registration, Git, Golang, and crucial software updates.
Techniques for executing sophisticated phishing attacks, mastering session token decoding, and effective cookie management.
In-depth knowledge of phishing fundamentals, MFA vulnerabilities, and modern enterprise 2FA bypass techniques using Evilginx.

Who is this for?

Students and interns looking for jobs in Cybersecurity

Individuals interested in the technical and ethical aspects of hacking, wishing to contribute positively to cybersecurity.

Working professionals wanting to learn more about cyber attacks

Ideal for cybersecurity enthusiasts and professionals seeking advanced skills in bypassing MFA and understanding MITM attacks.

Ethical hackers, penetration testers, and security consultants looking to expand their expertise in sophisticated phishing methods.

IT security personnel tasked with safeguarding enterprise systems against phishing attacks and understanding attacker psychology.

Business owners & entrepreneurs who want to learn how to protect against modern Phishing & Malware attacks

What You Need to Know?

Basic cybersecurity knowledge and understanding of ethical hacking principles, with an interest in advanced phishing techniques.

Familiarity with network protocols, web technologies, and Linux-based environments, enabling effective engagement with course content.

Commitment to ethical guidelines and legal compliance in cybersecurity practices, understanding the responsibility of hacking skills.

Access to a computer with internet capabilities, suitable for setting up virtual private servers and running complex security tools.

More details

Description
Modern Phishing Mastery: Social Engineering Masterclass takes you on an explorative journey through the ever-evolving landscape of cybersecurity, emphasizing the critical role of enterprise phishing awareness and defense. This course, extensive in content and rich in practical knowledge, is designed to transform beginners into adept cybersecurity practitioners capable of understanding and mitigating sophisticated cyber threats.
At the core of this training is the advanced study of Evilginx â€“ a potent, open-source tool that signifies a paradigm shift in phishing attacks. By circumventing multi-factor authentication, Evilginx enables an attacker to capture sensitive credentials with a finesse that traditional security measures often fail to detect. You'll delve deep into the architecture of Evilginx, learning how it operates as a man-in-the-middle proxy, intercepting communications to seamlessly harvest credentials and session cookies, and thereby bypassing MFA protocols.
The course meticulously unpacks the vulnerabilities of modern MFA systems, challenging the over-reliance on usernames and passwords as defense mechanisms. Through live demonstrations and hands-on workshops, you will master the nuances of Evilgin, and other sophisticated phishing tools, empowering you to craft and execute compelling phishing campaigns that mimic real-world attack scenarios.
You'll learn to apply your skills within authorized environments, ensuring that your expertise contributes constructively to the cybersecurity community. Post-engagement strategies form a crucial part of the course content. You will engage with best practices for the responsible dismantling of phishing setups and thorough reporting of engagement outcomes. By the end of the course, you'll be adept at erasing digital footprints, minimizing attribution risks, and aiding organizations in remediation and fortification against future attacks.
Furthermore, the course anticipates the future of cybersecurity threats and prepares you to stay ahead. By emphasizing the importance of continuous learning and adaptation, it equips you with the mindset and skills to navigate the rapidly changing cyber threat landscape.

Evolution of Phishing: Explore the history and evolution of phishing attacks from basic techniques in the 90s to today's advanced strategies, understanding how they adapt and evolve with modern technology.
In-Depth Study of Evilginx: Gain insights into Evilginx3, a professional open-source tool that effectively bypasses multi-factor authentication (MFA) and captures sensitive data, enhancing your skills in recognizing and countering sophisticated phishing threats.
Vulnerabilities in MFA Systems: Understand the limitations of relying solely on usernames and passwords in current MFA-protected environments, and learn the importance of identifying MFA system vulnerabilities.
Hands-On Phishing Simulations: Participate in practical workshops using tools like Evilginx3 to create and execute convincing phishing campaigns, from email crafting to credential harvesting.
Phishlets and Ethical Hacking: Delve into Phishlets for creating realistic phishing simulations and focus on ethical hacking principles, ensuring the responsible use of acquired skills for defensive purposes for enterprise security.
Post-Engagement Strategies and Future Trends: Learn best practices for concluding phishing operations responsibly and prepare for future cybersecurity challenges with a focus on continuous adaptation and learning.

Post-engagement strategies, including documentation and remediation measures, are covered, equipping you with best practices to responsibly conclude phishing operations. The course prepares you for the future of cybersecurity, focusing on continuous learning to stay ahead of evolving threats.
This course ideal for everyone of all skill levels from complete beginners, interns, students, cybersecurity enthusiasts to IT professionals.
Join us on this transformative educational path and arm yourself with the acumen to tackle sophisticated phishing techniques head-on. Together, we can forge a more secure future in the digital landscape.

Who this course is for:
Students and interns looking for jobs in Cybersecurity
Individuals interested in the technical and ethical aspects of hacking, wishing to contribute positively to cybersecurity.
Working professionals wanting to learn more about cyber attacks
Ideal for cybersecurity enthusiasts and professionals seeking advanced skills in bypassing MFA and understanding MITM attacks.
Ethical hackers, penetration testers, and security consultants looking to expand their expertise in sophisticated phishing methods.
IT security personnel tasked with safeguarding enterprise systems against phishing attacks and understanding attacker psychology.
Business owners & entrepreneurs who want to learn how to protect against modern Phishing & Malware attacks

User Reviews

Rating

average 0

Total votes0

Focused display

Specialized in Security Research and Cybersecurity, with a focus on research operations and the development of innovative security solutions, I bring a wealth of expertise, fueled by next-generation insights on various subjects related to Technology and Cybersecurity. Rencora dot com is where you can find more research about my work and expertise.

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.