Ethical Hacking

Duration: 5 days – 35 hrs

 

Overview

Ethical Hacking training and certification programs have been battle-hardened over the last 20 years, creating hundreds of thousands. This training course will help students to learn an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be led into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands-on understanding and experience in Ethical Hacking.

On its 12th version training and certification provides comprehensive training, hands-on learning labs, practice cyber ranges for engagement, certification assessments, cyber competitions, and opportunities for continuous learning into one comprehensive program curated through our new learning framework.

 

Objectives

• Key issues plaguing the information security world, incident management process, and penetration testing
• Scan and attack your own networks, without actually harming them
• Network scanning techniques and scanning countermeasures
• Detect intrusions, create policies, social engineering, DDoS attacks, buffer overflows, and even  virus creation
• Enumeration techniques and enumeration countermeasures
• Working of viruses, virus analysis, computer worms, malware analysis procedure, and countermeasures
• System hacking methodology, steganography, steganalysis attacks, and covering tracks
• Different types of Trojans, Trojan analysis, and Trojan countermeasures
• Working of viruses, virus analysis, computer worms, malware analysis procedure, and countermeasures
• Packet sniffing techniques and how to defend against sniffing
• Social Engineering techniques, identify theft, and social engineering countermeasures
• DoS/DDoS attack techniques, botnets, DDoS attack tools, and DoS/DDoS countermeasures
• Session hijacking techniques and countermeasures
• Different types of webserver attacks, attack methodology, and countermeasures
• Different types of web application attacks, web application hacking methodology, and countermeasures
• SQL injection attacks and injection detection tools
• Wireless Encryption, wireless hacking methodology, wireless hacking tools, and wi-fi security tools
• Mobile platform attack vector, android vulnerabilities, jailbreaking iOS, windows phone 8 vulnerabilities, mobile security guidelines, and tools
• Firewall, IDS and honeypot evasion techniques, evasion tools, and countermeasures
• Various cloud computing concepts, threats, attacks, and security techniques and tools
• Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools
• Various types of penetration testing, security audit, vulnerability assessment, and penetration testing roadmap
• Perform vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems.
• Different threats to IoT platforms and learn how to defend IoT devices securely.

 

Audience

• Security Officers 
• Security Auditors
• Security Professionals
• Security Engineers
• Security Consultants
• Security Managers
• IT Director/Managers
• IT Systems Administrators
• IT Network Administrators
• Site Administrators
• Network Architects
• Developers

 

Prerequisites 

• Basic Networking knowledge

 

Course Content

Introduction to Ethical Hacking

• Information Security Overview
• Hacking Methodologies and Frameworks
• Hacking Concepts
• Ethical Hacking Concepts
• Information Security Controls
• Information Security Laws and Standards

 

Footprinting and Reconnaissance

• Footprinting Concepts
• Footprinting through Search Engines
• Footprinting through Web Services
• Footprinting through Social Networking Sites
• Website Footprinting
• Email Footprinting
• Whois Footprinting
• DNS Footprinting
• Network Footprinting
• Footprinting through Social Engineering
• Footprinting Tools
• Footprinting Countermeasures

 

Scanning Networks

• Network Scanning Concepts
• Scanning Tools
• Host Discovery
• Port and Service Discovery
• OS Discovery (Banner Grabbing/OS Fingerprinting)
• Scanning Beyond IDS and Firewall
• Network Scanning Countermeasures

 

Enumeration

• Enumeration Concepts
• NetBIOS Enumeration
• SNMP Enumeration
• LDAP Enumeration
• NTP and NFS Enumeration
• SMTP and DNS Enumeration
• Other Enumeration Techniques
• Enumeration Countermeasures

 

Vulnerability Analysis

• Vulnerability Assessment Concepts
• Vulnerability Classification and Assessment Types
• Vulnerability Assessment Tools
• Vulnerability Assessment Reports

 

System Hacking

• Gaining Access
• Escalating Privileges
• Maintaining Access
• Clearing Logs

 

Malware Threats

• Malware Concepts
• APT Concepts
• Trojan Concepts
• Virus and Worms Concepts
• Fileless Malware Concepts
• Malware Analysis
• Malware Countermeasures
• Anti-Malware Software

 

Sniffing

• Sniffing Concepts
• Sniffing Technique: MAC Attacks
• Sniffing Technique: DHCP Attacks
• Sniffing Technique: ARP Poisoning
• Sniffing Technique: Spoofing Attack
• Sniffing Technique: DNS Poisoning
• Sniffing Tools
• Sniffing Countermeasures

 

Social Engineering

• Social Engineering Concepts
• Social Engineering Techniques
• Insider Threats
• Impersonation on Social Networking Sites
• Identity Theft
• Social Engineering Countermeasures

 

Denial-of-Service

• DoS/DDoS Concepts
• Botnets
• DoS/DDoS Attack Techniques
• DDoS Case Study
• DoS/DDoS Attack Countermeasures

 

Session Hijacking

• Session Hijacking Concepts
• Application-Level Session Hijacking
• Network-level Session Hijacking
• Session Hijacking Tools
• Session Hijacking Countermeasures

 

Evading IDS, Firewalls, and Honeypots

• IDS, IPS, Firewall and Honeypot Concepts
• IDS, IPS, Firewall and Honeypot Solutions
• Evading IDS
• Evading Firewalls
• Evading NAC and Endpoint Security
• IDS/Firewall Evading Tools
• Detecting Honeypots
• IDS/Firewall Evasion Countermeasures

 

Hacking Web Servers

• Web Server Concepts
• Web Server Attacks
• Web Server Attack Methodology
• Web Server Attack Countermeasures
• Patch Management

 

Hacking Web Applications

• Web Application Concepts
• Web Application Threats
• Web Application Hacking Methodology
• Web API, Webhooks, and Web Shell
• Web Application Security

 

SQL Injection

• SQL Injection Concepts
• Types of SQL Injection
• SQL Injection Methodology
• SQL Injection Tools
• Evasion Techniques
• SQL Injection Countermeasures

 

Hacking Wireless Networks

• Wireless Concepts
• Wireless Encryption
• Wireless Threats
• Wireless Hacking Methodology
• Wireless Hacking Tools
• Bluetooth Hacking
• Wireless Attack Countermeasures
• Wireless Security Tools

 

Hacking Mobile Platforms

• Mobile Platform Attack Vectors
• Hacking Android OS
• Hacking iOS
• Mobile Device Management
• Mobile Security Guidelines and Tools

 

IoT and OT Hacking

• IoT Hacking
• IoT Concepts
• IoT Attacks
• IoT Hacking Methodology
• IoT Attack Countermeasures
• OT Hacking
• OT Concepts
• OT Attacks
• OT Hacking Methodology
• OT Attack Countermeasures

 

Cloud Computing

• Cloud Computing Concepts
• Container Technology
• Serverless Computing
• Cloud Computing Threats
• Cloud Hacking
• Cloud Security

 

Cryptography

• Cryptography Concepts
• Encryption Algorithms
• Cryptography Tools
• Public Key Infrastructure(PKI)
• Email Encryption
• Disk Encryption
• Cryptanalysis
• Cryptography Attack Countermeasures