A comprehensive, hands-on learning path from absolute zero to job-ready ethical hacker.
Certified Ethical Hacking I is a complete curriculum designed to take someone with no prior security experience through the entire penetration testing methodology and beyond. By the end, you'll have the skills to perform professional security assessments across networks, web applications, cloud environments, mobile platforms, and more.
This course emphasizes:
- Hands-on practice over theory memorization
- Ethical foundations before technical skills
- Professional methodology from day one
- Real-world applicability in every lesson
- Comprehensive coverage of modern attack surfaces
"You cannot effectively attack systems you don't understand."
This curriculum builds knowledge layer by layer:
- Legal and ethical foundations first — Understand the rules before you play
- Networking fundamentals — Know how data travels before intercepting it
- Reconnaissance — Find targets before attacking them
- Scanning and enumeration — Understand systems before exploiting them
- Exploitation — Apply knowledge systematically
- Post-exploitation — Demonstrate real impact
- Advanced domains — Cloud, mobile, IoT, wireless, and more
- Professional practice — Report findings that drive change
| Metric | Value |
|---|---|
| Total Stages | 17 (including overview) |
| Estimated Hours | 500-600 |
| Hands-on Exercises | 100+ |
| Python Code Examples | 50+ |
| Assessment Types | Written + Practical |
| Final Project | Complete Penetration Test + Report |
| Stage | Title | Description | Hours |
|---|---|---|---|
| 00 | Course Overview & Foundations | Lab setup, methodology intro, legal framework | 15-20 |
| 01 | Ethical Hacking Fundamentals | CFAA, authorization, ROE, ethics, first engagement | 25-35 |
| 02 | Networking for Pen Testers | OSI/TCP-IP, protocols, Wireshark, services | 30-40 |
| Stage | Title | Description | Hours |
|---|---|---|---|
| 03 | Reconnaissance | OSINT, Google dorking, DNS, subdomains, email harvesting | 35-45 |
| 04 | Scanning & Enumeration | Nmap mastery, NSE, service enumeration | 40-50 |
| 05 | Vulnerability Analysis | CVE/CVSS, scanners, validation, prioritization | 25-35 |
| Stage | Title | Description | Hours |
|---|---|---|---|
| 06 | System Hacking | Password attacks, hash cracking, privilege escalation | 35-40 |
| 07 | Web Application Security | OWASP Top 10, Burp Suite, SQLi, XSS | 40-50 |
| 08 | Exploitation Fundamentals | Metasploit, payloads, shells, Meterpreter | 35-45 |
| Stage | Title | Description | Hours |
|---|---|---|---|
| 09 | Post-Exploitation | Persistence, credentials, lateral movement, pivoting | 25-35 |
| 10 | Sniffing & Evasion | Traffic analysis, MITM, AV evasion, IDS bypass | 35-45 |
| 11 | Wireless Network Hacking | WiFi security, WPA/WPA2/WPA3, rogue APs, wireless attacks | 30-40 |
| Stage | Title | Description | Hours |
|---|---|---|---|
| 12 | Mobile & IoT Security | Android/iOS testing, firmware analysis, BLE, MQTT | 35-45 |
| 13 | Cloud Security | AWS/Azure/GCP, misconfigurations, container security, K8s | 30-40 |
| 14 | Cryptography Fundamentals | Symmetric/asymmetric, hashing, PKI, TLS, crypto attacks | 25-35 |
| 15 | Malware Analysis & Attack Vectors | Static/dynamic analysis, YARA, phishing, exploit concepts | 30-35 |
| Stage | Title | Description | Hours |
|---|---|---|---|
| 16 | Social Engineering & Physical Security | OSINT, phishing campaigns, vishing, physical assessments | 25-30 |
| 17 | Professional Practice | Reporting, communication, career prep, capstone project | 30-40 |
This curriculum prepares you for major industry certifications:
| Certification | Coverage | Notes |
|---|---|---|
| CompTIA PenTest+ | ~90% | Primary alignment target |
| eLearnSecurity eJPT | ~95% | Excellent first certification |
| EC-Council CEH | ~85% | Theoretical + practical |
| CompTIA CySA+ | ~70% | Defense-focused portions |
| Offensive Security OSCP | ~70% | Strong foundation for future study |
| AWS Security Specialty | ~40% | Cloud security module |
| GIAC GMOB | ~50% | Mobile security module |
⚠️ Certification objectives change. Always verify current requirements at official vendor websites.
theHarvester · Maltego · Recon-ng · Shodan · Amass · Sublist3r · dnsrecon · SpiderFoot
Nmap · Masscan · Nikto · Gobuster · enum4linux · smbclient · snmpwalk · Nessus
Metasploit · Msfvenom · Burp Suite · SQLMap · Hydra · Netcat · searchsploit
John the Ripper · Hashcat · CeWL · Crunch · Mimikatz
Meterpreter · LinPEAS · WinPEAS · Mimikatz · BloodHound · Covenant · Empire
Aircrack-ng · Wireshark · Kismet · Wifite · hcxtools · Bettercap · hostapd-wpe
APKTool · jadx · Frida · Objection · MobSF · binwalk · Firmwalker · MQTT tools
Prowler · ScoutSuite · Pacu · CloudSploit · kube-hunter · Trivy · AzureHound
YARA · Ghidra · x64dbg · Process Monitor · PEStudio · Cuckoo Sandbox · oletools
Gophish · SET (Social Engineering Toolkit) · King Phisher · Evilginx2 · Proxmark3
This course uses an isolated virtual lab for safe, legal practice:
- Host Machine: 16GB+ RAM, 200GB+ storage, virtualization support
- Hypervisor: VirtualBox (free) or VMware
- Attack Machine: Kali Linux (latest)
- Target Machines: Metasploitable 2, DVWA, Vulnerable VMs
┌─────────────────────────────────────────────────────────┐
│ ISOLATED LAB NETWORK │
│ (Host-Only Network) │
├─────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────┐ ┌─────────────────────────┐ │
│ │ Kali Linux │◄───────►│ Target Machines │ │
│ │ (Attack) │ │ • Metasploitable 2 │ │
│ │192.168.56.X │ │ • DVWA │ │
│ └─────────────┘ │ • Vulnerable VMs │ │
│ │ 192.168.56.100+ │ │
│ └─────────────────────────┘ │
│ │
│ ⛔ NO INTERNET CONNECTION ⛔ │
│ │
└─────────────────────────────────────────────────────────┘
- Wireless: USB WiFi adapter with monitor mode support
- Mobile: Android emulator or test device
- Cloud: AWS/Azure/GCP free tier accounts
- IoT: Sample firmware images, optional hardware
# Clone the repository
git clone https://github.com/P0GL0L/EthicalHacking_1.git
# Navigate to the course
cd EthicalHacking_1
# Start with Stage 00
cat course_material/Stage_00_Course_Overview_and_Foundations.md
# Set up your lab environment following the instructions
# Then proceed through each stage sequentially- Computer: Capable of running 2+ virtual machines simultaneously
- Time: 10-15 hours per week recommended
- Mindset: Patience, curiosity, and ethical commitment
- Prior security experience
- Programming knowledge (helpful but taught as needed)
- Networking certifications
- Previous Linux experience
This course starts from absolute zero.
⚠️ IMPORTANT: READ BEFORE PROCEEDING ⚠️
This course teaches offensive security techniques that can cause
real damage if misused. You MUST agree to the following:
1. Only test systems you OWN or have WRITTEN PERMISSION to test
2. Never use these skills for unauthorized access
3. Understand that unauthorized hacking is a CRIMINAL OFFENSE
4. Report vulnerabilities responsibly if discovered
5. Maintain professional ethics at all times
The authors are not responsible for misuse of this material.
By using this course, you accept full responsibility for your actions.
EthicalHacking_1/
├── README.md # This file
├── CURRICULUM_INDEX.md # Complete curriculum roadmap
├── docs/
│ └── index.html # Web landing page
│
└── course_material/
│
├── # Phase 1: Foundation
├── Stage_00_Course_Overview_and_Foundations.md
├── Stage_01_Ethical_Hacking_Fundamentals.md
├── Stage_02_Networking_Fundamentals.md
│
├── # Phase 2: Discovery
├── Stage_03_Reconnaissance_Information_Gathering.md
├── Stage_04_Scanning_Enumeration.md
├── Stage_05_Vulnerability_Analysis.md
│
├── # Phase 3: Exploitation
├── Stage_06_System_Hacking.md
├── Stage_07_Web_Application_Security.md
├── Stage_08_Exploitation_Fundamentals.md
│
├── # Phase 4: Advanced Operations
├── Stage_09_Post_Exploitation.md
├── Stage_10_Sniffing_Evasion.md
├── Stage_11_Wireless_Hacking.md
│
├── # Phase 5: Specialized Domains
├── Stage_12_Mobile_IoT_Security.md
├── Stage_13_Cloud_Security.md
├── Stage_14_Cryptography.md
├── Stage_15_Malware_Attack_Vectors.md
│
└── # Phase 6: Professional
├── Stage_16_Social_Engineering.md
└── Stage_17_Professional_Practice.md
- Clear objectives — Know what you'll learn
- Conceptual explanations — Understand the "why"
- Hands-on exercises — Build practical skills
- Python code examples — Automate and understand tools
- ASCII diagrams — Visualize concepts
- Cheat sheets — Quick reference guides
- Written assessments — Test understanding
- Practical assessments — Prove capability
- Completion checklists — Track progress
- Read the conceptual material thoroughly
- Type all commands (don't copy-paste)
- Run the Python examples and understand them
- Document as you go
- Complete all exercises before advancing
- Review notes at session end
- Commit your work regularly
┌─────────────────────────┐
│ PROFESSIONAL │
│ Stage 16-17 │
│ Social Eng, Reports │
└───────────┬─────────────┘
│
┌───────────────────────────┼───────────────────────────┐
│ │ │
┌─────────┴─────────┐ ┌───────────┴───────────┐ ┌─────────┴─────────┐
│ SPECIALIZED │ │ SPECIALIZED │ │ SPECIALIZED │
│ Stage 12 │ │ Stage 13-14 │ │ Stage 15 │
│ Mobile & IoT │ │ Cloud & Crypto │ │ Malware Analysis │
└─────────┬─────────┘ └───────────┬───────────┘ └─────────┬─────────┘
│ │ │
└───────────────────────────┼───────────────────────────┘
│
┌───────────┴───────────┐
│ ADVANCED OPERATIONS │
│ Stage 09-11 │
│ Post-Exploit, Sniff, │
│ Wireless │
└───────────┬───────────┘
│
┌───────────┴───────────┐
│ EXPLOITATION │
│ Stage 06-08 │
│ Systems, Web, Tools │
└───────────┬───────────┘
│
┌───────────┴───────────┐
│ DISCOVERY │
│ Stage 03-05 │
│ Recon, Scan, Vuln │
└───────────┬───────────┘
│
┌───────────┴───────────┐
│ FOUNDATION │
│ Stage 00-02 │
│ Ethics, Networking │
└───────────────────────┘
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch
- Submit a pull request with clear description
Focus areas for contribution:
- Typo and error corrections
- Additional exercises
- Tool updates
- Clarity improvements
- New lab scenarios
This work is licensed under Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0).
You are free to:
- Share — Copy and redistribute in any medium or format
- Adapt — Remix, transform, and build upon the material
Under the following terms:
- Attribution — Give appropriate credit
- NonCommercial — Not for commercial purposes
- ShareAlike — Distribute under the same license
- The cybersecurity community for shared knowledge
- Open-source tool developers
- Offensive Security, EC-Council, CompTIA for certification frameworks
- OWASP for web security standards
- PTES for penetration testing methodology
- MITRE ATT&CK for adversary tactics and techniques
Learn Ethically • Practice Safely • Protect Systems
Remember: With great power comes great responsibility.
📧 Questions? Issues? Open a GitHub issue or contribute directly!