Ethical Hacking - Offensive And Defensive Security

Published

Master both offensive and defensive security techniques to protect systems and identify vulnerabilities

4.9
👥 48,300 students
⏱️ 36 hours
🔄 Updated February 2026
🎞️ Subtitle: Tiếng Anh + Tiếng Việt
Security Hacking Cybersecurity 🏆 Bestseller

This course provides a comprehensive introduction to modern cybersecurity and ethical hacking, teaching you how both attackers and defenders operate in real-world environments. Through hands-on labs and practical simulations, you will explore offensive security techniques alongside defensive strategies, gaining a clear understanding of how cyber attacks happen and how organizations detect and respond to them. Designed for beginners and IT professionals alike, the course builds a strong foundation for real cybersecurity careers.

What you'll learn

  • Understand ethical hacking principles and legal frameworks
  • Learn reconnaissance and information gathering techniques
  • Master network scanning and enumeration methods
  • Identify and exploit common vulnerabilities
  • Conduct penetration testing on systems
  • Understand malware analysis and reverse engineering basics
  • Implement defensive security measures
  • Secure networks and systems against attacks
  • Understand cryptography and encryption
  • Develop incident response and recovery strategies

Course content

25 sections 164 lectures 21h 14m total length
1 - Introduction
3 lectures • 17 min
1 - Introduction — Full Plan
2 min
2 - Course Overview
9 min
3 - Ethical Guidelines
5 min
2 - Let's Start with Data Communication(Networking)
7 lectures • 1h 36 min
1 - OSI Model Overview
31 min
2 - PDU's Overview
5 min
3 - TCP and UDP
10 min
4 - Why we need a Port Number
5 min
5 - Network Layer Ip Addressing
10 min
6 - Data Link Layer Explanation
16 min
7 - Ports and protocols Overview
16 min
3 - Lab Setup
4 lectures • 24 min
1 - Installing VirtualBox and Extension
4 min
2 - Installing Kali Linux
5 min
3 - Installing Windows Machine
4 min
4 - Installing Meterpreter Machine
9 min
4 - Network Defense System
3 lectures • 32 min
1 - Firewall, IPS and IDS
9 min
2 - HoneyPot and VPN
19 min
3 - About Network Detection and Response
3 min
5 - Network Based Attacks
4 lectures • 30 min
1 - DOS and DDOS Attack in Practical
11 min
2 - Man In the Middle Attack with ARP Poisoning in Practical
10 min
3 - Packet Sniffing in Practical
4 min
4 - Botnet and Botnet Detections in Practical
3 min
6 - Vulnerability Assessment
5 lectures • 30 min
1 - Overview about Vulnerability Assessment
11 min
2 - Host Discovery Scan
8 min
3 - Complete Network Scan
4 min
4 - Web Application Scan
3 min
5 - Other Scans and conclusion
2 min
7 - Cyber Security Frame Works
2 lectures • 21 min
1 - Cyber Kill chain
8 min
2 - MITRE ATT&CK®
13 min
8 - Endpoint Defense Mechanisms
5 lectures • 1h 37 min
1 - Engines In Protection Platforms
29 min
2 - Endpoint Detection and Response(EDR)
5 min
3 - Working in Microsoft Defender ATP(EDR) live and Complete Exploration.mp4
51 min
4 - Data Loss Prevention(DLP)
2 min
5 - Types of Malwares
8 min
9 - Basic Malware Development
3 lectures • 50 min
1 - Develop a simple Reverse Shell program and hacking windows machine
17 min
2 - Getting Command and Control
16 min
3 - Reverse shell vs Blind Shell
16 min
10 - Let’s Learn More about your Machine
4 lectures • 56 min
1 - What is a Process and Threads
14 min
2 - Create your own dll files, Complete DLL files overview
21 min
3 - API's in Windows and API used for Malware Development
6 min
4 - Log Collections in Windows
12 min
11 - Living Off The Land Binaries, Scripts and Libraries
11 lectures • 1h 8 min
1 - Abusing Rundll32.exe
9 min
2 - Abusing Certutil.exe
5 min
3 - Abusing Mshta.exe
6 min
4 - Abusing Reg.exe
6 min
5 - Abusing Wevutil.exe
4 min
6 - Abusing Cmd.exe
5 min
7 - Abusing WMIC.exe
6 min
8 - Abusing Cscript and Wscript.exe
2 min
9 - Abusing Bitsadmin.exe
10 min
10 - Other Common LOLBAS commonly abused by TA
3 min
11 - Brief Discussion about the Real time Attacks caried out with Lolbas
7 min
12 - Get Into your Enemy Home – Initial Access
11 lectures • 1h 38 min
1 - Staged and Stageless payloads
7 min
2 - Exploiting Jenikins RCE for an Initial Access
6 min
3 - Compromising User Credentials through Phishing Attack
9 min
4 - Compromising Endpoint or Server using Phishing Documents
8 min
5 - Leveraging VPN's for a Initial Access
8 min
6 - Exploiting FTP vulnerability command execution for a Initial Access
14 min
7 - Enable RDP
1 min
8 - Leveraging External Remote Service For a Initial Access
14 min
8 - Leveraging External Remote Service For a Initial Access - RDP initial access
14 min
9 - SQL RCE for an Initial Access
8 min
10 - Supply Chain Attack for Initial Access
4 min

Resources

13 - Malware Development - Intermediate
10 lectures • 1h 20 min
1 - Remote Process Injection Overview
10 min
2 - Remote Process Injection code Development
8 min
3 - Command and Control through Remote Process Injection
7 min
4 - DLL Injection Overview
7 min
5 - DLL injection Code Development
4 min
6 - Command and Control through DLL Injection
11 min
7 - Process Hollowing Overview
6 min
8 - Process Hollowing Code Development
4 min
9 - Command and Control through Process Hollowing
3 min
10 - DLL Hijacking Attack in Practical
15 min

Resources

14 - Delivering Additional Payload in a Target Machine
6 lectures • 46 min
1 - Cobalt Strike Overview
8 min
2 - Payload Decoding
8 min
3 - Delivering Payload using Certutil
6 min
4 - Cobalt strike Script’s and modules Usage’s
6 min
5 - Get more details about the target Machine
12 min
6 - Peer-Peer Listener Activation
4 min
15 - Privilege Escalation by Developing own Malicious code
12 lectures • 1h 47 min
1 - User Access Control Bypassing
13 min
2 - Named Pipe Impersonation Attack Overview
11 min
3 - Named Pipe Impersonation Attack
5 min
4 - Access Token Overview
10 min
5 - Primary Token and Impersonate Token
4 min
6 - Access Token Manipulation Code Development
9 min
7 - Detecting Access Token Manipulation
3 min
9 - Parent PID Spoofing
14 min
10 - SEImpersonatePrivileges and reverse connection using nc
9 min
11 - Unquoted Service Path Exploitation
16 min
12 - Always Install Elevated
3 min
13 - Exploiting Internal Services for a Privilege escalation
3 min

Resources

16 - Credential Access
15 lectures • 1h 3 min
1 - LSASS Ovieview
6 min
2 - Develop your own program to dump LSASS
7 min
3 - Dumping Lsass using Taskmgr
2 min
4 - Dumping Lsass using Comsvc
2 min
5 - Dumping Lsass using Procdump
2 min
6 - Dumping LSASS using NanoDump
1 min
7 - Lsass Dump using LsassReflectDumpingProcess Forking
7 min
8 - Dumping secrets with Mimikatz
6 min
9 - Extract Lsass Dump Informations
3 min
10 - Overview about Data Protection API
2 min
11 - Stealing Browser Username and password
3 min
12 - Credential Access using LaZange
3 min
13 - Wdigest key Modification
4 min
14 - Dumping SAM and System Hives
3 min
15 - Working with pypykatz
4 min

Resources

17 - Persistence Mechanism
8 lectures • 59 min
1 - About Persistence
8 min
2 - Adding the payload to Registry Run key
9 min
3 - Working with Startup Folder
5 min
4 - Adding a WMI Persistence
9 min
5 - Adding New Scheduled task
7 min
6 - Adding New Service’s
6 min
7 - Adding new user account
6 min
8 - Manipulating the User accounts
6 min

Resources

18 - Defense Evasion
13 lectures • 2h 15 min
1 - Bypassing MCAFEE Antivirus using VBS code
10 min
2 - Hooking with Brief Explanation
30 min
3 - Bypassing EDR using Detours API Hooking techniques with Program Development
15 min
4 - Unhooking with Brief Explanation
9 min
5 - Bypassing EDR using Unhooking Hooked ntdll with loading fresh copy of Ntdll
9 min
6 - Kill Defender Registries
2 min
7 - Add Exclusion in Defender
3 min
8 - Antirootkit tool to kill EDR and AV services
6 min
9 - DLL SideLoading Overview
10 min
10 - DLL Creation and Side Loading in Target Application
9 min
11 - Disable Defender using DISM
3 min
12 - Patching AMSI
18 min
13 - Clear Events logs from the machine
4 min
19 - Internal Network Scanning - Discovery
6 lectures • 43 min
1 - Network Discovery using LOLBAS
13 min
2 - Network Scanning with Advanced Ip Scanner Console and GUI
6 min
3 - Network Discovery with Angry IP Scanner
4 min
4 - Network Discovery with Netscan
3 min
5 - Bloodhound and Sharphound
10 min
6 - Incident Response for the Discovery Tools
4 min
20 - Lateral Movement
9 lectures • 42 min
1 - Modify the Target Machine to Enable Guest logon and Disable UAC restriction
4 min
2 - Overview about Impacket Library
6 min
3 - Lateral Movement through Impacket Library PsExec with Investigation
4 min
4 - Lateral Movement with smbExec
9 min
5 - AtExec(TaskScheduler) to Bypass EDR's to get more stealthier
4 min
6 - Enable RDP Terminal for a Lateral Movement
2 min
7 - Modify Firewall rules for a lateral movement
1 min
8 - Adding user to Remote Desktop Group
4 min
9 - Lateral Movement through Windows Remote Management
5 min

Resources

21 - Collection
4 lectures • 16 min
1 - Collecting Sensitive Information from the Machine
5 min
2 - Working with Winrar to archeive file
7 min
3 - Other Third part application used for data collection
1 min
4 - Incident Response For a Collection
1 min
22 - Command and Control
7 lectures • 34 min
1 - Command and Control Through XfreeRDP
4 min
2 - Investigating the RDP Connection on the host
2 min
3 - Anydesk Silent Installation with Grepping AnydeskID remotly
17 min
4 - Get Clear Picture about the Target
2 min
5 - Third Party tools used for a C2C
2 min
6 - Detection rule for the RMM tools
3 min
7 - Response Action for C2C
2 min
23 - Data Exfiltration
6 lectures • 44 min
1 - Configure Rcolne, Mega and Exfiltrate the data 1
12 min
2 - Exfiltrate all the collected data 2
14 min
3 - Stealbit tool for Exfiltration
2 min
4 - Using Mega, Onedrive for Exfiltration
3 min
5 - Investigating Exiltration Data Sent
8 min
6 - Incident Response for Exfiltration
2 min
24 - Impact
5 lectures • 36 min
1 - Shadowcopy deletion using Vssadmin
9 min
2 - Shadowcopy deletion using WMIC
1 min
3 - Safeboot Deletion to make system Unrecoverable
6 min
4 - Ransomware Deployment and Working with WMIC
10 min
5 - Ransomware Installation
8 min
25 - Conclusion
1 lectures • 24 min
1 - Initial Access via Trojan
24 min

Requirements

  • Basic networking knowledge
  • Understanding of operating systems (Windows/Linux)
  • Familiarity with command line
  • Ethical commitment to legal and responsible hacking
  • A computer for lab exercises
  • Willingness to learn security concepts

Ethical Hacking: Offensive & Defensive Security – Master Red Team and Blue Team Cybersecurity

Want to understand cybersecurity from both the attacker’s and defender’s perspective? This course provides a complete, hands-on pathway into modern ethical hacking and cyber defense, teaching you how real cyber attacks happen — and how professionals detect, investigate, and stop them.

Ethical Hacking: Offensive and Defensive Security is a comprehensive cybersecurity training program covering networking fundamentals, penetration testing, malware development, privilege escalation, defense evasion, and incident response. Designed for beginners and professionals alike, the course prepares you for real-world cybersecurity roles by combining Red Team (offensive security) and Blue Team (defensive security) skills in one unified learning experience.

Courses in Database category if you are interested:

Courses in Networking category if you are interested:

Courses in Game development category if you are interested:

Courses in Hacking may be you interested:

What You Will Learn

Networking & Cybersecurity Foundations

Build strong technical fundamentals required for ethical hacking:

  • OSI model and network communication
  • TCP vs UDP protocols
  • IP addressing, ports, and services
  • Network architecture and data flow concepts

You will understand how attackers exploit networks — starting from the basics.

Ethical Hacking Lab Setup

Create your own professional cybersecurity lab environment:

  • VirtualBox configuration
  • Kali Linux setup
  • Windows attack environments
  • Safe testing infrastructure for experiments

This allows you to practice real attacks without risk.

Offensive Security – Red Team Operations

Learn how attackers operate in real-world environments.

Malware Development & Exploitation

  • Build reverse shells and command & control payloads
  • DLL injection and process hollowing
  • Process injection and stealth techniques
  • Payload delivery using tools like Cobalt Strike and Certutil

Privilege Escalation Techniques

  • UAC bypass methods
  • Token manipulation
  • Named pipe impersonation
  • Service exploitation strategies

Credential Access & Persistence

  • Dump LSASS memory and SAM credentials
  • Use Mimikatz, Pypykatz, and LaZagne
  • Create persistence via registry keys, WMI, startup folders, and scheduled tasks

Defense Evasion

  • Antivirus and EDR bypass techniques
  • AMSI patching and API hooking
  • DLL sideloading and stealth execution methods

Defensive Security – Blue Team & Incident Response

Learn how defenders detect and respond to attacks.

Threat Detection & Investigation

  • Analyze logs and endpoint activity
  • Investigate intrusions using Microsoft Defender ATP (EDR)
  • Understand endpoint protection and DLP systems

Incident Response & Threat Mitigation

  • Identify command & control activity
  • Detect lateral movement and RDP abuse
  • Respond to ransomware attacks
  • Recovery techniques and system restoration

Tools & Technologies Covered

Gain experience with industry-standard cybersecurity tools:

  • Kali Linux
  • Wireshark
  • Nmap
  • Metasploit
  • Cobalt Strike
  • BloodHound & SharpHound
  • Impacket
  • Angry IP Scanner
  • Windows LOLBAS utilities (Certutil, Rundll32, WMIC, Bitsadmin, etc.)

You will also work with scripting and custom code for both attack and defense scenarios.

Course Structure

  • 25 in-depth modules
  • 170+ hands-on lectures
  • Real-time demonstrations and simulations
  • Code walkthroughs and practical labs
  • Resources for continued cybersecurity learning

The course integrates Offensive Security, Defensive Security, and Digital Forensics & Incident Response (DFIR) into one learning path.

By the End of This Course, You Will

  • Build and manage your own ethical hacking lab
  • Develop malware safely in isolated environments
  • Perform penetration testing and post-exploitation
  • Detect and respond to cyber attacks
  • Understand attacker tactics from initial access to data exfiltration
  • Prepare for real cybersecurity job roles

Who This Course Is For

  • Aspiring ethical hackers and cybersecurity students
  • SOC analysts and incident response professionals
  • Penetration testers improving post-exploitation skills
  • IT professionals transitioning into cybersecurity
  • Learners preparing for certifications like CEH or CompTIA Security+

Prerequisites

  • Basic computer knowledge
  • Familiarity with Windows or Linux
  • No coding experience required (step-by-step guidance included)

Why This Course Matters

Modern cybersecurity professionals must understand both sides of cyber warfare. Knowing how attackers think allows defenders to build stronger systems and respond effectively to threats.

This course helps you become a complete cybersecurity professional — capable of attacking ethically, defending strategically, and responding to real-world incidents.

If you’re ready to master ethical hacking, cyber defense, and real-world security operations

👉 Enroll now and start mastering Offensive and Defensive Cybersecurity today.

Frequently Asked Questions

What is the Ethical Hacking: Offensive & Defensive Security course about?

This course provides comprehensive cybersecurity training covering both offensive security (Red Team) and defensive security (Blue Team), teaching how attacks work and how to detect and defend against them.

Who is this ethical hacking course designed for?

The course is suitable for beginners in cybersecurity, IT professionals transitioning to security roles, penetration testers, SOC analysts, and students preparing for cybersecurity careers.

Do I need prior cybersecurity experience?

No advanced experience is required. Basic computer knowledge and familiarity with Windows or Linux are sufficient to start.

What networking fundamentals will I learn?

You will learn OSI model concepts, TCP vs UDP communication, IP addressing, ports, protocols, and how data moves across networks from a security perspective.

Will I set up an ethical hacking lab?

Yes. You will create a safe virtual lab using VirtualBox, Kali Linux, and Windows environments for practicing attacks and defenses without real-world risks.

What offensive security topics are covered?

You will learn malware development concepts, reverse shells, command-and-control payloads, privilege escalation techniques, credential access, persistence methods, and defense evasion techniques.

Will I learn privilege escalation techniques?

Yes. The course covers UAC bypass, token manipulation, named pipe impersonation, and service exploitation methods used in penetration testing.

What defensive security skills will I gain?

You will learn incident detection, log analysis, endpoint monitoring, threat investigation using Microsoft Defender ATP, and data loss prevention strategies.

Does the course include incident response training?

Yes. You will learn to detect command-and-control traffic, analyze lateral movement, respond to ransomware incidents, and perform system recovery procedures.

What cybersecurity tools are included in the course?

You will work with Kali Linux, Wireshark, Nmap, Metasploit, Cobalt Strike, BloodHound, Impacket, Angry IP Scanner, and various Windows LOLBAS utilities.

Will this course help prepare for cybersecurity certifications?

Yes. The content supports preparation for certifications such as CEH and CompTIA Security+.

What will I achieve after completing the course?

You will be able to build a personal ethical hacking lab, perform penetration testing, analyze cyber attacks, and apply both offensive and defensive security techniques professionally.

About the Instructor

Ajay Ravichandran

Ajay Ravichandran

Certified Ethical Hacker & Security Expert

4.9 Rating
👥 52,000 Students
📚 22 Courses

Experienced cybersecurity professional with certifications in ethical hacking and penetration testing. Has worked on securing enterprise systems and training security professionals for over a decade.

Course preview
4.9
👥48,300 students
⏱️36 hours

This course includes:

  • 🎥On-demand video
  • 📥Downloadable resources
  • 📱Access on mobile and TV
  • ♾️Full lifetime access
  • 🏆Certificate of completion