Training Type

Select faculty

Select Date

Dur:
Course fee : /-

Download Curriculum

Cyber Security & Ethical Hacking

Course Overview

Cyber Security & Ethical Hacking is a specialized course designed to equip individuals with the skills and knowledge required to identify vulnerabilities in computer systems and networks, and to ethically exploit them in order to strengthen system security. The course emphasizes ethical practices and legal frameworks while teaching practical hacking techniques, defense strategies, and risk management principles.

Description

This course introduces students to the fundamentals of cyber security and ethical hacking. Participants will learn how attackers think and operate, and how to protect systems using tools and techniques like penetration testing, vulnerability assessment, network security, cryptography, and digital forensics. Real-world scenarios and hands-on labs will enhance learners' practical skills, preparing them for certifications and professional roles in cyber defense.

Topics covered include:

Introduction to Cyber Security & Ethical Hacking
Types of Hackers & Cyber Attacks
Footprinting & Reconnaissance
Scanning Networks & System Hacking
Malware, Trojans, and Backdoors
Web Application Security
Wireless Network Security
Cryptography Basics
Cyber Laws & Ethics
Tools like Nmap, Metasploit, Wireshark, Burp Suite, etc.

Course Objectives

By the end of this course, learners will be able to:

Understand the core principles of cyber security and ethical hacking
Perform penetration testing and vulnerability assessments
Recognize and mitigate various types of cyber threats and attacks
Use industry-standard tools to test and secure networks and systems
Comply with legal and ethical guidelines related to ethical hacking
Prepare for certifications like CEH (Certified Ethical Hacker), CompTIA Security+, etc.

Prerequisites

Prerequisites
- Basic understanding of computer systems and networks
- Familiarity with operating systems (especially Windows & Linux)
- Some experience with programming/scripting (e.g., Python, Bash) is helpful but not mandatory
- Curiosity and a strong interest in cyber security

Enroll Now

Course Curriculum

What is Cybersecurity?
Threats, vulnerabilities, and risks
Types of cyber attacks (malware, phishing, DDoS, ransomware)
Cybersecurity domains (network, application, endpoint, cloud, etc.)
Security goals: Confidentiality, Integrity, Availability (CIA Triad)
Cybersecurity frameworks: NIST, ISO/IEC 27001

Who are hackers? Black Hat, White Hat, Grey Hat
Principles of ethical hacking
Legal considerations and compliance (Computer Fraud and Abuse Act, GDPR, HIPAA)
Penetration testing lifecycle
Bug bounty programs and responsible disclosure

Installing and configuring VMware/VirtualBox for a controlled testing environment
Installing Kali Linux and setting up essential tools (Metasploit, Nmap, Burp Suite)
Configuring a target machine (e.g., Metasploitable) for penetration testing practice

OSI & TCP/IP models
IP addressing, DNS, DHCP, NAT
Ports and protocols (TCP, UDP, ICMP)
Network scanning basics
Wireshark & packet analysis

Configure a virtual network with multiple machines (attacker, target, defender)
Perform basic ping tests, and use traceroute to understand network topology
Analyze network traffic using Wireshark to capture TCP/IP packets and identify protocols and ports

Passive vs active reconnaissance
WHOIS, nslookup, Shodan
Google hacking and OSINT tools
Social engineering basics

Use Nmap for network mapping and service discovery on a target network
Perform a WHOIS lookup, DNS enumeration, and search for subdomains
Conduct Google Dorking for OSINT and perform Maltego data collection
Engage in a simulated social engineering attack using phishing techniques

Port scanning with Nmap
Banner grabbing and version detection
Identifying services and vulnerabilities
SMB, SNMP, NetBIOS enumeration

Conduct port scanning and service detection using Nmap on a target network
Use Nessus to perform a vulnerability assessment of a target machine
Perform SMB enumeration and SNMP enumeration on a network of machines

Exploitation basics (Metasploit framework)
Password attacks (Brute-force, Dictionary, Rainbow tables)
Privilege escalation (Linux & Windows)
Maintaining access and clearing tracks

Use Metasploit to exploit vulnerabilities in a controlled lab environment
Develop custom exploits using Metasploit and execute them in a controlled setup

OWASP Top 10 (XSS, SQLi, CSRF, SSRF, etc.)
Burp Suite intro
Input validation and parameter tampering
Exploiting authentication flaws

Use Burp Suite to intercept HTTP requests and test for vulnerabilities like SQL injection and XSS
Conduct a SQL injection attack on a vulnerable web application
Perform Cross-Site Scripting (XSS)
Implement session hijacking techniques in a vulnerable application

Types of malware (viruses, worms, trojans, RATs)
Static and dynamic malware analysis
Exploit development basics
Antivirus evasion and encoding

Introduction to Defensive Security
Blue Team vs Red Team vs Purple Team
Security controls (preventive, detective, corrective)
Firewall, IDS/IPS, SIEM tools (Splunk)
Endpoint security: Antivirus, EDR (Endpoint Detection and Response)

Configure and test an Intrusion Detection System (IDS) using tools like Snort
Implement and test firewall rules

What is a SOC?
SOC tiers: Tier 1 (monitoring), Tier 2 (analysis), Tier 3 (threat hunting)
Role of SIEM (Security Information and Event Management)
Common SOC tools: ELK Stack, Splunk, AlienVault
Log sources: firewall, endpoint, proxy, authentication systems

Threat monitoring and incident detection
Event triage and escalation
Incident response and containment
Forensics and root cause analysis
Reporting and compliance

Threat intelligence lifecycle
IOC vs IOA
Cyber kill chain and MITRE ATT&CK
Incident response lifecycle (Preparation, Detection, Containment, Eradication, Recovery)
Forensic acquisition tools (FTK Imager, Autopsy)

Perform incident response simulations to handle security breaches and gather forensic data

Introduction to CTF competitions and platforms (e.g., Hack The Box, TryHackMe)
Hands-on challenges: Solving real-world cybersecurity puzzles in a simulated environment
Practical application of penetration testing and defense strategies learned throughout the course

Participate in a CTF competition to solve real-world puzzles

APPLY NOW !

Who can learn this course

Who Can Learn This Course

This course is ideal for:

Students pursuing careers in Information Security or IT
IT professionals seeking to upgrade their skills in cyber security
Network/System Administrators and Software Developers
Ethical hacking enthusiasts and beginners in cyber security
Anyone interested in learning how to secure digital systems and ethically test them