Have you ever wondered how real attackers carry out cyberattacks? BHPT is a comprehensive, hands-on course that uses on-demand labs to simulate penetration testing from an attacker's perspective on specific hosts, teaching methodologies for discovering, attacking, reporting, and responding to vulnerabilities.
708 learners
Penetration testing
Host-based penetration testing
Offensive Security Basics
Red team
/builder/23de526e-3a52-457d-bb5b-75ddd718cdf5/332385-2.png?w=960)
BHPT, the first practical host-based mock hacking course offered by Red Raccoon, is a comprehensive course that reflects the latest cybersecurity trends and provides hands-on, hands-on training opportunities for students who are new to mock hacking by utilizing an on-demand, hands-on lab environment.
Through the BHPT course, students can experience simulated hacking from the attacker's perspective and learn the fundamental methodologies of offensive security to discover, attack, report, and respond to vulnerabilities.
<script>alert(1)</script> - XSS 취약점 발견 - I'm studying hard today because they say web and mobile are important when getting a job, but I still have questions every time I read news articles.
Attackers exploit zero-day vulnerabilities in externally exposed Web SSL VPN appliances to gain access to internal networks...
Attempting to make a payment by accessing the SWIFT network of a bank that is not properly separated from the internal network...
After infiltrating the internal network of XY Casino, they accessed the vCenter server responsible for the virtual infrastructure and ransomware on hundreds of virtual machines within it...
How do these attacks happen? What kind of mindset, methodology, commands, and tools do attackers actually use to carry out cyber attacks? How can we look into their methodology and block them as defenders?
From script kiddie Point-and-Shoot exploit kit attacks to nation-state APT (Advanced Persistent Threat) groups, host-based attacks are fundamental to all real-world cyber attacks conducted by attackers. Introducing BHPT, which teaches the concepts and methodologies of the most basic and fundamental host-based attacks of offensive security, going beyond CTF and fragmented mock hacking.
Understanding the overall methodology, concepts, and fundamentals of mock hacking:
Provides a deep understanding of the basic strategies and methodologies used by attackers. This gives students the skills to analyze systems from an attacker's perspective and identify security vulnerabilities.
Basic learning for performing host-based mock hacking:
Improve your basic skills to prepare for real hacking scenarios through fundamental learning that involves performing host-based mock hacking using concepts, commands, operating systems, and shell usage.
Understanding mock hacking methodology based on practical experience:
Learn methodologies based on the experiences of proven practitioners and develop skills that can be applied in real-world practice.
Conducting methodology-based mock hacking:
In this course, you will learn the skills necessary for practical work through on-demand labs in various scenarios by utilizing the methodology learned through mock hacking.
Create and document deliverables:
Learn how to effectively document the results of a mock hack. This will improve your reporting skills in practice and will be effective in future work team collaboration.
/builder/18cf5087-55e8-457f-8089-789b23e4db5b/BHPT-모듈1-개요 (1).png?w=960 "BHPT-Module 1-Overview (1).png")
/builder/836b9e52-1a86-423e-a41c-abaa892c660e/red-raccoon-img-1.png?w=960 "red-raccoon-img-1.png")
Available directly from the community Discord
Providing on-demand hands-on lab environment
/builder/cad746a4-7167-4674-bc46-487da4909bc8/red-raccoon-img-2.png?w=960 "red-raccoon-img-2.png")
Through the BHTP community
Real-time communication
/builder/d8180fcd-6b2e-4fdf-9444-76f8c0426bee/red-raccoon-img-3.png?w=960 "red-raccoon-img-3.png")
Providing real-world mock hacking tests
/builder/8c9278e6-0c0f-480c-964a-1eca45f90db8/red-raccoon-img-4.png?w=960 "red-raccoon-img-4.png")
BHPT Certificate provided
Who is this course right for?
Anyone who wants to learn the basics of penetration testing
For those who want to learn by practicing mock hacking, typing directly on the keyboard.
Those who want to learn host-based attacks besides web/mobile/pwnable.
For those who want to understand Offensive Security (or Red Team) principles
For Blue Team members, developers, and system administrators who want to understand the techniques of real-world attackers.
For those interested in a career in information security
977
Learners
77
Reviews
6
Answers
4.9
Rating
3
Courses
레드라쿤은 사이버 보안 커뮤니티로, 사이버 보안 해킹 기술 강의 뿐만 아니라 사이버 보안 주제/팁/노하우 등을 공유합니다.
現 국내 대기업 레드팀 오퍼레이터 - 공격자 시뮬레이션, 침투 업무 수행
前 Fortune 100에서 미국 및 전세계 기업들을 상대로 내부망, 외부망, 웹 모의해킹 업무 수행
Defcon 30, Defcon 31에서 블루팀 워크샵 + 레드팀 워크샵 제작 및 진행
한국 최초의 오펜시브 시큐리티 오픈소스 위키피디아 운영 (레드팀.com)
Global CPTC(Collegiate Penetration Testing Competition) 2020 - 1등, 팀장
자격증: OSCP, CRTO, CRTL, EvilGinx2 피싱 마스터리 코스, Breaching the Cloud
現 선임 사이버 보안 엔지니어 & 사이버 보안 부트캠프 리드 강사
前 CrowdStrike 선임 사이버 보안 인텔 연구원
前 CyberCX MSSP SOC 팀장, 선임 모의 해커
블루팀, 레드팀, 인텔 연구원등 다양한 도메인에서 경력 보유
자격증: OSCP, CRTO, CREST, 보안 제품 벤더 자격증 (CrowdStrike, LogRhythm, Okta, Microsoft Security, Netskope등)
All
111 lectures ∙ (17hr 10min)
Course Materials:
8. Settings
06:52
15. Linux - Read Command
15:20
20. VIM editor basics
08:31
25. Networking commands
06:59
27. Tmux Usage 1
06:25
28. Tmux Usage 2
08:07
29. Windows concept
11:12
All
62 reviews
5.0
62 reviews
Reviews 17
∙
Average Rating 4.8
5
I have taken about 35% of the current lectures and will write a review and revise it after I finish it. Advantages: While I was self-studying through lectures or books on information security or development, the most difficult thing was not the difficulty of the concepts and knowledge, but the establishment of a practical environment. I can't say the name of the instructor here, but the level of the lecture is very high and it is a lecture that will never be available in Korea, but I was a little disappointed when I saw that dozens of people, including me, had a hard time establishing a practical environment, but this lecture seems good in that it understands such job seekers and allows anyone to easily use the environment created through Discord. Also, when I asked a question through Discord, they answered clearly, and even if I asked a question outside of the lecture, they explained it in detail as if it was a question related to the lecture. They usually answer questions related to the lecture, but for other things, they are not actually obligated to explain them, but it felt like they were explaining it in an easy way because I was worried that I wouldn't understand the explanation. Disadvantages: Rather than a disadvantage, it seems that the male instructor's communication skills are a little better than the female instructor's. Another thing I was disappointed about was that the field of mock hacking is not an easy field at all, and it involves a lot of knowledge, but the difficulty level of the course was beginner, so I was a little puzzled. But when I listened to it, it seemed like they quickly and superficially taught the prerequisite knowledge required for the mock hacking for 40% of the lecture, and then proceeded with practice based on that knowledge. Because I had focused on CS studies before studying hacking, the CS content learned in the lecture seemed a little shallow until hacking. Of course, since the lecture was made by experts who are obviously more experts than me, the intention was probably to get a feel for the lecture and then study the contents covered in the lecture in depth yourself. (In the actual lecture, they say that CS is a lifelong study.) But the lecture itself is not boring, the delivery is good, and it seems like a comfortable environment that allows you to focus on studying. I think it is one of the few lectures in Korea that is not boring. I will write an additional review after I finish it. Recommended for: Those with some basic knowledge + Those who want to experience mock hacking Not recommended for: Those who are sure about how to study + Those with a lot of basic knowledge -------------------------------------- Review after completing 99.09% of the lecture Oh, I was fooled I realized that the thoughts I had when I watched about half of the lecture were completely wrong. First, I thought you were talking about 10 lab machines for practice like mod3ex or mod3post But separately from that, there were 11 actual mock hacking lab machines (including those in the lecture) such as Hackerbox and Tryhackme I started wondering what this was, but it seems to be really helpful. At the beginning of the lecture, I thought it was a lecture for beginners because it covered basic contents such as Linux commands and usage, but the difficulty of the lab machine was higher than I thought, so I was surprised. LOL In fact, even when I didn't know about the existence of the lab machine, looking at the teaching ability, I didn't regret spending 200,000 won, but it was cheap.. I hope you buy it right away. On the other hand, it's a shame that this kind of person only appeared now.
Thank you for your review. Regarding the difficulty of Infraon, please understand that the introduction is set to beginner level for those who have no knowledge of security/IT. I will wait for additional reviews after completion. Thank you!
Reviews 5
∙
Average Rating 5.0
5
Best lecture. Is there a practice machine? ______> o Does the instructor answer students' questions well? __________>o Is the lecture content practical? _______> o The content is
It seems like the content was cut off in the middle, but thank you so much for the course review! I will try harder.
Reviews 3
∙
Average Rating 5.0
5
<Advantages> 1. A good environment for practice - You can quickly build a stable practice environment through Discord without the need for environment setup/setting issues that are always indispensable when studying IT. In particular, lectures that were filmed a long time ago are difficult to set up, but this lecture has no such problems at all. 2. Solid structure from basics to completion - They kindly explain everything from basic Linux commands to mock hacking report writing. Even those who are not familiar with Linux can easily take the lecture. (However, you will need to practice a lot to get used to the Linux shell environment, but I think you can learn even that quickly with redraccoon's raccoon city content.) - Those who already have some knowledge of web hacking or service hacking can organize it by following the flow of the lecture. In particular, they provide a guidebook in addition to the lecture, and if you do not have enough time to watch the video, the guidebook is detailed enough to follow the content just by following the guidebook. 3. Content not available on the market - In the case of Windows, there is no content related to vulnerability diagnosis on the market compared to Linux, but it is covered here, so it was good to study. 4. Various practice problems - You can practice various environments by creating 10 target machines and even doing self-tests. In particular, since it is a high-quality machine that can be solved in various ways rather than a general CTF, if you want to get a job related to mock hacking, you can write a mock hacking report and receive feedback. 5. Quick feedback - They give quick feedback through Discord. Although neither of them are in Korea, if you ask a question on Deco, you will get feedback so fast that you will wonder if they are in Korea. <Disadvantages> 1. Price - Considering the content of the lecture, it is not expensive at all, but it is not a price that you can just take a look at with a light heart. In my case, I decided to buy it after reading the table of contents, but I thought about it again after seeing the price. Of course, at this point, I do not regret buying it at all, and considering the content, it is really cheap. => Overall Review: This is a very high quality content, so if you are hesitant to buy it, I recommend eating a few less chickens and then buying it. ㅎㅎ
Thank you so much for your detailed and thoughtful course review! We are so grateful that you asked us many questions and that you are so passionate about studying more deeply. We will continue to make better lectures and updates. Thank you again!
For a lighthearted perspective, you can find a lot of great resources on the Red Raccoon YouTube channel or blog.
Reviews 1
∙
Average Rating 5.0
5
24/02/14 I'll give you 5 stars first. I'll come back after listening to all the lectures~! 25/01/09 The best lecture for those who want to work in simulated penetration.
Thank you! Please come back with feedback after listening to the lecture! I'll be waiting :)
Reviews 3
∙
Average Rating 5.0
5
I have seen many similar lectures on security, but My thoughts after watching Red Raccoon's lecture 1. It is the most updated 2. Answers questions and answers well 3. The explanations are readable and visible, so it is fun to watch 4. There are few difficult programs or specific programs, and it works well (Usually there are many, or when you install it, it doesn't work, so you have to find out how to use it) 5. Red Raccoon's unique lab (program) makes it easy to learn (At least from what I've seen from other lectures, the learning hurdle is lower than other lectures, and it's easy to learn by following along) 6. I feel a lot of consideration for beginners, especially since the guidebook contains almost all the necessary content, so it takes less time to look up terms and is easy to understand Conclusion: The educational content itself is detailed and easy to access, so it's easy for beginners to learn I'm not saying that other lectures are wrong, but I'm just picking out the strengths that I felt were unique to Red Raccoon's lectures.
Thank you so much for the detailed course review! I will come back again for better quality security lectures. Thank you.
$152.90
Check out other courses by the instructor!
Explore other courses in the same field!
