Cyber security (Penetration testing and ethical hacking) For beginners

Module 1: Introduction to Kali Linux

What is Kali Linux and its purpose

History and evolution of Kali (BackTrack to present)

Use cases in cybersecurity and penetration testing

Overview of tools included in Kali

Understanding Offensive Security (Creators of Kali Linux)

Module 2: Setting Up Your Kali Environment

System requirements

Installing Kali Linux (VirtualBox)

Downloading from the official source and verifying ISO checksums

Configuring your VM (networking, resources, persistence)

First boot and initial configuration

Module 3: Navigating Kali Linux

Introduction to the GNOME/XFCE Desktop Environment

Kali Linux OS fundamentals and Basics 

Terminal Basics (bash commands, sudo, apt)

Filesystem structure in Kali

Managing files and directories

Module 4: Managing Kali Tools & Software

Using APT and package management

Updating and upgrading tools

Installing new tools (git, dpkg, custom scripts)

Using Kali Tweaks to optimize your environment

Understanding the Kali Linux metapackages

Module 5: Introduction to Linux Networking

Basic networking concepts (IP, MAC, DNS, etc.)

Network configuration in Kali

Common networking tools: ip, netstat, ifconfig, nmap, ping, traceroute

Understanding interfaces (eth0, wlan0, lo)

Module 6: Introduction to Penetration Testing

What is Penetration Testing?

The Phases of a Penetration Test:

Reconnaissance

Scanning & Enumeration

Exploitation

Post-exploitation

Reporting

Kali’s role in each phase

Ethical and legal considerations

Module 7: Essential Tools in Kali Linux

Reconnaissance & Information Gathering:

whois, theHarvester, Maltego, dnsenum

Scanning & Enumeration:

nmap, netdiscover, enum4linux, Nikto, dirb, dirbuster

Exploitation:

Metasploit Framework, searchsploit, exploitdb, msfvenom

Post Exploitation:

meterpreter, privilege escalation tools

Reporting:

Keeping logs, screenshots, and using CherryTree or Dradis

Module 8: Password Attacks & Cracking

Wordlists & brute force vs dictionary attacks

Tools: hydra, John the Ripper, Hashcat

Cracking demo: zip files, SSH, basic hashes

Creating your own wordlist with Crunch

Module 9: Web Application Testing

OWASP Top 10 Introduction

Using Burp Suite Community Edition

Tools: sqlmap, nikto, XSSer

Lab-based testing: DVWA, Juice Shop, BWAPP

Module 10: Automating Tasks with Scripting

Introduction to Bash scripting

Writing basic automation scripts for scanning and recon

Tool integration examples (nmap → grep → report)

Intro to Python for hackers (optional)

Module 11: Building a Virtual Lab for Practice

Setting up target machines: Metasploitable, DVWA,

Networking your VMs

DHCP Servers

Safe hacking: keeping your host safe

Snapshotting and backups

Module 12: Reporting & Documentation

Why reporting matters

Screenshotting tools (shutter, gnome-screenshot)

Tools: CherryTree, KeepNote, Dradis, LibreOffice

Creating a sample pentest report

Module 13: Next Steps and Resources

Where to go from here: OSCP, TryHackMe, HackTheBox

Community resources: Reddit, Discord, GitHub, Twitter

Maintaining a Kali system

Staying legal, ethical, and up-to-date

Bonus Materials

PDF Cheat Sheets for key tools

Wordlists (SecLists, RockYou)

Lab Challenges and Assignments

CTF walkthrough examples (basic)

Outcome: By the end of the course, learners will be able to:

Confidently use Kali Linux for ethical hacking

Understand the phases of penetration testing

Conduct basic attacks in a controlled lab

Document findings and write penetration test reports

Begin preparing for certification (e.g., OSCP, COMPTIA, CEH, ..)