Month 5 Box - Cyber Security

Lesson 1 - What is Ethical Hacking

Lesson 1: What is Ethical Hacking? (+ Legal Disclaimer)


Welcome to Month 5 of CraftingTable Academy! This month, you’ll begin your journey into the exciting world of Cyber Security and Ethical Hacking—learning how real-world security professionals think, act, and defend systems.


Before diving into the tools, it’s important to understand what ethical hacking is, how it’s different from illegal activity, and the responsibilities that come with this knowledge.


🧠 What Is Ethical Hacking?


Ethical hacking means testing systems for vulnerabilities—but only with permission.


This is the foundation of careers like:


  • Security researchers
  • Bug bounty hunters
  • Red team professionals


When done correctly, ethical hacking helps secure people and systems. But when done without permission or in public spaces, it crosses into illegal or unethical behavior.


🎩 White Hat vs. Black Hat


In cybersecurity, you’ll often hear these terms:


  • White Hat: Ethical hackers who help defend systems
  • Black Hat: Criminal hackers who break into systems
  • Gray Hat: Hackers in a murky middle ground


At CraftingTable Academy, you’ll always be a White Hat. That means:


✅ You only test on devices you own or have explicit permission to use

✅ You never run tools on public networks or shared school/work devices

✅ You learn to protect, not to harm


⚖️ Legal Disclaimer (Must Read)


This month’s tools and lessons are for educational purposes only.


By continuing, you agree:

  • You will only experiment on your own devices or ones where you’ve been given explicit permission
  • You will not use these tools on school networks, public Wi-Fi, or any system without authorization
  • CraftingTable Academy is not liable for any misuse of this knowledge


⚠️ Full-screen disclaimer shown in video:


Illegal use includes:

❌ Running password recovery on school systems

❌ Using hacking tools on shared or public devices

❌ Accessing accounts or systems you don’t own


🔍 Fun Side Activity: See If You've Been Breached


To understand how real breaches affect everyday people, we’ll use HaveIBeenPwned.com — a database that shows whether your email address has been exposed in known data breaches.


Instructions:

  1. Visit HaveIBeenPwned.com
  2. Enter your email address (do not enter your password)
  3. If your email appears, take note of:
  • The breached site
  • What kind of data was leaked (passwords, usernames, IPs, etc.)
  • When the breach occurred


This helps you understand just how exposed your digital life might be, and why security matters.


🛠️ The video includes a screen recording using a fake/demo email to show how it works.


📚 Homework Assignment:


  1. Visit HaveIBeenPwned.com and check two of your real email addresses
  2. Make a private list of any websites where you’ve reused passwords
  3. If any of those sites appear in the breach results, immediately change your password and strongly consider using a password manager


🔐 Why This Matters

This isn’t just about learning tools—it’s about learning to think like a defender.


This month, you’ll gain hands-on experience with:

  • USB payload delivery tools
  • Wireless scanners
  • AI-powered smart glasses
  • And much more


But today, we ground everything in the ethical framework needed to use those tools responsibly.


Tomorrow, you’ll start building your first cyber tool: AI-powered smart glasses using the XIAO ESP32S3 and open-source computer vision.


See you in Lesson 2!