Kapashera, New Delhi, India

Course Description:

This intensive year-long course is designed to equip participants with a deep understanding of cyber security principles, practices, and ethical hacking techniques. The curriculum covers a wide range of topics, from foundational concepts to advanced penetration testing skills, while emphasizing the ethical and responsible use of hacking methodologies.

Prerequisites:

Strong understanding of computer networks, operating systems, and programming languages

Familiarity with basic cyber security concepts

Proficiency in using computers and the internet

The evolution of cyber threats and attacks
Principles of cyber security: confidentiality, integrity, availability
Risk management and threat modeling
Legal and ethical considerations in cyber security

OSI model and TCP/IP stack review
IP addressing and subnetting
Network protocols and vulnerabilities
Network topologies and architecture
Network architecture and segmentation for security
Intrusion Detection and Prevention Systems (IDS/IPS)

Installing Linux Oprating System
Getting Started with Linux Operating System
Accessing the Command Line
Managing Files from the command Line
Creating, Viewing & Editing Test Files
Managing Local Users and Groups
Controlling Access to Files
Monitoring and Managing Linux Process
Controlling Services and Daemons
Configuring and Securing SSH
Configuring Network File Sharing
Samba Server Configuration
FTP Server Configuration
Virtual Host Configuration (Apache2 & Nginx)
Dark web Server Configuration
Analysing and Storing Logs
Archiving and Transferring Files
Managing Networking
Firewall Configurations
Accessing Linux File System
Installing and Updating Software Packages

Operating system concepts and types
Common OS vulnerabilities and exploits
User authentication mechanisms and access controls
Securing operating systems: Windows, Linux, macOS and Android
Patch management and system hardening

Understanding ethical hacking and penetration testing
Principles of ethical hacking and penetration testing
Information gathering and reconnaissance techniques
Scanning and enumeration: tools and methodologies
Vulnerability assessment and reporting

Web application architecture and components
OWASP Top Ten vulnerabilities
Secure coding practices and frameworks
Web application firewalls and security tools

Firewalls, VPNs, Intrusion Detection Systems (IDS)
Virtual Private Networks (VPNs) and encryption
Wireless network security: WEP, WPA, WPA2, WPA3
Network monitoring and incident response
Network architecture design for security

Cryptographic algorithms and protocols
Public key infrastructure (PKI) and digital certificates
Secure communication channels: SSL/TLS, SSH
Implementing encryption in various applications

Introduction to Ethical Hacking
Foot-printing Active & Passive Approach
In-depth Network Scanning
Enumeration User Identification
System Hacking & Password Cracking
Malware, Viruses, Worms, Trojan and backdoor
Sniffers MITM with Kali Linux
Bots and Botnets
Social Engineering Techniques with Practical
Denial of Service DOS & DDOS Attack
Hacking Web servers Server Rooting
Hacking Wireless Networks (Wi-Fi, Bluetooth and RF)
Honeypots
Evading IDS, Firewall
Buffer Overflow
Computer and Mobile Hacking

Advanced SQL injection techniques
Cross-Site Scripting (XSS) variants
Understanding the vulnerabilities and way of Exploiting:

SQL Injection (SQLi)

SQL Authentication Bypass

Cross-Site Scripting (XSS)

Cross-Site Request Forgery (CSRF)

Remote Code Execution (RCE)

File Inclusion Vulnerabilities (LFI/RFI)

Server-Side Request Forgery (SSRF)

XML External Entity (XXE) Attacks

Web Session Hijacking

File Upload Vulnerability

Security Misconfigurations

Insecure Deserialization

Broken Authentication

JWT Token Attack

Insecure Direct Object References (IDOR)

Sensitive Data Exposure

Multi Factor Authentication Bypass

HTTP Request Smuggling

Source Code Disclosure

Directory Path Traversal

HTML Injection

Host Header Injection

Clickjacking

Unvalidated Redirects and Forwards

Server-Side Template Injection (SSTI)

Flood Attack on Web

Application security assessments: Source code review, DAST, SAST
Secure DevOps and continuous security testing
Vulnerability assessment and reporting

Cloud computing models and security challenges
Cloud service provider security features
Securing virtual environments and containers
Identity and access management in the cloud

Mobile app security assessments
Securing mobile devices and APIs
IoT security challenges and best practices
Security implications of wearable technology

Bash Shell Scripting
Using Public Exploits
Antivirus Evasion Techniques
Windows Privilege Escalation
Payload Deployments and File Transfers
Password Attacks
Linux Privilege Escalation
Active Directory Penetration Testing
Port Forwading and Tunnelling
Power Shell Empire
Lab Solving (HackTheBox, VulnHub, TryHackMe, PortSwigger etc.)

In-depth network penetration testing methodologies
Advanced reconnaissance and OSINT techniques
Exploiting complex network vulnerabilities
Reporting and communicating findings effectively

Kernel-level vulnerabilities and exploitation
Advanced memory corruption attacks
Writing custom exploits and payloads
Mitigations and defenses against advanced attacks

Exploiting vulnerabilities: Metasploit, Exploit-DB
Privilege escalation and maintaining access
Covering tracks and post-exploitation activities
Legal and ethical aspects of penetration testing

Introduction to Mobile Penetration testing
Lab Setup
Android Architecture
APK File Structure
Reversing Application with Apktool & MobSF
Static Application Analysis
Scanning Vulnerability
Insecure data storage
Insecure Communication
Insecure Authentication
Insufficient Cryptography
Insecure Authorization
Code Tempering
Reverse Engineering
SSL Pinning
Intercepting network traffic
Excessive Permissions
Runtime Manipulation
Anti Hooking/Debugging
Binary Protection
Application Patching
Sensitive Information in Memory

Overview of Cyber Forensics
Key terminology and concepts
Chain of custody and evidence handling
Digital Evidence Fundamentals
Types of digital evidence (files, logs, metadata)
Evidence collection methods
Tools and software for evidence acquisition
Techniques for creating forensic images
Tools for imaging (autopsy, guymager, bulk-extractor,metagoofill , FTK Imager, EnCase , NetworkMiner)
Understanding file systems (NTFS, FAT32, ext4)
File recovery techniques
Analyzing file metadata and timestamps
Introduction to Network Forensics
Network traffic analysis and capture using Wireshark
Analyzing network logs and packet data
Identifying and tracking network-based attacks
Malware Analysis and Forensics
Types of malware (viruses, worms, ransomware)
Techniques for analyzing malware behavior
Tools for malware analysis (gdb, redare2, Ghidra, IDA Pro, OllyDbg, x64dbg, AndroGuard)

Introduction to IoT
Sensor Network & Wireless Protocol
Review of Electronic Platform, Production and Cost Projection
Mobile App Platform and Middleware for IoT
Machine learning for Intelligent IoT
Analytic Engine for IoT

Cyber laws and regulations worldwide
Ethics in cyber security and hacking
Liability and responsibility of ethical hackers

Understanding blockchain technology
Cryptocurrency vulnerabilities and risks
Smart contract security and auditing

C/C++ Programming
x86_64 Assembly Language
PHP Programming for Vulnerable WebApps Development
Course Objectives:

By the end of this program, students should be able to:

  • Understanding Cyber Security Fundamentals: This course aims to educate students about the fundamental concepts of cybersecurity, including the importance of information security, the threat landscape, and the need for ethical hacking.

  • Ethical Hacking Skills: : One of the primary goals is to teach students how to ethically hack and assess the security of computer systems, networks, and applications. This includes learning penetration testing techniques, vulnerability assessment, and exploitation

  • Defensive Security Knowledge: Students learn how to defend against various cyber threats, such as malware, phishing, and social engineering. Defensive security topics may include firewall configuration, intrusion detection systems (IDS), and incident response.

  • Security Tools and Technologies: This course introduces students to a range of cyber security tools and technologies used in both offensive and defensive roles. This includes tools for scanning, enumeration, exploitation, and monitoring.

  • Cyber Security Best Practices: This course covers best practices for securing computer systems, networks, and data. This includes topics like access control, encryption, and secure coding

₹ 24,000 / ₹ 50,000
  • Duration:12 Months
  • Level:Advanced
  • EMI:Available

About Us

Discover the forefront of digital expertise at our Computer Training & Information Technology Institute. Embark on a journey of hands-on learning, unraveling the complexities of IT systems, programming, and Cyber Security. Led by seasoned professionals, our immersive courses blend theory with practical application, equipping you with essential skills for a dynamic tech landscape. From ethical hacking insights to mastering network administration, ignite your potential with real-world simulations. Join our vibrant community to cultivate proficiency and innovation in the realm of technology. Your gateway to a future-proof career starts here.