Skip to content

flowdiary/AEH-101

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AEH-101

Course Description

If you want to become a skilled ethical hacker who can find, exploit, and responsibly report real security weaknesses - and do it faster by working side-by-side with AI - this course is for you. You'll start from the absolute foundations of cybersecurity and the legal framework that governs professional hacking, then build a complete Kali Linux lab, master how the web really works under the hood, and move all the way up to hands-on exploitation of the most common web vulnerabilities. Throughout the course, you'll learn how modern AI tools reshape a hacker's workflow, speeding up reconnaissance, crafting and mutating payloads, reading unfamiliar code, and even writing professional pentest reports. The course closes with an introduction to an entirely new frontier: attacking AI systems themselves through prompt injection and the OWASP LLM Top 10.

What You Will Learn

  • Foundations: What ethical hacking is, the role of a penetration tester, types of hackers, threat actors, attacker motivations, the cyber kill chain, and the MITRE ATT&CK framework

  • Legal & Ethical Practice: Scope, authorization, rules of engagement, responsible disclosure, and the major laws and standards every tester must respect

  • Methodology: The five phases of a penetration test, plus industry standards like PTES and the OWASP Testing Guide

  • Lab Setup: Installing Kali Linux in a virtual machine, networking, essential tools, intentionally vulnerable apps (DVWA, Juice Shop), and good lab hygiene

  • Web & Internet Internals: Clients and servers, DNS, IP, TCP/IP, ports, front-end vs back-end, HTML/CSS/JavaScript, databases, APIs, and common stacks

  • HTTP in Depth: The anatomy of requests and responses, methods, headers, query strings vs body, content types, status codes, cookies, sessions, tokens, JWTs, and HTTPS/TLS basics

  • Traffic Interception: Installing and configuring Caido to read, replay, modify, and automate real requests

  • AI-Assisted Hacking: Using LLMs as a research partner, code reader, and payload generator, including effective prompting patterns and their pitfalls

  • Web Exploitation: Broken Access Control (IDOR, privilege escalation, forced browsing), SQL Injection, Command Injection, Cross-Site Scripting (reflected, stored, DOM-based), Security Misconfiguration, Vulnerable Components, and Server-Side Request Forgery (SSRF)

  • Full Engagement: An end-to-end AI-assisted web penetration test against a vulnerable target, including AI-assisted reporting

  • LLM Security: Why AI applications are a new attack surface, the OWASP LLM Top 10, and both direct and indirect prompt injection

What You Can Do After Completing This Course

  • Carry out a structured, professional web penetration test from reconnaissance to reporting

  • Identify and exploit the most common web vulnerabilities in a safe, authorized environment

  • Use AI tools to dramatically speed up recon, payload crafting, code review, and reporting

  • Understand and probe the security of modern AI/LLM applications

  • Work as a penetration tester or security analyst, or strengthen your own products against attack

Requirements

  • A personal computer with 4GB+ RAM
  • Basic knowledge of computer literacy

Course Details

Language: Hausa

Tutors:

  • Engr. Ibrahim Auwal
  • Dr. Salisu Abdurrazak Saheel

Course Page: https://flowdiary.ai/course/AEH-101

Contact: hello@flowdiary.ai

About

No description, website, or topics provided.

Resources

License

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors