Hacker House: Hands-on Hacking Review
A spoiler-free review of the 'Hands-on Hacking' course available from Hacker House.
Background
Towards the middle of April 2018, I began looking for a course that would provide an introduction to ethical hacking. I wasn't looking for anything too basic and ideally, I wanted something that would cover key concepts, with practical labs available. After a bit of research, I discovered Hacker House, which had a number of positive reviews and student testimonials on their website and Facebook page.
Hacker House is a company founded by InfoSec professionals Jennifer Arcuri and Matthew Hickey. Both have a vast degree of experience and are determined to innovate the industry through their training and professional services.
'Hands-on Hacking' is a 4-day course which is aimed at providing an introduction to the art of ethical hacking through real-world examples. The prerequisites for the course are a familiarity with Linux (particularly working with the command-line) and a basic understanding of networking. Programming skills are an advantage, but not essential.
Prior to booking, I took advantage of the free module available from the website. This module covered the theory of mail server infrastructures and exploiting common vulnerabilities. It also contained a walkthrough of the accompanying virtual machine lab, which I downloaded and followed along with whilst watching and later attempted on my own. I found the video and lab to be a good indication of what to expect from the course and the course materials (see below for further information on these).
The course itself was available in two formats: classroom-based or via live stream. As I was self-funding this course, I decided to opt for the live stream training due to the associated travel and accommodation costs I would otherwise incur. The next available live stream was just over two weeks away, so I booked my place!
I received the joining instructions approximately a week before the course began and returned a signed copy of the code of conduct. To prepare for the course I updated my installation of VirtualBox and Kali Linux, then patiently waited.
Course Detail
'Hands-on Hacking' contains 12 modules which cover the following areas:
- Ethics and Legalities
- Open-Source Intelligence (OSINT)
- DNS and Domain Hacking
- E-Mail attacks & Mail Infrastructure
- Web Server Hacking
- VPN Attacks
- File Servers and Internal Attacks
- UNIX Server Infrastructure
- Databases
- Web Application Assessments
- Windows Enterprise Assessments
- Password Cracking
As I attended the live stream version of this course, I was provided with PDF copies of all course materials. This included the following: course syllabus, getting started guide, presentation slides, reference guide and a student guide. All of these are high quality documents with a vast amount of useful information to refer to both during and after the course.
In addition, each course module has downloadable content and virtual machines which are yours to keep. This allows you to continue practicing what you have learnt when the course has finished. Without giving too much away, they are all excellent real-world simulations that complement the course materials really well.
Experience
Sadly, on the first day of the course, Matthew was severely ill and taken to hospital. This was, understandably, of major concern to Jennifer and the Hacker House team, not to mention the students attending. Due to this medical emergency the training was rightly abandoned for the day.
By some form of miracle, Matthew was back at the helm for Day Two and was determined to continue instructing the class despite his sickness.
Matthew began each module by reviewing the slides and explaining the theory and tools/techniques that would be used to identify and exploit each vulnerability before giving a practical demonstration in the virtual labs. This was an ideal approach as it allowed you to gain an understanding of the methodology and mindset before attempting the attack yourself. Matthew's ability to explain the detailed technical concepts in an easy-to-understand manner is fantastic. Needless to say, I ended up taking a lot of notes throughout the course!
Before the course I was slightly concerned about the pace of the training, with some students reporting this was quite rapid. I generally found the overall pace to be about right. However, with Matthew's unexpected illness on the initial day, there was a lot to catch up on (and we definitely did!), but this could not have been helped.
Participants on the live stream were able to communicate with Matthew and other instructors via the online chat facility at any time during the course. This allowed us to submit any questions or ask for assistance when required. It also allowed students to network and support each other throughout. The support from the entire Hacker House team and the students was awesome, and logging on each day prior to the training allowed for some cool discussions amongst us.
Unfortunately, during Day 3 of the course, Matthew had to hand-over delivery of the training to other members of the Hacker House team as he was still struggling with his illness. In my opinion, the fact that Matthew had made it this far clearly demonstrated his passion and dedication to ensuring the students had a positive learning experience. Whilst losing Matthew was a major blow, the team dealt with this well in his absence and we covered each module and lab throughout the remainder of that day.
I was pleasantly surprised to find an email from Jennifer later that evening which contained a link to a video that Matthew had recorded especially for the students that very night. This was an in-depth video of a specific module and was packed full of theory and practical analysis, just like the rest of the course. Matthew taking the time to record this was much appreciated.
The final day of the course saw Matthew return and cover the remaining modules. We covered a lot on this day and it absolutely flew by! It had been an intense experience, but by the end of it I felt confident with what I had learnt and that the course had delivered exactly what I was looking for.
All that was left for me to do was complete the questions posed at the end of each day to assess my knowledge, submit these via the Hacker House portal and see if I had passed the course. A week or so went by and I was delighted to receive an email confirming that I had indeed passed and my certificate was in the post! Happy days!
Summary
'Hands-on Hacking' is true to its word. No matter what your background or experience, there will definitely be something for you within this course. It is exceptional value for money and an opportunity to learn from a fantastic team that have a real passion for sharing their knowledge and growing the community.
This course gave me a real boost in confidence and a motivation to progress in this industry. I really cannot thank Jennifer, Matthew and the Hacker House team enough for this awesome experience and I cannot wait to see details of the additional courses that the team have planned for the future as I would love to work with them again.
UPDATE: It was recently announced that Hacker House have been awarded £100,000 funding as part of the Cyber Skills Immediate Impact Fund. This is a UK government initiative designed to help place skilled applicants into industry and is part of the UK’s National Cyber Security Strategy.
More details on this announcement can be found here.
Finally, the on-demand version of the Hands-on Hacking course is due to launch in April 2019 and the limited pre-sale is now available, so take advantage of this whilst you can. BOOK NOW! You won't regret it!
Please feel free to contact me via Twitter and thanks for reading.
d4rkshell