Benny's Hub About Cyber Security: [infosecinstitute] CODENAME: Samurai Skills – An Incredible Course to Start Learning Pentesting

CODENAME: Samurai Skills Course is a new starter course for beginners who want to learn ethical hacking, penetration testing, and information security with real access to their very own penetration testing lab which has over 20 targets that are waiting to be pwned and attacked. You can connect through their online penetration testing lab using VPN and the credentials that they will give you, and then you can start hacking right away for specific targets. New to hacking? No need to worry, the course comes with 17 hour High-Definition hands-on penetration testing videos for you to study!

This course is authored by Mohamed Ramadan, a security researcher and a hacker from Egypt who has been acknowledged and credited by Google, Facebook, Twitter, Microsoft, Apple, Adobe, Nokia, AT&T, RedHat, SoundCloud, GitHub, Etsy, Nokia Siemens, Zynga, and Constant Contact for his responsible disclosures. He is also listed in SoldierX’s Hacker Database:http://www.soldierx.com/hdb/Mohamed-Ramadan and has contributed an article entitled How Hackers Target and Hack Your Site to Infosec Institute.

If you have read Mohamed Ramadan’s article on the Infosec Institute site and have reflected upon it, then let me share some facts about that article. The article somehow encompasses some of the modules of the CODENAME: Samurai Skills Course, and the methodology presented in the article can be learned from the course, but that article is only the tip of the iceberg! Here are some of the benefits of the course-ware as marketed by Attack-Secure.com, which is the provider of the said course:

- Gather Information Intelligence
- Find Web Applications and Systems Security Vulnerabilities
- Scan Your Target Stealthy
- Exploit Web applications and System Vulnerabilities
- Real World Client Side Attacks
- Tactical Post Exploitation on Windows and Linux Systems
- Develop Windows Exploits
- Ask and we will answer your questions within 24 hours
- 17 hours HD hands-on penetration testing videos
- Attack over 20 REAL WORLD Targets (Linux, Windows, BSD)
- You will have FUN
- Use the most powerful tools

Still not satisfied? Check out the course outline:

Module 1: Solid Introduction to Penetration Testing

Module one is a general introduction to the essence and importance of penetration testing. It gives an overview to students and starts the overall processes of penetration testing, which are Reconnaissance, Scanning, Exploitation and Reporting. It also talks about the goals of the course and the things you can learn from the course. From this module you can clearly understand and learn the difference between penetration testing and vulnerability assessment, a vulnerability and an exploit, the types of vulnerabilities and exploits, source for exploits and tools for penetration testers, vulnerability research sources for penetration testers, commercial tools for penetration testers, penetration testing methodologies, and penetration test reports.

Module 2: Real World Information Intelligence Techniques

Module two teaches the students the importance of information gathering and how it is conducted. It gives you an overview on how to perform reconnaissance and system enumeration in order to know the target very well, for example, target discovery, IP address, subdomains, server type, PHP version, Apache version, IP address Geolocation, CMS (content management system), DNS records, and the emails of the target or the company. You will get to know the power of social media, search engines, and some OSINT (Open-Source Intelligence) tools in this module. What I also like about this module is the demonstration of file analysis, website mirroring and the clear description about the phases of recon.

This is a module that focuses mainly on Intelligence Gathering Methodology as used by penetration testers.

Module 3: Scanning and Vulnerability Assessment

In this module you will get to know free and open-source tools used by penetration testers to conduct scanning and vulnerability assessment. Here is the summary of this module based on the course description:

- Packet Crafting and Manipulating with Scapy
- Port scanning with Scapy
- Network Enumeration and Mapping
- Network scanning
- Port Scanning (TCP Connect Scanning, TCP Half-Open / SYN Scan, TCP ACK Scan)
- Fingerprinting Host Operating Systems
- Enumerating SNMP
- Service Fingerprinting
- Network Enumeration Considerations
- Vulnerability Identification and Assessment
- Vulnerability Identification Methods
- Evasion and Avoidance Techniques
- Evading Detection During Network Scanning and Enumeration

Module 4: Network Attacking Techniques

Module four deals with network password attacking and cracking and MITM (man in the middle) attacks.

For network password cracking, known online password cracking or brute-force password grinding tools will be enumerated here: THC-Hydra, Medusa and Ncrack.

For man in the middle attacks, walkthroughs on ARP (Address Resolution Protocol) spoofing and common MITM tools will be emphasized here, like ARP poisoning the internal network, sniffing passwords in the internal network using Ettercap andWireshark, sniffing SSL traffic in the internal network, and sniffing remote desktop protocol usernames and passwords.

Module 5: Windows – Unix Attacking Techniques

This module is divided into two sub-topics: Windows and Unix attacking techniques and the overviews.

Under Windows, it is all about ‘Windows Security Overview for Penetration Testers’ wherein operating system versions Windows 2000, Windows XP, Windows XP Service Pack 2, Windows Server 2003, Windows Vista, Windows 2008, and Windows 7 will be given an introductory overview for the first ten slides of the video and then the vulnerability types of the said operating system. After that, exploitation of the said vulnerabilities will be discussed.

Under Unix, it will deal with ‘Unix Security Overview for Penetration Testers’ wherein you will be introduced to Unix’s file structure, file permissions, services, logging, password storage, users, file format, password salting, directory services, authentication mechanisms, etc. After the overview of Unix, the demonstration of attacking Unix follows!

Module 6: Windows – Unix Post-exploitation Techniques

Module six will deal with post exploitation techniques, which is the next step after attacking Unix or Windows, including privilege escalation in order to have higher administrative accesses or to become the super user (root), meterpreter session, acquiring situational awareness for both Unix and Windows, etc. What’s good about this module is that it emphasizes meterpreter commands clearly. Lastly, it also discusses data mining in its last slides.

Module 7: Web Exploitation Techniques

Module six starts with the description of what a web application is, scanning and mapping web applications (gathering more information and intelligence about the target) and how to start to look for vulnerabilities for you to exploit and attack. Demonstration of common web application attacks will be shown like SQL (Structured Query Language) Injection or SQLI, Blind SQL Injection, File Upload Vulnerabilities, Remote File Inclusion, Local File Inclusion, Command Injection, Reflected XSS (Cross Site Scripting), Stored XSS, and CSRF (Cross Site Request Forgery).

This module is the longest of all the video modules because the demonstrations do not stop with just how to exploit a certain vulnerability but on how to pwn the target till the fourth of dawn or should I say exploit it in order to have full system access (Rape! Rape! Rape! RAWR!).

If you are into web bug hunting, then I say this course is for you because of this module. It is totally cool and unique!

Module 8: Windows Exploit Development

Module eight is a newbie’s guide to Windows exploit development wherein memory corruption, memory corruption classes and memory corruption exploits will be first introduced in the video. After the introduction to exploit development, you will also be guided on how to setup your very own lab in order to start writing exploits, begin fuzzing, and debugging. In the last part of the video, a demonstration on how to generate a Metasploit exploit will also be presented.

Additional Information

Unlike other courses out there, CODENAME: Samurai Skills Course has no negative feedback yet, because of the quality tutorials and demonstrations of the videos in the course, and it has no known plagiarized modules yet because it is not included in attrition.org. So far, most reviews that I have read about this course are mostly praises. Point me to a negative review if you have ever seen one!

I give this course a score of 9.5 out of 10. Why not a perfect score? It’s because of the the middle eastern accent of the course author while he is reading the modules wherein sometimes I have a hard time understanding what he is saying while he is reading the slides of each module so I need to use the external speakers aside from my laptop’s built-in speakers in order to hear it clearly, but you don’t need to worry about this because the slides will be shown in the video. What matters most is the quality demonstrations, proof of concepts, and presentations in the video! Forgive me for being too harsh, I’m not a racist and I’m just fine with the accent but it does need some improvement though – I know that I am very straight-forward person :).

For more information about the price of this course just refer to this link. I highly recommend this course for those who really like to learn ethical hacking and penetration testing. Too expensive or you don’t have enough money yet? Well today is your lucky day! Attack-Secure is offering a Whitehat Bug Bounty Program wherein the first researcher or bug hunter to report a certain security bug like XSS, CSRF, SQL Injection, Content Spoofing, RCE, LFI, etc. on their website will be rewarded with CODENAME: Samurai Skills Course + 30 days lab access + AS|PT Certification and a Hall of Fame. The reason why I got this course for free is because of my responsible disclosure. Below is my acknowledgement from Attack-Secure: