25 Modul Pembelajaran Ethical Hacking with Kali Linux
Pendahuluan
Program Ethical Hacker with Kali Linux ini dirancang untuk membentuk ethical hacker yang memahami penggunaan Kali Linux sebagai platform utama offensive security dan penetration testing.
Materi mencakup:
Dasar cyber security
Penggunaan Kali Linux
Networking
Web hacking
Vulnerability assessment
Exploitation
Wireless security
Privilege escalation
Active Directory
Bug bounty workflow
Setiap modul terdiri dari:
Tujuan pembelajaran
Materi utama
Tools yang dipelajari
Praktik lab
Target skill
LEVEL 1 — KALI LINUX & CYBER SECURITY FUNDAMENTALS
Modul 1 — Introduction to Ethical Hacking
Materi:
Pengertian ethical hacking
Jenis hacker
CIA Triad
Vulnerability vs Exploit
Pentest methodology
Legal & ethics hacking
Tools:
Kali Linux
VirtualBox
Praktik:
Setup hacking lab
Install Kali Linux
Target Skill:
Memahami dasar ethical hacking.
Modul 2 — Kali Linux Fundamentals
Materi:
Interface Kali Linux
Terminal basics
File system
User & permission
Package management
Bash basics
Tools:
Kali Linux terminal
apt
nano
vim
Praktik:
Navigasi terminal
Install tools hacking
Target Skill:
Menguasai penggunaan dasar Kali Linux.
Modul 3 — Linux Command Line for Hackers
Materi:
File manipulation
Permission
Process management
SSH
Cronjob
Networking command
Tools:
grep
awk
sed
curl
wget
Praktik:
Automation command
Remote access via SSH
Target Skill:
Menguasai command line Linux.
Modul 4 — Networking Fundamentals
Materi:
OSI layer
TCP/IP
Port & protocol
DNS
DHCP
VPN
NAT
Tools:
Wireshark
tcpdump
netstat
Praktik:
Analisa traffic jaringan
Target Skill:
Memahami komunikasi jaringan.
Modul 5 — Python Basics for Hackers
Materi:
Python syntax
Requests
Socket programming
Threading
Automation scripting
Tools:
Python
VSCode
Praktik:
Membuat port scanner sederhana
Target Skill:
Mampu membuat automation sederhana.
LEVEL 2 — RECONNAISSANCE & ENUMERATION
Modul 6 — Information Gathering
Materi:
Passive recon
Active recon
Whois
DNS enumeration
Google dorking
Subdomain discovery
Tools:
theHarvester
Amass
Subfinder
Whois
Praktik:
Recon target lab
Target Skill:
Mampu melakukan information gathering.
Modul 7 — Network Scanning
Materi:
Port scanning
Service detection
OS detection
Banner grabbing
Tools:
Nmap
Rustscan
Netcat
Praktik:
Scan target machine
Target Skill:
Mampu melakukan scanning jaringan.
Modul 8 — Enumeration Techniques
Materi:
SMB enumeration
SNMP enumeration
FTP enumeration
HTTP enumeration
Tools:
Enum4linux
smbclient
gobuster
Praktik:
Enumerasi service target
Target Skill:
Mampu mengidentifikasi attack surface.
LEVEL 3 — WEB APPLICATION HACKING
Modul 9 — Web Application Fundamentals
Materi:
HTTP/HTTPS
Cookie
Session
Authentication
REST API
Tools:
Burp Suite
Postman
Praktik:
Intercept request web
Target Skill:
Memahami cara kerja aplikasi web.
Modul 10 — SQL Injection
Materi:
SQL basics
Error-based SQLi
Blind SQLi
Time-based SQLi
Tools:
SQLMap
Burp Suite
Praktik:
SQL Injection lab
Target Skill:
Memahami SQL Injection.
Modul 11 — Cross Site Scripting (XSS)
Materi:
Reflected XSS
Stored XSS
DOM XSS
CSP basics
Tools:
Dalfox
XSStrike
Praktik:
XSS lab
Target Skill:
Memahami XSS vulnerability.
Modul 12 — File Upload & RCE
Materi:
File upload bypass
Webshell basics
Command injection
Remote Code Execution
Tools:
Burp Suite
Metasploit
Praktik:
Upload bypass lab
Target Skill:
Memahami eksploitasi upload vulnerability.
Modul 13 — Directory & Content Discovery
Materi:
Hidden directory
Backup files
Sensitive endpoint
Fuzzing basics
Tools:
ffuf
dirsearch
gobuster
Praktik:
Directory brute force lab
Target Skill:
Mampu menemukan hidden resource.
LEVEL 4 — EXPLOITATION & OFFENSIVE SECURITY
Modul 14 — Vulnerability Assessment
Materi:
Vulnerability scanning
CVSS
Risk assessment
False positive
Tools:
Nessus
OpenVAS
Praktik:
Scan vulnerability target
Target Skill:
Memahami vulnerability assessment.
Modul 15 — Metasploit Framework
Materi:
Exploit
Payload
Meterpreter
Session handling
Post exploitation
Tools:
Metasploit
Praktik:
Controlled exploitation lab
Target Skill:
Menguasai Metasploit.
Modul 16 — Password Attacks
Materi:
Hash basics
Brute force
Dictionary attack
Password spraying concepts
Tools:
Hydra
Hashcat
John the Ripper
Praktik:
Password audit lab
Target Skill:
Memahami keamanan password.
Modul 17 — Wireless Security
Materi:
WiFi security
WPA/WPA2 basics
Handshake overview
Rogue AP awareness
Tools:
Aircrack-ng
Bettercap
Praktik:
Wireless audit pada jaringan sendiri
Target Skill:
Memahami keamanan wireless.
Modul 18 — Linux Privilege Escalation
Materi:
SUID
Cronjob
PATH hijacking
Capability abuse
Tools:
LinPEAS
Linux Exploit Suggester
Praktik:
Privilege escalation lab
Target Skill:
Memahami privilege escalation Linux.
Modul 19 — Windows Privilege Escalation
Materi:
Service misconfiguration
DLL hijacking overview
Registry weakness
Token privilege
Tools:
WinPEAS
PowerUp
Praktik:
Windows escalation lab
Target Skill:
Memahami privilege escalation Windows.
LEVEL 5 — ENTERPRISE & ADVANCED SECURITY
Modul 20 — Active Directory Fundamentals
Materi:
Domain
Kerberos
NTLM
Group Policy
Lateral movement concepts
Tools:
BloodHound
PowerView
Praktik:
Active Directory mapping
Target Skill:
Memahami struktur AD.
Modul 21 — Bug Bounty Workflow
Materi:
Recon workflow
Scope analysis
Automation
Report writing
Responsible disclosure
Tools:
httpx
nuclei
katana
Praktik:
Simulasi bug bounty workflow
Target Skill:
Memahami alur bug bounty.
Modul 22 — Basic Malware Analysis
Materi:
Static analysis
Dynamic analysis overview
PE file basics
Sandbox awareness
Tools:
PEStudio
Procmon
REMnux
Praktik:
Analisa sample aman
Target Skill:
Memahami dasar malware analysis.
Modul 23 — Reverse Engineering Basics
Materi:
Assembly basics
Binary analysis
Function analysis
Tools:
Ghidra
IDA Free
Praktik:
Reverse engineering executable sederhana
Target Skill:
Memahami struktur binary.
Modul 24 — Reporting & Documentation
Materi:
Pentest reporting
Vulnerability documentation
Evidence collection
Executive summary
Tools:
Dradis
Obsidian
Praktik:
Membuat laporan penetration testing
Target Skill:
Mampu membuat laporan profesional.
Modul 25 — Final Ethical Hacking Project
Materi:
Full penetration testing workflow
Recon hingga reporting
Professional methodology
Presentation skill
Tools:
Kali Linux Toolkit
Praktik:
Final project pentest lab
Presentasi hasil assessment
Target Skill:
Siap menjadi Ethical Hacker dengan Kali Linux.
BONUS SECTION
Tools Penting di Kali Linux
Nmap
Burp Suite
Metasploit
SQLMap
Hydra
Hashcat
Wireshark
Aircrack-ng
ffuf
gobuster
nuclei
httpx
subfinder
amass
Sertifikasi Rekomendasi
CEH
eJPT
PNPT
OSCP
CPTS
Platform Praktik
Hack The Box
TryHackMe
PortSwigger Academy
OverTheWire
VulnHub
Roadmap Karier
Beginner:
IT Support
Junior SOC Analyst
Junior Pentester
Intermediate:
Penetration Tester
Security Engineer
Bug Bounty Hunter
Advanced:
Red Team Operator
Security Researcher
Security Consultant
PENUTUP
Program Ethical Hacker with Kali Linux dirancang untuk memberikan pemahaman ethical hacking modern menggunakan Kali Linux sebagai platform utama.
Pembelajaran dilakukan secara bertahap mulai dari dasar Linux, networking, reconnaissance, web hacking, exploitation, hingga penetration testing profesional.