Ethical Hacking Training

  1. Home
  2. Courses

Ethical Hacking Training

Introduction to Ethical Hacking

Learn the fundamentals of ethical hacking and its role in cybersecurity. Understand the principles of ethical hacking and how it helps in identifying and mitigating security vulnerabilities.

Legal and Ethical Considerations

Study the legal and ethical aspects of ethical hacking. Learn about laws, regulations, and ethical guidelines that govern penetration testing and vulnerability assessments.

Footprinting and Reconnaissance

Explore techniques for gathering information about a target system. Learn about footprinting, reconnaissance, and the use of tools for information gathering.

Scanning and Enumeration

Understand the processes of scanning and enumeration. Learn how to use various scanning tools to identify open ports, services, and vulnerabilities in a target system.

Vulnerability Assessment

Study methods for assessing and analyzing vulnerabilities in systems and applications. Learn how to use vulnerability assessment tools and techniques to identify weaknesses.

Exploitation and Post-Exploitation

Learn about exploitation techniques and post-exploitation activities. Understand how to exploit vulnerabilities, escalate privileges, and maintain access to compromised systems.

Web Application Security

Explore security considerations specific to web applications. Learn about common web application vulnerabilities, such as SQL injection and cross-site scripting, and how to test for them.

Wireless Network Security

Study techniques for assessing the security of wireless networks. Learn about wireless security protocols, common attacks, and how to secure wireless networks.

Ethical Hacking Tools and Techniques

Familiarize yourself with common ethical hacking tools and techniques. Learn how to use tools for scanning, exploitation, and reporting in ethical hacking engagements.

Reporting and Documentation

Understand the importance of reporting and documentation in ethical hacking. Learn how to prepare detailed reports, document findings, and present results to stakeholders.

Case Studies and Practical Exercises

Engage with case studies and practical exercises to apply ethical hacking concepts. Work on simulated scenarios to develop skills in penetration testing and vulnerability assessment.

Ethical Hacking Syllabus

1. Principles of Hacking & Legal Parameters

  • Ethical Hacking Overview
    • Hacking Concept: What is Hacking?
    • Terms We Use in Hacking
    • The Need for Ethical Hacking
    • Cases of Hacking in India & Across the Globe
    • Principles of Ethical Hacking
      • Basic Principles
      • Commandments of Ethical Hacking
  • Hacking Methodologies
    • Types of Hacking
    • Building the Foundation for Ethical Hacking
    • Hacking Phases
  • Role of Ethical Hacker
    • Types of Hackers
    • Roles and Responsibilities
    • Scope & Limitations of Hacking
    • Advantages & Scope for Hacking
    • Drawbacks & Limitations of Hacking

2. Cyber Threats and Attack Vectors

  • Threats & Categories
  • Attack Vectors and Exploitation

3. Hacking Tools and Techniques

  • Common Hacking Tools
  • Hacking Techniques & Approaches

4. Policies and Controls

  • Information Security Policies
    • Risk Management & Incident Management
    • Information Security Controls
    • Data Management
    • Overview of Penetration Testing (PT) / Vulnerability Assessment (VA)

5. Penetration Testing and Vulnerability Assessment

  • Concept of Penetration Testing
  • Types of Penetration Testing
  • Phases of Penetration Testing
  • Vulnerability Assessment by Penetration Testing
  • Viruses, Trojans, Malware, and OS Level Attacks and Countermeasures

6. Malware Overview

  • Introduction to Malware
    • Different Ways Malware Can Enter a System
    • Common Techniques Attackers Use to Distribute Malware on the Web
    • Components of Malware
  • Virus, Worm & Trojan Concepts
    • Introduction to Viruses, Worms, & Trojans
    • Types of Viruses, Worms, & Trojans
    • Fake Antiviruses
    • How Antivirus Works
  • Malware Analysis
    • Introduction to Malware Analysis
    • Malware Analysis Procedure
    • Malware Detection Methods

7. Footprinting, Enumeration, Scanning, and Sniffing

  • Footprinting through Search Engines, Web Services
    • Information Gathering Using Google Advanced Search and Image Search
    • VoIP and VPN Footprinting through Google Hacking Database
    • Footprinting through Web Services
    • Finding Company’s Top-Level Domains (TLDs) and Subdomains
    • Finding Location, People Search, Professional Search
  • Enumeration
    • Techniques for Enumeration
    • Services and Ports to Enumerate
    • NetBIOS, SNMP, LDAP Enumeration
    • Information Gathering Using Groups, Forums, and Blogs
  • Scanning Targets
    • Network Scanning Concepts
    • Scanning Tools and Techniques
    • Scanning Pen Testing
    • Port Scanning & Countermeasures
  • Sniffing Network
    • Sniffing Concepts & Techniques
    • WireShark Installation & Concept
    • Sniffing Detection Techniques

8. Social Engineering

  • Social Engineering Concepts
  • Social Engineering Techniques
  • Insider Threat / Insider Attack
  • Social Engineering Countermeasures

9. SQL Injection, DoS Attacks, Session Hijacking, and System Hacking

  • SQL Injection
    • Basics of SQL Queries
    • How Injection Can Be Done
    • Cross-Site Scripting (XSS) Attacks
  • DoS Attacks
    • DoS/DDoS Attack Techniques
    • DDoS Case Study
    • DoS/DDoS Attack Tools
  • Session Hijacking
    • Session Hijacking Concepts
    • Network Level Session Hijacking
    • Client-Side Hijacking
  • System Hacking
    • System Hacking Concepts
    • Cracking Passwords
    • Escalating Privileges
    • Hiding Files and Covering Tracks

10. Web Applications and Web Servers Attacking Methodology and Countermeasures

  • Basics of Web Applications & Threats
    • Basics of Web Application and Technology Stack
    • OWASP Top 10 Application Security Risks – 2017
  • Web Hacking Methodology and Tools
    • Web App Hacking Methodology and Its Footprinting
    • Password Attacks: Password Functionality Exploits
    • Password Guessing and Brute-forcing
  • Introduction to Web Servers
    • Web Server Concepts
    • Web Server Attacks
    • Web Server Attack Methodology
    • Web Server Attack Tools
    • Countermeasures
      • Detecting Web Server Hacking Attempts
      • Patch Management
      • Web Server Security Tools

11. IoT and Cloud Attacks and Defense Mechanisms

  • IoT Concepts and Attacks
    • Basics of IoT, Architecture, Technology, and Protocols
    • Challenges and Opportunities in IoT
    • OWASP Top 10 IoT Vulnerabilities and Obstacles
    • Hacking IoT Devices
      • DDoS Attack
      • Jamming Attack
      • Botnets
      • Man-in-the-Middle Concept
      • Data & Identity Theft
  • Cloud Computing Overview
    • Introduction to Cloud & Virtualization
    • Cloud Deployment and Responsibilities
    • Threats and Attacks in Cloud
      • Service Hijacking
      • Social Engineering
      • Network Sniff
      • XSS Attack
    • Cloud Security and Tools
      • Control Layers and Responsibilities
      • Cloud Computing Security Considerations

12. Mobile & Wireless Networks Hacking and Countermeasures

  • Mobile Hacking
    • Introduction to Mobile Architecture
    • Working Principles for Mobile OS
    • Security of the Applications Used in Mobiles
    • Hacking Methodology for Mobile with Metasploit
  • Wireless Overview
    • Introduction to Terminology, Networks, Standards
    • Types of Wireless Authentication and Encryption
      • WEP (Wired Equivalent Privacy) Encryption
      • WPA (Wi-Fi Protected Access) Encryption
      • WPA2 (Wi-Fi Protected Access 2) Encryption
    • Wireless Hacking Methodology
      • Wi-Fi Discovery
      • GPS Mapping
      • Traffic Canalizing
      • Launch Wireless Attacks
      • Crack Wi-Fi Encryption

13. Firewall, IDS, and Honeypot Evasion Techniques

  • Basics of Firewalls, IDS, Honeypots
    • What is a Firewall & Examples
    • What is IDS & Examples
    • What are Honeypots & Examples
  • Case Study of Bypassing Firewall, IDS
    • IDS/Firewall/Honeypot Evasion Techniques
      • Packet Fragmentation and Source Routing
      • Working with SNORT [Detection Tool]
      • IP Address Decoy and Spoofing
      • IP Spoofing Detection Techniques
        • Direct TTL Probes
        • IP Identification Number
        • TCP Flow Control Method
      • IP Spoofing Countermeasures

14. Cryptology, Vulnerability Analysis, Logging, and Audit

  • Introduction to Cryptography Concepts
    • Types of Cryptography
    • Government Access to Keys (GAK)
    • Encryption Algorithms
      • Ciphers
      • Data Encryption Standard
      • Advanced Encryption Standard
      • RC4, RC5, and RC6 Algorithms
  • Email, Disk Encryption, and Cryptanalysis
    • Digital Signature, SSL, TLS
    • Cryptography Toolkit & Disk Encryption
    • Cryptography Attacks
      • Brute-Force Attack
      • Meet-in-the-Middle Attack on Digital Signature Schemes
      • Side Channel Attack
      • Hash Collision Attack
      • DUHK Attack
      • Rainbow Table Attack

Training

Basic Level Training

Duration : 1 Month

Advanced Level Training

Duration : 1 Month

Project Level Training

Duration : 1 Month

Total Training Period

Duration : 3 Months

Course Mode :

Available Online / Offline

Course Fees :

Please contact the office for details

Placement Benefit Services

Provide 100% job-oriented training
Develop multiple skill sets
Assist in project completion
Build ATS-friendly resumes
Add relevant experience to profiles
Build and enhance online profiles
Supply manpower to consultants
Supply manpower to companies
Prepare candidates for interviews
Add candidates to job groups
Send candidates to interviews
Provide job references
Assign candidates to contract jobs
Select candidates for internal projects

Note

100% Job Assurance Only
Daily online batches for employees
New course batches start every Monday
Download Syllabus