Duration : 60 Hrs     |    Cost : Rs.10,000 (Rs.2000 off for Alumni)     |    Difficulty : Intermediate     Enroll
Duration : 60 Hrs
Cost : Rs.10,000 (Rs.2000 off for Alumni)
Difficulty : Intermediate

Enroll

Fundamentals

# Topics Discussed
1 Information Security concepts - CIA, Course Objectives
2 Linux Basics - Overthewire Bandit
3 VA/PT - Ethical Hacking Basics

External Pentesting

# Topics Discussed
4 Information Gathering - Passive
5 Notekeeping - Freemind
6 Device Discovery - Basic Scripting
7 Service Discovery - Different Types of Port Scanning
8 Manual Packet Crafting - Automated Port Scanning
9 Basic Service Enumeration - Using nc, ftp, dnsrecon, amap
10 Advanced Service Enumeration
11 Basic Exploitation
12 Basic Privelege Escalation
13 Privelege Escalation - Using Exploits
14 Password Guessing Attacks - Hydra
15 Privelege Escalation - Common Methods
16 Types of Payloads and Types of communication methods
17 Realworld Foothold - Social Engineering - Beef-xss, Virus
18 Stable Connection and Persistence
19 Post Exploitation - Pivoting
20 Stealthy Foothold -Trojan, Macro

Internal Pentesting

# Topics Discussed
21 Device and Service Discovery
22 SNMP Enumeration
23 Wannacry Ransomware Exploit - NSA's Role
24 Blending with traffic using RDP
25 Basics of Active Directory - Local Admin, Domain Admin.
26 Initial foothold - Exploiting a typo
27 Hash Cracking
28 Enumerating Local Admin
29 Token Impersonation
30 Domain Persistence using Domain Admin
31 Extracting krbtgt user credential from DC

Web Application Pentesting

# Topics Discussed
32 Basics of Web Application - Architecture, Components
33 Understanding HTTP Protocol - Verbs, Status Codes
34 Basic HTTP Headers - Wireshark
35 Manually Sending a Web Request from Command Line
36 Understanding and Setting up Intercepting Proxy
37 Understanding Sessions and Cookies
38 Bruteforcing Web Forms - Intruder, Hydra
39 Forced Browsing
40 Understanding and Exploiting CSRF
41 LFI and RFI
42 XSS - Server XSS, Client XSS
43 SQLi - Error, Union, Blind
44 Understanding IDOR

Cryptography & Network Based Attacks

# Topics Discussed
45 Symmetric Encyption, Asymmetric Encryption, Hashing
46 Public Key Infrastructure - CA, Chain of Trust
47 ARP Cache Poisoning, DHCP Startvation

Real World Skills

# Topics Discussed
48 Pre-Engagement - Scoping, NDA, etc.
49 Post-Engagement - Reporting
50 Reporting - Three Sections.
51 CVSS, CVE, CWE