Curriculum
- 24 Sections
- 201 Lessons
- 48 Weeks
Expand all sectionsCollapse all sections
- Week 1Cybersecurity Basic & networking fundamentals6
- 1.1Introduction & Basics of CybersecurityCopyCopy
- 1.2Terminology (Web, Servers, Systems, Network Programming Languages, Hacking, IT Security)CopyCopy
- 1.3CIA Triad(Confidentiality , Integrity , Availability)CopyCopy
- 1.4Vulnerability, Threat, Impact, and AttackCopyCopy
- 1.5Networking fundamentalsCopyCopy
- 1.6Security AwarenessCopyCopy
- Week 2Security Protocols & VAPT Overview7
- 2.1Networking fundamentalsCopyCopy60 Minutes
- 2.2OSI & TCP/IP ModelsCopyCopy
- 2.3Routing & Switching BasicsCopyCopy
- 2.4Common protocols: HTTP, HTTPS, FTP, SSH, DNSCopyCopy
- 2.5Detailed overview of VAPT and its rolesCopyCopy
- 2.6Common Network Vulnerabilities & ThreatsCopyCopy
- 2.7Reporting & Documentation in VAPTCopyCopy
- Week 3Vulnerability assessment & Penetration testing8
- 3.1Vulnerability assessment using toolsCopyCopy60 Minutes
- 3.2Vulnerability Assessment MethodologiesCopyCopy
- 3.3Port Scanning & Service Detection TechniquesCopyCopy
- 3.4Basic Nmap scanningCopyCopy
- 3.5Penetration testing using toolsCopyCopy
- 3.6Exploiting network vulnerabilitiesCopyCopy
- 3.7Privilege Escalation TechniquesCopyCopy
- 3.8Post-Exploitation & Maintaining AccessCopyCopy
- Week 4Exploitation , Anonymity & Case Studies6
- 4.1Wireshark, Metasploit, and different Kali Linux tools usageCopyCopy
- 4.2Nessus introductionCopyCopy
- 4.3Angry IP Scanner basicsCopyCopy
- 4.4Global Anonymous: Proxy Server, VPN, SOCKS, RDP, HTTP Tunneling, PsiphonCopyCopy
- 4.5Case Studies of Hacking, IT Security & Computer ForensicsCopyCopy
- 4.6Phishing techniquesCopyCopy
- Week 5Introduction to Web Application Security8
- 5.1Introduction to Web SecurityCopyCopy
- 5.2Hacking to ExploreCopyCopy
- 5.3Understanding Web Application ArchitectureCopyCopy
- 5.4Web Application Penetration Testing BasicsCopyCopy
- 5.5Understanding HTTP/HTTPS Requests and ResponsesCopyCopy
- 5.6Common HTTP Methods (GET, POST, PUT, DELETE, etc.)CopyCopy
- 5.7Session Management & Cookies SecurityCopyCopy
- 5.8Identifying & Exploiting Common Web VulnerabilitiesCopyCopy
- Week 6Security Standards & OWASP Top 10 (Part 1)8
- 6.1Introduction to Standards of Hacking & OWASP, SANS, OSSTMM, NIST, ISMS, PCICopyCopy
- 6.2Introduction to OWASP Top 10 VulnerabilitiesCopyCopy
- 6.3SQL Injection (SQLi) & Understanding & ExploitationCopyCopy
- 6.4Cross-Site Scripting (XSS) & Types & MitigationCopyCopy
- 6.5Broken Authentication & Session ManagementCopyCopy
- 6.6Sensitive Data Exposure & Encryption Best PracticesCopyCopy
- 6.7Security Misconfigurations in Web ApplicationsCopyCopy
- 6.8Exploring OWASP Tools & ResourcesCopyCopy
- Week 7OWASP Top 10 (Part 2) & Hands-on Testing6
- Week 8SSL & Web Security Enhancements9
- 8.1Introduction to SSL/TLS Its Role in Web SecurityCopyCopy
- 8.2Understanding SSL/TLS Handshake & Encryption MechanismsCopyCopy
- 8.3Common SSL/TLS Vulnerabilities (SSL Stripping, Heartbleed, POODLE, BEAST, etc.)CopyCopy
- 8.4Certificate Authorities (CAs) & Public Key Infrastructure (PKI)CopyCopy
- 8.5Identifying Weak SSL Configurations & MisconfigurationsCopyCopy
- 8.6Web Application Security Testing with OWASP ZAPCopyCopy
- 8.7Using Acunetix for Automated Web Security ScanningCopyCopy
- 8.8Comparing Web App Scanners: Burp Suite, Nessus, Nikto, and MoreCopyCopy
- 8.9Hardening Web Security: Best Practices for Secure SSL/TLS ImplementationCopyCopy
- Week 9Compliance & Mobile Pentesting Introduction8
- 9.1Introduction to Security ComplianceCopyCopy
- 9.2Overview of Security Compliance Standards (GDPR, HIPAA, ISO 27001, PCI DSS, SOC 2)CopyCopy
- 9.3Importance of Compliance in Cybersecurity , Risk Assessment & Compliance AuditingCopyCopy
- 9.4Introduction to Mobile Application SecurityCopyCopy
- 9.5Understanding Mobile Application Architecture (Android & iOS)CopyCopy
- 9.6Common Security Threats in Mobile AppsCopyCopy
- 9.7Basic Tools for Mobile Pentesting (MobSF, Frida, Burp Suite, Drozer)CopyCopy
- 9.8Securing Mobile Applications & Best PracticesCopyCopy
- Week 10OWASP mobile security7
- 10.1Introduction to Mobile SecurityCopyCopy
- 10.2Understanding Android & iOS Security ArchitectureCopyCopy
- 10.3Static & Dynamic Analysis of Mobile ApplicationsCopyCopy
- 10.4Injection Attacks in Mobile ApplicationsCopyCopy
- 10.5Insecure Data Storage & LeakageCopyCopy
- 10.6Exploring Insecure Communication in Mobile AppsCopyCopy
- 10.7Security Best Practices for Mobile ApplicationsCopyCopy
- Week 11Mobile App Reverse Engineering & Exploitation7
- 11.1Introduction to Mobile App Reverse EngineeringCopyCopy
- 11.2APK Decompiling & Code AnalysisCopyCopy
- 11.3Tools for Reverse Engineering (JADX, APKTool, MobSF, Ghidra, Frida)CopyCopy
- 11.4Static Analysis of Mobile ApplicationsCopyCopy
- 11.5Dynamic Analysis & Runtime ManipulationCopyCopy
- 11.6Exploit Development for Mobile ApplicationsCopyCopy
- 11.7Mitigation Techniques & Security Best PracticesCopyCopy
- Week 12Mobile Security Tools & Final Assessments10
- 12.1Overview of Mobile Security Testing ToolsCopyCopy
- 12.2Introduction to MobSF (Mobile Security Framework)CopyCopy
- 12.3Using JADX for APK Decompilation & Code AnalysisCopyCopy
- 12.4Setting Up & Using Android Emulator for PentestingCopyCopy
- 12.5Intercepting Mobile Traffic with Burp Suite & MITMProxyCopyCopy
- 12.6Using Angry IP Scanner for Network ReconnaissanceCopyCopy
- 12.7Advanced Mobile Security Testing TechniquesCopyCopy
- 12.8Capture the Flag (CTF) & Practical ExercisesCopyCopy
- 12.9Report Writing & Documentation Best PracticesCopyCopy
- 12.10Discussion on Career Paths in Mobile SecurityCopyCopy
- Week 13Advanced Network Scanning & Mapping10
- 13.1Introduction to Advanced Nmap Techniques Identifying Running Services & Version DetectionCopyCopy
- 13.2Deep Dive into Port Scanning (TCP & UDP)CopyCopy
- 13.3Understanding Nmap Scan Types (SYN, ACK, FIN, XMAS, NULL, etc.)CopyCopy
- 13.4OS Fingerprinting & Network MappingCopyCopy
- 13.5Identifying Running Services & Version DetectionCopyCopy
- 13.6Detecting Vulnerabilities with Nmap Scripts (NSE & Nmap Scripting Engine)CopyCopy
- 13.7Evading Firewalls & IDS/IPS with NmapCopyCopy
- 13.8Advanced Target Enumeration & Host Discovery TechniquesCopyCopy
- 13.9Bypassing Security Mechanisms with NmapCopyCopy
- 13.10Practical Exercises & Real-World ScenariosCopyCopy
- Week 14Exploiting Virtualized Environments8
- 14.1Introduction to Virtualization & Virtual MachinesCopyCopy
- 14.2Overview of Virtualization Platforms: VMware, VirtualBox, Hyper-V, KVMCopyCopy
- 14.3Understanding Virtual Machine Architecture & SecurityCopyCopy
- 14.4Common Vulnerabilities in Virtualized EnvironmentsCopyCopy
- 14.5Virtual Machine Escape Attacks & Exploitation TechniquesCopyCopy
- 14.6Attacking Hypervisors: Threats & Real-World ExploitsCopyCopy
- 14.7Hands-on Exploitation of Virtual Machines in a Lab SetupCopyCopy
- 14.8Case Studies on Virtualization Security BreachesCopyCopy
- Week 15Hacking-Based Operating Systems7
- 15.1Introduction to Hacking-Based Operating SystemsCopyCopy
- 15.2Overview of Kali Linux & Its Role in PentestingCopyCopy
- 15.3Advanced Tools & Usage in Kali LinuxCopyCopy
- 15.4Essential Command-Line Tools for Security TestingCopyCopy
- 15.5Live Booting vs. Full Installation: Pros & ConsCopyCopy
- 15.6Anonymity & Privacy Tools in Hacking OS (Tor, VPN, ProxyChains)CopyCopy
- 15.7Hands-on Labs: Practical Exercises Using Kali & Parrot OSCopyCopy
- Week 16Hands-on Lab & Networking Security Challenges9
- 16.1Simulating Real-World Attack ScenariosCopyCopy
- 16.2Setting Up a Pentesting Lab for Practical ExercisesCopyCopy
- 16.3Hands-on Exploitation of Network VulnerabilitiesCopyCopy
- 16.4Advanced Network Security ChallengesCopyCopy
- 16.5Capture The Flag (CTF) Exercises & ChallengesCopyCopy
- 16.6Red Team vs. Blue Team SimulationCopyCopy
- 16.7Analyzing & Mitigating Attacks in Real-TimeCopyCopy
- 16.8Review of Tools Used in Network Security TestingCopyCopy
- 16.9Final Assessment & Certification ChallengeCopyCopy
- Week 17Understanding REST & SOAP APIs9
- 17.1Introduction to APIs & Their Role in Web ApplicationsCopyCopy
- 17.2API Structure & Communication MechanismsCopyCopy
- 17.3Understanding REST vs. SOAP APIs: Key DifferencesCopyCopy
- 17.4Authentication Methods in APIs (API Keys, OAuth, JWT, Basic Auth)CopyCopy
- 17.5Common API Vulnerabilities (Broken Authentication, Insecure Endpoints, Rate Limiting Bypass)CopyCopy
- 17.6API Request Manipulation & Exploitation TechniquesCopyCopy
- 17.7API Rate Limiting & Throttling MechanismsCopyCopy
- 17.8Securing APIs: Best Practices & Mitigation StrategiesCopyCopy
- 17.9Hands-on API Pentesting Labs & Real-World ScenariosCopyCopy
- Week 18API Authentication Testing9
- 18.1Introduction to API Authentication & AuthorizationCopyCopy
- 18.2OAuth 2.0: Flow, Scopes, and Common ImplementationsCopyCopy
- 18.3Understanding OAuth, API Keys, and JWT AuthenticationCopyCopy
- 18.4Testing API Authentication Mechanisms for WeaknessesCopyCopy
- 18.5Broken Authentication in APIs (Session Hijacking, Token Leakage)CopyCopy
- 18.6Testing API Authorization (Role-Based Access Control, Privilege Escalation)CopyCopy
- 18.7API Security Best Practices for Authentication & AuthorizationCopyCopy
- 18.8Hands-on API Pentesting Labs & Real-World ExploitsCopyCopy
- 18.9Reporting & Mitigating API Authentication VulnerabilitiesCopyCopy
- Week 19API Fuzzing for Error Handling9
- 19.1Introduction to API Fuzzing & Its Importance in Security TestingCopyCopy
- 19.2Identifying Vulnerable API EndpointsCopyCopy
- 19.3Understanding API Error Handling & Response CodesCopyCopy
- 19.4Using Burp Suite for API Fuzzing & Security TestingCopyCopy
- 19.5Automated API Fuzzing Techniques & ToolsCopyCopy
- 19.6Handling Improper Error Messages & Information LeakageCopyCopy
- 19.7Detecting & Exploiting Improper Input Validation in APIsCopyCopy
- 19.8Rate Limiting & Throttling Evasion via FuzzingCopyCopy
- 19.9Hands-on API Security Challenges & Practical ExercisesCopyCopy
- Week 20Real-World API Exploitation10
- 20.1Introduction to API Exploitation & Security RiskCopyCopy
- 20.2Identifying & Exploiting Broken Authentication in APIsCopyCopy
- 20.3API Hacking Practical Scenarios & Case StudiesCopyCopy
- 20.4Bypassing API Authorization & Privilege Escalation AttacksCopyCopy
- 20.5Injection Attacks in APIs (SQLi, XSS, Command Injection, SSRF)CopyCopy
- 20.6Mass Assignment & Business Logic Exploitation in APIsCopyCopy
- 20.7Rate Limiting & Throttling Bypass TechniquesCopyCopy
- 20.8API Data Exposure & Sensitive Information LeakageCopyCopy
- 20.9Securing APIs Against Known Attacks & Implementing Best PracticesCopyCopy
- 20.10Hands-on API Pentesting Challenge & Final AssessmentCopyCopy
- Week 21Introduction to Cyber Forensics10
- 21.1Introduction to Cyber Forensics & Its ImportanceCopyCopy
- 21.2Digital Evidence Collection & Chain of CustodyCopyCopy
- 21.3Types of Digital Evidence & Their SignificanceCopyCopy
- 21.4Basics of Forensic Investigation MethodologiesCopyCopy
- 21.5Understanding File Systems & Data RecoveryCopyCopy
- 21.6Memory & Disk Forensics TechniquesCopyCopy
- 21.7Network Forensics: Capturing & Analyzing Network TrafficCopyCopy
- 21.8Forensic Tools Overview (Autopsy, FTK, EnCase, Wireshark)CopyCopy
- 21.9Legal Aspects & Compliance in Cyber ForensicsCopyCopy
- 21.10Hands-on Case Study: Investigating a Cyber IncidentCopyCopy
- Week 22IP Tracking & Network Analysis10
- 22.1Introduction to IP Tracking & Network AnalysisCopyCopy
- 22.2Identifying Malicious IPs &; Threat Intelligence SourcesCopyCopy
- 22.3Understanding IP Addressing & GeolocationCopyCopy
- 22.4Tracing IPs Using OSINT Tools (Shodan, Maltego, etc.)CopyCopy
- 22.5Network Traffic Analysis FundamentalsCopyCopy
- 22.6Packet Capturing & Inspection Using WiresharkCopyCopy
- 22.7Detecting Suspicious Traffic & Anomalies in NetworksCopyCopy
- 22.8Investigating DDoS Attacks & Malicious Network ActivityCopyCopy
- 22.9Forensic Analysis of Network Logs & IntrusionsCopyCopy
- 22.10Hands-on Lab: Real-World Network Traffic Analysis ScenariosCopyCopy
- Week 23Email Analysis & Phishing Attacks10
- 23.1Introduction to Email Security & ThreatsCopyCopy
- 23.2Understanding Email Protocols (SMTP, POP3, IMAP)CopyCopy
- 23.3Email Header Analysis for InvestigationsCopyCopy
- 23.4Identifying Phishing & Spoofing AttacksCopyCopy
- 23.5Analyzing Malicious Attachments ; Links in EmailsCopyCopy
- 23.6Email Forgery & Social Engineering TacticsCopyCopy
- 23.7Using OSINT Tools for Email Tracking & VerificationCopyCopy
- 23.8Implementing Email Security Measures (SPF, DKIM, DMARC)CopyCopy
- 23.9Detecting Business Email Compromise (BEC) AttacksCopyCopy
- 23.10Hands-on Lab: Investigating Real-World Phishing EmailsCopyCopy
- Week 24Incident Response & Hands-on Labs10
- 24.1Introduction to Incident Response & Its ImportanceCopyCopy
- 24.2Understanding the Incident Response Lifecycle (NIST Framework)CopyCopy
- 24.3Investigating Security Incidents & Digital Forensics TechniquesCopyCopy
- 24.4Log Analysis & Threat Hunting in Incident ResponseCopyCopy
- 24.5Simulating Phishing Attacks & Social Engineering ScenariosCopyCopy
- 24.6Detecting & Mitigating Ransomware & Malware AttacksCopyCopy
- 24.7Incident Containment, Eradication, and Recovery StrategiesCopyCopy
- 24.8Hands-on Threat Analysis Using SIEM Tools (Splunk, ELK, Wazuh)CopyCopy
- 24.9Creating an Effective Incident Response Plan (IRP)CopyCopy
- 24.10Final Lab Challenge: Real-World Cyber Attack Simulation & ResponseCopyCopy