Curriculum
- 12 Sections
- 115 Lessons
- 12 Weeks
Expand all sectionsCollapse all sections
- Week 1Introduction to Ethical Hacking10
- 1.1Introduction to Ethical Hacking & Its Importance in Cybersecurity60 Minutes
- 1.2Real-World Hacking Skills & Ethical Hacking Use Cases
- 1.3Hacking Concepts: Attack Vectors, Threat Actors & Security Risks
- 1.4Understanding Ethical Hacking Concepts & Legal Boundaries
- 1.5Hacking Methodologies & Frameworks (PTES, OSSTMM, NIST, OWASP)
- 1.6Information Security Controls: Preventive, Detective & Corrective Measures
- 1.7Enumeration Techniques & Countermeasures Against Enumeration
- 1.8Common Attack Techniques: Social Engineering, Phishing, Malware & Exploits
- 1.9Understanding Information Security Laws, Standards & Compliance
- 1.10Hands-on Lab: Setting Up a Legal & Safe Ethical Hacking Environment
- Week 2Footprinting and Reconnaissance10
- 2.1Introduction to Footprinting: Concepts & Importance in Ethical Hacking60 Minutes
- 2.2Footprinting through Search Engines: Google Dorking & Advanced Queries
- 2.3Footprinting through Internet Research Services & Public Databases
- 2.4Footprinting through Social Networking Sites: OSINT Techniques
- 2.5Gathering Domain & Ownership Information
- 2.6DNS Footprinting: Extracting Subdomains, Records & Zone Transfers
- 2.7Network & Email Footprinting: Tracking IPs, Headers & Open Ports
- 2.8Footprinting through Social Engineering: Gathering Info from Humans
- 2.9Automating Footprinting Tasks Using Advanced Tools & AI
- 2.10Footprinting Countermeasures: Protecting Against Information Disclosure
- Week 3Scanning Networks & Enumeration10
- 3.1Introduction to Network Scanning: Concepts & Importance60 Minutes
- 3.2Common Scanning Tools: Nmap, Masscan, Angry IP Scanner & Advanced Scanners
- 3.3Host Discovery Techniques: Identifying Live Hosts in a Network
- 3.4Port & Service Discovery: Scanning Open Ports & Running Services
- 3.5OS Discovery: Banner Grabbing & OS Fingerprinting Techniques
- 3.6Bypassing Firewalls & IDS: Stealth Scanning & Evasion Techniques
- 3.7Source Port Manipulation & Fragmentation Attacks in Scanning
- 3.8Network Scanning Countermeasures: Preventing Unauthorized Scans
- 3.9Enumeration Concepts: Extracting System & User Information
- 3.10Enumeration Techniques: NetBIOS, SNMP, LDAP, NTP, NFS, SMTP & DNS
- Week 4Vulnerability Analysis & System Hacking10
- 4.1Introduction to Vulnerability Assessment: Concepts & Importance
- 4.2Understanding Vulnerability Scoring Systems (CVSS, CVE, CWE) & Databases (Exploit DB , NVD, Rapid7)
- 4.3The Vulnerability Management Life Cycle: Identification to Remediation
- 4.4Vulnerability Research: Identifying & Exploiting Security Flaws
- 4.5Vulnerability Scanning & Analysis: Manual vs. Automated Approaches
- 4.6Popular Vulnerability Assessment Tools: Nessus, OpenVAS, Qualys, Nikto10 Minutes0 Questions
- 4.7Generating & Interpreting Vulnerability Assessment Reports10 Minutes0 Questions
- 4.8System Hacking Techniques: Gaining Initial Access to Target Systems10 Minutes0 Questions
- 4.9Privilege Escalation: Elevating Access & Exploiting Misconfigurations10 Minutes0 Questions
- 4.10Post-Exploitation: Maintaining Access & Covering Tracks (Log Clearing & Rootkits)10 Minutes0 Questions
- Week 5Malware Threats & Sniffing10
- 5.1Introduction to Malware: Concepts, Types & Attack Vectors
- 5.2Advanced Persistent Threats (APT): Understanding Long-Term Cyber Attacks
- 5.3Trojan Horses: Backdoors, Remote Access Trojans (RATs) & Payloads
- 5.4Viruses & Worms: Propagation Techniques & Infection Mechanisms
- 5.5Fileless Malware: Living-Off-The-Land Attacks & Memory-Based Exploits
- 5.6AI-Based Malware: Emerging Threats & Machine Learning in Cyber Attacks
- 5.7Malware Detection & Countermeasures: Behavior Analysis & Sandboxing
- 5.8Anti-Malware Solutions: EDR, XDR, AV & Heuristic-Based Detection
- 5.9Sniffing Concepts: Packet Capture, Network Monitoring & Data Extraction
- 5.10Sniffing Techniques, Tools (Wireshark, Ettercap, MITM), & Countermeasures
- Week 6Social Engineering & Denial-of-Service (DoS)10
- 6.1Introduction to Social Engineering: Psychological Manipulation in Cybersecurity
- 6.2Human-Based Social Engineering Techniques: Impersonation, Pretexting & Baiting
- 6.3Computer-Based Social Engineering: Phishing, Spear Phishing & Fake Websites
- 6.4Mobile-Based Social Engineering: Smishing (SMS Phishing) & Vishing (Voice Phishing)
- 6.5Social Engineering Countermeasures: Awareness, Training & Security Policies
- 6.6Understanding DoS & DDoS Attacks: Concepts, Impact & Real-World Examples
- 6.7Botnets & Their Role in Large-Scale DDoS Attacks
- 6.8Case Study: Major DDoS Attacks (Mirai, AWS Attack, GitHub Attack)
- 6.9DoS/DDoS Attack Techniques: SYN Flood, UDP Flood, HTTP Flood & Amplification
- 6.10DoS/DDoS Attack Countermeasures: Mitigation Strategies & Defensive Mechanisms
- Week 7Session Hijacking & Evading IDS, Firewalls, and Honeypots10
- 7.1Understanding Session Hijacking: Concepts, Risks & Attack Vectors
- 7.2Application-Level Session Hijacking: Cookie Theft, XSS & Session Fixation
- 7.3Network-Level Session Hijacking: TCP/IP Hijacking, ARP Spoofing & MITM Attacks
- 7.4Session Hijacking Tools: Ettercap, Burp Suite, Cain & Abel, & Wireshark
- 7.5Session Hijacking Countermeasures: Secure Session Management & Encryption
- 7.6Intrusion Detection & Prevention Systems (IDS/IPS): Concepts & Implementation
- 7.7Firewalls: Types, Configurations & Bypassing Techniques
- 7.8Evading IDS, Firewalls & NAC: Traffic Manipulation, Encoding & Obfuscation
- 7.9Honeypots: Detection, Deployment & Evasion Strategies
- 7.10Mobile Security: MDM Solutions, Security Guidelines & Protection Tools
- Week 8Hacking Web Servers & Web Applications10
- 8.1Introduction to Web Servers: Architecture, Components & Security Considerations
- 8.2Common Web Server Attacks: Directory Traversal, DoS, Misconfigurations & Zero-Days
- 8.3Web Server Attack Methodology: Reconnaissance, Exploitation & Privilege Escalation
- 8.4Web Server Hardening & Countermeasures: Security Best Practices & Configurations
- 8.5Patch Management: Identifying & Fixing Vulnerabilities in Web Servers
- 8.6Understanding Web Applications: Functionality, Frameworks & Security Risks
- 8.7Common Web Application Threats: OWASP Top 10 & Emerging Vulnerabilities
- 8.8Web Application Hacking Methodology: Recon, Exploitation & Post-Exploitation
- 8.9Web API & Webhooks: Security Risks, Authentication Bypasses & Exploits
- 8.10Web Application Security: Secure Coding, WAFs & Security Headers Implementation
- week 9SQL Injection & Hacking Wireless Networks10
- 9.1Introduction to SQL Injection: Concepts, Risks & Attack Scenarios
- 9.2Types of SQL Injection: Error-Based, Blind, Union-Based & Time-Based Attacks
- 9.3SQL Injection Attack Methodology: Identifying & Exploiting Vulnerabilities
- 9.4SQL Injection Evasion Techniques: WAF Bypassing, Encoding & Obfuscation
- 9.5SQL Injection Countermeasures: Secure Coding Practices & Parameterized Queries
- 9.6Wireless Networking Basics: Standards, Protocols & Security Considerations
- 9.7Wireless Encryption Protocols: WEP, WPA, WPA2 & WPA3 Security
- 9.8Common Wireless Threats: Rogue APs, Evil Twin, Deauthentication & MITM Attacks
- 9.9Wireless Hacking Methodology: Recon, Exploitation & Post-Exploitation
- 9.10Wireless Security & Countermeasures: Hardening, Detection & Prevention Strategies
- Week 10Hacking Mobile Platforms & IoT/OT Hacking10
- 10.1Introduction to Mobile Security: Threats, Risks & Attack Vectors
- 10.2Hacking Android OS: Reverse Engineering, APK Decompilation & Exploits
- 10.3Hacking iOS: Jailbreaking, App Tampering & Bypassing Security Controls
- 10.4Mobile Malware & Exploits: Trojans, Spyware & Ransomware Targeting Mobile Devices
- 10.5Mobile Application Security: Identifying & Exploiting Mobile App Vulnerabilities
- 10.6Introduction to IoT Security: Concepts, Architecture & Attack Surfaces
- 10.7Common IoT Attacks: Default Credentials, Firmware Exploits & API Vulnerabilities
- 10.8IoT Hacking Methodology: Device Recon, Exploitation & Persistence
- 10.9Introduction to OT (Operational Technology) Security: SCADA, ICS & Risks
- 10.10Hacking OT Systems: Targeting Industrial Control Systems & Security Best Practices
- Week 11Cloud Computing Security & Hacking10
- 11.1Introduction to Cloud Computing: Architecture, Services & Deployment Models
- 11.2Container Technology: Concepts, Benefits & Security Risks
- 11.3Serverless Computing: Understanding FaaS, Security Concerns & Exploits
- 11.4Cloud Hacking Overview: Attack Vectors & Exploitation Techniques
- 11.5Cloud Hacking Methodology: Recon, Exploitation & Privilege Escalation
- 11.6AWS Hacking: Exploiting Misconfigurations, Privilege Escalation & Attacks
- 11.7Microsoft Azure Hacking: Identifying Vulnerabilities & Exploiting Cloud Infrastructure
- 11.8Google Cloud Hacking: Security Weaknesses & Attack Strategies in GCP
- 11.9Container Hacking: Exploiting Docker & Kubernetes Vulnerabilities
- 11.10Cloud Security Best Practices: Hardening, Access Control & Threat Mitigation
- Week 12Cryptography & Final Review10
- 12.1Introduction to Cryptography: History, Importance & Modern Applications
- 12.2Encryption Algorithms: Symmetric vs. Asymmetric Encryption (AES, RSA, ECC, etc.)
- 12.3Hashing & Digital Signatures: MD5, SHA, HMAC & PKI Concepts
- 12.4Cryptanalysis: Breaking Encryption & Common Attacks (Brute Force, Rainbow Tables, etc.)
- 12.5Steganography & Data Hiding Techniques: Concealing Information in Plain Sight
- 12.6Cryptographic Protocols: SSL/TLS, PGP, VPN, and Secure Communication Standards
- 12.7Applications of Cryptography: Blockchain, Digital Certificates & Secure Emailing
- 12.8Common Cryptographic Vulnerabilities: Weak Keys, Poor Implementations & Exploits
- 12.9Countermeasures for Cryptographic Attacks: Secure Key Management & Best Practices
- 12.10Final Review & Hands-on Practice: Capture The Flag (CTF) & Real-World Scenarios
Countermeasures for Cryptographic Attacks: Secure Key Management & Best Practices
Prev