Ethical Hacking and Bug Hunting
Ethical Hacking and Bug Hunting
BUG HUNTING
BROCHURE
+919342537812
https://cyfotok.com
COURSE
INTRODUCTION
Introducing the Bug Hunting and Ethical Hacking
Course by Cyfotok Infosec, meticulously crafted
for aspiring cybersecurity professionals. This
comprehensive program offers a solid foundation
in bug hunting and ethical hacking, making it an
ideal starting point for newcomers to the field.
Our carefully curated curriculum covers
essential topics and practical lessons, providing
students with the fundamental knowledge needed
to excel in this dynamic industry. With regular
updates to reflect the latest advancements and
real-world scenarios, our course ensures
relevance and practicality.
Rest assured that all attack demonstrations are
conducted exclusively within our secure network
and authorized machines, adhering to the highest
standards of security and ethics. It's important to
note that the techniques and concepts taught in
our lessons are strictly for educational
purposes, emphasizing responsible and ethical bug
hunting practices.
SYLLABUS
STARTING POINT
WHO IS HACKER?
WHAT IS HACKING?
WHAT HACKERS DO?
HOW HACKERS HACK
CYBER SECURITY VS ETHICAL HACKING
WHAT SHOULD YOU KNOW BEFORE
STARTING?
NOtHING
WHAT’S NEXT? THE BASICS
DIVE IN BASICS
BUILD YOU BASE
WHAT IS VIRTUALIZATION?
VIRTUALBOX VS VMWARE
WHAT IS OPERATING SYSTEM?
BOOTING UP THE ATTACKER MACHINE
SETTING UP THE VICTIM MACHINE
WHAT IS NETWORKING
TYPES OF NETWORKS
HOW INTERNET WORKS?
NETWORK TOPOLOGY
OSI LAYERS
TCP & UDP
FOCUSING ON IP ADDRESS
DEVICE IDENTITY (MAC ADDRESS)
NETWORK DEVICES AND HOW IT WORKS?
PORT AND PROTOCOLS
SUBNETTING
NETWORK INTERFACES
ARP / REVERSE ARP
DNS / REVERSE DNS
Ping Vs Traceroute
WPA & WPS
Listening with Netcat
WEB - BEHIND THE SCENES
WHAT IS CRYPTOGRAPHY
ENCRYPTION / DECRYPTION
TYPES OF CRYPTOGRAPHY
PUBLIC KEY / PRIVATE KEY
SYMMETRIC / ASYMMETRIC
CONCEPTS OF CRYPTO
CIA TRAID
PHISHING
PAYLOAD
VULNERABLITY / EXPLOIT
DOS / DDOS
ATTACK SURFACE MONITORING
THREAT MODELING
BUG BOUNTY
SPOOFING / SNIFFING
PROGRAM / SCRIPT
PLUGINS
HASHING
DATA BREACH
PHASE- 1 INFORMATION
GATHERING / RECONNISENCE
WHAT IS RECCONICENSE
DOMAIN INFORMATION GATHERING
SUBDOMAIN RECONNAISSANCE
EMAIL ADDRESS RECONNAISSANCE
HUNTING BREACHED CREDENTIALS
IDENTIFYING WEB TECHNOLOGIES
INFORMATION GATHERING WITH BURPSUITE
GOOGLE DORKING / GOOGLE HACKING DATABASE
UTILIZING SOCIAL-MEDIA FOR INFORMATION
GATHERING
PHYSICAL INFORMATION GATHERING
RECONNAISSANCE WITH AMASS
RECONNAISSANCE WITH SHODAN
RECONNAISSANCE WITH NIKTO
PHASE-2 SCANNING /
ENUMURATION
WHAT IS ENUMURATION?
WHY ENUMURATION IMPORTANT?
PORT SCANNING
UDP SCANNING
SYN-ACK SCANNING
PORT SCANNING USING NMAP
ENUMURATING HTTP/HTTPS
ENUMURATING SMB
ENUMURATING FTP
ENUMURATING TELNET
ENUMURATING DNS
ENUMURATING SMTP
FURTHER ENUMURATION WITH RUSTSCAN
FURTHER ENUMURATION WITH MASSCAN
enumerating sensitive directories
PHASE-3 EXPLOITATION /
GAINING ACCESS
WHAT IS EXPLOITATION?
REVERSE SHELL / BIND SHELL
STAGED / SATGELESS PAYLOAD
CRAFTING PAYLOAD WITH MSFVENOM
EXPLOITING WINDOWS 7 WITH METESPLOIT
EXPLOITING WINDOWS 10 WITH METESPLOIT
EXPLOITING LINUX WITH METESPLOIT
EXPLOITING ANDROID WITH ANDRORAT
EXPLOITATION WITH ARMITAGE
EXPLOIT WINDOWS WITH MS EXCEL DOCUMENT
EXPLOIT WEAK PORTS WITH METESPLOIT
EXPLOITING WINDOWS WITH A PNG IMAGE
EXPLOITING WINDOWS WITH A PDF FILE
PHASE- 4 PRIVILLAGE
ESCALATION
SOCIAL EMGINEERING
ATTACKS
DOCUMENTATION AND
REPORTING
CROSS-SITE-SCRIPTING-XSS
(FREE)
WHAT IS XSS?
TYPES OF XSS?
PERFORMING MANUAL XSS
PERFORMING AUTOMATED XSS
+919342537812
https://cyfotok.com