Overview
Training Plan
Student Reviews
Talk to Our Advisor
+91 9790 90 1210
Fill the Form To Know More
Module 1: Security Risk Assessment (Ethical Hacking)
Introduction to Ethical Hacking
- What is Hacking
- What is Ethical Hacking
- What is Penetration Testing
- What is Vulnerability Auditing
Footprinting
- What is FootPrinting
- Footprinting Techniques
- Footprinting Website & Tools
Scanning
- What is Network scanning
- Types of Scanners
- Vulnerability Scanner Tools
Proxy
- What is a proxy server
- Types of proxies
- What is a Darkweb
- Why hackers prefer to use Darkweb
Hacking Web Servers & Web Applications
- What is a web server
- Types of web attacks
Session Hijacking
- What is session hijacking
- Session hijacking Techniques
- Session hijacking Tools
Denial of Service
- What is a DoS and DDoS attack
- DoS attack techniques
- DoS attack Tools
System Hacking
- What is System Hacking
- What is Password Cracking
- Password Cracking techniques
- Password Cracking Website & Tools
Sniffers
- What is a sniffer
- Sniffing Techniques
- Sniffing Tools
Phishing
- What is Phishing
- Phishing Techniques
- Phishing Tools
Malware
- What is malware
- Types of malware
- Malware creation Tools
- USB password stealers
Wireless Hacking
- Types of wireless networks
- Wireless Hacking Techniques
- Wireless Hacking Tools
Kali Linux
- What is Kali Linux
- Kali Linux Tools
Training Plan
Cybersecurity Training Fee and Duration | ||
---|---|---|
Track | Regular Track | Weekend (Sat & Sun) |
Duration | 40 – 45 Days | 8 Weekends |
Hours | 2 hours a day | 3 hours a day |
Training Fee | Click Here | Click Here |
Note – The NR training fee doesn’t include exam fees.
Training Schedule for Cybersecurity Course(Regular) | |||||
---|---|---|---|---|---|
Month | 1st Batch | 2nd Batch | 3rd Batch | 4th Batch | 5th Batch |
Sep’20 | 7th Sep’20 | 14th Sep’20 | 21st Sep’20 | 28th Sep’20 | – |
Oct’20 | 5th Oct’20 | 12th Oct’20 | 19th Oct’20 | 26th Oct’20 | – |
Oct’20 | 5th Oct’20 | 12th Oct’20 | 19th Oct’20 | 26th Oct’20 | – |
Oct’20 | 5th Oct’20 | 12th Oct’20 | 19th Oct’20 | 26th Oct’20 | – |
Oct’20 | 5th Oct’20 | 12th Oct’20 | 19th Oct’20 | 26th Oct’20 | – |
Oct’20 | 5th Oct’20 | 12th Oct’20 | 19th Oct’20 | 26th Oct’20 | – |
Module 2 Web Application Penetration Testing
Introduction to Pen testing
- WAPT Methodology
- Phases of Pen Testing
- WAPT Standards
- OWASP
- SANS
- WASC
Introduction to Web Applications
- Working of web applications
- HTT Protocol
- HTTP Request
- HTTP Response
- HTTP Methods
- HTP Status Codes
- Client Server Communication
- HTTP Security (HTTPS)
- Web servers
- Application servers
- Data base servers
Burp Suite
- Introduction to Burp Suite
- Lab Setup
- Working of proxy in Burp Suite
- Working of Intruder in Burp suite
- Working of Repeater in Burp Suite
- Different Attack Types(sniper, Battering
- Ram, Pitch Fork and cluster bomb)
- Encoders
- Extender
- Engagement Tools
SQL Injection
- Introduction to SQL
- SQL Map
- Practical POC
- Authentication Bypass
- Practical POC
- Blind SQL Injection
- Practical POC
- Time Based SQL Injection
- Practical POC
- SQL Injection in Burp Suite
- Practical POC
- Authentication Bypass in Burp Suite
- Practical POC
- Challenges: Authentication Bypass
HTML Injection
- Introduction to HTML
- HTML Tags
- Working of Iframe
- Types of HTML Injections
- Stored HTML Injection
- Practical POC
- Reflected HTML Injection
- Practical POC
- Iframe injection
- Practical POC
- Click Jacking
- Practical POC
Command Injection
- Introduction to Command Injection
- Command injection on DVWA
- Practical POC
Broken Authentication and Session Management
- Introduction to Session id’s
Cookies - Browser Storage Mediums
- Local Storage and Session storage
- HTTP only Flag
- Secure Flag
- Broken Authentication
- Session Hijacking
- Practical POC
- Session Replay
- Practical POC
- Session Fixation
- Practical POC
- Browser cache weakness
- Practical POC
- Testing for Account Lock out policy and strong password policies
- Practical POC
XSS Cross Site Scripting
- Introduction to XSS
- Introduction to Java Script
- Types of XSS
- Stored XSS
- Practical POC
- Reflected XSS
- Practical POC
- DOM based XSS
- Practical POC
- Payload Writing
IDOR – Insecure Direct Object Reference
- Introduction to IDOR Vulnerabilities
- Web root Directories
- Directory Traversal
- Practical POC
- File Upload Vulnerability
- Practical POC
- Introduction to Netcat
- Working of Netcat
- File Inclusions
- Practical POC
Security Misconfiguration
- Introduction to Security Misconfiguration
- Directory Listing
- Dirbuster
- Practical POC
- Sensitive Information Disclosure through error messages
- Practical POC
- Unwanted Services running on the server
- Nmap scanning
- Practical POC
Sensitive Data Exposure
- Introduction to sensitive data Exposure
- Qualys SSL Labs
- Heart beat request
- Heart bleed Vulnerability
- Poodle attack
- HTTP Arbitrary Methods
- Practical POC
Missing Function Level Access Control
- Introduction to Missing function Level Access Control
- Authorization checks
- Practical POC
CSRF – Cross Site Request Forgery
- Introduction to CSRF
- CSRF Vulnerability
- Anti CSRF tokens
- JTokens
- Same Origin Policy
- Practical POC 1
- Practical POC 2
Using components with known Vulnerabilities
- Introduction to using components with known vulnerabilities
- Wappalyzer
- Practical POC 1
- Practical POC 2
Unvalidated Redirects and Forwards
- Introduction to Unvalidated Redirects and Forwards
- Host Header Injection
- Practical POC
- Cross Origin Resource sharing
- Vulnerability
- Practical POC
Remote File Inclusions
- Introduction to Remote File Inclusions
- RFI Attacks
- Practical POC
Security Headers
- Strict-Transport-Security
- Content-Security-Policy
- X-Frame-Options
- X-Content-Type-Options
- Referrer-Policy
- Feature-Policy
Vulnerability Analysis
- Introduction to CVSS Scoring
- CVSS Calculation
- Risk Rating
- Severity level analysis
- Color coding
Vulnerability Scanners
- Demo: Nessus
- Demo: Burp Suite Professional
- Demo: OWASP ZAP
- Demo: Qualys SSL Scanner
- Demo: SQL Map Tool
Mitigations
- SQL Injection Mitigations
- Stored Procedure
- Parameterized procedure
- Input Validation
- Mitigations to HTML Injection
- Mitigations to XSS
- Mitigations to Directory Traversal
- Mitigations to File Upload Vulnerability
- Mitigations to File Inclusion
- Mitigation to security Misconfiguration
- Mitigation to Sensitive Data Exposure
- Mitigations to Host Header Injection
- Mitigations to CROS
- Mitigations to RFI
- Mitigations to XML Injection
Report Writing
- Detailed Reporting of Vulnerabilities with Risk Rating
- Findings
- Mitigations
- Steps to Reproduce
- Support Evidence
Happy Students
Students Reviews
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor.