Web Security, Social Engineering & External Attacks

Packt via Coursera

Go to class Write review

Overview

Coursera Flash Sale

40% Off Coursera Plus for 3 Months!

Grab it

Updated in May 2025. This course now features Coursera Coach! A smarter way to learn with interactive, real-time conversations that help you test your knowledge, challenge assumptions, and deepen your understanding as you progress through the course. This course offers an in-depth exploration of web security, social engineering, and external attacks. Through a combination of theoretical knowledge and hands-on practice, learners will gain the skills necessary to secure web applications, conduct ethical hacking, and understand the techniques used by attackers to exploit system vulnerabilities. By mastering tools like msfvenom, Beef, and social engineering tactics, students will develop expertise in identifying and defending against common security threats. The course begins with an overview of user-targeted attacks, covering techniques like creating backdoors, capturing screenshots, and using tools such as msfvenom for payload generation. You’ll learn how to stealthily execute attacks, ensuring you can bypass antivirus software and gain unauthorized access to systems. Following this, social engineering tactics, including phishing, malware, and Trojan use, are explored to help you understand the psychological manipulation behind successful cyberattacks. Real-world scenarios show how attackers can exploit human behavior to gain access to sensitive information. The course then shifts focus to external network attacks, teaching students how to execute attacks over the internet using tunneling services, msfvenom payloads, and external backdoors. With a focus on web-based exploits, learners will also be introduced to the powerful Beef framework for orchestrating attacks through fake websites. Understanding how to defend against these threats is key, and the course provides essential best practices for protecting against social engineering, XSS attacks, and vulnerabilities like file uploads and code execution. This course is designed for beginners to intermediate-level cybersecurity enthusiasts, penetration testers, and IT professionals seeking to expand their knowledge of web security. There are no strict prerequisites, but familiarity with basic networking and security concepts will be beneficial. The course includes a mix of theory and practical exercises to give you the real-world skills you need.

Syllabus

Attacks On Users

In this module, we will focus on user-targeted attacks, showing you how ethical hackers exploit vulnerabilities in users’ systems. You'll explore powerful tools like msfvenom and FatRat for creating backdoors and maintaining stealthy, long-term access to compromised systems.

Social Engineering

In this module, we will dive into social engineering attacks and how they exploit human behavior. We’ll cover tools and strategies used by ethical hackers to manipulate targets, and discuss methods for preventing these attacks, including phishing and malware detection.

Social Media Security

In this module, we will emphasize the importance of securing social media accounts from cyber threats. We will explore phishing tactics on platforms like Instagram and provide strategies for defending against these attacks and securing your personal and corporate profiles.

Beef

In this module, we will introduce Beef, an essential tool for ethical hackers. We’ll guide you through its functionalities, demonstrating how to use it for web-based attacks like hooking targets and stealing passwords, and offer strategies for defending against these attacks.

External Network Attacks

In this module, we will focus on external network attacks and the methods used by ethical hackers to exploit remote systems. You will explore tunneling services, backdoors, and various penetration testing tools, equipping you to conduct effective network penetration tests.

Fake Game Website Attacks

In this module, we will explore the use of fake game websites for social engineering and web-based attacks. You’ll learn how to create these sites, integrate them with tools like Beef, and protect yourself from falling victim to these types of attacks.

Post Hacking Sessions

In this module, we will focus on the critical post-hacking steps necessary for managing access and gathering data from compromised systems. You will learn about Meterpreter sessions, keyloggers, and maintaining stealth for long-term control of compromised systems.

Hacker Methodology

In this module, we will introduce the hacker methodology, a step-by-step approach used in ethical hacking. You will learn how to conduct thorough assessments and understand the ethical framework that guides responsible penetration testing.

Website Reconnaissance

In this module, we will cover website reconnaissance techniques, focusing on gathering critical information through tools like Maltego and Netcraft. You will explore DNS, Whois, and subdomain analysis to identify vulnerabilities in web applications.

Website Pentesting

In this module, we will focus on website penetration testing, guiding you through techniques like exploiting code execution vulnerabilities and uploading malicious files. You will also learn how to execute reverse TCP commands and file inclusion attacks to compromise web servers.

Cross Site Scripting

In this module, we will explore Cross Site Scripting (XSS) attacks and demonstrate how they can be exploited in real-world scenarios. You will also learn best practices for preventing XSS vulnerabilities and protecting web applications from this common attack.