Summer Training Program CCSE V3.0 Certified Cyber Security Expert Version 3.0

Transcription

1 Summer Training Program 2016 CCSE V3.0 Certified Cyber Security Expert Version 3.0

2 TechD Facts Incorporated in November 2009 Trained more than 50,000 students, conducted 400 Workshops Including all IITs, NITs & Many colleges across India. Trained Professional from many reputed companies like Yahoo!,Google,ISACA,k7 Antivirus, Elitecore, Indian Oil, Temenos, ZOHO, HCL,TCS Infosys. Trained Investigation agencies of Gujarat, Maharashtra, Rajasthan, Tamilnadu, West Bengal. Successfully completed more than training hours into IT Security.

3 TechD Facts Trained & Certified 2100 Students & Professionals for CCSE ( Certified Cyber Security Expert) Course. Helped Top Investigating Agencies to Solve Ahmedabad & Mumbai blasts Cyber trails. Associated for an out reach program with the Major Technical festivals of IIT Bombay, Kanpur, NIT Bhopal, NIT Calicut, Jadavpur University Kolkata, and BITS Pilani Goa for giving authorized certification. Major VAPT Clients includes Sulekha.com, Cyberoam. Supported by Ministry of Home Affairs, Malaysia & CMO, Gujarat. Developed our own Crypters, Trojans, RATS for demonstrations.

4 TechD Facts Sunny Vaghela (Director & CTO) is recipient of Rajiv Gandhi Young Achiever s Award. TechDefence has been awarded as Best Ethical Hacking & Information Security Company by NBC at Trident Hotel, Mumbai.

5 TechD Facts TechDefence has also been awarded as Best Ethical Hacking & Information Security Company of Western India by BIG Research & IBN 7. Nominated for World Education Awards into category of Private Sector Initiative for use of innovative Technology for skilled education

6 TechD Facts TechDefence Certified Cyber Security Expert is career oriented hands on training program on Advanced Ethical Hacking, Cyber Crime Investigation, Cyber Forensics & Information Security.

7 Module 1 : Cyber Ethics - Hackers & hacking methodologies Why Security? Why Attacks? Hacking Introduction Communities of Hackers Types of Hackers Malicious Hacker Strategies Ethical Hacker Strategies Steps for conducting Ethical Hacking. Importance of Vulnerability Research. Vulnerability Research References. Conclusion

8 Module 2: Basic Network Terminologies IP address Versions of IP Address Types of IP Address Classes of IP addresses Categories of IP Address Network Address Translation TCP protocol UDP Protocol Difference between TCP & UDP Proxies and VPN s

9 Module 3: Information Gathering WHOIS Information Gathering DNS Information Gathering DNS Report MX-information NS LookUp Website Mirroring Website Information Gathering Information Gathering Doxing (Peoples & Digitals Boxes) Tools that aid in Information Gathering Savitabhabhi.com Case Study Maltego & Kartoo Search Engines

10 Module 4: Scanning & Enumeration Why Scanning? Types of Scanning. Objective of Scanning. Port Scanning. Port Scanning Techniques. Port Scanning using Nmap Advance Nmap Scanning(Nmap Scripting Engine) Banner Grabbing techniques Network Scanning Techniques. Network Auditors. Enumeration

11 Module 5: Virus, Worms, Malware, Spyware, Adware & Trojans What is Virus? What are Worms? Difference between Virus & Worms What are Trojans? How Trojans Work? How to hack a computer system using Trojan? How to create a Trojan? Introduction to some RAT Tools Issues in sending and executing a Trojan Overcoming above issues.

12 Module 6: Phishing & its Prevention History of Phishing What is Phishing? Types of Phishing Why it is called as a Social Engineering Technique? Steps to perform Phishing Tricks to perform Phishing Precautions against Phishing Attempts Detecting Phishing Crimes Investigating Phishing Crimes

13 Module 7: System Hacking & Security Password Cracking Privilege Escalation Tools to aid in System Hacking Understanding Rootkits Clearing Traces Countermeasures

14 Module 8: Windows Honeypot & Web Based Honeypot Introduction to Honeypots Setting up Account Setting up a Honeypot Managing Honeypot Prevention against Spammers

15 Module 9: Cryptography Public-key Cryptography Working of Encryption Digital Signature RSA & Example of RSA Algorithm RC4, RC5, RC6, Blowfish Algorithms and Security Encryption Tools that aid in Cryptography

16 Module 10: Introduction to Web Application & Database What is a Website? What is a Web Application? Website Vs. Web Application Categories of Website Architecture One-Tier Architecture Two-Tier Architecture Three-Tier Architecture Multi/N-Tier Architecture Technologies What is a Database? Well Known Databases

17 Module 11: Introduction to OWASP Top 10 What is a OWASP? Understanding OWASP Introduction to OWASP Top 10 Vulnerabilities

18 Module 12: Authentication Bypass (Basic SQL Injection) What is Authentication? Database Basics What is SQL? Basics of SQL Query Introduction to Logic Gates How to Bypass Authentication? Video Demonstration Basic Combinations to Bypass Bypass Cheat Sheet Remediation Approach

19 Module 13: Google Hacking Understanding how Google works Google basic operators Google advanced operators Automated Google tools How to use Google to find the desired website How Google can aid in searching vulnerable website

20 Module 14: Advance SQL Injection(MySQL) Definition Vulnerability Testing for Vulnerability Injection Type Integer Based Injection String Based Injection Exploiting Vulnerability Enumerating Database Name and Version Enumerating Table Names Enumerating Column Names Enumerating Data from Column Names Remediation Approach / Preventing MySQL Injection

21 Module 15: SQL Injection Firewall Evasion What is WAF? Working of WAF How to know if there is a Web Application Firewall? Techniques to Bypass WAF Video Demonstration SQL Injection Firewall Evasion Scope of this technique

22 Module 16: Advance SQL Injection(MSSQL Injection) What is MSSQL? What would be Target Applications? Finding Vulnerable Links Testing Vulnerability Exploiting Vulnerability Enumerating Table Names Enumerating Column Names Enumerating Data

23 Module 17: SQL Injection using Automated Tools Introduction to Automated Tools Why to use Automated Tools? Introduction to Best Tools Using Tools - Hands on Demonstration

24 Module 18: Hacking Web Servers Introduction to Web Server Web Application & Web Server Way to Hack Web Server Vulnerability on Web Application What is Shell? List of Shells Functionalities of Shell How to Upload Shell? Video Demonstration

25 Module 19: XSS Cross Site Scripting Introduction to HTML Introduction to JavaScripts Introduction to Cookies What is XSS? Impact of XSS Severity of XSS How to test for XSS Bypassing Filters How to Exploit XSS Cookie Grabbing using XSS

26 Module 20: CSRF, Click Jacking Introduction to CSRF Building Proof of Concept Code Protections against CSRF Click Jacking & Protections Module 21: Information Disclosure Vulnerabilities Introduction Setting up the correct chmod Protecting the sensitive server files Preventing the data loss

27 Module 22: Introduction to Burp Suite Burp Interceptor Burp Target Burp Spider Burp Scanner Burp Intruder Burp Repeater Burp Decoder Burp Sequencer Burp Extender Burp App Store- Introduction Live Hacking Through Burp

28 Module 23: Vulnerability Assessment & Penetration Testing Introduction to VAPT Categories of security assessments Vulnerability Assessment Limitations of Vulnerability Assessment Penetration Testing Types of Penetration Testing Do-It-Yourself Testing Outsourcing Penetration Testing Services Terms of Engagement Project Scope & Pentest Service Level Agreements Testing points & Locations Automated & Manual Testing

29 Module 24: Assembly Language Basics Difference Assembly Language Vs High-level Language Assembly Language Compilers Understanding Instruction operands, Directive & preprocessor Interrupts, Interrupt handler, External interrupts and Internal interrupts Handlers Assembling the & Compiling the C code Linking the object files & Understanding an assembly listing file Big and Little Endian Representation, Skeleton File Working with Integers, Signed integers & Signed Magnitude Understanding Two s Compliment, If statements, Do while loops Indirect addressing, Subprogram Understanding The Stack, SS segment& ESP The Stack UsageThe CALL and RET Instructions

30 Module 25 : Reverse Engineering Introduction to RE Briefing OllyDbg Patching SMAC, ClassRoomSpyPro & PowerISO Cracking SMAC, ClassRoomSpyPro & PowerISO Keygening SMAC, ClassRoomSpyPro & PowerISO Countermeasures

31 Module 26 & Module 27: Buffer Overflows 1-2 Introduction How BOF works Stack based buffer overflow Understanding the Shellcode Mapping the memory Countermeasures

32 Module 28: Exploit Writing Exploits Overview Prerequisites for Writing Exploits and Shellcodes Purpose of Exploit Writing Types of Exploits Tools that aid in writing Shellcode Issues Involved With Shellcode Writing Addressing problem Null byte problem System call implementation

33 Module 29 : Metasploit Framework using BackTrack or Kali Linux Introduction to this framework Getting hands on commands Hacking windows with Metasploit Hacking Linux with Metasploit WebServer Hacking through Metasploit Android Hacking using Metasploit MSFVenom Payload creation MSFVenom - Creating Malicious PDF Files through MSF Modules

34 Module 30: Wireless Hacking & Security Wireless Protocols Wireless Routers-Working Attacks on Wireless Routers Cracking Wireless routers password(wep) Wi-Fi Phisher Securing routers from Hackers Countermeasures

35 Module 31: Mobile, VoIP Hacking & Security SMS & SMSC Introduction SMS forging & countermeasures Sending & Tracking fake SMSes Call Forging & countermeasures Android Hacking using Android Malware Android Hacking using Android Trojan VoIP Introduction Installing VoIP Server & Forging Call using VoIP Android Phone Rooting Understanding ADB Pattern Lock Bypass using ADB Shell

36 Module 32: Mobile Application Security (Android) What is Android? History of Android Android Application Fundamentals Understanding AndroidManifest.xml file Android Application Vulnerabilities Static Analysis of Android Binaries Live Demonstrations

37 Module 33: Introduction to Cyber Crime Investigation & IT ACT 2000 Types of Cyber Crimes Reporting Cyber Crimes & Incidence response Introduction to IT Act 2000 & its sections Flaws in IT ACT,2000 Investigation Methodologies & Case Studies Different Logging Systems. Investigating s ( Tracing) Ahmedabad Bomb Blasts Terror Mail case study Investigating Phishing Cases Investigating Data Theft Cases Investigating Facebook Profile Impersonation Cases Investigating SMS & Call Spoofing Cases

38 Module 34: Cyber Forensics Cyber Forensics Understanding Cyber Forensics Hands on Cyber Forensics on Hard Disks Whatsapp Forensics Module 35 : Final Exam To know about portal visit

39 Other Details Total Hours: 80 hours Training Duration : Days. Training Centers: Ahmedabad, Delhi, Hyderabad. For More information Call on ,