- +8809612342486
- [email protected]
This is the world’s most advanced ethical hacking course with 20 of the most current security domains any ethical hacker will ever want to know when they are planning to beef up the info security.
Class - 1
Information security basics
Understanding ethical hacking concepts
Concept of policy, procedure and awareness
Lab preparation
Installing Kali linux as attacker machine
Installing metasploitable as victim machine
Class - 2
Footprinting & Reconnaissance
Understanding footprinting concept
Footprint using advance google hacking techniques
Footprinting uisng recon-ng
Scanning & Enumeration
Scanning techniques using nmap
Enumeration using Nmap Scripting Engine (NSE)
Class - 3
Vulnerability Assessment
Vulnerability Assessment using ZAP
Analyzing ZAP Result
Vulnerability Assessment using Nikto
Analyzing Nikto Result
Class - 4
Gaining access – Server Side Attack
Basic enumeration and exploitation
Hacking remote server using basic Metasploit Exploit
Hacking remote server using code execution vulnerabilities
VNC/IRCd exploitation to hack into remote server
Exploiting Samba Vulenrability to hack remote server
Class - 5
Gaining Access – Client Side Attack
Generating undetectable backdoor using VEIL framework
Listening for incoming connections
Basic delivery method to test and hack windows
Gaining access – client side attack – Social Engineering
Backdooring any file types (images/pdfs etc)
Compiling and changing trojan’s icon
Spoofing .exe extension to any extension (pdf/jpg etc)
Class - 6
Post exploitation
Maintaining access – basic method
Maintaining access – using reliable and undetectable method
Exam - 1
Putting knowledge all together to Hack a real life like Machine
Class - 7
Website hacking – Reconnaissance
Shodan for recon
DNS Enumeration
CMS Identification
Fuzzing – Introduction/Importance
Fuzzing – process, for sensitive files
Fuzzing – use of Wfuzz, FFUF
Github Recon – Manual & Automated way
Advance Subdomain Recon (https://www.youtube.com/watch?v=9mSLSC7aUcY)
Class - 8
Website hacking – SQL Injection
What is SQL injection
UNION based attack
Reading database information, login bypass
Blind SQL injection attack
Class - 9
Website hacking – XSS
Introduction to Burpsuite – configuring with firefox
Introduction to Burpsuite – Reaper, Intruder
Background concept of XSS
Manual building XSS vector
Basic XSS on Lab
Hunting XSS using Burpsuite
Advance method for hunting XSS-1
Advance method for hunting XSS-2
Class -10
Website hacking – Authentication
Username enumeration using different responses/processes
2FA simple bypass
2FA brute forcing
2 FA broken logic
Password reset poisoning/broken logic
Password brute forcing via password change
Class - 11
Website hacking – Server Side Request Forgery (SSRF)
Basic SSRF
SSRF with blacklisted/whitelisted input filter
SSRF filter bypass
Website hacking - Directory Traversal
File path traversal/absolute path bypass/URL encode/null byte bypass
Class - 12
Website hacking - Information Disclosure
Information disclosure in error message/debug page/backup files
Website hacking – Cross Site Request Forgery (CSRF)
Website hacking - Cross Origin Resource Sharing (CORS)
Class - 13
Website hacking – HTTP Host Header Attack
Website hacking – Server Side template Injection
Network hacking – Pre-connection attack - WPA/WPA2 cracking
Hacking WPA/WPA2 without wordlist
Cracking WPA/WPA2 using wordlist attack
Network hacking – Post connection attack – MITM attack
ARP poisoning using Kali
Bettercap basics and sniffing
Bypassing HTTPS
Bypassing HSTS
Wireshark basics
Stealing password using Wireshark
Exam – 2
Hack a real life like machine
| Module | Certified Ethical Hacker | 40 Hrs |
