ETHICAL HACKING – A Web, Social Media Marketing, Multimise IT Training – SAP, Mobile APP, Python, Java, C, C++, .NET, AI/ML, Ethical Hacking, React, Data Science

Your cart is empty!

View Cart Checkout

Cart subtotal: ₹0.00

ETHICAL HACKING TRAINING – REAL-TIME

Ethical Hacker

Core Ethical Hacker
Advanced Ethical Hacker

Core Ethical Hacker

CORE ETHICAL HACKING COURSE SYLLABUS – 20 HOURS

SESSION 1 [1.5 hours]

Disclaimer
Hacking overview
Types of hacking
Types of hackers
Cyber Laws
Interesting terminologies
Various cyber security domains; its career opportunities
Live DEMO on Google Hacking

SESSION 2 [1.5 hours]

How internet works?
How file transfer happens? – OSI Layer overview
How; Why do you hack?
Types of IP Address (Private IP/Public IP/Static IP/Dynamic IP)
Hands-on windows utilities – Pinging/Trace route
Live DEMO on basic Windows commands

SESSION 3 [1.5 hours]

Important Protocols
Firewall; Anti virus
Man in the Middle Attacks
Live DEMO on Sniffing the packet using Wire shark

SESSION 4 [1.5 hours]

Advance IP scanner
Host discovery Tools
Port Scanning
Live DEMO on Nmap; its features

SESSION 5 [1.5 hours]

Linux Basic commands
Installing Kali Linux
Kali Linux Tools overview
Live DEMO on Kali Linux Tools

SESSION 6 [1.5 hours]

Foot printing
Information gathering
Vulnerability scanning
Active Fingerprinting
Passive Fingerprinting
Live DEMO on Metasploit attacks

SESSION 7 [1.5 hours]

System hacking methodologies
Registries and Rootkits
Stenography; analysis
Live DEMO and Working on Cain; Abel

SESSION 8 [1.5 hours]

Trojans; analysis.
Difference between Virus/Malware/Worms
ARP/DNS poisoning
Live DEMO on Key loggers

SESSION 9 [1.5 hours]

Details on Exploit DB/CVE/NVD
Windows/Linux Enumeration
DNS/NTP Enumeration
SNMP/SMB Enumeration
Live DEMO on Enumeration

SESSION 10 [1.5 hours]

Phishing Attacks; consequences
Social Engineering Attacks
Live DEMO on Password cracking (Dictionary/Brute force)

SESSION 11 [1.5 hours]

Hacking into Wireless devices
Vulnerability scanners
Live DEMO on Nessus

SESSION 12 [1.5 hours]

Pentesting and its types.
How Web Works?
Proxy; its importance
OWASP TOP 10 vulnerabilities overview
Hands on SQL Injection
Live DEMO on SQLmap

SESSION 13 [2 hours]

Live Demo on Web based attacks using Burp Suite
Cross site scripting
Live Demo on Beef to hack into social networks.
What more to learn?
Conclusion

Advanced Ethical Hacker

ADVANCED ETHICAL HACKER – Web App Hacking & Penetration Testing (WAHPT) (40 Hrs)

Introduction to Cyber Security

Disclaimer
Basic Skills required.
Hacking & its Types
New Terminologies.
Career Overview
Live demo of Google hacking

How Things works

How internet works?
How web application works?
Domain & Sub-domain
URL, URI & URN
Types of IP Address: Private IP/Public IP
Types of IP Address: Static IP/Dynamic IP
Live demo on windows utilities

Layers & Protocols Use cases

Purpose of protocols in OSI Layer.
Purpose of protocols in Application layer.
Vulnerability & OSI stacks
Live Demo on Wire-shark

Penetration Testing & OWASP TOP-10 Overview.

Type of Penetration Testing
Penetration Testing Methodology
OWASP TOP-10 Overview.

Building your own Pen-tester Lab

Installing & Working of Virtual Machine
Installing & Working of Xampp
Installing DVWA/Mutillidae on Windows
Live Demo on Nikto & its switches.

Deep dive into HTTP/HTTPS

HTTP Basics (Request/Response)
Understanding Web application architecture.
HTTP Methods Testing
HTTP Basic Authentication
Attacking HTTP Basic Authentication
Live demo on Netcat Lab

Burp suite Overview & working

Burp suite – Overview
Attacking web using Burp suite
Difference between Automated & Manual Testing
Live demo on Burp & its features

Initial Research on Target Application

Overview on Kali Linux Tools.
Improper Error Handling.
Using Components with known vulnerabilities.
Live demo on Nmap & its switches
Live Demo on Known vulnerabilities.

Sensitive Data Exposure.

Credentials transport over an unencrypted channel
Insecure Storage on application/Database.
Password sent in GET Request.
Information disclosure (credit card information, passwords or personal information)
Demo on Tampering, manipulating & Attacking a web application.

Unvalidated redirects & Forwards.

Injection

HTML Injection
Command injection
XML Injection
XPath Injection

Local & Remote file inclusion vulnerability basics

Remote code execution
Local file inclusion
OS command Injection
Live demo on Metasploits

Beyond Alert XSS

Basics of JavaScript
Stored cross site scripting
Reflected cross site scripting
DOM cross site scripting

SQL Basic Queries Overview & Understanding

How SQL Query works
SQL Injection Overview
Manually Exploiting SQL Injection
Types of SQL Injection
Live demo on hacking SQL database & its details.

Live hacking a website using SQLmap.

Detecting Web Technology details
Detecting Database information
Detection of Table & column details
Detecting stored credentials
Dumping Entire database
Taking control over SQL shell.

Malicious File upload (Shell Uploads)

Bypassing PHP File restriction
Bypassing Black list restrictions
Bypassing using MIME (Multi-purpose Internet Mail Extensions) Type
Bypass using double extension I
Bypass using double extension II
Bypass File content verification
Live demo on malicious file uploads.

Compromising User Accounts by manipulating parameter values & Escalating the privileges.

Credentials transport over an encrypted channel
Username/Password Enumeration
Default or guessable (dictionary) user account
Automation Attacks (Brute Force Testing)
Captcha Testing (weakness)
Insecure Direct Object Reference (Parameter Tampering)
Missing Functional Level Access

Session Management Testing

Session Management Schema (Weak Session Token)
Cookies attributes(Cookies are set not ‘HTTP Only’, ‘Secure’, and no time validity)
Session Fixation/Hijacking
Time out(logout) mechanism

Cross Site Request Forgery (CSRF)

Miscellaneous

poisoning web services
poisoning web sockets
Report Session.
Capture the Flag (CTF)