CyberCode Academy

CyberCode Academy
  • ٠٫٠ (٠)
  • دورات تدريبية
  • يتم التحديث يوميًا

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

  1. Course 35 - Footprinting and Reconnaissance | Episode 8: From Target Reconnaissance to Phishing Execution

    قبل ١٦ ساعة

    Course 35 - Footprinting and Reconnaissance | Episode 8: From Target Reconnaissance to Phishing Execution

    In this lesson, you’ll learn about: social engineering attacks and spear-phishing execution1. What is Social Engineering?A psychological attack techniqueTargets human behavior instead of systemsExploits trust, urgency, and curiosity👉 Goal:Trick the victim into revealing information or executing malicious actions2. Phase 1: Reconnaissance (Information Gathering)🔹 Target ProfilingCollect Personally Identifiable Information (PII):Job roleRelationship statusDaily habitsInterests (e.g., pets, hobbies)🔹 Data SourcesSocial media platforms (e.g., mock “mybook”)👉 Why it matters:Enables highly targeted (spear-phishing) attacksHelps guess:PasswordsSecurity questions3. Phase 2: Attack Setup🔹 Tools UsedSocial Engineering ToolkitKali Linux🔹 Attack MethodSpear-phishing email with malicious attachment🔹 Payload TechniqueFile disguised as:PCFIX.zip.pdf👉 Deception Strategy:Double extension trick to:Bypass user suspicionAppear as a legitimate document4. Phase 3: Delivery & Execution🔹 Email DeliveryConfigure SMTP serverSend high-priority message🔹 Social Engineering TacticsCreate urgency:“Suspicious internet activity detected”👉 Objective:Force the victim to act without thinking5. System Compromise🔹 Victim InteractionDownloads the fileOpens the attachment🔹 ResultExecution of hidden payloadAttacker gains access via:Metasploit Framework🔹 OutcomeRemote command shell accessFull system control6. Cybersecurity Impact🔹 Attack ChainReconnaissanceWeaponizationDeliveryExploitationAccess👉 Key Insight:A simple phishing email can lead to complete system compromise7. Defense & Awareness🔹 Common Weak PointsHuman trustLack of awarenessPoor email inspection🔹 PreventionSecurity awareness trainingEmail filtering & sandboxingAvoid opening suspicious attachmentsVerify sender authenticityKey TakeawaysSocial engineering targets people, not systemsReconnaissance makes attacks more effectiveFile disguise techniques increase success ratePhishing can lead to full system compromiseAwareness is the strongest defenseBig PictureThis attack demonstrates:👉 How information gathering → targeted phishing → system takeoverMental ModelRecon → “Know the victim”Phishing → “Exploit trust”Payload → “Gain access” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    ٢٢ د
  2. Course 35 - Footprinting and Reconnaissance | Episode 7: Information Gathering and Domain Reconnaissance Lab

    قبل يوم واحد

    Course 35 - Footprinting and Reconnaissance | Episode 7: Information Gathering and Domain Reconnaissance Lab

    In this lesson, you’ll learn about: reconnaissance using Recon-ng1. What is Recon-ng?A full-featured web reconnaissance frameworkPre-installed on Kali LinuxDesigned to automate OSINT and domain reconnaissance🔹 Core ConceptWorks like a framework (similar to Metasploit)Uses modules to perform different recon tasks👉 Purpose:Build a structured database of target intelligence2. Tool OverviewRecon-ng🔹 Key CapabilitiesDomain intelligence gatheringContact harvestingSubdomain discoveryFile and directory enumeration👉 Advantage:Organizes results into a workspace database3. Workspace & Domain Setup🔹 Initial StepsCreate a workspaceAdd target domain👉 Why it matters:Keeps recon data organized and reusable4. Contact Harvesting🔹 Module: whois_pocsExtracts:NamesEmail addressesLocations👉 Use Case:Build a target profileUseful for:Social engineeringOSINT correlation5. Host Discovery & Stealth🔹 Module: bing_domain_webFinds:HostsIndexed subdomains🔹 Stealth FeatureRecon-ng introduces delays (sleep) between requests👉 Benefit:Mimics human browsingReduces detection riskAvoids IP blocking6. Subdomain Brute-Forcing🔹 Module: brute_hostsUses wordlists to guess subdomains🔹 OutputHidden subdomainsAssociated IP addresses👉 Importance:Expands the attack surfaceReveals hidden infrastructure7. Sensitive File Discovery🔹 Module: interesting_filesSearches for:robots.txtBackup filesConfig files👉 Why it matters:May expose:Hidden directoriesInternal pathsMisconfigurations8. Analyzing Server Responses🔹 HTTP Status Codes404 → Resource not found (client-side issue)300-series → Redirection👉 Insight:Helps understand:Server behaviorApplication structure9. Cybersecurity Use Case🔹 Reconnaissance PhaseEarly stage of:Penetration testingBug bounty hunting🔹 What You AchieveMap:DomainsSubdomainsContactsInfrastructure👉 Outcome:Clear view of the target environmentKey TakeawaysRecon-ng is a modular recon frameworkUses workspaces to organize intelligenceAutomates multiple OSINT tasksIncludes stealth techniques to avoid detectionProvides structured data for further testingBig PictureRecon-ng helps you:👉 Move from raw data → structured intelligence databaseMental ModelRecon-ng → “Collect + organize recon data”Analysis → “Turn data into actionable insights” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    ١٩ د
  3. Course 35 - Footprinting and Reconnaissance | Episode 6: Information Gathering with theHarvester in Kali Linux

    قبل يومين

    Course 35 - Footprinting and Reconnaissance | Episode 6: Information Gathering with theHarvester in Kali Linux

    In this lesson, you’ll learn about: information gathering using theHarvester1. What is theHarvester? A reconnaissance tool used for Open Source Intelligence (OSINT)Built into Kali LinuxDesigned to collect publicly available data about a target🔹 Core Function Gathers:Email addressesSubdomainsIP addressesHostnames👉 Purpose: Build a digital footprint of the target before active testing2. Tool Overview theHarvester🔹 Data Sources Search engines:GoogleBingExternal services:Shodan👉 Value: Combines multiple sources into one unified result set3. Basic Command Usage🔹 Essential Flags -d → Target domain-l → Limit number of results-b → Data source (e.g., google, bing, shodan)-f → Save output to file🔹 Example CommandtheHarvester -d microsoft.com -l 100 -b google -f results 👉 What this does: Searches GoogleCollects up to 100 resultsSaves output locally4. Advanced Querying🔹 Additional Flags -s → Start position of search results👉 Use Case: Continue collecting data beyond initial resultsAvoid duplicate data🔹 Shodan IntegrationtheHarvester -d microsoft.com -b shodan 👉 Benefit: Finds:Exposed devicesServicesTechnical infrastructure5. Analyzing Results🔹 Key Findings Subdomains:news.microsoft.comsupport.microsoft.comIP Addresses:Associated with infrastructure🔹 Why It Matters Reveals:Attack surfaceEntry pointsHidden assets6. Cybersecurity Use Case🔹 Reconnaissance Phase First step in:Penetration testingBug bounty hunting🔹 What You Gain Target structure understandingIdentification of:Weak subdomainsExposed services👉 Impact: Better planning for:ScanningExploitationKey Takeaways theHarvester is a powerful OSINT toolUses multiple public sources for data collectionCommand-line flags control precision and scopeResults reveal critical reconnaissance insightsForms the foundation of ethical hacking workflowsBig PicturetheHarvester helps you:👉 Move from no knowledge → mapped digital footprintMental Model theHarvester → “Collect target data”Analysis → “Understand the attack surface” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    ٢٠ د
  4. Course 35 - Footprinting and Reconnaissance | Episode 5: Website Mirroring and Footprinting with HTTrack

    قبل ٣ أيام

    Course 35 - Footprinting and Reconnaissance | Episode 5: Website Mirroring and Footprinting with HTTrack

    In this lesson, you’ll learn about: website mirroring using HTTrack for footprinting1. What is Website Mirroring?The process of creating a local copy of a websiteUsed for:FootprintingReconnaissanceOffline analysis👉 Goal:Analyze the target without interacting with the live system repeatedly2. Tool OverviewHTTrack🔹 What HTTrack DoesDownloads:HTML pagesImagesScripts (JavaScript, CSS)👉 Result:A fully browsable offline version of the website3. Lab Environment Setup🔹 Environment UsedVirtual lab (Cyber Lab)Windows 7 Virtual Machine👉 Why this setup:Safe environmentPre-configured toolsNo risk to real systems4. Installation & Initial Configuration🔹 StepsRun:httrack-3.48.19.exe🔹 Project SetupProject Name:Example: PABCategory:Example: intranetTarget:Website URL👉 This defines:What you are copyingHow the project is organized5. Advanced Configuration🔹 Proxy SettingsConfigure proxy:Port 8080👉 Why:Required in lab environmentsEnsures proper network routing🔹 Mirroring Depth (Critical Setting)Max DepthLimits how deep HTTrack follows linksExternal DepthControls external site crawling👉 Importance:Prevents:Huge downloadsLong execution times6. Analyzing the Mirrored Website🔹 ComparisonLocal copy vs original:Mostly identicalSome UI elements may be missing👉 Reason:Depth limitationsDynamic content not fully captured7. Cybersecurity Use Case🔹 Source Code AnalysisInspect:HTMLJavaScriptCSS🔹 What to Look ForHardcoded IP addressesHidden endpointsAPI callsMisconfigurations👉 Value:Helps identify:Weak pointsEntry pathsTechnology stackKey TakeawaysHTTrack enables offline website analysisMirroring helps reduce interaction with live targetsProper configuration (depth, proxy) is essentialSource code analysis reveals hidden vulnerabilitiesThis is a key step in web application reconnaissanceBig PictureWebsite mirroring helps you:👉 Move from surface browsing → deep analysisNot just seeing the siteBut understanding how it works internallyMental ModelHTTrack → “Copy the website”Analysis → “Understand the website” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    ١٨ د
  5. Course 35 - Footprinting and Reconnaissance | Episode 4: Email and Domain Information Mapping

    قبل ٤ أيام

    Course 35 - Footprinting and Reconnaissance | Episode 4: Email and Domain Information Mapping

    In this lesson, you’ll learn about: Maltego for visual footprinting and OSINT analysis1. What is Maltego?MaltegoA tool used for:Information gathering (OSINT)FootprintingVisual link analysis👉 Key idea:Instead of raw data → Maltego gives you a visual map of relationships2. Lab Setup (Kali Linux Environment)🔹 PlatformKali Linux🔹 Setup StepsInstall Maltego Community EditionRegister an accountLaunch and create a new graph👉 The graph is your workspace where:Entities (emails, domains, IPs) are connected visually3. Email Reconnaissance in Maltego🔹 ProcessAdd an email entity to the graphRun transforms (automated queries)🔹 Example Data SourceHave I Been Pwned🔹 What You DiscoverData breaches linked to the emailAssociated accounts or servicesConnections to other entities👉 Value:Helps identify:Compromised credentialsAttack vectors4. Domain-Level Investigation🔹 Example TargetMicrosoft (microsoft.com)🔹 What Maltego Can FindAssociated email addressesSubdomainsInfrastructure components👉 This builds:A complete map of the organization’s digital presence5. Visualization Power🔹 What Makes Maltego UniqueDisplays relationships between:EmailsDomainsIP addressesOrganizations🔹 Unexpected InsightsCan reveal:Physical locationsCitiesAdditional contextual data👉 Result:A clear attack surface map instead of scattered data6. Why Maltego is ImportantAutomates OSINT collectionCorrelates data from multiple sourcesMakes complex relationships easy to understandKey TakeawaysMaltego is a visual OSINT and footprinting toolUses transforms to gather and connect dataEmail analysis can reveal breach exposureDomain analysis maps full infrastructureVisualization helps identify hidden relationshipsBig PictureMaltego helps you:👉 Move from data collection → intelligence visualizationNot just gathering infoBut understanding how everything is connectedMental ModelRaw tools → give dataMaltego → gives insight + connections You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    ١٢ د
  6. Course 35 - Footprinting and Reconnaissance | Episode 3: Exploring Shodan and the Google Hacking Database

    قبل ٥ أيام

    Course 35 - Footprinting and Reconnaissance | Episode 3: Exploring Shodan and the Google Hacking Database

    In this lesson, you’ll learn about: Shodan and Google Dorking (GHDB) in footprinting1. Shodan (Internet-Wide Device Discovery)🔹 What is Shodan?ShodanA search engine designed to find:Internet-connected devicesExposed services🔹 What You Can DiscoverIP addressesOpen portsOperating systemsDevice types (e.g., routers, cameras, servers)🔹 Example Use CaseSearching for:Cisco routersFiltering by:Geographic location👉 Why it matters:Helps identify:Exposed infrastructurePotential attack surface2. Key Shodan CapabilitiesAdvanced filters:Location-based searchesService-specific queriesReal-world visibility into:Global internet exposure👉 Insight:Many systems are:MisconfiguredPublicly accessible3. Google Dorking (GHDB)🔹 What is GHDB?Google Hacking DatabaseA collection of:Advanced Google search queries (dorks)🔹 PurposeFind:Sensitive filesMisconfigured web pagesHidden data4. Common Google Dorking Techniques🔹 File Type SearchesExample:.xlsx (Excel files)👉 Can reveal:ReportsCredentials (sometimes)Internal data🔹 Targeted QueriesUse operators like:site:filetype:intitle:5. Practical Considerations🔹 Handling LimitationsGoogle may:Trigger CAPTCHA (human verification)Requires:Careful, slow searching🔹 Navigating ResultsReview multiple pagesRefine queries for accuracy6. Legal & Ethical UseAlways:Stay within authorized scopeUse tools for:Security researchDefensive purposes👉 Important:These tools are powerful:Misuse can lead to legal consequencesKey TakeawaysShodan reveals internet-exposed devices and servicesGHDB enables precision searching for sensitive dataBoth tools are critical for OSINT and footprintingAdvanced search techniques improve accuracyEthical usage is mandatoryBig PictureThese tools help you:👉 Move from basic information → deep exposure analysisShodan → “What devices are exposed?”GHDB → “What data is publicly accessible?”Mental ModelShodan → Infrastructure visibilityGoogle Dorking → Data discovery You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    ١٧ د
  7. Course 35 - Footprinting and Reconnaissance | Episode 2: Gathering Intelligence with NSlookup and WHOIS

    قبل ٦ أيام

    Course 35 - Footprinting and Reconnaissance | Episode 2: Gathering Intelligence with NSlookup and WHOIS

    In this lesson, you’ll learn about: network footprinting using NSlookup and WHOIS1. What is Network Footprinting?The process of gathering technical information about a target domainFocuses on:DNS dataIP addressesDomain ownership👉 Goal:Build a clear profile of the target’s infrastructure2. Using NSlookup (DNS Intelligence)🔹 Tool OverviewNSlookupA command-line tool used to query:DNS (Domain Name System) records🔹 What You Can DiscoverDomain → IP address mappingDNS serversNetwork-related details🔹 Interactive ModeAllows advanced queries like:MX Records (Mail Servers)Identify email infrastructure👉 Why it matters:Reveals:Email serversAttack surface for phishing or targeting3. Using WHOIS (Administrative Intelligence)🔹 Tool OverviewWHOISOften accessed via:ICANN🔹 What You Can DiscoverDomain registrarRegistration & expiration datesName serversContact details:EmailsPhone numbersAddresses4. Key Data ExtractedData TypeSourceValueIP AddressNSlookupNetwork targetingMX RecordsNSlookupEmail infrastructureRegistrar InfoWHOISDomain ownershipContact DetailsWHOISSocial engineeringName ServersBothInfrastructure mapping5. Strategic ImportanceThis data helps build:A complete footprint of the target🔹 Potential Use Cases (High-Level)Identifying:Entry pointsServices to investigateSupporting:Security assessmentsRisk analysis6. Role in Footprinting PhasePart of:Early-stage reconnaissance👉 It enables you to:Move from:Domain name → full infrastructure visibilityKey TakeawaysNSlookup is used for DNS-level intelligenceWHOIS provides administrative and ownership dataMX records reveal email systemsPublic data can expose critical infrastructure detailsFootprinting is the foundation of any security assessmentBig PictureThis stage is about:👉 Turning public data into actionable intelligenceBefore any testing beginsYou must understand:Who owns the systemHow it is structuredWhat services it exposesMental ModelNSlookup → “Where is the system?”WHOIS → “Who owns the system?” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    ٢٢ د
  8. Course 35 - Footprinting and Reconnaissance | Episode 1: Methodology, OSINT Tools, and Lab Setup

    ٢٢ مايو

    Course 35 - Footprinting and Reconnaissance | Episode 1: Methodology, OSINT Tools, and Lab Setup

    In this lesson, you’ll learn about: footprinting, OSINT, and setting up a penetration testing lab1. Penetration Testing Methodology🔹 The First Rule: Legal ScopeBefore any testing:Define scope clearlyGet explicit permission👉 Why it matters:Protects you legallyDefines what systems you can testPrevents unauthorized access issues2. Footprinting & Reconnaissance🔹 DefinitionThe process of gathering information about a target before attacking🔹 Types of Footprinting🟢 Passive FootprintingNo direct interaction with the targetUses publicly available data🔴 Active FootprintingDirect engagement with the targetHigher risk of detection🌐 OSINT (Open Source Intelligence)Collecting intelligence from:Public databasesWebsitesSocial platforms3. Essential OSINT & Footprinting Tools🔹 Basic Network ToolsnslookupDNS records and IP resolutionwhoisDomain registration and ownership details🔹 Search & Intelligence PlatformsShodanDiscover exposed devices and services🔹 Visual Intelligence ToolMaltegoMaps relationships between:DomainsEmailsInfrastructure🔹 Website AnalysisHTTrackClone websites for offline analysis🔹 Advanced Recon FrameworksRecon-ngtheHarvester👉 Used for:Automated data collectionEmail harvestingDomain intelligence4. Building a Safe Lab Environment🔹 Why You Need a LabAvoid testing on real systemsPractice safely and legallySimulate real-world attacks🔹 Virtualization PlatformOracle VM VirtualBox👉 Important:Install:Base platformExtension Pack🔹 Operating System for PentestingKali Linux👉 Includes:Pre-installed security toolsReady-to-use environment5. Troubleshooting SetupAlways:Follow guides specific to your OS (Windows / Linux / Mac)Check virtualization support (VT-x / AMD-V)Key TakeawaysAlways start with scope and permissionFootprinting is the foundation of pentestingOSINT provides powerful public intelligenceTools automate and enhance data gatheringA lab environment is essential for safe practiceBig PictureThis phase is where you:👉 Move from zero knowledge → complete visibilityUnderstand the targetMap the attack surfacePrepare for deeper testingMental ModelMethodology → “What am I allowed to do?”Footprinting → “What can I learn?”Lab → “Where can I practice safely?” You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    ١٤ د
مشاهدة الكل (٢٥٢)

حول

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

المعلومات

  • صناع العمل
    CyberCode Academy
  • سنوات النشاط
    ٢٠٢٥ - ٢٠٢٦
  • الحلقات
    ٢٥٢
  • التقييم
    ملائم
  • حقوق النشر
    © Copyright CyberCode Academy
  • موقع البرنامج على الويب
    CyberCode Academy

قد يعجبك أيضًا