Have you ever wondered how real attackers carry out cyber attacks? BHPT is a comprehensive hands-on course that uses on-demand labs to learn methodologies for discovering, exploiting, reporting, and responding to vulnerabilities by conducting penetration testing from an attacker's perspective against specific hosts.
896 learners
Level Basic
Course period Unlimited
Reviews from Early Learners
5.0
우주아줌마
If you're buying a security course, RedRaccoon's course is a must!! If you have even 0.1% of the will to become a security beginner or expert, It's a must! If you resist, don't even think about stepping into security!
5.0
심야
The best penetration testing course in Korea, period.
5.0
LK
Best lecture. Is there a practice machine? ______> o Does the instructor answer students' questions well? __________>o Is the lecture content practical? _______> o The content is
Penetration Testing
Host-based penetration testing
Offensive Security Fundamentals
Red Team
/builder/23de526e-3a52-457d-bb5b-75ddd718cdf5/332385-2.png?f=avif)
The first practical host-based penetration testing course BHPT offered by Red Raccoon is a comprehensive course that reflects the latest cybersecurity trends and provides hands-on, practice-oriented learning opportunities for students new to penetration testing through an on-demand practical lab environment.
Through the BHPT course, students can experience penetration testing from an attacker's perspective and learn the fundamental offensive security methodology of discovering, exploiting, reporting, and responding to vulnerabilities.
- Discovering XSS vulnerabilities - People say web and mobile are important for getting a job, so I study hard every day, but I still have questions whenever I read news articles.
The attackers exploited a zero-day vulnerability in an externally exposed web SSL VPN appliance to gain access to the internal network...
They accessed the bank's SWIFT network, which was not properly segmented from the internal network, and attempted to make payments...
After infiltrating XY Casino's internal network, they accessed the vCenter server managing the virtual infrastructure and executed ransomware on hundreds of virtual machines inside...
How do these attacks happen? What mindset, methodology, commands, and tools do attackers actually use to carry out cyber attacks? How can we examine their methodology and defend against them as defenders?
From script kiddie point-and-shoot exploit kit attacks to nation-state-backed APT (Advanced Persistent Threat) groups, all real-world cyberattacks carried out by attackers fundamentally execute host-based attacks. Beyond CTFs and fragmented penetration testing, we introduce BHPT, which teaches the most fundamental and basic concepts and methodologies of host-based attacks in offensive security through hands-on practice.
Understanding the overall methodology, concepts, and fundamentals of penetration testing:
Provides a deep understanding of the basic strategies and methodologies used by attackers. Through this, students acquire the skills to analyze systems from an attacker's perspective and identify security vulnerabilities.
Foundational Learning for Host-Based Penetration Testing:
Through foundational learning in concepts, commands, operating systems, and shell usage for conducting host-based penetration testing, students enhance their basic skills to prepare for real hacking scenarios.
Understanding Penetration Testing Methodology Based on Practical Experience:
Learn methodologies based on the verified experience of current practitioners to develop skills applicable in real-world practice.
Conducting Penetration Testing Based on Methodology:
In this course, you will learn practical skills through various on-demand lab scenarios using the penetration testing methodologies covered in the lectures.
Creating Deliverables and Documentation:
Learn how to effectively document penetration testing results. This improves report writing skills in practical work and proves effective in future team collaboration in the field.
/builder/18cf5087-55e8-457f-8089-789b23e4db5b/BHPT-모듈1-개요 (1).png "BHPT-모듈1-개요 (1).png")
/builder/836b9e52-1a86-423e-a41c-abaa892c660e/red-raccoon-img-1.png?f=avif "red-raccoon-img-1.png")
Provides on-demand practical lab environment
that can be executed directly from the community Discord
/builder/cad746a4-7167-4674-bc46-487da4909bc8/red-raccoon-img-2.png?f=avif "red-raccoon-img-2.png")
Real-time communication through
the BHTP community
/builder/d8180fcd-6b2e-4fdf-9444-76f8c0426bee/red-raccoon-img-3.png?f=avif "red-raccoon-img-3.png")
Practical penetration testing exam provided
/builder/8c9278e6-0c0f-480c-964a-1eca45f90db8/red-raccoon-img-4.png?f=avif "red-raccoon-img-4.png")
BHPT Certificate of Completion Provided
Who is this course right for?
People who want to learn the basics of penetration testing
For those who want to learn ethical hacking through hands-on practice by typing on the keyboard themselves
Those who want to learn host-based attacks beyond web/mobile/pwnable
Those who want to understand Offensive Security (or Red Team) principles
Those who want to understand real attacker techniques as a Blue Team member/Developer/System Administrator
Those who aspire to pursue a career in information security
1,381
Learners
136
Reviews
12
Answers
4.9
Rating
3
Courses
레드라쿤은 사이버 보안 커뮤니티로, 사이버 보안 해킹 기술 강의 뿐만 아니라 사이버 보안 주제/팁/노하우 등을 공유합니다.
現 국내 대기업 레드팀 오퍼레이터 - 공격자 시뮬레이션, 침투 업무 수행
前 Fortune 100에서 미국 및 전세계 기업들을 상대로 내부망, 외부망, 웹 모의해킹 업무 수행
Defcon 30, Defcon 31에서 블루팀 워크샵 + 레드팀 워크샵 제작 및 진행
한국 최초의 오펜시브 시큐리티 오픈소스 위키피디아 운영 (레드팀.com)
Global CPTC(Collegiate Penetration Testing Competition) 2020 - 1등, 팀장
자격증: OSCP, CRTO, CRTL, EvilGinx2 피싱 마스터리 코스, Breaching the Cloud
現 선임 사이버 보안 엔지니어 & 사이버 보안 부트캠프 리드 강사
前 CrowdStrike 선임 사이버 보안 인텔 연구원
前 CyberCX MSSP SOC 팀장, 선임 모의 해커
블루팀, 레드팀, 인텔 연구원등 다양한 도메인에서 경력 보유
자격증: OSCP, CRTO, CREST, 보안 제품 벤더 자격증 (CrowdStrike, LogRhythm, Okta, Microsoft Security, Netskope등)
All
111 lectures ∙ (17hr 11min)
Course Materials:
3. 강사진 소개 & 강의 제작 배경
05:30
4. BHPT 강의 소개
06:46
5. 호스트기반 모의해킹의 중요성
03:28
6. BHPT 커뮤니티
06:30
8. 환경 설정
06:52
9. BHPT 랩 사용법
15:07
10. 칼리 리눅스 설정
05:24
12. 리눅스 실습 박스 준비
03:49
13. 리눅스 실습 박스 접근법
01:50
14. 리눅스 - 시스템 명령어
06:42
15. 리눅스 - 읽기 명령어
15:20
16. 리눅스 - 쓰기 명령어
21:33
17. CHMOD 퍼미션 - 개념
05:31
20. VIM 에디터 기본
08:31
21. 마무리 - 스크립팅
08:43
24. 네트워킹 최종 공격 시나리오
03:45
25. 네트워킹 명령어
06:59
27. Tmux 사용법 1
06:25
28. Tmux 사용법 2
08:07
29. 윈도우 개념
11:12
30. 윈도우 - 필수 명령어 1
10:19
31. 윈도우 - 필수 명령어 2
07:59
32. 윈도우 - 필수 명령어 3
09:12
34. 추가 필수 개념
09:41
All
98 reviews
4.9
98 reviews
Reviews 17
∙
Average Rating 4.8
5
I have taken about 35% of the current lectures and will write a review and revise it after I finish it. Advantages: While I was self-studying through lectures or books on information security or development, the most difficult thing was not the difficulty of the concepts and knowledge, but the establishment of a practical environment. I can't say the name of the instructor here, but the level of the lecture is very high and it is a lecture that will never be available in Korea, but I was a little disappointed when I saw that dozens of people, including me, had a hard time establishing a practical environment, but this lecture seems good in that it understands such job seekers and allows anyone to easily use the environment created through Discord. Also, when I asked a question through Discord, they answered clearly, and even if I asked a question outside of the lecture, they explained it in detail as if it was a question related to the lecture. They usually answer questions related to the lecture, but for other things, they are not actually obligated to explain them, but it felt like they were explaining it in an easy way because I was worried that I wouldn't understand the explanation. Disadvantages: Rather than a disadvantage, it seems that the male instructor's communication skills are a little better than the female instructor's. Another thing I was disappointed about was that the field of mock hacking is not an easy field at all, and it involves a lot of knowledge, but the difficulty level of the course was beginner, so I was a little puzzled. But when I listened to it, it seemed like they quickly and superficially taught the prerequisite knowledge required for the mock hacking for 40% of the lecture, and then proceeded with practice based on that knowledge. Because I had focused on CS studies before studying hacking, the CS content learned in the lecture seemed a little shallow until hacking. Of course, since the lecture was made by experts who are obviously more experts than me, the intention was probably to get a feel for the lecture and then study the contents covered in the lecture in depth yourself. (In the actual lecture, they say that CS is a lifelong study.) But the lecture itself is not boring, the delivery is good, and it seems like a comfortable environment that allows you to focus on studying. I think it is one of the few lectures in Korea that is not boring. I will write an additional review after I finish it. Recommended for: Those with some basic knowledge + Those who want to experience mock hacking Not recommended for: Those who are sure about how to study + Those with a lot of basic knowledge -------------------------------------- Review after completing 99.09% of the lecture Oh, I was fooled I realized that the thoughts I had when I watched about half of the lecture were completely wrong. First, I thought you were talking about 10 lab machines for practice like mod3ex or mod3post But separately from that, there were 11 actual mock hacking lab machines (including those in the lecture) such as Hackerbox and Tryhackme I started wondering what this was, but it seems to be really helpful. At the beginning of the lecture, I thought it was a lecture for beginners because it covered basic contents such as Linux commands and usage, but the difficulty of the lab machine was higher than I thought, so I was surprised. LOL In fact, even when I didn't know about the existence of the lab machine, looking at the teaching ability, I didn't regret spending 200,000 won, but it was cheap.. I hope you buy it right away. On the other hand, it's a shame that this kind of person only appeared now.
Thank you for your review. Regarding the difficulty of Infraon, please understand that the introduction is set to beginner level for those who have no knowledge of security/IT. I will wait for additional reviews after completion. Thank you!
Reviews 5
∙
Average Rating 5.0
5
Best lecture. Is there a practice machine? ______> o Does the instructor answer students' questions well? __________>o Is the lecture content practical? _______> o The content is
It seems like the content was cut off in the middle, but thank you so much for the course review! I will try harder.
Reviews 3
∙
Average Rating 5.0
5
<Advantages> 1. A good environment for practice - You can quickly build a stable practice environment through Discord without the need for environment setup/setting issues that are always indispensable when studying IT. In particular, lectures that were filmed a long time ago are difficult to set up, but this lecture has no such problems at all. 2. Solid structure from basics to completion - They kindly explain everything from basic Linux commands to mock hacking report writing. Even those who are not familiar with Linux can easily take the lecture. (However, you will need to practice a lot to get used to the Linux shell environment, but I think you can learn even that quickly with redraccoon's raccoon city content.) - Those who already have some knowledge of web hacking or service hacking can organize it by following the flow of the lecture. In particular, they provide a guidebook in addition to the lecture, and if you do not have enough time to watch the video, the guidebook is detailed enough to follow the content just by following the guidebook. 3. Content not available on the market - In the case of Windows, there is no content related to vulnerability diagnosis on the market compared to Linux, but it is covered here, so it was good to study. 4. Various practice problems - You can practice various environments by creating 10 target machines and even doing self-tests. In particular, since it is a high-quality machine that can be solved in various ways rather than a general CTF, if you want to get a job related to mock hacking, you can write a mock hacking report and receive feedback. 5. Quick feedback - They give quick feedback through Discord. Although neither of them are in Korea, if you ask a question on Deco, you will get feedback so fast that you will wonder if they are in Korea. <Disadvantages> 1. Price - Considering the content of the lecture, it is not expensive at all, but it is not a price that you can just take a look at with a light heart. In my case, I decided to buy it after reading the table of contents, but I thought about it again after seeing the price. Of course, at this point, I do not regret buying it at all, and considering the content, it is really cheap. => Overall Review: This is a very high quality content, so if you are hesitant to buy it, I recommend eating a few less chickens and then buying it. ㅎㅎ
Thank you so much for your detailed and thoughtful course review! We are so grateful that you asked us many questions and that you are so passionate about studying more deeply. We will continue to make better lectures and updates. Thank you again!
For a lighthearted perspective, you can find a lot of great resources on the Red Raccoon YouTube channel or blog.
Reviews 1
∙
Average Rating 5.0
5
24/02/14 I'll give you 5 stars first. I'll come back after listening to all the lectures~! 25/01/09 The best lecture for those who want to work in simulated penetration.
Thank you! Please come back with feedback after listening to the lecture! I'll be waiting :)
Reviews 3
∙
Average Rating 5.0
5
I have seen many similar lectures on security, but My thoughts after watching Red Raccoon's lecture 1. It is the most updated 2. Answers questions and answers well 3. The explanations are readable and visible, so it is fun to watch 4. There are few difficult programs or specific programs, and it works well (Usually there are many, or when you install it, it doesn't work, so you have to find out how to use it) 5. Red Raccoon's unique lab (program) makes it easy to learn (At least from what I've seen from other lectures, the learning hurdle is lower than other lectures, and it's easy to learn by following along) 6. I feel a lot of consideration for beginners, especially since the guidebook contains almost all the necessary content, so it takes less time to look up terms and is easy to understand Conclusion: The educational content itself is detailed and easy to access, so it's easy for beginners to learn I'm not saying that other lectures are wrong, but I'm just picking out the strengths that I felt were unique to Red Raccoon's lectures.
Thank you so much for the detailed course review! I will come back again for better quality security lectures. Thank you.
$152.90
Check out other courses by the instructor!
Explore other courses in the same field!
![[Eduwill White Hacker Training Course] Network TheoryCourse Thumbnail](https://cdn.inflearn.com/public/courses/329569/cover/0379ff30-dec1-4464-a752-ecb403e33f1f/329569-eng-original.png?f=avif&w=420)
