Course Overview
Cybersecurity is important because it protects all categories of data from theft and damage. Ethical Hacking.
The Ethical Hacking Program provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act so you will be better positioned to set up your security infrastructure and defend against attacks. By providing an understanding of system weaknesses and vulnerabilities, the course helps students learn to protect their organizations and strengthen their security controls in order to minimize the risk of a malicious attack.
Course Objectives
The objective of the course is to train on the basics of Information Security and prepare for the Certified Ethical Hacking (CEH) certification from EC-Council and PenTest+ Certification from CompTIA.
- Understand the fundamentals of Footprinting & Reconnaissance
- Understand in detail the factors involved in developing a skill for Scanning Networks
- Learn fundamentals of Enumeration and why it is important in the process of becoming a certified Ethical Hacker
- Learn the procedure to check all the vulnerabilities in the systems, computers, and other ecosystem tools
- Learn everything about the compromise of computer systems and software to access the target computer and the misuse of sensitive information
- Understand how malware threat actors use to infect systems and networks to gain access to sensitive information
- Learn the process of monitoring and capturing all data packets passing through a Network
- Learn how to detect weaknesses to address various kinds of security issues
- Understand how an attack against a computer or network reduces, restricts, or prevents accessibility of its system resources to authorized users.
- Understand how to take over an active TCP/IP communication session without the user’s permission.
- Understand the basics and fundamentals of Evading IDS, Firewalls, and Honeypots.
- Learn the basics and introduction to hacking webservers and the dos and don’ts of ethical web server hacking.
- Learn the basics and introduction to hacking webapps and the dos and don’ts of ethical web application hacking.
- Learn about SQL injection – an attack where the hacker makes use of unvalidated user input to enter arbitrary data or SQL commands
- Learn the fundamentals of hacking wireless networks and the applications of ethical wireless network hacking.
- Learn the fundamentals of hacking mobile platforms and the applications of ethical mobile platform hacking.
- Get a deep understanding of what IoT hacking is and how to apply various tools mitigate threats.
- Learn the basics and fundamentals of Cloud computing and cloud security.
- Learn the art of converting text into another form for secret transmission and reception.
Learning Outcomes
At the end of the course, the students would be ready to give the Certified Ethical Hacker (CEH) Certification Test from EC-Council and the PenTest+ Certification Test from CompTIA.
The students will be trained for the below job roles in the industry:
- Cybersecurity Auditor
- Security Administrator
- Cyber Defense Analyst
- Vulnerability Assessment Analyst
- Information Security Analyst/Manager
- Penetration Tester
- Ethical Hacker
- Security Consultant
- Security Engineer
Course Curriculum
Module 1 – Network Fundamentals & Operating Systems
- Network Components
- Network Topology Architecture
- The OSI Model
- Protocols, Addressing & Subnetting
- Switches & Routers
- Firewall and types
- Virtualization Fundamentals
- Types of OS
- Installation of OS (Windows & Kali Linux)
- Active Directory Services
Module 2 – Cyber Security Fundamentals
- What is Cybersecurity?
- Goal of Security – CIA (Confidentiality, Integrity, Availability)
- Cyberattack and types
- Approaches to Cybersecurity
- Key Terms and conditions
- Likelihood and Impact
- Approaches to Risk
- Risk Management
Module 3 – Threats, Attacks & Vulnerabilities
- What is Threat, Vulnerability, and exploit
- Primary classes of attacks
- Primary vulnerabilities or weaknesses
- Identifying Different vulnerabilities Of a Network
- Different mode of transport of attacks
Module 4 – Introduction to Ethical Hacking
- What is Hacking?
- Hacking vs Ethical Hacking
- Hacking phases
- Types of Hackers
- Information Security Controls
- Concepts of Penetration Testing
Module 5 – Reconnaissance
- Footprinting concepts
- Footprinting through Search engines, Web Services, and Social Networking sites
- Website and Email Footprinting
- Active and passive information gathering
- DNS & Network Footprinting
- Tools used in Footprinting
- Pen Testing in Footprinting
Module 6 – Scanning Networks
- Concepts of Network Scanning
- Scanning Techniques and tools
- Active and passive scanning
- What is Banner Grabbing
- Necessary and Un-necessary Services and Ports
- Scanning Pen Testing
Module 7 – Enumeration
- What is Enumeration?
- Types of Enumerations
- Enumeration Techniques
- Enumeration Countermeasures
Module 8 – Vulnerability Analysis
- Concepts of Vulnerability Assessment
- Vulnerability Assessment Solutions and Tools
- Vulnerability Assessment Reports
- Impacts of vulnerabilities on the Network and System
Module 9 – System Hacking
- Concepts of System Hacking
- How to gain access?
- How to crack passwords?
- What is Vulnerability Exploitation?
- Privileges escalation in system hacking
- Maintaining Access
Module 10 – Malware Threats
- Malware Concepts
- Concepts of APT, Trojan, Virus, and Worm
- Malware Analysis
- Malware Countermeasures
- Anti-Malware Software
Module 11 – Sniffing
- Concept of Sniffing
- MAC and DHCP attacks
- What is ARP & DCP Poisoning
- What are Spoofing attacks
- Various Sniffing Tools and Countermeasures
- Sniffing Detection Techniques
Module 12 – Social Engineering
- Social Engineering concepts and techniques
- Insider Threats
- Social Impersonation
- Networking Sites
- Identity Theft
- Social Engineering countermeasures
Module 13 – Denial-of-Service
- DoS/DDoS Concepts
- DoS/DDoS Attack Techniques
- Botnets
- DoS/DDoS Attack Tools
- DoS/DDoS Countermeasures
- DoS/DDoS Protection Tools
Module 14 – Session Hijacking
- Concepts of Session Hijacking
- Application-Level Session Hijacking
- Network Level Session Hijacking
- Session Hijacking Tools
- Session Hijacking Countermeasures
Module 15 – Evading IDs, Firewalls & Honeypots
- IDS, IPS, Firewall, and Honeypot Concepts
- IDS, IPS, Firewall, and Honeypot Solutions
- Evading IDS
- Evading Firewalls
- IDS/Firewall Evading Tools
- Detecting Honeypots
- IDS/Firewall Evasion Countermeasures
Module 16 – Hacking Web Servers
- Concepts of Web Server
- What are Web Server Attacks?
- Web Server Attack Methodology
- Web Server Attack Tools
- Web Server Countermeasures
- Patch Management
- Web Server Security Tools
Module 17 – Hacking Web Applications
- Web App Concepts
- Web App Threats
- Web App Hacking Methodology
- Footprint Web Infrastructure
- Analyze Web Applications
- Bypass Client-Side Controls
- Attack Authentication Mechanism
- Attack Authorization Schemes
- Attack Access Controls
- Attack Session Management Mechanism
- Perform Injection Attacks
- Attack Application Logic Flaws
- Attack Shared Environments
- Attack Database Connectivity
- Attack Web App Client
- Attack Web Services
- Web API, Webhooks and Web Shell
- Web App Security
Module 18 – SQL Injection
- SQL Injection Concepts
- Types of SQL Injection
- SQL Injection Methodology
- SQL Injection Tools
- Evasion Techniques
- SQL Injection Countermeasures
Module 19 – Hacking Wireless Networks
- Wireless Concepts
- What is Wireless Encryption?
- What are Wireless Threats?
- Wireless Hacking Methodology
- Wireless Hacking Tools
- What is Bluetooth Hacking?
- Wireless Countermeasures
- Wireless Security Tools
Module 20 – Hacking Mobile Networks
- Mobile Platform Attack Vectors
- Hacking Android OS
- Hacking iOS
- Mobile Device Management
- Mobile Security Guidelines and Tools
Module 21 – IoT Hacking
- IoT Concepts
- IoT Attacks
- IoT Hacking Methodology
- IoT Hacking Tools
- IoT Countermeasures
Module 22 – Cloud Computing
- Cloud Computing Concepts
- Container Technology
- Serverless Computing
- Cloud Computing Threats
- Cloud Hacking
- Cloud Security
Module 23 – Cryptography
- Cryptography Concepts
- Encryption Algorithms
- Cryptography Tools
- Public Key Infrastructure (PKI)
- Email Encryption
- Disk Encryption
- Cryptanalysis
- Countermeasures