Cyber Security Training
Curriculum
-
Cyber Security Building Blocks
-
Introduction to Cyber Security
-
Threats and Vulnerabilities
-
Cyber Security Breaches
-
What is Ethical Hacking, Penetration Testing and Methodologies
-
Roles and Responsibilities
-
ICT Infrastructure-Networks and Systems
-
Fundamentals of Networking
-
Overview of the TCP/IP Protocol suite
-
Internet Protocols
-
Packet Structure
-
Wireshark-Deep dive into network packets and frames
-
Routing,Switching and Zoning
-
Overview of Network Security Architecture
-
Cloud Computing and Virtualization
-
Internet Information Services(IIS)
-
IT System Infrastructure
-
Different Protocols-Various Attacks & Defenses for each of them
-
CIS Benchmarking
-
Linux for Penetration Testers
-
History of Unix and Linux,Introduction to Linux
-
Linux Distribution
-
Introduction to Kali Linux
-
Shell & File Structure
-
File System & Permission
-
A-Z Linux Commands
-
Linux Utilities
-
Introduction to Network Security
-
CIA Triad
-
Firewalls and Types of Firewalls,DMZ
-
Port Security,IDS/IPS
-
Honeypot
-
Access Control,Authentication and Authorization
-
Identity Privilege and Access Management,Principles of Least privilege
-
Zero Trust Architecture
-
Implementing of Defense in Depth
-
Network Access Control
-
Data Leak Prevention
-
EndPoint Security ,Patch Management
-
Offensive Security and Cyber kill chain
-
People,Process,Technology
-
Hacking Phase
-
Tor – The Anonymity Network
-
VPN
-
OSINT
-
Cyber Kill Chain Framework
-
Module 01: Ethical Hacking: An Introduction (10 Hours)
-
Overview of Information Security
-
Internet is an Integral Part of Business and Personal Life – What Happens Online in 60 Seconds
-
Essential Terminology
-
Elements of Information Security
-
The Security, Functionality, and Usability Triangle
-
Attack Vectors and Threats to Information Security
-
Motives, Goals, and Objectives of Information Security Attacks
-
Top Information Security Attack Vectors
-
Information Security Threat Categories
-
Types of Attacks on a System
-
Information Warfare
-
Basic Concepts of Hacking
-
What is Hacking?
-
Who is a Hacker?
-
Hacker Classes
-
Hacking Phases
-
Basic Concepts of Ethical Hacking
-
What is Ethical Hacking?
-
Why is Ethical Hacking Necessary?
-
Scope and Limitations of Ethical Hacking
-
Skills of an Ethical Hacker
-
Information Security Controls
-
Information Assurance (IA)
-
Information Security Management Program
-
Enterprise Information Security Architecture (EISA)
-
Network Security Zoning
-
Basics of Reconnaissance and Footprinting(15 Hours)
-
Concepts of Footprinting
-
What is Footprinting?
-
Objectives of Footprinting
-
Footprinting Using Search Engines
-
Footprinting through Search Engines
-
Footprint Using Advanced Google Hacking Techniques
-
Information Gathering Using Google Advanced Search and Image Search
-
Google Hacking Database
-
VoIP and VPN Footprinting through Google Hacking Database
-
Footprinting Using Web Services
-
Finding Company’s Top-Level Domains (TLDs) and Sub-Domains
-
Finding the Geographical Location of the Target
-
People Search on Social Networking Sites and People Search Services
-
Gathering Information from LinkedIn
-
Gathering Information from Financial Services
-
Footprinting through Job Sites
-
Monitoring Target Using Alerts
-
Information Gathering Using Groups, Forums, and Blogs
-
Determining the Operating System
-
VoIP and VPN Footprinting through SHODAN
-
Footprinting Using Social Networking Sites
-
Collecting Information through Social Engineering on Social Networking Sites
-
Footprinting of Websites
-
Website Footprinting
-
Website Footprinting using Web Spiders
-
Mirroring Entire Website
-
Extracting Website Information from https://archive.org
-
Extracting Metadata of Public Documents
-
Monitoring Web Pages for Updates and Changes
-
Footprinting of Emails
-
Tracking Email Communications
-
Collecting Information from Email Header
-
Email Tracking Tools
-
Competitive Intelligence
-
Competitive Intelligence Gathering
-
Competitive Intelligence – When When did this company begin? How did it develop?
-
Competitive Intelligence – What are the company’s plans?
-
Competitive Intelligence – What do expert opinions say about the company?
-
Monitoring Website Traffic of Target Company
-
Tracking Online Reputation of the Target
-
Footprinting using Whois
-
Whois Lookup
-
Whois Lookup Result Analysis
-
Whois Lookup Tools
-
Finding IP Geolocation Information
-
DNS Footprinting
-
Extracting DNS Information
-
DNS Interrogation Tools
-
Network Footprinting
-
Locate the Network Range
-
Traceroute
-
Traceroute Analysis
-
Traceroute Tools
-
Footprinting by Social Engineering
-
Footprinting through Social Engineering
-
Collect Information Using Eavesdropping, Shoulder Surfing, and Dumpster Diving
-
Tools used for Footprinting
-
Maltego
-
Recon-ng
-
FOCA
-
Recon-Dog
-
OSRFramework
-
Additional Footprinting Tools
-
Countermeasures
-
Footprinting Countermeasures
-
Network Scanning(15Hours)
-
Concepts Network Scanning
-
Overview of Network Scanning
-
TCP Communication Flags
-
TCP/IP Communication
-
Creating Custom Packet Using TCP Flags
-
Scanning in IPv6 Networks
-
Tools used for Scanning
-
Nmap
-
Hping2 / Hping3
-
Scanning Tools
-
Scanning Tools for Mobile
-
Techniques used for Scanning
-
Scanning Techniques
-
Scanning Beyond IDS and Firewall
-
IDS/Firewall Evasion Techniques
-
Banner Grabbing
-
Banner Grabbing
-
How to Identify Target System OS
-
Banner Grabbing Countermeasures
-
Network Diagrams
-
Drawing Network Diagrams
-
Network Discovery and Mapping Tools
-
Network Discovery Tools for Mobile
-
Scanning Pen Testing
-
Basics of Enumeration(10 Hours)
-
Concepts of Enumeration
-
What is Enumeration?
-
Techniques for Enumeration
-
Services and Ports to Enumerate
-
NetBIOS Enumeration
-
NetBIOS Enumeration
-
NetBIOS Enumeration Tools
-
Enumerating User Accounts
-
Enumerating Shared Resources Using Net View
-
SNMP Enumeration
-
Simple Network Management Protocol (SNMP) Enumeration
-
Working of SNMP
-
Management Information Base (MIB)
-
SNMP Enumeration Tools
-
LDAP Enumeration
-
LDAP Enumeration
-
LDAP Enumeration Tools
-
NTP Enumeration
-
NTP Enumeration Commands
-
NTP Enumeration Tools
-
SMTP and DNS Enumeration
-
SMTP Enumeration
-
SMTP Enumeration Tools
-
DNS Enumeration Using Zone Transfer
-
Vulnerability Analysis(10Hours)
-
Vulnerability Research
-
Vulnerability Classification
-
What is Vulnerability Assessment?
-
Types of Vulnerability Assessment
-
Vulnerability-Management Life Cycle
-
Solutions for Vulnerability Assessment
-
Comparing Approaches to Vulnerability Assessment
-
Working of Vulnerability Scanning Solutions
-
Types of Vulnerability Assessment Tools
-
Characteristics of a Good Vulnerability Assessment Solution
-
Choosing a Vulnerability Assessment Tool
-
Criteria for Choosing a Vulnerability Assessment Tool
-
Best Practices for Selecting Vulnerability Assessment Tools
-
Vulnerability Scoring Systems
-
Common Vulnerability Scoring System (CVSS)
-
Common Vulnerabilities and Exposures (CVE)
-
National Vulnerability Database (NVD)
-
Resources for Vulnerability Research
-
Vulnerability Assessment Tools
-
Vulnerability Assessment Tools
-
Vulnerability Assessment Tools for Mobile
-
basics of System Hacking(15Hours)
-
Concepts of System Hacking
-
CEH Hacking Methodology (CHM)
-
System Hacking Goals
-
Cracking Passwords
-
Password Cracking
-
Types of Password Attacks
-
5 Password Recovery Tools
-
Microsoft Authentication
-
How Hash Passwords Are Stored in Windows SAM?
-
NTLM Authentication Process
-
Kerberos Authentication
-
Password Salting
-
Tools to Extract the Password Hashes
-
Password Cracking Tools
-
How to Defend against Password Cracking
-
How to Defend against LLMNR/NBT-NS Poisoning
-
Escalating Privileges
-
Privilege Escalation
-
Privilege Escalation Using DLL Hijacking
-
Privilege Escalation by Exploiting Vulnerabilities
-
Privilege Escalation Using Dylib Hijacking
-
Privilege Escalation using Spectre and Meltdown Vulnerabilities
-
Other Privilege Escalation Techniques
-
How to Defend Against Privilege Escalation
-
Executing Applications
-
Executing Applications
-
Keylogger
-
Spyware
-
How to Defend Against Keyloggers
-
How to Defend Against Spyware
-
Hiding Files
-
Rootkits
-
NTFS Data Stream
-
What is Steganography?
-
Covering Tracks
-
Covering Tracks
-
Disabling Auditing: Auditpol
-
Clearing Logs
-
Manually Clearing Event Logs
-
Ways to Clear Online Tracks
-
Covering BASH Shell Tracks
-
Covering Tracks on Network
-
Covering Tracks on OS
-
Covering Tracks Tools
-
Penetration Testing
-
Password Cracking
-
Privilege Escalation
-
Executing Applications
-
Hiding Files
-
Covering Tracks
-
Threats from Malware(15 Hours)
-
Introduction to Malware
-
Different Ways Malware can Get into a System
-
Common Techniques Attackers Use to Distribute Malware on the Web
-
Components of Malware
-
Concepts of Trojans
-
What is a Trojan?
-
How Hackers Use Trojans
-
Common Ports Used by Trojans
-
How to Infect Systems Using a Trojan
-
Trojan Horse Construction Kit
-
Wrappers
-
How Attackers Deploy a Trojan
-
Exploit Kits
-
Evading Anti-Virus Techniques
-
Types of Trojans
-
Concepts of Viruses and Worms
-
Introduction to Viruses
-
Stages of Virus Life
-
Working of Viruses
-
Indications of Virus Attack
-
How does a Computer Get Infected by Viruses
-
Virus Hoaxes
-
Fake Antiviruses
-
Ransomware
-
Types of Viruses
-
Creating Virus
-
Computer Worms
-
Worm Makers
-
Malware Analysis
-
What is Sheep Dip Computer?
-
Anti-Virus Sensor Systems
-
Introduction to Malware Analysis
-
Malware Analysis Procedure: Preparing Testbed
-
Static Malware Analysis
-
Dynamic Malware Analysis
-
Virus Detection Methods
-
Virus Analysis: WannaCry
-
Countermeasures
-
Trojan Countermeasures
-
Backdoor Countermeasures
-
Virus and Worms Countermeasures
-
Basics of Sniffing(15Hours)
-
Concepts of Sniffing
-
Network Sniffing
-
Types of Sniffing
-
How an Attacker Hacks the Network Using Sniffers
-
Protocols Vulnerable to Sniffing
-
Sniffing in the Data Link Layer of the OSI Model
-
Hardware Protocol Analyzers
-
SPAN Port
-
Wiretapping
-
Lawful Interception
-
Sniffing Technique: MAC Attacks
-
MAC Address/CAM Table
-
How CAM Works
-
What Happens When CAM Table Is Full?
-
MAC Flooding
-
Switch Port Stealing
-
How to Defend against MAC Attacks
-
Sniffing Technique: DHCP Attacks
-
How DHCP Works
-
DHCP Request/Reply Messages
-
DHCP Starvation Attack
-
Rogue DHCP Server Attack
-
How to Defend Against DHCP Starvation and Rogue Server Attack
-
Sniffing Technique: ARP Poisoning
-
What Is Address Resolution Protocol (ARP)?
-
ARP Spoofing Attack
-
Threats of ARP Poisoning
-
ARP Poisoning Tools
-
How to Defend Against ARP Poisoning
-
Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
-
ARP Spoofing Detection Tools
-
Sniffing Technique: Spoofing Attacks
-
MAC Spoofing/Duplicating
-
MAC Spoofing Technique: Windows
-
MAC Spoofing Tools
-
IRDP Spoofing
-
How to Defend Against MAC Spoofing
-
Sniffing Technique: DNS Poisoning
-
DNS Poisoning Techniques
-
How to Defend Against DNS Spoofing
-
Tools for Sniffing
-
Sniffing Tool: Wireshark
-
Display Filters in Wireshark
-
Additional Wireshark Filters
-
Sniffing Tools
-
Packet Sniffing Tools for Mobile
-
Countermeasures
-
How to Defend Against Sniffing
-
Social Engineering(15 Hours)
-
Concepts of Social Engineering
-
What is Social Engineering?
-
Phases of a Social Engineering Attack
-
Techniques of Social Engineering
-
Types of Social Engineering
-
Human-based Social Engineering
-
Computer-based Social Engineering
-
Mobile-based Social Engineering
-
Insider Threats
-
Insider Threat / Insider Attack
-
Type of Insider Threats
-
Impersonation on Social Networking Sites
-
Social Engineering Through Impersonation on Social Networking Sites
-
Impersonation on Facebook
-
Social Networking Threats to Corporate Networks
-
Identity Theft
-
Identity Theft
-
Countermeasures
-
Social Engineering Countermeasures
-
Insider Threats Countermeasures
-
Identity Theft Countermeasures
-
How to Detect Phishing Emails?
-
Anti-Phishing Toolbar
-
Common Social Engineering Targets and Defense Strategies
-
Social Engineering Pen-Testing
-
Social Engineering Pen-Testing
-
Social Engineering Pen-Testing Tools
-
Denial-of-Service Attack(10Hours)
-
DoS/DDoS Concepts
-
What is a Denial-of-Service Attack?
-
What is Distributed Denial-of-Service Attack?
-
Techniques used for DoS/DDoS Attacks
-
Basic Categories of DoS/DDoS Attack Vectors
-
UDP Flood Attack
-
ICMP Flood Attack
-
Ping of Death and Smurf Attack
-
SYN Flood Attack
-
Fragmentation Attack
-
HTTP GET/POST and Slowloris Attacks
-
Multi-Vector Attack
-
Peer-to-Peer Attacks
-
Permanent Denial-of-Service Attack
-
Distributed Reflection Denial-of-Service (DRDoS)
-
Botnets
-
Organized Cyber Crime: Organizational Chart
-
Botnet
-
A Typical Botnet Setup
-
Botnet Ecosystem
-
Scanning Methods for Finding Vulnerable Machines
-
How Malicious Code Propagates?
-
Botnet Trojans
-
DDoS Case Study
-
Hackers Advertise Links to Download Botnet
-
Use of Mobile Devices as Botnets for Launching DDoS Attacks
-
DDoS Case Study: Dyn DDoS Attack
-
Tools used for DoS/DDoS Attack
-
DoS/DDoS Attack Tools
-
DoS and DDoS Attack Tool for Mobile
-
Countermeasures
-
Detection Techniques
-
DoS/DDoS Countermeasure Strategies
-
DDoS Attack Countermeasures
-
Techniques to Defend against Botnets
-
DoS/DDoS Countermeasures
-
DoS/DDoS Protection at ISP Level
-
Enabling TCP Intercept on Cisco IOS Software
-
Tools used for DoS/DDoS Protection
-
Advanced DDoS Protection Appliances
-
DoS/DDoS Protection Tools
-
Session Hijacking(15 Hours)
-
Concepts of Session Hijacking
-
What is Session Hijacking?
-
Why Session Hijacking is Successful?
-
Session Hijacking Process
-
Packet Analysis of a Local Session Hijack
-
Types of Session Hijacking
-
Session Hijacking in OSI Model
-
Spoofing vs. Hijacking
-
Application Level Session Hijacking
-
Application Level Session Hijacking
-
Compromising Session IDs using Sniffing and Predicting Session Token
-
Compromising Session IDs Using Man-in-the-Middle Attack
-
Compromising Session IDs Using Man-in-the-Browser Attack
-
Compromising Session IDs Using Client-side Attacks
-
Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
-
Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
-
Compromising Session IDs Using Session Replay Attack
-
Compromising Session IDs Using Session Fixation
-
Session Hijacking Using Proxy Servers
-
Network Level Session Hijacking
-
TCP/IP Hijacking
-
IP Spoofing: Source Routed Packets
-
RST Hijacking
-
Blind Hijacking
-
UDP Hijacking
-
MiTM Attack Using Forged ICMP and ARP Spoofing
-
Session Hijacking Tools
-
Session Hijacking Tools
-
Session Hijacking Tools for Mobile
-
Countermeasures
-
Session Hijacking Detection Methods
-
Protecting against Session Hijacking
-
Methods to Prevent Session Hijacking: To be Followed by Web Developers
-
How to Evade IDS, Firewalls, and Honeypots(10 Hours)
-
Concepts of IDSs, Firewalls, and Honeypots
-
Intrusion Detection System (IDS)
-
Firewall
-
Honeypot
-
IDS, Firewall, and Honeypot Solutions
-
Intrusion Detection Tool
-
Firewalls
-
Honeypot Tools
-
IDS Evasion
-
IDS Evasion Techniques
-
Tools for IDS/Firewall Evasion
-
IDS/Firewall Evasion Tools
-
Packet Fragment Generator Tools
-
Detecting Honeypots
-
Detecting and Defeating Honeypots
-
Honeypot Detection Tool: Send-Safe Honeypot Hunter
-
IDS/Firewall Evasion Countermeasures
-
How to Defend Against IDS Evasion
-
How to Defend Against Firewall Evasion
-
Penetration Testing
-
Firewall/IDS Penetration Testing
-
Basics of Hacking Web Servers(10 Hours)
-
Web Server Concepts
-
Web Server Operations
-
Open Source Web Server Architecture
-
IIS Web Server Architecture
-
Web Server Security Issue
-
Why Web Servers Get Compromised?
-
Impact of Web Server Attacks
-
Attacks of Web Servers
-
DoS/DDoS Attacks
-
DNS Server Hijacking
-
DNS Amplification Attack
-
Directory Traversal Attacks
-
Man-in-the-Middle/Sniffing Attack
-
Phishing Attacks
-
Website Defacement
-
Web Server Misconfiguration
-
HTTP Response Splitting Attack
-
Web Cache Poisoning Attack
-
SSH Brute Force Attack
-
Web Server Password Cracking
-
Methodology of Web Server Attacks
-
Information Gathering
-
Web Server Footprinting/Banner Grabbing
-
Website Mirroring
-
Tools of Web Server Attacks
-
Metasploit
-
Web Server Attack Tools
-
Countermeasures
-
Place Web Servers in Separate Secure Server Security Segment on Network
-
Countermeasures
-
Web Application Hacking(10 Hours)
-
Web App Concepts
-
Introduction to Web Applications
-
Web Application Architecture
-
Web 2.0 Applications
-
Vulnerability Stack
-
Threats to Web App
-
OWASP Top 10 Application Security Risks – 2017
-
Other Web Application Threats
-
Hacking Methodology
-
Web App Hacking Methodology
-
Footprint Web Infrastructure
-
Attack Web Servers
-
Analyze Web Applications
-
Bypass Client-Side Controls
-
Attack Authentication Mechanism
-
Attack Authorization Schemes
-
Attack Access Controls
-
Web App Hacking Tools
-
Web Application Hacking Tools
-
Countermeasures
-
Web Application Fuzz Testing
-
Source Code Review
-
Encoding Schemes
-
Basics of SQL Injection(15 Hours)
-
SQL Injection Concepts
-
What is SQL Injection?
-
SQL Injection and Server-side Technologies
-
Understanding HTTP POST Request
-
Understanding Normal SQL Query
-
Understanding an SQL Injection Query
-
Types of SQL Injection
-
Types of SQL Injection
-
SQL Injection Methodology
-
SQL Injection Methodology
-
SQL Injection Tools
-
SQL Injection Tools for Mobile
-
Countermeasures
-
How to Defend Against SQL Injection Attacks
-
SQL Injection Detection Tools
-
Wireless Network Hacking(10 Hours)
-
Wireless Concepts
-
Wireless Terminologies
-
Wireless Networks
-
Wireless Standards
-
Service Set Identifier (SSID)
-
Wi-Fi Authentication Modes
-
Wireless Encryption
-
Types of Wireless Encryption
-
WEP vs. WPA vs. WPA2
-
Wireless Threats
-
Wireless Hacking Methodology
-
Wireless Hacking Methodology
-
Tools for Wireless Hacking
-
WEP/WPA Cracking Tools
-
WEP/WPA Cracking Tool for Mobile
-
Wi-Fi Sniffer
-
Countermeasures
-
Wireless Security Layers
-
How to Defend Against WPA/WPA2 Cracking
-
How to Defend Against KRACK Attacks
-
How to Detect and Block Rogue AP
-
How to Defend Against Wireless Attacks
-
How to Defend Against Bluetooth Hacking
-
Tools Wireless Security
-
Wireless Intrusion Prevention Systems
-
Wireless IPS Deployment
-
Hacking Mobile Platforms(15 Hours)
-
Mobile Platform Attack Vectors
-
Vulnerable Areas in Mobile Business Environment
-
OWASP Top 10 Mobile Risks – 2016
-
Anatomy of a Mobile Attack
-
How a Hacker Can Profit from Mobile when Successfully Compromised
-
Mobile Attack Vectors and Mobile Platform Vulnerabilities
-
Hacking Android OS
-
Android OS
-
Android Rooting
-
Blocking Wi-Fi Access using NetCut
-
Hacking with zANTI
-
Hacking Networks Using Network Spoofer
-
Launching DoS Attack using Low Orbit Ion Cannon (LOIC)
-
Performing Session Hijacking Using DroidSheep
-
Mobile Spyware
-
Mobile Spyware
-
Mobile Spyware: mSpy
-
Mobile Spywares
-
Mobile Device Management
-
Mobile Device Management (MDM)
-
Mobile Device Management Solutions
-
Bring Your Own Device (BYOD)
-
Mobile Security Guidelines and Tools
-
General Guidelines for Mobile Platform Security
-
Mobile Device Security Guidelines for Administrator
-
Mobile Pen Testing
-
Android Phone Pen Testing
-
Basics of IoT Hacking (10 Hours)
-
IoT Concepts
-
What is IoT
-
How IoT Works
-
IoT Architecture
-
IoT Application Areas and Devices
-
Attacks on IoT
-
IoT Security Problems
-
OWASP Top 10 IoT Vulnerabilities and Obstacles
-
IoT Attack Surface Areas
-
IoT Threats
-
Methodology used for IoT Hacking
-
What is IoT Device Hacking?
-
IoT Hacking Methodology
-
Tools used for IoT Hacking
-
Information Gathering Tools
-
Sniffing Tools
-
Vulnerability Scanning Tools
-
Countermeasures
-
How to Defend Against IoT Hacking
-
General Guidelines for IoT Device Manufacturing Companies
-
Basics of Cloud Computing(10 Hours)
-
Introduction to Cloud Computing
-
Separations of Responsibilities in Cloud
-
Cloud Deployment Models
-
Cloud Computing Threats
-
Cloud Computing Attacks
-
Service Hijacking using Social Engineering Attacks
-
Service Hijacking using Network Sniffing
-
Session Hijacking using XSS Attack
-
Session Hijacking using Session Riding
-
Domain Name System (DNS) Attacks
-
Best Practices for Securing Cloud
-
NIST Recommendations for Cloud Security
-
Organization/Provider Cloud Security Compliance Checklist
-
Cloud Security Tools
-
Basics of Cryptography (5 Hours)
-
Cryptography Concepts
-
Cryptography
-
Government Access to Keys (GAK)
-
Encryption Algorithms
-
Ciphers
-
Data Encryption Standard (DES)
-
Advanced Encryption Standard (AES)
-
Cryptography Tools
-
MD5 Hash Calculators
-
Hash Calculators for Mobile
-
Cryptography Tools
-
Email Encryption
-
Digital Signature
-
Secure Sockets Layer (SSL)
-
Transport Layer Security (TLS)
-
Countermeasures
-
How to Defend Against Cryptographic Attacks
-
Cyber Security Building Blocks
- Introduction to Cyber Security
- Threats and Vulnerabilities
- Cyber Security Breaches
- What is Ethical Hacking, Penetration Testing and Methodologies
- Roles and Responsibilities
- ICT Infrastructure-Networks and Systems
- Fundamentals of Networking
- Overview of the TCP/IP Protocol suite
- Internet Protocols
- Packet Structure
- Wireshark-Deep dive into network packets and frames
- Routing,Switching and Zoning
- Overview of Network Security Architecture
- Cloud Computing and Virtualization
- Internet Information Services(IIS)
- IT System Infrastructure
- Different Protocols-Various Attacks & Defenses for each of them
- CIS Benchmarking
- Linux for Penetration Testers
- History of Unix and Linux,Introduction to Linux
- Linux Distribution
- Introduction to Kali Linux
- Shell & File Structure
- File System & Permission
- A-Z Linux Commands
- Linux Utilities
- Introduction to Network Security
- CIA Triad
- Firewalls and Types of Firewalls,DMZ
- Port Security,IDS/IPS
- Honeypot
- Access Control,Authentication and Authorization
- Identity Privilege and Access Management,Principles of Least privilege
- Zero Trust Architecture
- Implementing of Defense in Depth
- Network Access Control
- Data Leak Prevention
- EndPoint Security ,Patch Management
- Offensive Security and Cyber kill chain
- People,Process,Technology
- Hacking Phase
- Tor – The Anonymity Network
- VPN
- OSINT
- Cyber Kill Chain Framework
-
Module 01: Ethical Hacking: An Introduction (10 Hours)
- Overview of Information Security
- Internet is an Integral Part of Business and Personal Life – What Happens Online in 60 Seconds
- Essential Terminology
- Elements of Information Security
- The Security, Functionality, and Usability Triangle
- Attack Vectors and Threats to Information Security
- Motives, Goals, and Objectives of Information Security Attacks
- Top Information Security Attack Vectors
- Information Security Threat Categories
- Types of Attacks on a System
- Information Warfare
- Basic Concepts of Hacking
- What is Hacking?
- Who is a Hacker?
- Hacker Classes
- Hacking Phases
- Basic Concepts of Ethical Hacking
- What is Ethical Hacking?
- Why is Ethical Hacking Necessary?
- Scope and Limitations of Ethical Hacking
- Skills of an Ethical Hacker
- Information Security Controls
- Information Assurance (IA)
- Information Security Management Program
- Enterprise Information Security Architecture (EISA)
- Network Security Zoning
-
Basics of Reconnaissance and Footprinting(15 Hours)
- Concepts of Footprinting
- What is Footprinting?
- Objectives of Footprinting
- Footprinting Using Search Engines
- Footprinting through Search Engines
- Footprint Using Advanced Google Hacking Techniques
- Information Gathering Using Google Advanced Search and Image Search
- Google Hacking Database
- VoIP and VPN Footprinting through Google Hacking Database
- Footprinting Using Web Services
- Finding Company’s Top-Level Domains (TLDs) and Sub-Domains
- Finding the Geographical Location of the Target
- People Search on Social Networking Sites and People Search Services
- Gathering Information from LinkedIn
- Gathering Information from Financial Services
- Footprinting through Job Sites
- Monitoring Target Using Alerts
- Information Gathering Using Groups, Forums, and Blogs
- Determining the Operating System
- VoIP and VPN Footprinting through SHODAN
- Footprinting Using Social Networking Sites
- Collecting Information through Social Engineering on Social Networking Sites
- Footprinting of Websites
- Website Footprinting
- Website Footprinting using Web Spiders
- Mirroring Entire Website
- Extracting Website Information from https://archive.org
- Extracting Metadata of Public Documents
- Monitoring Web Pages for Updates and Changes
- Footprinting of Emails
- Tracking Email Communications
- Collecting Information from Email Header
- Email Tracking Tools
- Competitive Intelligence
- Competitive Intelligence Gathering
- Competitive Intelligence – When When did this company begin? How did it develop?
- Competitive Intelligence – What are the company’s plans?
- Competitive Intelligence – What do expert opinions say about the company?
- Monitoring Website Traffic of Target Company
- Tracking Online Reputation of the Target
- Footprinting using Whois
- Whois Lookup
- Whois Lookup Result Analysis
- Whois Lookup Tools
- Finding IP Geolocation Information
- DNS Footprinting
- Extracting DNS Information
- DNS Interrogation Tools
- Network Footprinting
- Locate the Network Range
- Traceroute
- Traceroute Analysis
- Traceroute Tools
- Footprinting by Social Engineering
- Footprinting through Social Engineering
- Collect Information Using Eavesdropping, Shoulder Surfing, and Dumpster Diving
- Tools used for Footprinting
- Maltego
- Recon-ng
- FOCA
- Recon-Dog
- OSRFramework
- Additional Footprinting Tools
- Countermeasures
- Footprinting Countermeasures
-
Network Scanning(15Hours)
- Concepts Network Scanning
- Overview of Network Scanning
- TCP Communication Flags
- TCP/IP Communication
- Creating Custom Packet Using TCP Flags
- Scanning in IPv6 Networks
- Tools used for Scanning
- Nmap
- Hping2 / Hping3
- Scanning Tools
- Scanning Tools for Mobile
- Techniques used for Scanning
- Scanning Techniques
- Scanning Beyond IDS and Firewall
- IDS/Firewall Evasion Techniques
- Banner Grabbing
- Banner Grabbing
- How to Identify Target System OS
- Banner Grabbing Countermeasures
- Network Diagrams
- Drawing Network Diagrams
- Network Discovery and Mapping Tools
- Network Discovery Tools for Mobile
- Scanning Pen Testing
-
Basics of Enumeration(10 Hours)
- Concepts of Enumeration
- What is Enumeration?
- Techniques for Enumeration
- Services and Ports to Enumerate
- NetBIOS Enumeration
- NetBIOS Enumeration
- NetBIOS Enumeration Tools
- Enumerating User Accounts
- Enumerating Shared Resources Using Net View
- SNMP Enumeration
- Simple Network Management Protocol (SNMP) Enumeration
- Working of SNMP
- Management Information Base (MIB)
- SNMP Enumeration Tools
- LDAP Enumeration
- LDAP Enumeration
- LDAP Enumeration Tools
- NTP Enumeration
- NTP Enumeration Commands
- NTP Enumeration Tools
- SMTP and DNS Enumeration
- SMTP Enumeration
- SMTP Enumeration Tools
- DNS Enumeration Using Zone Transfer
-
Vulnerability Analysis(10Hours)
- Vulnerability Research
- Vulnerability Classification
- What is Vulnerability Assessment?
- Types of Vulnerability Assessment
- Vulnerability-Management Life Cycle
- Solutions for Vulnerability Assessment
- Comparing Approaches to Vulnerability Assessment
- Working of Vulnerability Scanning Solutions
- Types of Vulnerability Assessment Tools
- Characteristics of a Good Vulnerability Assessment Solution
- Choosing a Vulnerability Assessment Tool
- Criteria for Choosing a Vulnerability Assessment Tool
- Best Practices for Selecting Vulnerability Assessment Tools
- Vulnerability Scoring Systems
- Common Vulnerability Scoring System (CVSS)
- Common Vulnerabilities and Exposures (CVE)
- National Vulnerability Database (NVD)
- Resources for Vulnerability Research
- Vulnerability Assessment Tools
- Vulnerability Assessment Tools
- Vulnerability Assessment Tools for Mobile
-
basics of System Hacking(15Hours)
- Concepts of System Hacking
- CEH Hacking Methodology (CHM)
- System Hacking Goals
- Cracking Passwords
- Password Cracking
- Types of Password Attacks
- 5 Password Recovery Tools
- Microsoft Authentication
- How Hash Passwords Are Stored in Windows SAM?
- NTLM Authentication Process
- Kerberos Authentication
- Password Salting
- Tools to Extract the Password Hashes
- Password Cracking Tools
- How to Defend against Password Cracking
- How to Defend against LLMNR/NBT-NS Poisoning
- Escalating Privileges
- Privilege Escalation
- Privilege Escalation Using DLL Hijacking
- Privilege Escalation by Exploiting Vulnerabilities
- Privilege Escalation Using Dylib Hijacking
- Privilege Escalation using Spectre and Meltdown Vulnerabilities
- Other Privilege Escalation Techniques
- How to Defend Against Privilege Escalation
- Executing Applications
- Executing Applications
- Keylogger
- Spyware
- How to Defend Against Keyloggers
- How to Defend Against Spyware
- Hiding Files
- Rootkits
- NTFS Data Stream
- What is Steganography?
- Covering Tracks
- Covering Tracks
- Disabling Auditing: Auditpol
- Clearing Logs
- Manually Clearing Event Logs
- Ways to Clear Online Tracks
- Covering BASH Shell Tracks
- Covering Tracks on Network
- Covering Tracks on OS
- Covering Tracks Tools
- Penetration Testing
- Password Cracking
- Privilege Escalation
- Executing Applications
- Hiding Files
- Covering Tracks
-
Threats from Malware(15 Hours)
- Introduction to Malware
- Different Ways Malware can Get into a System
- Common Techniques Attackers Use to Distribute Malware on the Web
- Components of Malware
- Concepts of Trojans
- What is a Trojan?
- How Hackers Use Trojans
- Common Ports Used by Trojans
- How to Infect Systems Using a Trojan
- Trojan Horse Construction Kit
- Wrappers
- How Attackers Deploy a Trojan
- Exploit Kits
- Evading Anti-Virus Techniques
- Types of Trojans
- Concepts of Viruses and Worms
- Introduction to Viruses
- Stages of Virus Life
- Working of Viruses
- Indications of Virus Attack
- How does a Computer Get Infected by Viruses
- Virus Hoaxes
- Fake Antiviruses
- Ransomware
- Types of Viruses
- Creating Virus
- Computer Worms
- Worm Makers
- Malware Analysis
- What is Sheep Dip Computer?
- Anti-Virus Sensor Systems
- Introduction to Malware Analysis
- Malware Analysis Procedure: Preparing Testbed
- Static Malware Analysis
- Dynamic Malware Analysis
- Virus Detection Methods
- Virus Analysis: WannaCry
- Countermeasures
- Trojan Countermeasures
- Backdoor Countermeasures
- Virus and Worms Countermeasures
-
Basics of Sniffing(15Hours)
- Concepts of Sniffing
- Network Sniffing
- Types of Sniffing
- How an Attacker Hacks the Network Using Sniffers
- Protocols Vulnerable to Sniffing
- Sniffing in the Data Link Layer of the OSI Model
- Hardware Protocol Analyzers
- SPAN Port
- Wiretapping
- Lawful Interception
- Sniffing Technique: MAC Attacks
- MAC Address/CAM Table
- How CAM Works
- What Happens When CAM Table Is Full?
- MAC Flooding
- Switch Port Stealing
- How to Defend against MAC Attacks
- Sniffing Technique: DHCP Attacks
- How DHCP Works
- DHCP Request/Reply Messages
- DHCP Starvation Attack
- Rogue DHCP Server Attack
- How to Defend Against DHCP Starvation and Rogue Server Attack
- Sniffing Technique: ARP Poisoning
- What Is Address Resolution Protocol (ARP)?
- ARP Spoofing Attack
- Threats of ARP Poisoning
- ARP Poisoning Tools
- How to Defend Against ARP Poisoning
- Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
- ARP Spoofing Detection Tools
- Sniffing Technique: Spoofing Attacks
- MAC Spoofing/Duplicating
- MAC Spoofing Technique: Windows
- MAC Spoofing Tools
- IRDP Spoofing
- How to Defend Against MAC Spoofing
- Sniffing Technique: DNS Poisoning
- DNS Poisoning Techniques
- How to Defend Against DNS Spoofing
- Tools for Sniffing
- Sniffing Tool: Wireshark
- Display Filters in Wireshark
- Additional Wireshark Filters
- Sniffing Tools
- Packet Sniffing Tools for Mobile
- Countermeasures
- How to Defend Against Sniffing
-
Social Engineering(15 Hours)
- Concepts of Social Engineering
- What is Social Engineering?
- Phases of a Social Engineering Attack
- Techniques of Social Engineering
- Types of Social Engineering
- Human-based Social Engineering
- Computer-based Social Engineering
- Mobile-based Social Engineering
- Insider Threats
- Insider Threat / Insider Attack
- Type of Insider Threats
- Impersonation on Social Networking Sites
- Social Engineering Through Impersonation on Social Networking Sites
- Impersonation on Facebook
- Social Networking Threats to Corporate Networks
- Identity Theft
- Identity Theft
- Countermeasures
- Social Engineering Countermeasures
- Insider Threats Countermeasures
- Identity Theft Countermeasures
- How to Detect Phishing Emails?
- Anti-Phishing Toolbar
- Common Social Engineering Targets and Defense Strategies
- Social Engineering Pen-Testing
- Social Engineering Pen-Testing
- Social Engineering Pen-Testing Tools
-
Denial-of-Service Attack(10Hours)
- DoS/DDoS Concepts
- What is a Denial-of-Service Attack?
- What is Distributed Denial-of-Service Attack?
- Techniques used for DoS/DDoS Attacks
- Basic Categories of DoS/DDoS Attack Vectors
- UDP Flood Attack
- ICMP Flood Attack
- Ping of Death and Smurf Attack
- SYN Flood Attack
- Fragmentation Attack
- HTTP GET/POST and Slowloris Attacks
- Multi-Vector Attack
- Peer-to-Peer Attacks
- Permanent Denial-of-Service Attack
- Distributed Reflection Denial-of-Service (DRDoS)
- Botnets
- Organized Cyber Crime: Organizational Chart
- Botnet
- A Typical Botnet Setup
- Botnet Ecosystem
- Scanning Methods for Finding Vulnerable Machines
- How Malicious Code Propagates?
- Botnet Trojans
- DDoS Case Study
- Hackers Advertise Links to Download Botnet
- Use of Mobile Devices as Botnets for Launching DDoS Attacks
- DDoS Case Study: Dyn DDoS Attack
- Tools used for DoS/DDoS Attack
- DoS/DDoS Attack Tools
- DoS and DDoS Attack Tool for Mobile
- Countermeasures
- Detection Techniques
- DoS/DDoS Countermeasure Strategies
- DDoS Attack Countermeasures
- Techniques to Defend against Botnets
- DoS/DDoS Countermeasures
- DoS/DDoS Protection at ISP Level
- Enabling TCP Intercept on Cisco IOS Software
- Tools used for DoS/DDoS Protection
- Advanced DDoS Protection Appliances
- DoS/DDoS Protection Tools
-
Session Hijacking(15 Hours)
- Concepts of Session Hijacking
- What is Session Hijacking?
- Why Session Hijacking is Successful?
- Session Hijacking Process
- Packet Analysis of a Local Session Hijack
- Types of Session Hijacking
- Session Hijacking in OSI Model
- Spoofing vs. Hijacking
- Application Level Session Hijacking
- Application Level Session Hijacking
- Compromising Session IDs using Sniffing and Predicting Session Token
- Compromising Session IDs Using Man-in-the-Middle Attack
- Compromising Session IDs Using Man-in-the-Browser Attack
- Compromising Session IDs Using Client-side Attacks
- Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
- Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
- Compromising Session IDs Using Session Replay Attack
- Compromising Session IDs Using Session Fixation
- Session Hijacking Using Proxy Servers
- Network Level Session Hijacking
- TCP/IP Hijacking
- IP Spoofing: Source Routed Packets
- RST Hijacking
- Blind Hijacking
- UDP Hijacking
- MiTM Attack Using Forged ICMP and ARP Spoofing
- Session Hijacking Tools
- Session Hijacking Tools
- Session Hijacking Tools for Mobile
- Countermeasures
- Session Hijacking Detection Methods
- Protecting against Session Hijacking
- Methods to Prevent Session Hijacking: To be Followed by Web Developers
-
How to Evade IDS, Firewalls, and Honeypots(10 Hours)
- Concepts of IDSs, Firewalls, and Honeypots
- Intrusion Detection System (IDS)
- Firewall
- Honeypot
- IDS, Firewall, and Honeypot Solutions
- Intrusion Detection Tool
- Firewalls
- Honeypot Tools
- IDS Evasion
- IDS Evasion Techniques
- Tools for IDS/Firewall Evasion
- IDS/Firewall Evasion Tools
- Packet Fragment Generator Tools
- Detecting Honeypots
- Detecting and Defeating Honeypots
- Honeypot Detection Tool: Send-Safe Honeypot Hunter
- IDS/Firewall Evasion Countermeasures
- How to Defend Against IDS Evasion
- How to Defend Against Firewall Evasion
- Penetration Testing
- Firewall/IDS Penetration Testing
-
Basics of Hacking Web Servers(10 Hours)
- Web Server Concepts
- Web Server Operations
- Open Source Web Server Architecture
- IIS Web Server Architecture
- Web Server Security Issue
- Why Web Servers Get Compromised?
- Impact of Web Server Attacks
- Attacks of Web Servers
- DoS/DDoS Attacks
- DNS Server Hijacking
- DNS Amplification Attack
- Directory Traversal Attacks
- Man-in-the-Middle/Sniffing Attack
- Phishing Attacks
- Website Defacement
- Web Server Misconfiguration
- HTTP Response Splitting Attack
- Web Cache Poisoning Attack
- SSH Brute Force Attack
- Web Server Password Cracking
- Methodology of Web Server Attacks
- Information Gathering
- Web Server Footprinting/Banner Grabbing
- Website Mirroring
- Tools of Web Server Attacks
- Metasploit
- Web Server Attack Tools
- Countermeasures
- Place Web Servers in Separate Secure Server Security Segment on Network
- Countermeasures
-
Web Application Hacking(10 Hours)
- Web App Concepts
- Introduction to Web Applications
- Web Application Architecture
- Web 2.0 Applications
- Vulnerability Stack
- Threats to Web App
- OWASP Top 10 Application Security Risks – 2017
- Other Web Application Threats
- Hacking Methodology
- Web App Hacking Methodology
- Footprint Web Infrastructure
- Attack Web Servers
- Analyze Web Applications
- Bypass Client-Side Controls
- Attack Authentication Mechanism
- Attack Authorization Schemes
- Attack Access Controls
- Web App Hacking Tools
- Web Application Hacking Tools
- Countermeasures
- Web Application Fuzz Testing
- Source Code Review
- Encoding Schemes
-
Basics of SQL Injection(15 Hours)
- SQL Injection Concepts
- What is SQL Injection?
- SQL Injection and Server-side Technologies
- Understanding HTTP POST Request
- Understanding Normal SQL Query
- Understanding an SQL Injection Query
- Types of SQL Injection
- Types of SQL Injection
- SQL Injection Methodology
- SQL Injection Methodology
- SQL Injection Tools
- SQL Injection Tools for Mobile
- Countermeasures
- How to Defend Against SQL Injection Attacks
- SQL Injection Detection Tools
-
Wireless Network Hacking(10 Hours)
- Wireless Concepts
- Wireless Terminologies
- Wireless Networks
- Wireless Standards
- Service Set Identifier (SSID)
- Wi-Fi Authentication Modes
- Wireless Encryption
- Types of Wireless Encryption
- WEP vs. WPA vs. WPA2
- Wireless Threats
- Wireless Hacking Methodology
- Wireless Hacking Methodology
- Tools for Wireless Hacking
- WEP/WPA Cracking Tools
- WEP/WPA Cracking Tool for Mobile
- Wi-Fi Sniffer
- Countermeasures
- Wireless Security Layers
- How to Defend Against WPA/WPA2 Cracking
- How to Defend Against KRACK Attacks
- How to Detect and Block Rogue AP
- How to Defend Against Wireless Attacks
- How to Defend Against Bluetooth Hacking
- Tools Wireless Security
- Wireless Intrusion Prevention Systems
- Wireless IPS Deployment
-
Hacking Mobile Platforms(15 Hours)
- Mobile Platform Attack Vectors
- Vulnerable Areas in Mobile Business Environment
- OWASP Top 10 Mobile Risks – 2016
- Anatomy of a Mobile Attack
- How a Hacker Can Profit from Mobile when Successfully Compromised
- Mobile Attack Vectors and Mobile Platform Vulnerabilities
- Hacking Android OS
- Android OS
- Android Rooting
- Blocking Wi-Fi Access using NetCut
- Hacking with zANTI
- Hacking Networks Using Network Spoofer
- Launching DoS Attack using Low Orbit Ion Cannon (LOIC)
- Performing Session Hijacking Using DroidSheep
- Mobile Spyware
- Mobile Spyware
- Mobile Spyware: mSpy
- Mobile Spywares
- Mobile Device Management
- Mobile Device Management (MDM)
- Mobile Device Management Solutions
- Bring Your Own Device (BYOD)
- Mobile Security Guidelines and Tools
- General Guidelines for Mobile Platform Security
- Mobile Device Security Guidelines for Administrator
- Mobile Pen Testing
- Android Phone Pen Testing
-
Basics of IoT Hacking (10 Hours)
- IoT Concepts
- What is IoT
- How IoT Works
- IoT Architecture
- IoT Application Areas and Devices
- Attacks on IoT
- IoT Security Problems
- OWASP Top 10 IoT Vulnerabilities and Obstacles
- IoT Attack Surface Areas
- IoT Threats
- Methodology used for IoT Hacking
- What is IoT Device Hacking?
- IoT Hacking Methodology
- Tools used for IoT Hacking
- Information Gathering Tools
- Sniffing Tools
- Vulnerability Scanning Tools
- Countermeasures
- How to Defend Against IoT Hacking
- General Guidelines for IoT Device Manufacturing Companies
-
Basics of Cloud Computing(10 Hours)
- Introduction to Cloud Computing
- Separations of Responsibilities in Cloud
- Cloud Deployment Models
- Cloud Computing Threats
- Cloud Computing Attacks
- Service Hijacking using Social Engineering Attacks
- Service Hijacking using Network Sniffing
- Session Hijacking using XSS Attack
- Session Hijacking using Session Riding
- Domain Name System (DNS) Attacks
- Best Practices for Securing Cloud
- NIST Recommendations for Cloud Security
- Organization/Provider Cloud Security Compliance Checklist
- Cloud Security Tools
-
Basics of Cryptography (5 Hours)
- Cryptography Concepts
- Cryptography
- Government Access to Keys (GAK)
- Encryption Algorithms
- Ciphers
- Data Encryption Standard (DES)
- Advanced Encryption Standard (AES)
- Cryptography Tools
- MD5 Hash Calculators
- Hash Calculators for Mobile
- Cryptography Tools
- Email Encryption
- Digital Signature
- Secure Sockets Layer (SSL)
- Transport Layer Security (TLS)
- Countermeasures
- How to Defend Against Cryptographic Attacks