MODULE 1 - ETHICAL HACKING
In this module, you will learn about hacking, its historical evolution, famous hackers, importance of safeguarding digital assets, phases of hacking, highlighting approaches used by hackers, and ethical hacking industry practices. The module also covers different types of hackers based on their motivations and intentions and the difference between ethical hackers (who work to protect the systems) and malicious hackers (who exploit the systems' vulnerabilities for illegal purposes).
MODULE 2 - FOOTPRINTING AND RECONNAISSANCE
In this module, you will learn about footprinting significance and terminology.
- Footprinting techniques like footprinting through search engines, finding a company's external and internal URLs, collecting location information, people searching, people searching online services, and people search on social networking services.
- Footprinting through job sites includes website footprinting, website mirroring tools, and extracting website information.
- Email footprinting, like tracking email communications, collecting information from email headers, and email tracking tools.
- Footprinting using Google hacking techniques, what a hacker can do with Google hacking, Google advanced search operators and finding resources using them, and knowledge about Google hacking tools (Google Hacking Database (GHDB)).
The module then focuses on the concept of Who Is footprinting which includes Who Is Look Up and Who Is Look Up result analysis, DNS footprinting, including tools used and information extraction methods, and footprinting through social engineering, which includes collecting information through techniques like shoulder surfing and dumpster diving.
Finally, you will gain knowledge about footprinting tools like Maltego, DNSenum, Dmitry, and other essential utilities for reconnaissance and data gathering in the context of ethical hacking and cybersecurity.
MODULE 3 - SCANNING NETWORK
This module covers an overview of networking essentials and scanning techniques and familiarizes you with ports and protocols. You will learn about various types of scanning (port, network, and vulnerability), the objectives of scanning, including goals such as detecting live systems on a network, discovering open ports, OS and service detection, obtaining IP information from the host and host information from the IP, and discovering IP addresses in the network.
In this module, you will also gain knowledge about transmission control protocol (TCP) and various scanning tools, including Nmap, Host, NBT scan, Fping, Alive6, Netcat, Vega, and Nessus, to conduct thorough network scans and security assessments effectively.
MODULE 4 - ENUMERATION
The module focuses on enumeration concepts, including their principles and significance, enumeration techniques for extracting valuable information from target systems, and services and ports to enumerate for identifying and cataloging network services and open ports. Enumeration is a basic concept of the ethical hacking process, and this module equips you with the knowledge of techniques essential for carrying out effective system analysis.
MODULE 5 - SYSTEM HACKING
In this module, you will learn about the information at hand before the system hacking stage to prepare you for subsequent ethical hacking phases, the complexities of system hacking, including password cracking, and specific techniques for Window hacking using tools like Ophcrack, Hiren Boot, and CMD, and Linus hacking to become well-versed in knowledge and skills to assess and penetrate target systems and identify and mitigate security vulnerabilities.
MODULE 6 - TROJANS AND BACKDOORS
This module introduces you to the concept of trojans and backdoors, their historical context, and trojan concepts, including their purpose, what trojan creators look for, indicators of trojan attack, and common ports used by trojans. You will also learn about trojan infections, including how systems get infected using trojans, ways a trojan can get into a system, and methods to deploy a trojan. Further, the module explores crucial trojan tools like ProRat and CyberGate and emphasizes the importance of trojan detection techniques. This module will equip you with knowledge and skills to recognize, counteract, and prevent Trojan-based cyber threats.
MODULE 7 - VIRUSES AND WORMS
In this module, you will gain insights about computer viruses and worms, their historical perspective, keyloggers, and how systems get infected by them. The module also covers the significance of countermeasures against viruses and worms, including virus detection methods and anti-virus tools, to enhance cybersecurity and protect against malicious software infiltrations. After the completion of this module, you will be equipped with the skills to recognize, combat, and safeguard systems against these digital threats.
MODULE 8 - SNIFFING
In this module, you will learn about network sniffing, including both active and passive methods, explore techniques like ARP poisoning and Man-in-the-Middle (MITM) attacks, and gain working knowledge of various sniffing tools like Ettercap, Cain and Abel, and Wireshark. The module also covers the significance of HTTP sniffing and SSL stripping in cyber security and the potential risks they pose. You will be equipped with the knowledge to understand the intricacies of network sniffing and its implications for security.
MODULE 9 - SESSION HIJACKING
This module introduces you to session hijacking, key differences between session spoofing and hijacking, steps involved in session hijacking, and various types of session hijacking. Fundamentals of the TCP three-way handshake and the client-server model, which includes two-tier and three-tier models, along with preventive measures to mitigate the risks associated with session hijacking, are also covered.
MODULE 10 - SOCIAL ENGINEERING
This module explores the concept of social engineering, behaviors susceptible to social engineering attacks, factors that make companies vulnerable to such attacks, and various social engineering techniques (human-based, system-based, and mobile-based). You will also gain knowledge about ways to detect phishing emails, how to detect phishing with the SE toolkit, and the concept of web server phishing. This module will equip you with the skills to understand and counter social engineering in the cyber domain with ease.
MODULE 11 - DENIAL OF SERVICE (DoS)
In this module, you will learn about Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, indicators of a DoS attack, the workings of DDoS attacks, and the involvement of cybercriminals in these attacks. The module further highlights how to use various DDoS attack tools, like the Low Orbit Ion Cannon (LOIC), and the involvement of groups such as Anonymous in such activities.
MODULE 12 - HACKING WEB SERVER
This module focuses on essential components of online systems, web servers, and database servers, along with hacking web servers using the Metasploit framework. Web servers are the backbone of websites, serving web pages to users, and database servers store and manage data. Understanding them deeply is essential for legitimate hackers to gain insights into the vulnerabilities and potential exploitation of these server systems to safeguard against malicious activities.
MODULE 13 - STRUCTURED QUERY LANGUAGE INJECTION
In this module, you will be introduced to structured query language (SQL) and SQL attacks, highlighting the vulnerabilities web applications face. Topics like vulnerability testing for SQL injection, including a SQL injection cheat sheet for reference, and SQL injection tools like SQLMap and Havij commonly used by security professionals and hackers to assess and exploit SQL vulnerabilities are also covered. Finally, the module concludes with SQL injection countermeasures to defend against injection attacks.
MODULE 14 - HACKING WIRELESS NETWORKS
This module covers an overview of wireless networks and standards, components of wireless networks, like service set identifiers (SSIDs), Wi-Fi authentication modes, and the authentication process using a centralized server. You will also learn about the functioning of wired equivalent privacy (WEP) encryption and the concept of Wi-Fi protected access (WPA) and its operations, which highlight the significance of encryption methods in securing wireless networks.
MODULE 15 - EVADING IDS, FIREWALLS AND HONEYPOT
In this module, you will gain insights about elements of network security, intrusion detection systems (IDS), including their working and placement in network infrastructure, and methods to detect intrusions. The module also focuses on firewalls, including their architecture, demilitarized zone (DMZ), and types of firewalls (packet filtering, circuit-level gateways, and stateful inspection). Additionally, the module explores honeypots, including their various types and the process of setting up a honeypot, emphasizing their role in enhancing network security.
MODULE 16 - BUFFER OVERFLOW
This module highlights the topic of buffer overflows, the vulnerability of programs and applications to such attacks, and the need for robust countermeasures and defence strategies to safeguard systems against buffer overflow attacks, emphasizing prevention techniques to mitigate such vulnerabilities and attacks, thereby enhancing overall cybersecurity.
MODULE 17 - CRYPTOGRAPHY
In this module, you will gain insights about the role of cryptography in the field of information security, different types of cryptography, and different types of algorithms, including symmetric, asymmetric, and hash, and how they help in safeguarding data. The module also highlights the practical aspects of cryptography, including the process of creating a hash for any file and generating public and private keys to ensure the confidentiality and integrity of sensitive information.
MODULE 18 - PENETRATION TESTING
This module covers the significance of penetration testing, the concept of security audits, vulnerability assessments and their limitations, penetration testing, and comparisons among security audits, vulnerability assessments, and penetration testing, focusing on their roles to assess and enhance the security of information systems. You will also learn about the characteristics of a successful penetration test and the various types of penetration testing, including black-box, grey-box, and white-box approaches. Finally, you will gain an understanding of what aspects should be tested to ensure security assessments.
MODULE 19 - MOBILE HACKING
In this module, you will gain insights about various techniques and practices related to mobile device security, SIM cloning, call spoofing, and message spoofing to explore vulnerabilities in mobile communication. The module also covers the concept of hacking codes and hacking the Android operating system, emphasizing the potential threats and security concerns in mobile technology.
MODULE 20 - STEGANOGRAPHY
The module introduces you to steganography, the art of hiding information within other data to maintain secrecy. It covers several steganographic techniques, like concealing text behind images, hiding one image within another, hiding videos behind images, and encoding text within other text. You will also gain insights about the concept of drive hiding, a method for obscuring data on storage devices, and the tools and technologies that help attackers implement these malicious practices.