MODULE 1 – ETHICAL HACKING
The meaning of the ethical hacking and ethical hacker is used to define the hacking performed by an organization or a person to help in the identification of the threats in a network or electronics. Ethical hackers can undertake an effort to penetrate networks and evade way previous computer securities and examine any points that could be exploited through malicious hackers.
Introduction to ethical hacking introduces the general principle of hacking, history of hacking, famous hackers, phases of hacking, ethical hacking industry practices, difference between ethical hacker and malicious hacker, and types of hackers.
MODULE 2 – FOOTPRINTING AND RECONNAISSANCE
Footprinting and reconnaissance is the initial phase and very essential evil that penetration tester used to assess for the IT infrastructure security and indicates the maximum figures about the devices and networks.
The basics techniques used for footprinting is ping sweep and TCP Scans.
Module summarizes the footprinting concepts, objectives of footprinting, footprint methodology like- footprint through search engines, finding company’s external and internal URLs, collect location information, people search online services, people search on social networking services, footprinting through job sites, website footprinting, website mirroring tools, extract website information, email footprinting, tracking email communications, collecting information from email header, email tracking tools.
Apart from this, it also comprises the footprinting using Google, Google hacking techniques, Google advance search operators, Google hacking tools, Google hacking database (GHDB), DNS footprinting, footprinting through social engineering, and footprinting tools such as maltego, DNSEnum, Dmitr etc.
MODULE 3 – SCANNING NETWORK
Network scanning is a procedure for finding information and identifying the attacker, IP address, and so on. The module structure covers the introduction of scanning, the introduction of ports and protocols, types of scanning - port scanning, network scanning, and vulnerability scanning. Objective of scanning - detect live systems on network, discover open ports on system, OS detection, service detection, and version detection, obtaining IP from host, obtaining host from IP, discover IP addresses in network, and overview of TCP. The introductory part of scanning tools likes – Nmap, Host, NBT scan, Fping, Alive6, Netcat, Vega, and Nessus.
MODULE 4 – ENUMERATION
First attack on target network is an enumeration. It is a procedure to take all information of the user, user name, machine information, resources of networks, services, etc. In this module, you will be introduced to the enumeration. The fundamentals of the enumeration concepts and techniques are included in this module. You will be introduced to the enumeration, services, and ports to enumerate.
MODULE 5 – SYSTEM HACKING
Password hacking is divided into four categories – active online attacks, offline attacks, passive online attacks, and non-technical attacks. System hacking module completely comprises the information at hand before system hacking stage, system hacking - cracking password, window hacking by Ophcrack, window hacking by hiren boot, window hacking by CMD, and Linux hacking.
MODULE 6 – TROJANS AND BACKDOORS
Trojans is a programme that pretenses as a benevolent application. The main Trojan horses are Data Sending Trojans, Proxy Trojans, Destructive Trojans, Remote Access Trojans, FTP Trojans, security software disabler Trojans, and denial-of-service attack (DoS) Trojans. Backdoor is a way of accessing a programme or in the meaning of the entire computer system. It is also known as trapdoor.
The structure of the module will define you to concepts of Trojans, Trojan creators, indications of a Trojan attack, Trojan infection, Trojan Tools, and the detection methods of Trojan.
MODULE 7 – VIRUSES AND WORMS
Virus, Trojans, Worms, etc. are part of the malware or malicious software. All these are specially designed to steal, harm, and interrupt the networks. Virus is very harmful to computer and it attached itself and spread from one to another system and infect the systems. Worms are classified as a sub class of viruses. In the additional nature, worms spread from system to system without any human actions. Both are malicious programs that self-replicate on systems or through computer networks without any awareness of the user being. Subclasses of malware programs contain - Email-Worm, Net-Worm, IM-Worm, IRC-Worm, P2P-Worm, etc.
The module will introduce you to the nature of viruses and worms, difference between viruses and worms, key loggers, virus detection methods, virus, and worms countermeasures.
MODULE 8 – SNIFFING
It covers all the aspects of the sniffing such as overview of sniffing, types of sniffing, active and passive, introduction to ARP poisoning, MITM, sniffing tools- ettercap, cain and able and wireshark.
MODULE 9 – SESSION HIJACKING
In the field of application security, session hijacking is very ancient and repetitive topic. The module will focus on the introduction to session hijacking, difference between spoofing and hijacking, steps of session hijacking, types of session hijacking, brief introduction of TCP, three-way handshake, client-server model - two-tier and three-tier.
MODULE 10 – SOCIAL ENGINEERING
It is the resources of the information. The module will comprise the concepts of social engineering, behaviors vulnerable to attacks, factors that make companies vulnerable to attacks, social engineering techniques, types of social engineering such as human-based, system-based, and mobile-based.
MODULE 11 – DENIAL OF SERVICE (DOS)
An attack is an event in which a user or association is deprived of the services of a store they would usually expect to have, is known as Denial of Service (DoS). Module will describe you to the concepts of DoS, Denial of Service attack, symptoms of a DoS attack, Cyber Criminals, and Case Studies.
MODULE 12 – HACKING WEBSERVER
Hacking webserver, introduction to web server, introduction to database, and the hacking webserver with Metasploit would be comprised in this module.
MODULE 13 – STRUCTURED QUERY LANGUAGE INJECTION
It is a code injection method used to attack the data-driven application in which malware SQL statements are inserted into an entry field for implementation. The module will introduce you to the basics of SQL injection, vulnerability testing for SQL injection, SQL injection cheat sheet, SQL injection tools like SQL MAP and Havij.
MODULE 14 – HACKING WIRELESS NETWORKS
Hacking wireless network will describe you to the concepts of the wireless, wireless standards, service set identifier (SSID), Wi-Fi authentication modes, Wi-Fi authentication process using a centralized authentication server, wireless encryption, types of wireless encryption, and its works.
MODULE 15 – EVADING IDS, FIREWALLS AND HONEYPOT
The Intrusion detection system (IDS) classifies any doubtful pattern that may show an attack that could co-operation the computer. Module will define you to the concepts of IDS, firewall and honeypot concepts, IDS and their placement, IDS Works, firewall, and the introduction of honeypot.
MODULE 16 – BUFFER OVERFLOW
When any programme efforts to store extra data in a buffer than it was intended to hold after that occurs the buffer overflow. It will familiarize you to the basic concepts of buffer overflow, buffer overflow counter-measures, defense against buffer overflows, and prevention of BOF attacks.
MODULE 17 – CRYPTOGRAPHY
Cryptography is a crucial tool for protecting info in systems. This course explains cryptography concepts, types of cryptography, and algorithms such as symmetric, asymmetric, and hash.
MODULE 18 – PENETRATION TESTING
Penetration testing is a tool to test and evaluate the security and of a system, networks to catch vulnerabilities that an attacker could exploit. The module will comprise the concepts of pen testing, security assessments, security audit, vulnerability assessment, limitations of vulnerability assessment, and types of pen testing like- black-box penetration testing, grey-box penetration testing, and white-box penetration testing.
MODULE 19 – MOBILE HACKING
This module will introduce you to the mobile hacking methods, call spoofing, message spoofing, hacking codes, and hacking android OS.
MODULE 20 – STEGANOGRAPHY
The students will understand the basics of stenography, hiding text behind an image, hiding image behind image, hiding video behind image, hiding text behind text, and drive hiding. It also covers the necessary tools of the stenography.