Ethical Hacking and Penetration Testing


Duration: 90+ Hrs

Mode: Offline

Code: SDC23CS002

Enroll

Syllabus

  1. Introduction
    • Introduction to Hacking
    • Introduction to Penetration testing
    • Fundamental security concepts
    • Security laws and standards
    • Careers in cyber security
    • Markdown basics
    • Git and Github basics
    • Setting up virtual machines
    • Setting up labs
  2. Linux Fundamentals
    • Linux OS structure
    • Linux architecture
    • Linux history & distros
    • Setting up Kali linux Virtual Machine
    • Setting up Parrot OS Virtual Machine
    • Setting up Kali linux in Raspberry pi
    • Useful commands
    • File systems
    • The Terminal
    • Managing Users
    • Services
    • Basic Network Commands
    • Installing & uninstalling Tools
    • Troubleshooting Basics
    • Automation using Bash scripting
  3. Network Fundamentals
    • Introduction
    • Network Devices
    • Network Architecture
    • Hubs, Switches, Routers
    • Servers
    • Maintaining Network Devices: Software and Firmware
    • OSI model
    • TCP / Ip model
    • IP address, URL
    • DNS
    • Network Protocols
    • Wireless networks
    • Virtual Private Network (VPN)
    • Ports and firewalls
    • SSH, FTP, SMTP
  4. Open-Source Intelligence (OSINT)
    • OSINT Ethics and Moral Dilemmas
    • Types of OSINT
    • Tools and Techniques
    • ONSIT through website analysis
    • Automating the ONSIT process
    • OSINT defense
  5. Social Engineering
    • Introduction to Social Engineering
    • Social Engineering Penetration testing process
    • Exploitation of the Human Element
    • Phishing, Spear Phishing, Whaling, Vishing, SMiShing.
    • Social Engineering Toolkit (SET)
    • Automating Phishing
    • Stopping Phishing
    • Countermeasures and Recommendations
  6. Network Scanning & Discovery
    • Installing Nmap
    • Nmap Basics
    • Constructing an Nmap Scan
    • Scan Techniques
    • Host discovery
    • Installing Wireshark
    • Packet Sniffing with wireshark
    • Analyzing captured traffic
    • DNS Enumeration
    • Ping, Hping3
  7. Web Application Hacking & Pentesting
    • OWASP Top 10
    • web application hacking methodulogy
    • Web application vulnerability scanning tools
    • Web application reconnaissance
    • SQL injection
    • Authentication vulnerabilities
    • Directory traversal
    • OS Command Injection
    • Access control & privilege escalation
    • File upload vulnerabilities
    • Cross-site scripting (XSS)
    • Cross-site request forgery (CSRF)
  8. Wireless Hacking
    • Introduction to wireless technology
    • WLAN, RFID device and NFC
    • Wireless hacking methodology
    • Wifi hacking tools
    • Wifi security auditing tools
    • Designing wifi hacking models
    • Bluetooth Hacking
    • Wireless attacks & Countermeasures
  9. Password Cracking
    • Securing Your Password
    • Hashing
    • Password cracking tools
    • Cain and Abel, Hash Suite, John the Ripper
    • Brute-Force and Password Cracking Lab
  10. IOT Hacking
    • OWASP Top 10 for IOT
    • IoT Communication Models and OS
    • IoT Attacks and Threats
    • IoT Attack Countermeasures
    • Iot Hacking Tools
  11. Denial Of Service
    • DoS attack
    • DDos attack
    • DoS/DDos attack techniques
    • DoS/DDos attack tools
    • DoS/DDos attack detection techniques
    • DoS/DDos attack protection tools
  12. Cryptography
    • Cryptography
    • Encryption Algorithms
    • Hashing
    • Digital Certificates
    • Digital Signatures
    • Cryptography Tools
    • Email Encryption
    • Disk Encryption
    • Cryptography Attacks and Countermeasures
  13. Report Writing
    • Goal of penetration testing reports
    • Report formats
    • Report components