HackTheKnowledge logo
InicioCursosLaboratoriosPreciosNosotrosBlogComunidadContactoCarrito
Cargando…

Learning Path (Beginner + Intermediate)

Phishing & OSINT

Detect, analyze, and investigate phishing campaigns end-to-end, email forensics, SSL/TLS analysis, domain intelligence, malicious document triage, and threat actor attribution with professional OSINT tools.

Save 79 EUR
Join Waitlist →Start with Beginner 119 EURGo Intermediate

Lab tools you will use

urlscan.ioVirusTotalWHOISShodanCensysMaltegoPhishTankGoPhishEvilginxMXToolBoxDomainToolspdfidolevbaCyberCheftheHarvesterEmailRepurlscan.ioVirusTotalWHOISShodanCensysMaltegoPhishTankGoPhishEvilginxMXToolBoxDomainToolspdfidolevbaCyberCheftheHarvesterEmailRepurlscan.ioVirusTotalWHOISShodanCensysMaltegoPhishTankGoPhishEvilginxMXToolBoxDomainToolspdfidolevbaCyberCheftheHarvesterEmailRepurlscan.ioVirusTotalWHOISShodanCensysMaltegoPhishTankGoPhishEvilginxMXToolBoxDomainToolspdfidolevbaCyberCheftheHarvesterEmailRep

Included Courses

BEGINNER

Phishing & OSINT Beginner

Learn to detect, analyze, and investigate phishing campaigns, from email indicators and SSL certificate analysis to malicious document triage, attacker infrastructure tracking, and controlled simulation with GoPhish.

1 guided lab11h

119 EUR

View Beginner Details →
INTERMEDIATE

Phishing & OSINT Intermediate

Advanced phishing investigation: polymorphic kit analysis, domain forensics, email authentication bypass (SPF/DKIM/DMARC), MFA attack simulation with Evilginx, and professional threat intelligence reporting.

2 guided labs13h

159 EUR

View Intermediate Details →

Why Choose the Full Pack?

Get the Beginner + Intermediate courses bundled together and unlock exclusive extras.

Save 79 EUR
Beginner + Intermediate courses (24h)
All 4 guided labs with isolated VMs
All per-module + certification exams
2 HTK certificates (Beginner + Intermediate)
Extra consolidation lab
Lifetime access + priority support
Access to the HTK community
Join Waitlist →
199 EUR278 EUR

Roadmap

Each phase maps to a course module; scroll to reveal your full progression from beginner fundamentals to intermediate mastery.

1

Phase 1

Beginner

Introduction to Phishing & OSINT Methodology

Start your phishing & osint journey with Phishing & OSINT Beginner.

  • Phishing taxonomy: email, SMS (smishing), voice (vishing), QR (quishing), pop-up, DNS pharming, watering hole
  • Anatomy of a phishing attack: phases, impersonation techniques, social engineering, and common attacker resources
  • Real-world impact: identity theft, financial fraud, reputational damage, and remediation costs
2

Phase 2

Beginner

Phishing Types, Detection & Response

  • Email phishing indicators: sender verification, domain inspection, link analysis, attachment red flags
  • Spear phishing, whaling, and CEO fraud: OSINT-driven personalization, urgency, and internal impersonation
  • DNS-based attacks: pharming, malicious redirections, and fraudulent infrastructure
3

Phase 3

Beginner

SSL/TLS Certificate Analysis for Phishing Detection

  • Certificate fundamentals: DV, OV, EV types, trust chains, and validity periods
  • Risks of self-signed certificates on fraudulent websites
  • SSL/TLS concepts: integrity, confidentiality, and Certificate Transparency (CT) logs
4

Phase 4

Beginner

Open-Source Tools & Controlled Phishing Simulation + Certification

  • Introduction to phishing simulation frameworks (authorized lab environments only)
  • Tools overview: Blackeye, SET (Social Engineering Toolkit), Zphisher, GoPhish, Evilginx, TeamsPhisher
  • Creating and importing phishing templates for awareness testing and internal assessments
5

Phase 5

Intermediate

Advanced Phishing Techniques & Kit Analysis

Advance into complex scenarios with Phishing & OSINT Intermediate.

  • Polymorphic phishing for signature-based filter evasion
  • Phishing-as-a-Service (PhaaS) ecosystem and underground kit marketplace
  • HTTPS in phishing: the false confidence of the padlock icon
6

Phase 6

Intermediate

Domain Analysis & Infrastructure Forensics

  • Domain taxonomy: gTLD, sTLD, ccTLD, TLDs most abused in phishing campaigns
  • Domain lifecycle analysis: registration, activity, expiration, and expired domain abuse
  • DNS fundamentals for phishing analysis: record types, DNS attacks, and DNSSEC mitigations
7

Phase 7

Intermediate

Email Analysis & Sender Authentication Forensics

  • Email architecture: MTA, MUA, MDA, SMTP, POP3, IMAP4, mail delivery flow
  • Authentication and anti-spoofing protocols: SPF, DKIM, DMARC, ARC, and BIMI
  • HTML URL concealment techniques used in phishing emails
8

Phase 8

Intermediate

Advanced Simulation & Campaign Report + Certification

  • Advanced lab operations with Blackeye, SET, Zphisher, GoPhish, Evilginx, and TeamsPhisher
  • Campaign simulation design: evaluating human vectors and technical controls
  • Advanced session, 2FA, and corporate messaging risks with AiTM techniques
Phishing & OSINT Learning Path: Beginner to Intermediate Cybersecurity Course | HackTheKnowledge | HackTheKnowledge