Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Coursera

Hands-on Hacking

Packt via Coursera

Go to class Write review

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Updated in May 2025. This course now features Coursera Coach! A smarter way to learn with interactive, real-time conversations that help you test your knowledge, challenge assumptions, and deepen your understanding as you progress through the course. Get ready to level up your ethical hacking skills with Hands-on Hacking, a highly practical course designed to sharpen your penetration testing capabilities across real-world scenarios. From reconnaissance and vulnerability discovery to privilege escalation and exploit development, this course offers an immersive journey through the full spectrum of offensive cybersecurity tactics. By the end, you’ll confidently navigate through complex systems, uncover security gaps, and simulate advanced attack techniques. The course begins with foundational exercises on system scanning, enumeration, and initial access, moving through scenarios involving HTTPS traffic decryption, Burp Suite proxying, and exploiting web services like Apache Tomcat. Each section builds progressively, reinforcing your knowledge through CTF-style vulnerable machines, including GoldenEye, Bob, and Misdirection. You'll learn to think like a hacker, building your technical and investigative instincts. Next, dive deep into custom exploit development using fuzzing, buffer overflows, and payload crafting, followed by multi-stage hacking environments like WinterMute. These scenarios test your pivoting skills, privilege escalation methods, and real-time adaptation to layered defenses. You'll even tackle Windows AD systems, jail shell escapes, and SQL server exploits, gaining versatility across platforms. This course is ideal for aspiring penetration testers, red teamers, and cybersecurity enthusiasts with a basic understanding of networking and Linux. Some experience with command-line interfaces and scripting (like Python or Bash) is recommended. The course is intermediate level and balances guided instruction with self-driven challenge.

Syllabus

  • Breach
    • In this module, we will explore a full attack lifecycle against a target system, starting with reconnaissance and ending with full administrative access. You’ll use tools like Burp Suite and Wireshark to analyze encrypted traffic, uncover hidden vulnerabilities, and exploit misconfigured services. The journey includes both horizontal and vertical privilege escalation to achieve total system compromise.
  • GoldenEye
    • In this module, we will take on the GoldenEye vulnerable VM to strengthen your offensive security skills. You'll work through advanced enumeration techniques across web and email services to uncover credentials and vulnerable software. From initial access to full root shell, this module builds your skillset for real-world penetration testing scenarios.
  • Bob
    • In this module, we will target the vulnerable Bob VM to walk through the process of system compromise. You’ll analyze web application behavior, test for injection flaws, and exploit vulnerabilities to gain shell access. Then, through creative privilege escalation, you’ll achieve root access—using both standard and alternate methods for maximum learning.
  • Exploit Development
    • In this module, we will transition from exploitation to exploit development. You’ll learn how to build exploits from scratch by fuzzing for vulnerabilities, manipulating buffer offsets, and avoiding bad characters. The journey concludes with the development of a custom shellcode to gain remote access, reinforcing your understanding of memory manipulation and code execution.
  • Misdirection
    • In this module, we will navigate the misdirection-filled terrain of a specially crafted VM. You’ll enhance your reconnaissance and enumeration skills while exploring multiple web apps and navigating false leads. After gaining access, you'll apply privilege escalation methods and look for alternate paths to root access, mimicking a thorough real-world assessment.
  • WinterMute
    • In this module, we will take on a dual-VM challenge involving Straylight and Neuromancer. You’ll perform advanced enumeration, exploit LFI and email servers, and then pivot through port forwarding to access and compromise a second system. You'll wrap up with privilege escalation techniques, learning to chain attacks across multiple targets.
  • Windows Systems: Basic
    • In this module, we will focus on Windows environments—particularly Active Directory systems. You’ll scan networks, exploit weak configurations, and access services such as MS-SQL using compromised credentials. This section strengthens your understanding of Windows privilege escalation and post-exploitation tactics.
  • FunBox2
    • In this module, we will tackle the FunBox2 VM to showcase real-world exploitation techniques. You’ll use enumeration skills to uncover a weak password, escape from a jailed shell, and then escalate privileges by uncovering sensitive information. The module offers a practical look into the nuances of post-exploitation.

Taught by

Packt - Course Instructors

Reviews

Start your review of Hands-on Hacking

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.