fbpx

51+ Branches Worldwide | +91 9.105.106.105

ADVANCED DIPLOMA IN ETHICAL HACKING

Introduction to Certified Penetration Testing Engineers (Ethical Hacking)

  • Approach
  • Difference between VA &PT
  • Red Team Vs Blue Team
  • Types of VAPT

Introduction of Linux (Linux is a cornerstone of ethical hacking and cybersecurity)

  • History of Linux
  • Introduction to Linux and its distribution 
  • File system of Linux
  • Kernel of Linux
  • Lab setup
  • Basic commands of Linux
  • OSINT tools(practical)
  • Basics of networking

Introduction to Network Security

  • Basic introduction to how a network security works
  • Network Penetration Testing using NMAP
  • Mastering Metasploit Framework
  • Crafting with Scapy and Hping3 Wifi
  • Scrapping plant code

Practical Tools:

  • Netcat
  • Connecting to a TCP/UDP Port
  • Listening on a TCP/UDP Port
  • Transferring Files with Netcat
  • Remote Administration with Netcat
  • Socat
  • Netcat Vs Socat
  • Socat File Transfer
  • Socat Reverse Shells
  • Socat Encrypted Bind Shell
  • PowerShell and File Transfer
  • PowerShell ReverseShell
  • PowerShell Bind Shells
  • PowerCat

Introduction to Web Application Security

  • Interception request through Burp Suite RFI & LFI ( Remote File Inclusion and Local file Inclusion )
  • vulnerability study DOS – Denial of Service and DDOSD – Distributed Denial of service attack and its countermeasure SQL injection
  • XSS- Cross site scripting attack and its countermeasure.

File Transfer

  • Consideration and Preparation
  • Danger of transferring Attack Tools
  • Installing Pure –FTPd
  • The Non Interactive Shell
  • Transferring Files with Window Hosts
  • Non Interactive FTP download
  • Window downloading using scripting language
  • Windows Downloads with exe2hex and PowerShell
  • Windows uploads using Window Scripting Language
  • Uploading Files with TFTP

Sniffing

  • Active Sniffing
  • Passive Sniffing
  • Packet Sniffing
  • Packet Creation using Scapy

Phishing

Auditing and Compliances

  • Basic principles of assessment and auditing
  • IT LAWS AND ACTS
  • Studying ISO 27001:2005
  • Risk Assessment
  • Live vulnerability assessment
  • Hardening of Linux Services

Web Scanners

  • Acunetix
  • Vega
  • ZAP
  • Nikto
  • Sparta

Burpsuite

  • Dashboard
  • Target
  • Proxy
  • Intruder
  • Repeater
  • Decoder
  • Extender
  • Comparer
  • Project options

Web Enumeration

  • Directory Fuzzing
  • Subdomain Enumeration
  • Eyewitness
  • Google Dorking
  • Shodan

CMS Testing

  • What is CMS
  • Wpscan
  • Joomla
  • Cmsmap

Metasploit

  • Introduction
  • Information gathering
  • Payloads
  • Auxiliary
  • Meterpreter
  • Encoders
  • Evasion

PowerShell Empire

  • Installation, setup and usage
  • PowerShell Empire Syntax
  • Listener and Stager
  • The Empire Agent
  • PowerShell Modules
  • Situational Awareness
  • Credential and Privilege Escalation
  • Lateral Movement
  • Switching Between Empire and Metasploit

Network VAPT

  • Information gathering
  • Nmap scan
  • Nessus
  • Backdoors
  • Packet analysis
  • Protocol analysis
  • Network traffic analysis (Wireshark)
  • Traffic filtering and monitoring
  • Dos and DDOs Attack

Port Redirection and Tunneling

  • RINETD
  • SSH Tunneling
  • SSH Local Port Forwarding
  • SSH Remote Port Forwarding
  • SSH Dynamic Port Forwarding
  • PLINK.exe
  • NETSH
  • HTTPTunnel-ing Through deep packet Inspection
  • Wrapping Up

Active Directory Attack

  • Active Directory Theory
  • Active Directory Enumeration
  • Traditional Approach
  • A Modern Approach
  • Resolving Nested Groups
  • Currently Logged on user
  • Enumeration Through Service principal names
  • Active Directory Authentication
  • NTML Authentication
  • Kerberos Authentication
  • Cached Credential Storage and retrieval
  • Service account attack
  • Low and Slow Password Guessing
  • Active Directory Persistence
  • Golden Tricks
  • Domain Controller Synchronization

OWASP Top 10

  • What is the OWASP Top 10?
  • OWASP Top 10 Vulnerabilities
  • Broken access controls
  • Cryptographic failures
  • Injection
  • Insecure design
  • Security misconfiguration
  • Vulnerable and outdated components
  • Identification & authentication failures
  • Software and data integrity failures
  • Insufficient logging & monitoring
  • Server-side request forgery (SSRF)

Bug Bounty Hunting

  • What is Bug bounty
  • Bug bounty platform
  • Common vulnerabilities
  • Making valid POC’s

Web VAPT Reporting

  • Ways to Report
  • Formatting & Guidelines of Report
  • Case Study

Malware Analysis

  • Static malware analysis
  • Dynamic malware analysis
  • Reverse engineering malware
  • Behaviour-based malware analysis
  • Sandbox analysis for malware
  • Malware persistence mechanism
  • Malware detection and evasion techniques

Incident Response and Recovery

  • Incident response lifecycle and its phases
  • Developing effective incident response plans
  • Hands-on incident handling and containment exercises
  • Post-incident analysis, recovery, and lessons learned

Advance Diploma in Ethical Hacking equips students with comprehensive knowledge and skills in cybersecurity, focusing on identifying and mitigating security threats through ethical hacking techniques. This diploma is designed for individuals aiming to become proficient in safeguarding systems against cyber attacks, whether they are aspiring cybersecurity professionals or IT specialists looking to enhance their security expertise.

ETHICAL-HACKING
Phone
Email
WhatsApp
WhatsApp
Phone
Email

How May We Help You Today ?