Free Online Course · Self-paced

Ethical Hacking & Penetration Testing Tutorial (Hands-On)

Free, hands-on ethical hacking and penetration testing tutorial - lab setup, reconnaissance, password cracking, phishing, web/mobile pentesting, MITM attacks, and exploitation frameworks. 80+ practical lessons.

  • 90 parts
  • ~551 min total
  • Beginner to Advanced
  • Updated May 2026
Start the course View syllabus
Ethical Hacking & Penetration Testing Tutorial (Hands-On)
By Last updated

Disclaimer: every technique in this tutorial is presented for authorized testing, defensive research, and education in controlled environments. Never run these against systems you do not own or have explicit, written permission to test - laws in most jurisdictions treat unauthorized access as a criminal offense regardless of intent.

This tutorial is built for people who want to learn offensive security the way it is actually practiced: a real lab, real tools, and real attack chains. We start with lab setup (multiple Kali distros, Metasploitable targets, VPN/proxy isolation), then walk through the full kill chain - reconnaissance, vulnerability scanning, password cracking, phishing, web/mobile/wireless attacks, exploitation, and post-exploitation forensics.

Every chapter is a self-contained module, but if you are new to penetration testing the order matters: lab setup first, then reconnaissance, then attacks, then forensics. Click Start the course to begin with the lab chapter. If you are preparing for CompTIA PenTest+ PT0-002, also check the dedicated PenTest+ track at /comptia-pentest-pt0-002-exam-dumps/.

What you'll learn

  • Set up a fully-isolated penetration testing lab on any host OS
  • Run reconnaissance and OSINT using industry-standard tools
  • Crack passwords, run brute-force attacks, and generate custom wordlists
  • Launch and analyze phishing campaigns ethically (red-team training)
  • Pentest web applications, mobile apps, and wireless networks
  • Use Metasploit, BeEF, Burp Suite, and other major exploitation frameworks
  • Perform digital forensics on disk images and memory dumps

Prerequisites

  • Solid Linux command-line skills (cd, grep, ssh, package management)
  • Basic networking knowledge (TCP/IP, ports, DNS, HTTP)
  • A workstation that can run virtual machines (8 GB RAM minimum)
  • **Legal warning**: only run these techniques against systems you own or have explicit written permission to test

Syllabus

10 chapters · 90 lessons · ~551 min of reading

  1. 1 Set Up Your Lab 19 lessons
    1. Part 1 Create a Kali Linux bootable USB 6 min read
    2. Part 2 Install Kali Linux in VirtualBox 9 min read
    3. Part 3 Install Kali Linux on Apple M1 with UTM 8 min read
    4. Part 4 Install Kali Linux on Android 9 min read
    5. Part 5 Install Kali Linux on Raspberry Pi 5 min read
    6. Part 6 Dual boot Ubuntu and Kali Linux 10 min read
    7. Part 7 Dual boot Windows 10 and Linux 8 min read
    8. Part 8 Install Kali Linux apps on Ubuntu 5 min read
    9. Part 9 Manage Kali Linux repositories 4 min read
    10. Part 10 Set up a virtual penetration testing lab 9 min read
    11. Part 11 Set up a hacking lab with Metasploitable 5 min read
    12. Part 12 Learn hacking using Metasploitable 2 6 min read
    13. Part 13 Install the CAINE forensics VM 6 min read
    14. Part 14 Install airmon-ng on Kali Linux 5 min read
    15. Part 15 Install Pyrit on Kali Linux 6 min read
    16. Part 16 Install Gobuster on Ubuntu 8 min read
    17. Part 17 Set up ProxyChains on Kali Linux 5 min read
    18. Part 18 Install Tor Browser on Linux 7 min read
    19. Part 19 Install Tor Browser on Rocky Linux 6 min read
  2. 2 Reconnaissance and OSINT 13 lessons
    1. Part 20 Complete Shodan tutorial 7 min read
    2. Part 21 OSINT with the Mitaka browser extension 5 min read
    3. Part 22 OSINT automation with SpiderFoot 5 min read
    4. Part 23 OSINT with the InfoOze tool 6 min read
    5. Part 24 Automated pentesting with Nettacker 6 min read
    6. Part 25 Banner grabbing techniques 5 min read
    7. Part 26 DNS enumeration 6 min read
    8. Part 27 Subdomain enumeration tools 9 min read
    9. Part 28 Find hidden endpoints with fuzzing 9 min read
    10. Part 29 SMTP enumeration 6 min read
    11. Part 30 How doxing works (and how to defend against it) 6 min read
    12. Part 31 Track an IP address using an image 5 min read
    13. Part 32 Use canary tokens for breach detection 5 min read
  3. 3 Password Cracking and Brute Force 8 lessons
    1. Part 33 Crack password hashes 7 min read
    2. Part 34 John the Ripper password cracker 6 min read
    3. Part 35 Generate custom wordlists 5 min read
    4. Part 36 SSH brute-force attack 5 min read
    5. Part 37 Brute-force web forms 5 min read
    6. Part 38 Postgres brute-force attack 5 min read
    7. Part 39 VNC brute-force attack 5 min read
    8. Part 40 Bypass an Android lock screen 5 min read
  4. 4 Phishing and Social Engineering 11 lessons
    1. Part 41 Social engineering attack types explained 7 min read
    2. Part 42 Social Engineering Toolkit (SET) phishing 5 min read
    3. Part 43 Install the Gophish phishing framework 6 min read
    4. Part 44 Create a phishing campaign with Gophish 5 min read
    5. Part 45 Run phishing simulations with FiercePhish 5 min read
    6. Part 46 Snapchat phishing simulation 5 min read
    7. Part 47 Social media phishing with Zphisher 5 min read
    8. Part 48 Phishing simulations with SocialFish 5 min read
    9. Part 49 Lockphish v2 PIN phishing attack 5 min read
    10. Part 50 Browser-in-the-browser (BitB) phishing 4 min read
    11. Part 51 Analyze phishing emails with TheHive (TheHive Phish) 5 min read
  5. 5 Web Application Pentesting 11 lessons
    1. Part 52 DVWA - Damn Vulnerable Web Application 6 min read
    2. Part 53 Install DVWA on Kali Linux 7 min read
    3. Part 54 SQL injection on DVWA 6 min read
    4. Part 55 Install OWASP Juice Shop 6 min read
    5. Part 56 Burp Suite proxy tutorial 9 min read
    6. Part 57 Fuzzing tools for web app pentesting 7 min read
    7. Part 58 Bypass CSRF protection 7 min read
    8. Part 59 Local File Inclusion (LFI) attack 6 min read
    9. Part 60 Web cache deception attack 5 min read
    10. Part 61 WordPress vulnerability scanning with WPScan 6 min read
    11. Part 62 Set up a WordPress reverse shell 6 min read
  6. 6 Network Attacks (WiFi, MITM, DoS) 7 lessons
    1. Part 63 WiFi password attack techniques (WPA/WPA2) 7 min read
    2. Part 64 WPA2 WiFi honeypot tutorial 7 min read
    3. Part 65 Evil twin WiFi attack 6 min read
    4. Part 66 Man-in-the-middle via ARP spoofing 6 min read
    5. Part 67 MITM attacks with Xerosploit 6 min read
    6. Part 68 Change your MAC address on Linux 7 min read
    7. Part 69 DDoS attack example (in your own lab) 5 min read
  7. 7 Exploitation Frameworks 7 lessons
    1. Part 70 Metasploit tutorial 7 min read
    2. Part 71 BeEF browser exploitation framework 6 min read
    3. Part 72 Reverse shell cheat sheet 9 min read
    4. Part 73 Encode payloads with Shellter 8 min read
    5. Part 74 Embed a payload in a PDF 6 min read
    6. Part 75 Undetectable Windows payload with TechnoLogger 5 min read
    7. Part 76 Windows remote access trojan (RAT) walkthrough 6 min read
  8. 8 Mobile Pentesting 7 lessons
    1. Part 77 Set up an Android pentesting lab 6 min read
    2. Part 78 APKHunt - Android app pentesting 5 min read
    3. Part 79 Mobile Security Framework (MobSF) walkthrough 5 min read
    4. Part 80 Embed a payload in an APK file 7 min read
    5. Part 81 Obfuscate Android payloads with APKBleach 5 min read
    6. Part 82 Hack Android with the Ghost framework 5 min read
    7. Part 83 Remote Android management with L3MON 6 min read
  9. 9 Digital Forensics and Defense 6 lessons
    1. Part 84 Create a forensic disk image with FTK Imager 6 min read
    2. Part 85 Analyze memory dumps with Volatility 7 min read
    3. Part 86 Android forensics with Andriller 5 min read
    4. Part 87 Detect rootkits and malware with rkhunter 7 min read
    5. Part 88 Steganography - hide messages in images 6 min read
    6. Part 89 Encrypt a USB drive with VeraCrypt 7 min read
  10. 10 Project Management 1 lesson
    1. Part 90 Manage pentest projects with Cervantes 5 min read
Deepak Prasad

R&D Engineer

Founder of GoLinuxCloud with over a decade of expertise in Linux, Python, Go, Laravel, DevOps, Kubernetes, Git, Shell scripting, OpenShift, AWS, Networking, and Security. With extensive experience, he excels across development, DevOps, …

Certifications
  • Red Hat Certified System Administrator in Red Hat OpenStack
  • Certified Kubernetes Application Developer (CKAD)
  • Red Hat Certified Specialist in Ansible Automation
Expertise
  • Go (programming language)
  • Python (programming language)
  • DevOps
  • Computer Security