• No results found

Summer Training Program CCSE V3.0 Certified Cyber Security Expert Version 3.0

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Summer Training Program CCSE V3.0 Certified Cyber Security Expert Version 3.0"

Copied!
39
0
0

Loading.... (view fulltext now)

Download now ( 39 Page )

Full text

(1)

Summer Training Program 2016

CCSE V3.0

(2)

TechD Facts

Incorporated in November 2009

Trained more than 50,000 students, conducted 400 Workshops Including all IITs,

NITs & Many colleges across India.

Trained Professional from many reputed companies like Yahoo!,Google,ISACA,k7

Antivirus, Elitecore , Indian Oil, Temenos, ZOHO, HCL,TCS Infosys.

Trained Investigation agencies of Gujarat, Maharashtra, Rajasthan, Tamilnadu,

West Bengal.

(3)

TechD Facts

Trained & Certified 2100 Students & Professionals for CCSE ( Certified Cyber

Security Expert) Course.

Helped Top Investigating Agencies to Solve Ahmedabad & Mumbai blasts Cyber

trails.

Associated for an out reach program with the Major Technical festivals of IIT

Bombay, Kanpur, NIT Bhopal, NIT Calicut, Jadavpur University Kolkata, and BITS

Pilani Goa for giving authorized certification.

Major VAPT Clients includes Sulekha.com, Cyberoam.

Supported by Ministry of Home Affairs, Malaysia & CMO, Gujarat.

Developed our own Crypters, Trojans, RATS for demonstrations.

(4)

TechD Facts

Sunny Vaghela (Director & CTO) is recipient of Rajiv Gandhi Young Achiever’s

Award.

TechDefence has been awarded as Best Ethical Hacking & Information Security

Company by NBC at Trident Hotel , Mumbai.

(5)

TechD Facts

TechDefence has also been awarded as Best Ethical Hacking & Information

Security Company of Western India by BIG Research & IBN 7.

Nominated for World Education Awards into category of Private Sector Initiative

for use of innovative Technology for skilled education

(6)

TechD Facts

TechDefence Certified Cyber Security Expert is career oriented hands on training

program on Advanced Ethical Hacking, Cyber Crime Investigation, Cyber

Forensics & Information Security.

(7)

CCSE Contents

Module 1 : Cyber Ethics - Hackers & hacking methodologies

Why Security ? Why Attacks ?

Hacking – Introduction Communities of Hackers Types of Hackers

Malicious Hacker Strategies Ethical Hacker Strategies

Steps for conducting Ethical Hacking. Importance of Vulnerability Research. Vulnerability Research References. Conclusion

(8)

CCSE Contents

Module 2: Basic Network Terminologies

IP address

Versions of IP Address Types of IP Address Classes of IP addresses Categories of IP Address Network Address Translation TCP protocol

UDP Protocol

Difference between TCP & UDP Proxies and VPN’s

(9)

CCSE Contents

Module 3: Information Gathering

WHOIS Information Gathering DNS Information Gathering DNS Report

MX-information NS LookUp

Website Mirroring

Website Information Gathering Email Information Gathering

Doxing (Peoples & Digitals Boxes)

Tools that aid in Information Gathering Savitabhabhi.com Case Study

(10)

CCSE Contents

Module 4: Scanning & Enumeration

Why Scanning? Types of Scanning. Objective of Scanning. Port Scanning.

Port Scanning Techniques. Port Scanning using Nmap

Advance Nmap Scanning(Nmap Scripting Engine) Banner Grabbing techniques

Network Scanning Techniques. Network Auditors.

(11)

CCSE Contents

Module 5: Virus, Worms, Malware, Spyware, Adware & Trojans

What is Virus? What are Worms?

Difference between Virus & Worms What are Trojans?

How Trojans Work?

How to hack a computer system using Trojan? How to create a Trojan?

Introduction to some RAT Tools

Issues in sending and executing a Trojan Overcoming above issues.

(12)

CCSE Contents

Module 6: Phishing & its Prevention

History of Phishing What is Phishing? Types of Phishing

Why it is called as a Social Engineering Technique? Steps to perform Phishing

Tricks to perform Phishing

Precautions against Phishing Attempts Detecting Phishing Crimes

(13)

CCSE Contents

Module 7: System Hacking & Security

Password Cracking Privilege Escalation

Tools to aid in System Hacking Understanding Rootkits

Clearing Traces Countermeasures

(14)

CCSE Contents

Module 8: Windows Honeypot & Web Based Honeypot

Introduction to Honeypots Setting up Account

Setting up a Honeypot Managing Honeypot

(15)

CCSE Contents

Module 9: Cryptography

Public-key Cryptography Working of Encryption Digital Signature

RSA & Example of RSA Algorithm RC4, RC5, RC6, Blowfish

Algorithms and Security Email Encryption

(16)

CCSE Contents

Module 10: Introduction to Web Application & Database

What is a Website?

What is a Web Application? Website Vs. Web Application Categories of Website Architecture One-Tier Architecture Two-Tier Architecture Three-Tier Architecture Multi/N-Tier Architecture Technologies What is a Database? Well Known Databases

(17)

CCSE Contents

Module 11: Introduction to OWASP Top 10

What is a OWASP? Understanding OWASP

(18)

CCSE Contents

Module 12: Authentication Bypass (Basic SQL Injection)

What is Authentication? Database Basics

What is SQL?

Basics of SQL Query

Introduction to Logic Gates How to Bypass Authentication? Video Demonstration

Basic Combinations to Bypass Bypass Cheat Sheet

(19)

CCSE Contents

Module 13: Google Hacking

Understanding how Google works Google basic operators

Google advanced operators Automated Google tools

How to use Google to find the desired website

(20)

CCSE Contents

Module 14: Advance SQL Injection(MySQL)

Definition Vulnerability

Testing for Vulnerability Injection Type

Integer Based Injection String Based Injection Exploiting Vulnerability

Enumerating Database Name and Version Enumerating Table Names

Enumerating Column Names

Enumerating Data from Column Names

(21)

CCSE Contents

Module 15: SQL Injection – Firewall Evasion

What is WAF? Working of WAF

How to know if there is a Web Application Firewall? Techniques to Bypass WAF

Video Demonstration – SQL Injection Firewall Evasion Scope of this technique

(22)

CCSE Contents

Module 16: Advance SQL Injection(MSSQL Injection)

What is MSSQL?

What would be Target Applications? Finding Vulnerable Links

Testing Vulnerability Exploiting Vulnerability Enumerating Table Names Enumerating Column Names Enumerating Data

(23)

CCSE Contents

Module 17: SQL Injection using Automated Tools

Introduction to Automated Tools Why to use Automated Tools? Introduction to Best Tools

(24)

CCSE Contents

Module 18: Hacking Web Servers

Introduction to Web Server Web Application & Web Server Way to Hack Web Server

Vulnerability on Web Application What is Shell?

List of Shells

Functionalities of Shell How to Upload Shell? Video Demonstration

(25)

CCSE Contents

Module 19: XSS – Cross Site Scripting

Introduction to HTML Introduction to JavaScripts Introduction to Cookies What is XSS? Impact of XSS Severity of XSS How to test for XSS Bypassing Filters How to Exploit XSS

(26)

CCSE Contents

Module 20: CSRF, Click Jacking

Introduction to CSRF

Building Proof of Concept Code Protections against CSRF

Click Jacking & Protections

Module 21: Information Disclosure Vulnerabilities

Introduction

Setting up the correct chmod

Protecting the sensitive server files Preventing the data loss

(27)

CCSE Contents

Module 22: Introduction to Burp Suite

Burp Interceptor Burp Target Burp Spider Burp Scanner Burp Intruder Burp Repeater Burp Decoder Burp Sequencer Burp Extender

Burp App Store- Introduction Live Hacking Through Burp

(28)

CCSE Contents

Module 23: Vulnerability Assessment & Penetration Testing

Introduction to VAPT

Categories of security assessments Vulnerability Assessment

Limitations of Vulnerability Assessment Penetration Testing

Types of Penetration Testing Do-It-Yourself Testing

Outsourcing Penetration Testing Services Terms of Engagement

Project Scope & Pentest Service Level Agreements Testing points & Locations

(29)

CCSE Contents

Module 24: Assembly Language Basics

Difference Assembly Language Vs High-level Language Assembly Language Compilers

Understanding Instruction operands, Directive & preprocessor

Interrupts , Interrupt handler, External interrupts and Internal interrupts Handlers Assembling the & Compiling the C code

Linking the object files & Understanding an assembly listing file Big and Little Endian Representation, Skeleton File

Working with Integers, Signed integers & Signed Magnitude Understanding Two’s Compliment, If statements, Do while loops Indirect addressing, Subprogram

Understanding The Stack, SS segment& ESP The Stack UsageThe CALL and RET Instructions

(30)

CCSE Contents

Module 25 : Reverse Engineering

Introduction to RE Briefing OllyDbg

Patching – SMAC, ClassRoomSpyPro & PowerISO Cracking – SMAC, ClassRoomSpyPro & PowerISO Keygening – SMAC, ClassRoomSpyPro & PowerISO Countermeasures

(31)

CCSE Contents

Module 26 & Module 27: Buffer Overflows 1-2

Introduction How BOF works

Stack based buffer overflow Understanding the Shellcode Mapping the memory

(32)

CCSE Contents

Module 28: Exploit Writing

Exploits Overview

Prerequisites for Writing Exploits and Shellcodes Purpose of Exploit Writing

Types of Exploits

Tools that aid in writing Shellcode

Issues Involved With Shellcode Writing Addressing problem

Null byte problem

(33)

CCSE Contents

Module 29 : Metasploit Framework using BackTrack or Kali Linux

Introduction to this framework Getting hands on commands

Hacking windows with Metasploit Hacking Linux with Metasploit

WebServer Hacking through Metasploit Android Hacking using Metasploit

MSFVenom – Payload creation

(34)

CCSE Contents

Module 30: Wireless Hacking & Security Wireless Protocols

Wireless Routers-Working Attacks on Wireless Routers

Cracking Wireless routers password(WEP) Wi-Fi Phisher

Securing routers from Hackers Countermeasures

(35)

CCSE Contents

Module 31: Mobile, VoIP Hacking & Security SMS & SMSC Introduction

SMS forging & countermeasures Sending & Tracking fake SMSes Call Forging & countermeasures

Android Hacking using Android Malware Android Hacking using Android Trojan VoIP Introduction

Installing VoIP Server & Forging Call using VoIP Android Phone Rooting

Understanding ADB

(36)

CCSE Contents

Module 32: Mobile Application Security (Android) What is Android?

History of Android

Android Application Fundamentals

Understanding AndroidManifest.xml file Android Application Vulnerabilities

Static Analysis of Android Binaries Live Demonstrations

(37)

CCSE Contents

Module 33: Introduction to Cyber Crime Investigation & IT ACT 2000

Types of Cyber Crimes

Reporting Cyber Crimes & Incidence response Introduction to IT Act 2000 & its sections

Flaws in IT ACT,2000

Investigation Methodologies & Case Studies Different Logging Systems.

Investigating Emails ( Email Tracing)

Ahmedabad Bomb Blasts Terror Mail case study Investigating Phishing Cases

Investigating Data Theft Cases

Investigating Facebook Profile Impersonation Cases Investigating SMS & Call Spoofing Cases

(38)

CCSE Contents

Module 34: Cyber Forensics

Cyber Forensics

Understanding Cyber Forensics

Hands on Cyber Forensics on Hard Disks Whatsapp Forensics

Module 35 : Final Exam

(39)

Other Details

Total Hours: 80 hours

Training Duration : 30 – 45 Days.

Training Centers: Ahmedabad, Delhi , Hyderabad.

References

Download now ( PDF - 39 Page - 798.84 KB )

Related documents

EX3600-6

Alternator Engine stop Coolant overheat Hydraulic oil level Auto lubrication Fast-filling Tension Electric lever Emergency engine stop Top valve.. Engine over run Coolant level

Book Review 'Symbol, Pattern and Symmetry: The Cultural Significance of Structure, Michael Hann (2013)'

This book makes accessible visual arts analysis of geometric and symmetry characteristics identified by the author as traditionally the subject of study for

Comparative Review of VSaaS and Local CCTV Recording and Management

Nigel has in-depth knowledge of cyber security, information security, business risk, data breach incident response, digital forensics, business continuity, cyber warfare, cyber

A Genealogy Of Ecological Rhetoric: Heraclitus, Bacon, Darwin And Huxley

Analyzing Darwin (rhetorically) and Huxley (largely as a rhetorician) allows us to not only examine early critiques of the rhetoric of artificial selection, or how this was ripe

Social Engineering. Hacking Human Nature

sophisticated CYBER SECURITY | REGULATORY COMPLIANCE | DIGITAL FORENSICS.. CYBER SECURITY | REGULATORY COMPLIANCE |

An enterprise grade information security & forensic technical team

leader and industry speaker on Digital Forensics along with a talented team of Digital Forensic Experts, Cyber Crime Investigators and Certified Information Security experts;

NOT FIT ALL: ONE SIZE DOES WHEN CLOUD IS THE ANSWER LESSONS LEARNED IN THE CLOUD

Cloud services essentially come in three different deployment models: public clouds, private clouds or hybrid clouds.. Each type of Cloud brings with it a unique set of

Certified Cyber Security Expert V Web Application Development

 Certificate of “Certified Cyber Security Expert Version 2.0” will be given to participants from