CyberCode Academy

CyberCode Academy
  • 0.0 (0)
  • Courses
  • Updated daily

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

  1. Course 35 - Footprinting and Reconnaissance | Episode 7: Information Gathering and Domain Reconnaissance Lab

    10 hr ago

    Course 35 - Footprinting and Reconnaissance | Episode 7: Information Gathering and Domain Reconnaissance Lab

    In this lesson, you’ll learn about: reconnaissance using Recon-ng1. What is Recon-ng?A full-featured web reconnaissance frameworkPre-installed on Kali LinuxDesigned to automate OSINT and domain reconnaissance🔹 Core ConceptWorks like a framework (similar to Metasploit)Uses modules to perform different recon tasks👉 Purpose:Build a structured database of target intelligence2. Tool OverviewRecon-ng🔹 Key CapabilitiesDomain intelligence gatheringContact harvestingSubdomain discoveryFile and directory enumeration👉 Advantage:Organizes results into a workspace database3. Workspace & Domain Setup🔹 Initial StepsCreate a workspaceAdd target domain👉 Why it matters:Keeps recon data organized and reusable4. Contact Harvesting🔹 Module: whois_pocsExtracts:NamesEmail addressesLocations👉 Use Case:Build a target profileUseful for:Social engineeringOSINT correlation5. Host Discovery & Stealth🔹 Module: bing_domain_webFinds:HostsIndexed subdomains🔹 Stealth FeatureRecon-ng introduces delays (sleep) between requests👉 Benefit:Mimics human browsingReduces detection riskAvoids IP blocking6. Subdomain Brute-Forcing🔹 Module: brute_hostsUses wordlists to guess subdomains🔹 OutputHidden subdomainsAssociated IP addresses👉 Importance:Expands the attack surfaceReveals hidden infrastructure7. Sensitive File Discovery🔹 Module: interesting_filesSearches for:robots.txtBackup filesConfig files👉 Why it matters:May expose:Hidden directoriesInternal pathsMisconfigurations8. Analyzing Server Responses🔹 HTTP Status Codes404 → Resource not found (client-side issue)300-series → Redirection👉 Insight:Helps understand:Server behaviorApplication structure9. Cybersecurity Use Case🔹 Reconnaissance PhaseEarly stage of:Penetration testingBug bounty hunting🔹 What You AchieveMap:DomainsSubdomainsContactsInfrastructure👉 Outcome:Clear view of the target environmentKey TakeawaysRecon-ng is a modular recon frameworkUses workspaces to organize intelligenceAutomates multiple OSINT tasksIncludes stealth techniques to avoid detectionProvides structured data for further testingBig PictureRecon-ng helps you:👉 Move from raw data → structured intelligence databaseMental ModelRecon-ng → “Collect + organize recon data”Analysis → “Turn data into actionable insights” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    19 min
  2. Course 35 - Footprinting and Reconnaissance | Episode 6: Information Gathering with theHarvester in Kali Linux

    1 day ago

    Course 35 - Footprinting and Reconnaissance | Episode 6: Information Gathering with theHarvester in Kali Linux

    In this lesson, you’ll learn about: information gathering using theHarvester1. What is theHarvester? A reconnaissance tool used for Open Source Intelligence (OSINT)Built into Kali LinuxDesigned to collect publicly available data about a target🔹 Core Function Gathers:Email addressesSubdomainsIP addressesHostnames👉 Purpose: Build a digital footprint of the target before active testing2. Tool Overview theHarvester🔹 Data Sources Search engines:GoogleBingExternal services:Shodan👉 Value: Combines multiple sources into one unified result set3. Basic Command Usage🔹 Essential Flags -d → Target domain-l → Limit number of results-b → Data source (e.g., google, bing, shodan)-f → Save output to file🔹 Example CommandtheHarvester -d microsoft.com -l 100 -b google -f results 👉 What this does: Searches GoogleCollects up to 100 resultsSaves output locally4. Advanced Querying🔹 Additional Flags -s → Start position of search results👉 Use Case: Continue collecting data beyond initial resultsAvoid duplicate data🔹 Shodan IntegrationtheHarvester -d microsoft.com -b shodan 👉 Benefit: Finds:Exposed devicesServicesTechnical infrastructure5. Analyzing Results🔹 Key Findings Subdomains:news.microsoft.comsupport.microsoft.comIP Addresses:Associated with infrastructure🔹 Why It Matters Reveals:Attack surfaceEntry pointsHidden assets6. Cybersecurity Use Case🔹 Reconnaissance Phase First step in:Penetration testingBug bounty hunting🔹 What You Gain Target structure understandingIdentification of:Weak subdomainsExposed services👉 Impact: Better planning for:ScanningExploitationKey Takeaways theHarvester is a powerful OSINT toolUses multiple public sources for data collectionCommand-line flags control precision and scopeResults reveal critical reconnaissance insightsForms the foundation of ethical hacking workflowsBig PicturetheHarvester helps you:👉 Move from no knowledge → mapped digital footprintMental Model theHarvester → “Collect target data”Analysis → “Understand the attack surface” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    20 min
  3. Course 35 - Footprinting and Reconnaissance | Episode 5: Website Mirroring and Footprinting with HTTrack

    2 days ago

    Course 35 - Footprinting and Reconnaissance | Episode 5: Website Mirroring and Footprinting with HTTrack

    In this lesson, you’ll learn about: website mirroring using HTTrack for footprinting1. What is Website Mirroring?The process of creating a local copy of a websiteUsed for:FootprintingReconnaissanceOffline analysis👉 Goal:Analyze the target without interacting with the live system repeatedly2. Tool OverviewHTTrack🔹 What HTTrack DoesDownloads:HTML pagesImagesScripts (JavaScript, CSS)👉 Result:A fully browsable offline version of the website3. Lab Environment Setup🔹 Environment UsedVirtual lab (Cyber Lab)Windows 7 Virtual Machine👉 Why this setup:Safe environmentPre-configured toolsNo risk to real systems4. Installation & Initial Configuration🔹 StepsRun:httrack-3.48.19.exe🔹 Project SetupProject Name:Example: PABCategory:Example: intranetTarget:Website URL👉 This defines:What you are copyingHow the project is organized5. Advanced Configuration🔹 Proxy SettingsConfigure proxy:Port 8080👉 Why:Required in lab environmentsEnsures proper network routing🔹 Mirroring Depth (Critical Setting)Max DepthLimits how deep HTTrack follows linksExternal DepthControls external site crawling👉 Importance:Prevents:Huge downloadsLong execution times6. Analyzing the Mirrored Website🔹 ComparisonLocal copy vs original:Mostly identicalSome UI elements may be missing👉 Reason:Depth limitationsDynamic content not fully captured7. Cybersecurity Use Case🔹 Source Code AnalysisInspect:HTMLJavaScriptCSS🔹 What to Look ForHardcoded IP addressesHidden endpointsAPI callsMisconfigurations👉 Value:Helps identify:Weak pointsEntry pathsTechnology stackKey TakeawaysHTTrack enables offline website analysisMirroring helps reduce interaction with live targetsProper configuration (depth, proxy) is essentialSource code analysis reveals hidden vulnerabilitiesThis is a key step in web application reconnaissanceBig PictureWebsite mirroring helps you:👉 Move from surface browsing → deep analysisNot just seeing the siteBut understanding how it works internallyMental ModelHTTrack → “Copy the website”Analysis → “Understand the website” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    18 min
  4. Course 35 - Footprinting and Reconnaissance | Episode 4: Email and Domain Information Mapping

    3 days ago

    Course 35 - Footprinting and Reconnaissance | Episode 4: Email and Domain Information Mapping

    In this lesson, you’ll learn about: Maltego for visual footprinting and OSINT analysis1. What is Maltego?MaltegoA tool used for:Information gathering (OSINT)FootprintingVisual link analysis👉 Key idea:Instead of raw data → Maltego gives you a visual map of relationships2. Lab Setup (Kali Linux Environment)🔹 PlatformKali Linux🔹 Setup StepsInstall Maltego Community EditionRegister an accountLaunch and create a new graph👉 The graph is your workspace where:Entities (emails, domains, IPs) are connected visually3. Email Reconnaissance in Maltego🔹 ProcessAdd an email entity to the graphRun transforms (automated queries)🔹 Example Data SourceHave I Been Pwned🔹 What You DiscoverData breaches linked to the emailAssociated accounts or servicesConnections to other entities👉 Value:Helps identify:Compromised credentialsAttack vectors4. Domain-Level Investigation🔹 Example TargetMicrosoft (microsoft.com)🔹 What Maltego Can FindAssociated email addressesSubdomainsInfrastructure components👉 This builds:A complete map of the organization’s digital presence5. Visualization Power🔹 What Makes Maltego UniqueDisplays relationships between:EmailsDomainsIP addressesOrganizations🔹 Unexpected InsightsCan reveal:Physical locationsCitiesAdditional contextual data👉 Result:A clear attack surface map instead of scattered data6. Why Maltego is ImportantAutomates OSINT collectionCorrelates data from multiple sourcesMakes complex relationships easy to understandKey TakeawaysMaltego is a visual OSINT and footprinting toolUses transforms to gather and connect dataEmail analysis can reveal breach exposureDomain analysis maps full infrastructureVisualization helps identify hidden relationshipsBig PictureMaltego helps you:👉 Move from data collection → intelligence visualizationNot just gathering infoBut understanding how everything is connectedMental ModelRaw tools → give dataMaltego → gives insight + connections You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    12 min
  5. Course 35 - Footprinting and Reconnaissance | Episode 3: Exploring Shodan and the Google Hacking Database

    4 days ago

    Course 35 - Footprinting and Reconnaissance | Episode 3: Exploring Shodan and the Google Hacking Database

    In this lesson, you’ll learn about: Shodan and Google Dorking (GHDB) in footprinting1. Shodan (Internet-Wide Device Discovery)🔹 What is Shodan?ShodanA search engine designed to find:Internet-connected devicesExposed services🔹 What You Can DiscoverIP addressesOpen portsOperating systemsDevice types (e.g., routers, cameras, servers)🔹 Example Use CaseSearching for:Cisco routersFiltering by:Geographic location👉 Why it matters:Helps identify:Exposed infrastructurePotential attack surface2. Key Shodan CapabilitiesAdvanced filters:Location-based searchesService-specific queriesReal-world visibility into:Global internet exposure👉 Insight:Many systems are:MisconfiguredPublicly accessible3. Google Dorking (GHDB)🔹 What is GHDB?Google Hacking DatabaseA collection of:Advanced Google search queries (dorks)🔹 PurposeFind:Sensitive filesMisconfigured web pagesHidden data4. Common Google Dorking Techniques🔹 File Type SearchesExample:.xlsx (Excel files)👉 Can reveal:ReportsCredentials (sometimes)Internal data🔹 Targeted QueriesUse operators like:site:filetype:intitle:5. Practical Considerations🔹 Handling LimitationsGoogle may:Trigger CAPTCHA (human verification)Requires:Careful, slow searching🔹 Navigating ResultsReview multiple pagesRefine queries for accuracy6. Legal & Ethical UseAlways:Stay within authorized scopeUse tools for:Security researchDefensive purposes👉 Important:These tools are powerful:Misuse can lead to legal consequencesKey TakeawaysShodan reveals internet-exposed devices and servicesGHDB enables precision searching for sensitive dataBoth tools are critical for OSINT and footprintingAdvanced search techniques improve accuracyEthical usage is mandatoryBig PictureThese tools help you:👉 Move from basic information → deep exposure analysisShodan → “What devices are exposed?”GHDB → “What data is publicly accessible?”Mental ModelShodan → Infrastructure visibilityGoogle Dorking → Data discovery You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    17 min
  6. Course 35 - Footprinting and Reconnaissance | Episode 2: Gathering Intelligence with NSlookup and WHOIS

    5 days ago

    Course 35 - Footprinting and Reconnaissance | Episode 2: Gathering Intelligence with NSlookup and WHOIS

    In this lesson, you’ll learn about: network footprinting using NSlookup and WHOIS1. What is Network Footprinting?The process of gathering technical information about a target domainFocuses on:DNS dataIP addressesDomain ownership👉 Goal:Build a clear profile of the target’s infrastructure2. Using NSlookup (DNS Intelligence)🔹 Tool OverviewNSlookupA command-line tool used to query:DNS (Domain Name System) records🔹 What You Can DiscoverDomain → IP address mappingDNS serversNetwork-related details🔹 Interactive ModeAllows advanced queries like:MX Records (Mail Servers)Identify email infrastructure👉 Why it matters:Reveals:Email serversAttack surface for phishing or targeting3. Using WHOIS (Administrative Intelligence)🔹 Tool OverviewWHOISOften accessed via:ICANN🔹 What You Can DiscoverDomain registrarRegistration & expiration datesName serversContact details:EmailsPhone numbersAddresses4. Key Data ExtractedData TypeSourceValueIP AddressNSlookupNetwork targetingMX RecordsNSlookupEmail infrastructureRegistrar InfoWHOISDomain ownershipContact DetailsWHOISSocial engineeringName ServersBothInfrastructure mapping5. Strategic ImportanceThis data helps build:A complete footprint of the target🔹 Potential Use Cases (High-Level)Identifying:Entry pointsServices to investigateSupporting:Security assessmentsRisk analysis6. Role in Footprinting PhasePart of:Early-stage reconnaissance👉 It enables you to:Move from:Domain name → full infrastructure visibilityKey TakeawaysNSlookup is used for DNS-level intelligenceWHOIS provides administrative and ownership dataMX records reveal email systemsPublic data can expose critical infrastructure detailsFootprinting is the foundation of any security assessmentBig PictureThis stage is about:👉 Turning public data into actionable intelligenceBefore any testing beginsYou must understand:Who owns the systemHow it is structuredWhat services it exposesMental ModelNSlookup → “Where is the system?”WHOIS → “Who owns the system?” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    22 min
  7. Course 35 - Footprinting and Reconnaissance | Episode 1: Methodology, OSINT Tools, and Lab Setup

    6 days ago

    Course 35 - Footprinting and Reconnaissance | Episode 1: Methodology, OSINT Tools, and Lab Setup

    In this lesson, you’ll learn about: footprinting, OSINT, and setting up a penetration testing lab1. Penetration Testing Methodology🔹 The First Rule: Legal ScopeBefore any testing:Define scope clearlyGet explicit permission👉 Why it matters:Protects you legallyDefines what systems you can testPrevents unauthorized access issues2. Footprinting & Reconnaissance🔹 DefinitionThe process of gathering information about a target before attacking🔹 Types of Footprinting🟢 Passive FootprintingNo direct interaction with the targetUses publicly available data🔴 Active FootprintingDirect engagement with the targetHigher risk of detection🌐 OSINT (Open Source Intelligence)Collecting intelligence from:Public databasesWebsitesSocial platforms3. Essential OSINT & Footprinting Tools🔹 Basic Network ToolsnslookupDNS records and IP resolutionwhoisDomain registration and ownership details🔹 Search & Intelligence PlatformsShodanDiscover exposed devices and services🔹 Visual Intelligence ToolMaltegoMaps relationships between:DomainsEmailsInfrastructure🔹 Website AnalysisHTTrackClone websites for offline analysis🔹 Advanced Recon FrameworksRecon-ngtheHarvester👉 Used for:Automated data collectionEmail harvestingDomain intelligence4. Building a Safe Lab Environment🔹 Why You Need a LabAvoid testing on real systemsPractice safely and legallySimulate real-world attacks🔹 Virtualization PlatformOracle VM VirtualBox👉 Important:Install:Base platformExtension Pack🔹 Operating System for PentestingKali Linux👉 Includes:Pre-installed security toolsReady-to-use environment5. Troubleshooting SetupAlways:Follow guides specific to your OS (Windows / Linux / Mac)Check virtualization support (VT-x / AMD-V)Key TakeawaysAlways start with scope and permissionFootprinting is the foundation of pentestingOSINT provides powerful public intelligenceTools automate and enhance data gatheringA lab environment is essential for safe practiceBig PictureThis phase is where you:👉 Move from zero knowledge → complete visibilityUnderstand the targetMap the attack surfacePrepare for deeper testingMental ModelMethodology → “What am I allowed to do?”Footprinting → “What can I learn?”Lab → “Where can I practice safely?” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    14 min
  8. Course 34 - Cybersecurity Kill Chain | Episode 4: Command, Objectives, and Defense in Depth

    21 May

    Course 34 - Cybersecurity Kill Chain | Episode 4: Command, Objectives, and Defense in Depth

    In this lesson, you’ll learn about: Command & Control (C2), Actions on Objectives, and Defense in Depth1. Command & Control (C2) Phase🔹 Definition The stage where an attacker establishes a communication channel with a compromised system🔹 Purpose Send commands to the infected machineReceive exfiltrated dataMaintain persistent remote access🔹 Evasion Techniques Attackers disguise communication as normal traffic👉 Example: Using platforms like:TwitterWhy this works:Traffic appears legitimateBlends into normal user behaviorHarder for detection systems to flag2. Actions on Objectives (Final Goal)🔹 Definition The phase where the attacker achieves their intended objective🔹 Common Targets Sensitive data such as:Financial recordsCredit card dataCredentialsIntellectual property🔹 Attacker Behavior Operate stealthilyMaintain long-term accessAvoid detection while extracting value3. Defense in Depth🔹 Definition A layered security strategy designed to protect systems at multiple levels🔹 Framework Cyber Defense Matrix4. Six Core Defensive Actions🛡️ Detect Identify malicious or suspicious activity🚫 Deny Prevent unauthorized access⚡ Disrupt Interrupt attacker operations📉 Degrade Reduce the effectiveness of the attack🎭 Deceive Mislead attackers (e.g., honeypots, fake assets)🔒 Contain Limit the spread and impact of an attack5. Why Defense in Depth Matters No single security control is sufficientAttacks occur in multiple stages👉 Effective defense must: Cover every phase of the Cyber Kill ChainKey Takeaways C2 enables attackers to remotely control compromised systemsAttackers often hide communication within legitimate trafficActions on Objectives is where real damage or data theft occursDefense in Depth provides layered protection across all stagesSecurity should be proactive, not reactiveBig Picture👉 This is the final stage of the attack lifecycle: C2 → Control the systemActions → Achieve the objectiveDefense → Detect, limit, and stop the attack You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    20 min
See All (251)

About

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

Information

  • Creator
    CyberCode Academy
  • Years Active
    2025 - 2026
  • Episodes
    251
  • Rating
    Clean
  • Copyright
    © Copyright CyberCode Academy
  • Show Website
    CyberCode Academy

You Might Also Like