Summer Training Program
Certified Cyber Security Expert V 2.0 + Web Application Development
A] Training Sessions Schedule:
Ethical Hacking & Information Security
Modules Particulars Duration
(hours)
Ethical Hacking
Cyber Ethics
Hackers & hacking methodologies
Types of hackers
1 Communities of Hackers 2.0
Malicious Hacker Strategies
Steps to conduct Ethical Hacking
Hiding your identity while performing attacks Basic Network Terminologies
TCP / IP protocols IP addresses 2 Classes of IP addresses 2.0 NAT Proxies and VPN’s SSH and putty
Information Gathering & Footprinting
Whois information
Active / Passive information gathering
3 Information gathering using 2.0
Foot printing methodologies
Tools that aid in foot printing
Savitabhabhi.com case studies Scanning & Enumeration
Why scanning?
4 Types of scanning 2.0
Tools to aid in scanning
Nmap - The Godfather
Banner grabbing Trojans, Backdoors
How to control victim’s computer using Trojans
5 Binding Trojans with another file 2.0
Undetection process of Trojans from Antivirus
Removal of Trojans from your computer
Virus & Worms
Introduction to viruses
How they work?
6 Methods use to hide themselves and replicate themselves 2.0
Introduction to worms
Causes of worms
Method used to replicate themselves
Role of antivirus product and goat file Phishing & its Prevention
7 Making phishing pages 2.0
How to detect phishing pages
Detecting Phishing Crimes System Hacking & Security
Password cracking
Privilege escalation
8 Tools to aid in system hacking 2.0
Understanding rootkits
Clearing traces
Countermeasures
Social engineering & Honeypots
Introduction
Laws of social engineering
9 Types of social engineering 2.0
Honeypots introduction
Types of honeypots
Setting up windows / Linux honeypot Bot,Bots & DOS(Denial of Service)
Introduction to bots
10 Introduction to botnets and zombies 2.0
Botnet lifecycle
IRC bots
Customize your own bot Cryptography
Public-key Cryptography
Working of Encryption
Digital Signature
11 RSA 2.0
Example of RSA Algorithm
RC4, RC5, RC6, Blowfish
Algorithms and Security
Tools that aid in Cryptography Google Hacking
Understanding how Google works
Google basic operators
12 Google advanced operators 2.0
Automated Google tools
How to use Google to find the desired website
SQL Injection 1
Web Application Overview
Web Application Attacks
OWASP Top 10 Vulnerabilities
Putting Trojans on websites
SQL injection attacks
Executing Operating System Commands
13 Getting Output of SQL Query 2.0
Getting Data from the Database Using ODBC Error Message
How to Mine all Column Names of a Table
How to Retrieve any Data
How to Update/Insert Data into Database
SQL Injection in Oracle
SQL Injection in MySql Database
20 Hands on Demonstrations on real websites SQL Injection 2
Attacking Against SQL Servers
SQL Server Resolution Service (SSRS)
14 SQL Injection Automated Tools 2.0
MSSQL Injection
Blind SQL Injection
Preventing SQL Injection Attacks Proxy servers and VPN’s
Introduction
15 Different Between Proxies & VPN 2.0
Making own proxy server
Configuring own proxy server
Configuring VPN Cross Site Scripting
Introduction to XSS
16 Types of XSS 2.0
XSS worm and XSS shell
Cookie grabbing
Countermeasures
Local File Inclusion/Remote File Inclusion
Introduction to LFI
17 Parameters to LFI 2.0
Introduction to RFI
Countermeasures Secure Coding Practices
Why secure coding?
18 Secure coding standards 2.0
Secure coding methods
Dissecting the source code Information Disclosure Vulnerabilities
Introduction
19 Setting up the correct chmod 2.0
Protecting the sensitive server files
Session Hijacking
Introduction
20 Types of session hijacking 2.0
Tools that aid in session hijacking
Countermeasures Hacking Web Servers
Understanding IIS and apache
21 How to use PHP and ASP backdoors 2.0
What are local root exploits?
Implementing web server security
Patch management
Vulnerability Assessment & Penetration Testing
Introduction to VAPT
Categories of security assessments
Vulnerability Assessment
Limitations of Vulnerability Assessment
Penetration Testing
Types of Penetration Testing
Risk Management
22 Do-It-Yourself Testing 2.0
Outsourcing Penetration Testing Services
Terms of Engagement
Project Scope
Pentest Service Level Agreements
Testing points
Testing Locations
Automated Testing
Manual Testing
Demonstrations Assembly Language Basics
Machine Language
Assembly Language
Assembler
Assembly Language Vs High-level Language
Assembly Language Compilers
Instruction operands
MOV instruction
ADD instruction
23 SUB instruction 2.0
INC and DEC instructions
Directive
preprocessor
Interrupts
Interrupt handler
External interrupts and Internal interrupts
Handlers
Assembling the code
Compiling the C code
Understanding an assembly listing file
Big and Little Endian Representation
Skeleton File
Working with Integers
Signed integers Signed Magnitude Two’s Compliment If statements Do while loops Indirect addressing Subprogram The Stack The SS segment ESP
The Stack Usage
The CALL and RET Instructions Buffer Overflows 1-2
Introduction
How BOF works
Stack based buffer overflow
24-25 Heap based buffer overflow 4.0
Heap spray
Understanding the shellcode
Mapping the memory
Fuzzing
Countermeasures Exploit Writing
Exploits Overview
Prerequisites for Writing Exploits and Shellcodes
Purpose of Exploit Writing
26 Types of Exploits 2.0
Tools that aid in writing Shellcode
Issues Involved With Shellcode Writing
Addressing problem
Null byte problem
System call implementation Metasploit Framework
Introduction to this framework
27-28 Getting hands on commands 4.0
Hacking windows with metasploit
Hacking Linux with metasploit
Firewalls, IDS, Evading IDS
Introduction
How to detect Intrusion
30 Types of Intrusion 2.0
Configuring IDPS
Firewall and it’s types
Evading Firewalls and IDS Wireless Hacking & Security
Wireless Protocols
Wireless Routers-Working
31 Attacks on Wireless Routers 2.0
Cracking Wireless routers password(WEP)
Securing routers from Hackers
Countermeasures
Mobile, VoIP Hacking & Security
SMS & SMSC Introduction
SMS forging & countermeasures
32 Sending & Tracking fake SMSes 2.0
VoIP Introduction
Installing VoIP Server
Forging Call using VoIP Bluetooth Hacking
Introduction to Bluetooth
Understanding Bluetooth protocols
Types of Bluetooth attacks
Bluejacking
Tools for Bluejacking
33 BlueSpam 2.0
Blue snarfing
BlueBug Attack
Short Pairing Code Attacks
Man-In-Middle Attacks
Tools that aid in Bluetooth Hacking
Countermeasures
Introduction to Cyber Crime Investigation & IT ACT 2000
Types of Cyber Crimes
34 Reporting Cyber Crimes & Incidence response 2.0
Introduction to IT Act 2000 & its sections
Flaws in IT ACT,2000
Investigation Methodologies & Case Studies
Different Logging Systems
Investigating Emails ( Email Tracing)
35 Ahmedabad Bomb Blasts Terror Mail case study 2.0 Investigating Phishing Cases
Investigating Data Theft Cases
Investigating Orkut Profile Impersonation Cases
Investigating SMS & Call Spoofing Cases
36 Cyber Forensics 2.0
Hands on Cyber Forensics on Hard Disks
Preparing Cyber Forensics Reports Enterprise Information Security Management
Establishment of ISMS
Implementation ,Monitoring ,Review & Maintenance of ISMS
37 Resource Management & Management Responsibilities 2.0
Internal Audits
Selection of Appropriate Controls
Corrective & Preventive Actions
38 Project Work 1 2.0
39 Project Work 2 2.0
40 Examination 2.0
Total Hours 80
Web Application Development (PHP)
Modules Particulars Hours
PHP
1 Exploring PHP Environment & Setting PHP 2.0
Environment in WAMP Server 2.0
2 Understanding & Implementing HTML 2.0
3 Working PHP Variables 2.0
4 Understanding Operators & Flow Control 2.0
5 Handling Strings & Arrays 2.0
6 Handling HTML Controls & Forms in Webpage 2.0
7 Uploading files to server using PHP 2.0
8 Installing & Configuring Database using Database 2.0
9 Working with MYSQL Database 2.0
10 Understanding Database & Implementing Mysql Schema 2.0
11 File Handling 2.0
12 Working with Sessions & Cookies 2.0
13 Securing Web Application 2.0
14 Making Sample Web Application 1 2.0
15 Making Sample Web Application 1 2.0
Total Hours 30
Note: These are just the major aspects that we will be discussing, each point will be elaborated in detail with demonstrations of the tools and techniques.
B] Projects/Web Applications to offer:
Online Antivirus Scanner
Online Vulnerability Scanner
Institute Management System
C] Program Duration:
D] Program Benefits & Highlights:
Learn & Interact with renowned Industry Experts
Receive an unparalleled education on the art of computer security with personal one-on-one attention from TechDefence.
Hands on Demonstrations of Latest Hacking Techniques & Tools.
Hands on Demonstrations of various cases solved by TechDefence.
PowerPoint Presentation, Live Demos, Interactive Question & Answer sessions and comprehensive reading material.
E] Key Benefits of TechDefence:
We have rich experience working on cases & training for Crime Branch, Ahmedabad, Nashik, Hyderabad, Surat & Rajkot.
Conducted more than 280 workshops & seminars for Students & Professionals across globe.
We helped Top Investigating Agencies to solve Cyber Terrorism Cases like Ahmedabad & Mumbai Blasts Cases.
We do not use third party tools. we have developed our Crypters, Trojans, Scripts etc.
Our Director & Trainer is supported by Ministry of Home Affairs, Malaysia & Border Security Force, India.
F] Program Trainer:
TechDefence (To know more about Sunny Vaghela please visit www.techdefence.com )
G] Summer Training Centres:
Ahmedabad, New Delhi, Jaipur, Hyderabad, Rajkot.
H] Course Material & CDs:
Comprehensive course material will be provided to participants.
Ethical Hacking Toolkit(10 CDS) (Containing Tools, Videos, EBooks, Presentations and reading material)
I] Certification:
Certificate of “Certified Cyber Security Expert Version 2.0” will be given to participants from TechDefence.
