Cyber Security Training Course Syllabus

Internet
• History of internet
• Internet life cycle
• Submarine cable map
Network
• Types of networks
• Topologies
• OSI model
• TCP/IP model
• IP address
• Subnet masking
Operating system
• Kernel's
• BIOS
• Functions of BIOS
• Architectures of OS
Introduction to Ethical Hacking
• What is Hacking
• Who is a Hacker
• Skills of a Hacker
• Types of Hackers
• Reasons for Hacking
• Who are at the risk of Hacking attacks
• Effects of Computer Hacking on an organization
• The Security, Functionality & Usability Triangle
• What is Ethical Hacking
• Why Ethical Hacking is Necessary
• Scope & Limitations of Ethical Hacking
Foot printing and Reconnaissance
• What is Foot Printing
• Objectives of Foot Printing
• Finding a company’s details
• Finding a company’s domain name
• Finding a company’s Internal URLs
• Finding a company’s Server details
• Finding the details of domain registration
 Cyber Security Training Course Syllabus

• Finding the range of IP Address

• Finding the DNS information
• Finding the location of servers
• Traceroute analysis
• Tracking e-mail communications
Scanning
• What is network scanning
• Objectives of network scanning
• Finding the live hosts in a network
• SNMP Enumeration
• SMTP Enumeration
• DNS Enumeration
• Finding open ports on a server
• Finding the services on a server
• OS fingerprinting
• Server Banner grabbing tools
• What is a Vulnerability Scanning
• What is a proxy server
• How does proxy server work
• Why do hackers use proxy servers
• What is a TOR network
• Why hackers prefer to use TOR networks

Hacking Web Servers & Web Applications

• What is a web server
• Different webserver applications in use
• Why are webservers hacked & its consequences
• Directory traversal attacks
• Website defacement
• Website password brute forcing

Cross site scripting

• Persistent XSS, where the malicious input originates from the website's database.
• Reflected XSS, where the malicious input originates from the victim's request.
• DOM-based XSS, where the vulnerability is in the client-side code rather than
the server-side code.
SQL Injection
• What is SQL Injection
 Cyber Security Training Course Syllabus

• Effects of SQL Injection attacks

• Types of SQL Injection attacks
• SQL Injection detection tools
Session Hijacking
• What is session hijacking
• Dangers of session hijacking attacks
• Session hijacking techniques
• How to defend against session hijacking
Denial of Service
• What is a DoS attack
• What is a DDoS attack
• Symptoms of a Dos attack
• DoS attack techniques
• What is a Botnet
OWASP TOP 10
• Injection
• Broken Authentication
• Sensitive data exposure
• XML External Entities (XXE)
• Broken Access control
• Security misconfigurations
• Cross Site Scripting (XSS)
• Insecure Deserialization
• Using Components with known vulnerabilities
• Insufficient logging and monitoring

Social Engineering
• Phishing
• What is Phishing
• How Phishing website is hosted
• How victims are tricked to access Phishing websites
• How to differentiate a Phishing webpage from the original webpage
• How to defend against Phishing attacks
• Homograph attack

Evading Firewalls, IDS & Honeypots

• What is a Firewall
 Cyber Security Training Course Syllabus

• What are the functions of a Firewall

• Types of firewalls
• What is an IDS
• How does an IDS work
• What is a honeypot
Kali Linux
• What is Kali Linux
• How Kali Linux is different from other Linux distributions
• What are the uses of Kali Linux
• Tools for Footprinting, Scanning & Sniffing
• What is Metasploit framework
• Using Metasploit framework to attack Wiindows machines
• Using Metasploit framework to attack Android devices
System Hacking
• What is system Hacking ·
• Goals of System Hacking
• Password Cracking
• Password complexity
• Finding the default passwords of network devices and softwares
• Password cracking methods o Online password cracking
• Man-in-the-middle attack
• Password guessing o Offline password cracking
• Brute force cracking
• Dictionary based cracking
• USB password stealers
• Elcomsoft Distributed password recovery tools
• Active password changer
• What is a keylogger
• How to deploy a keylogger to a remote pc
• How to defend against a keylogger
Mobile Hacking
• What is mobile Hacking
• Goals of mobile Hacking
• Countermeasures
Sniffers
• What is a sniffer
• How sniffer works
 Cyber Security Training Course Syllabus

• Types of sniffing
• Active sniffing
• Passive Sniffing
• What is ARP
• ARP poison attack
• Threats of ARP poison attack
• How MAC spoofing works
• MAC Flooding
• How to defend against MAC Spoofing attacks
• How to defend against Sniffers in network
Wireless Hacking
• Types of wireless networks
• Finding a Wi-Fi network
• Types of Wi-Fi authentications
• Using a centralized authentication server
• Using local authentication
• Types of Wi-Fi encryption methods
• WEP
• WPA
• WPA2
• How does WEP work
• Weakness of WEP encryption
• How does WPA work
• How does WPA2 work
• Hardware and software required to crack Wi-Fi networks
• How to crack WEP encryption
• How to crack WPA encryption
• How to crack WPA2 encryption
• How to defend against Wi-Fi cracking attack
Malware
• What is malware
• Types of malware
Virus
• What is a virus program
• What are the properties of a virus program
• How does a computer get infected by virus
• Types of virus
 Cyber Security Training Course Syllabus

• Virus making tools

• How to defend against virus attacks

Worm
• What is a worm program
• How worms are different from virus
Trojan
• What is a Trojan horse
• How does a Trojan operate
• How to defend against Trojans
Spyware
• What is a spyware
• Types of spywares
• How to defend against spyware
Rootkits
• What is a Rootkit
• Types of Rootkits
• How does Rootkit operate
• How to defend against Rootkits