IT Security & Ethical Hacking

IT Security & Ethical Hacking

This is the world’s most advanced ethical hacking course with 20 of the most current security domains any ethical hacker will ever want to know when they are planning to beef up the info security.

course at a glance

  • Date : 11 Dec - 22 Jan 2022
  • No. of Classes/ Sessions : 14
  • Total Hours : 40
  • Last Date of Registration : 29 Nov 2021
  • Class Schedule :
    • Saturday - 6:00 pm - 9:00 pm
    • Friday - 6:00 pm - 9:00 pm
  • venue : Good Luck Center, 151/7, Panthapath Signal, Green Road, 7th Floor, Dhaka 1205, Bangladesh

Price: TK. 13,800
(Excluding VAT & TAX)

This Training is jointly organized by BITM & PeopleNTech
Training will be held in PeopleNTech

Course Module: 

Class - 1

Information security basics

                Understanding ethical hacking concepts

                Concept of policy, procedure and awareness

Lab preparation

                Installing Kali linux as attacker machine

                Installing metasploitable as victim machine

Class - 2

Footprinting & Reconnaissance

                Understanding footprinting concept

Footprint using advance google hacking techniques

Footprinting uisng recon-ng

Scanning & Enumeration

Scanning techniques using nmap

Enumeration using Nmap Scripting Engine (NSE)

Class - 3

Vulnerability Assessment

                Vulnerability Assessment using ZAP

                Analyzing ZAP Result

                Vulnerability Assessment using Nikto

                Analyzing Nikto Result

Class - 4

Gaining access – Server Side Attack

                Basic enumeration and exploitation

                Hacking remote server using basic Metasploit Exploit

                Hacking remote server using code execution vulnerabilities

                VNC/IRCd exploitation to hack into remote server

                Exploiting Samba Vulenrability to hack remote server

 

Class - 5

Gaining Access – Client Side Attack

            Generating undetectable backdoor using VEIL framework

            Listening for incoming connections

            Basic delivery method to test and hack windows

Gaining access – client side attack – Social Engineering

                Backdooring any file types (images/pdfs etc)

                Compiling and changing trojan’s icon

                Spoofing .exe extension to any extension (pdf/jpg etc)

Class - 6

Post exploitation

                Maintaining access – basic method

                Maintaining access – using reliable and undetectable method

Exam - 1

                Putting knowledge all together to Hack a real life like Machine

Class - 7

Website hacking – Reconnaissance

                Shodan for recon

                DNS Enumeration

                CMS Identification

                Fuzzing – Introduction/Importance

                Fuzzing – process, for sensitive files

                Fuzzing – use of Wfuzz, FFUF

                Github Recon – Manual & Automated way

                Advance Subdomain Recon (https://www.youtube.com/watch?v=9mSLSC7aUcY)

Class - 8

Website hacking – SQL Injection

                What is SQL injection

                UNION based attack

                Reading database information, login bypass

                Blind SQL injection attack

Class - 9

Website hacking – XSS

                Introduction to Burpsuite – configuring with firefox

                Introduction to Burpsuite – Reaper, Intruder

                Background concept of XSS

                Manual building XSS vector

                Basic XSS on Lab

                Hunting XSS using Burpsuite

                Advance method for hunting XSS-1

                Advance method for hunting XSS-2

Class -10

Website hacking – Authentication

                Username enumeration using different responses/processes

                2FA simple bypass

                2FA brute forcing

                2 FA broken logic

                Password reset poisoning/broken logic

                Password brute forcing via password change

Class - 11

Website hacking – Server Side Request Forgery (SSRF)

                Basic SSRF

                SSRF with blacklisted/whitelisted input filter

                SSRF filter bypass

Website hacking  - Directory Traversal  

                File path traversal/absolute path bypass/URL encode/null byte bypass

Class - 12

Website hacking  - Information Disclosure

                Information disclosure in error message/debug page/backup files

Website hacking – Cross Site Request Forgery (CSRF)

Website hacking - Cross Origin Resource Sharing (CORS)

Class - 13

Website hacking – HTTP Host Header Attack

Website hacking – Server Side template Injection

Network hacking – Pre-connection attack - WPA/WPA2 cracking

                Hacking WPA/WPA2 without wordlist

                Cracking WPA/WPA2 using wordlist attack

Network hacking – Post connection attack – MITM attack

                ARP poisoning using Kali

                Bettercap basics and sniffing

                Bypassing HTTPS

                Bypassing HSTS

                Wireshark basics

                Stealing password using Wireshark

Exam – 2

                Hack a real life like machine       

 



Curriculum

Module Certified Ethical Hacker 40 Hrs

Tentative Class Start

11th December, 2021

Available Seat

10 / 15

who can join

Ethical hacking training course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Meet the Instructor