Curriculum
- 24 Sections
- 321 Lessons
- 48 Weeks
Expand all sectionsCollapse all sections
- Week 1Cybersecurity Basic & networking fundamentals12
- 1.1Introduction to Cybersecurity – Need, Importance, Applications
- 1.2Key Terminologies: Web, Servers, Systems, Protocols, Firewalls
- 1.3CIA Triad (Confidentiality, Integrity, Availability)
- 1.4Understanding Threats, Vulnerabilities, Risks & Impact
- 1.5Cyber Kill Chain & Attack Lifecycle
- 1.6Types of Hackers: White Hat, Black Hat, Grey Hat
- 1.7Cybersecurity Domains Overview (Network, Web, Mobile, Cloud, IoT, etc.)
- 1.8Introduction to Networking: LAN, WAN, IP, DNS, DHCP
- 1.9Types of Network Topologies & Devices (Router, Switch, Firewall, etc.)
- 1.10Introduction to Command-Line Interface (CLI) for Security
- 1.11Hands-on: Packet Tracer / GNS3 basic lab setup
- 1.12Weekly Quiz & Group Discussion: Real-World Cyber Incidents
- Week 2Security Protocols & VAPT Overview12
- 2.1Deeper Networking Concepts: OSI & TCP/IP Models60 Minutes
- 2.2IP Addressing, Subnetting & CIDR
- 2.3Routing Protocols & Switching Methods
- 2.4Common Protocols in Detail: HTTP, HTTPS, FTP, SSH, DNS
- 2.5Understanding Firewalls, NAT, and Proxy
- 2.6Network Segmentation & VLAN Basics
- 2.7What is VAPT? Key Terms: VA vs PT
- 2.8Tools Overview: Nmap, Nessus, Nikto, Burp Suite
- 2.9Network Vulnerabilities: ARP Spoofing, DNS Poisoning, etc.
- 2.10Overview of MITRE ATT&CK Framework
- 2.11Reporting Formats & Documentation Techniques in VAPT
- 2.12Practical: OSI Model Packet Flow Simulation in Packet Tracer
- Week 3Vulnerability assessment & Penetration testing14
- 3.1Introduction to VA/PT Methodologies60 Minutes
- 3.2Port Scanning: Nmap Advanced Usage
- 3.3OS Detection & Banner Grabbing
- 3.4Service Enumeration Techniques
- 3.5Introduction to Exploitation Frameworks (Metasploit)
- 3.6Basic Exploit Usage (Remote Code Execution, Local Priv Esc)
- 3.7CVE, CVSS & Exploit Database Usage
- 3.8Privilege Escalation Fundamentals (Linux & Windows)
- 3.9Post Exploitation: Persistence, Cleaning Logs
- 3.10Antivirus Evasion Techniques Basics
- 3.11Security Baseline Checks & Patch Management
- 3.12Red Team vs Blue Team Basics
- 3.13Capture the Flag (CTF) Introduction & Scenarios
- 3.14Hands-on: Simulated VAPT on Test Machine (Kali + DVWA)
- Week 4Exploitation , Anonymity & Case Studies13
- 4.1Wireshark Deep Dive: Filtering, Protocol Analysis
- 4.2Kali Linux Toolkit Exploration
- 4.3Introduction to Nessus: VA Scanning Hands-On
- 4.4Advanced Nmap: NSE Scripting
- 4.5Proxy Tools: Tor, VPNs, SOCKS5, Psiphon, Proxychains
- 4.6Web Reconnaissance with FOCA, Shodan & WhatWeb
- 4.7IP Tracking & Geolocation with OSINT Tools
- 4.8Phishing & Social Engineering Techniques (Email & Web Based)
- 4.9Case Studies: Facebook Hack, Yahoo Data Breach, Equifax
- 4.10Forensics Basics: Chain of Custody, Digital Footprint
- 4.11Anti-Forensics & Tactics for Evading Detection
- 4.12Risk Assessment & Threat Modeling
- 4.13Hands-on Lab: Creating a phishing simulation + detection
- Week 5Web Application Security – Fundamentals & Setup13
- 5.1Web Application Architecture (Client-Server Model)
- 5.2HTTP/HTTPS Deep Dive: Headers, Methods, Cookies
- 5.3Web App Components: Frontend, Backend, Databases
- 5.4Introduction to Browser Dev Tools for Recon
- 5.5Common Web Security Issues & Entry Points
- 5.6Burp Suite Introduction & Configuration
- 5.7Hands-on: Intercepting HTTP Requests
- 5.8Session Management & Cookie Hijacking Basics
- 5.9URL Encoding/Decoding, Parameter Tampering
- 5.10Input Validation & Error Handling Flaws
- 5.11Reflected vs Stored Input Injection
- 5.12OWASP Top 10 Overview (Introduction)
- 5.13Lab: Web Application Recon using Burp Suite & HTTP Tools
- Week 6Security Standards & OWASP Top 10 (Part 1)13
- 6.1Introduction to Standards of Hacking & OWASP, SANS, OSSTMM, NIST, ISMS, PCI
- 6.2Introduction to OWASP Top 10 Vulnerabilities
- 6.3SQL Injection (SQLi) & Understanding & Exploitation
- 6.4Cross-Site Scripting (XSS) & Types & Mitigation
- 6.5Broken Authentication & Session Management
- 6.6Sensitive Data Exposure & Encryption Best Practices
- 6.7Security Misconfigurations in Web Applications
- 6.8Exploring OWASP Tools & Resources
- 6.9Secure DevOps Practices Overview
- 6.10Using OWASP ZAP for Scanning OWASP 10
- 6.11Secure Headers: CSP, X-Frame-Options, HSTS
- 6.12SSRF Basics (Server Side Request Forgery)
- 6.13Hands-on Lab: Broken Access Control Exploitation
- Week 7OWASP Top 10 (Part 2) & Hands-on Testing14
- 7.1OWASP Top 10 Vulnerabilities Continued
- 7.2Broken Authentication
- 7.3Sensitive Data Exposure
- 7.4Hands-on with Burp Suite Community Edition
- 7.5Intercepting Requests
- 7.6Modifying and Resending Requests
- 7.7Deep Dive into Input Validation Techniques
- 7.8XSS (Reflected, Stored, DOM) Hands-on
- 7.9Session Hijacking via Burp Suite
- 7.10JWT Token Analysis & Manipulation
- 7.11Log4j, Shellshock & Recent CVE Discussions
- 7.12Hands-on: Exploiting XSS in DVWA/Juice Shop
- 7.13Vulnerability Scanning Tools Overview (Nikto, Acunetix)
- 7.14Practical: Manual and Automated Web Testing (OWASP Top 10)
- Week 8SSL & Web Security Enhancements13
- 8.1Introduction to SSL/TLS Its Role in Web Security
- 8.2Understanding SSL/TLS Handshake & Encryption Mechanisms
- 8.3Common SSL/TLS Vulnerabilities (SSL Stripping, Heartbleed, POODLE, BEAST, etc.)
- 8.4Certificate Authorities (CAs) & Public Key Infrastructure (PKI)
- 8.5Identifying Weak SSL Configurations & Misconfigurations
- 8.6Web Application Security Testing with OWASP ZAP
- 8.7Using Acunetix for Automated Web Security Scanning
- 8.8Comparing Web App Scanners: Burp Suite, Nessus, Nikto, and More
- 8.9Hardening Web Security: Best Practices for Secure SSL/TLS Implementation
- 8.10Web Application Firewall (WAF) Basics
- 8.11Anonymity while scanning (VPN + TOR + Proxychains)
- 8.12Intro to CI/CD Security in DevOps Pipelines
- 8.13Lab: Compare Burp Suite, ZAP, Nikto, and Acunetix on Same App
- Week 9Authentication, Authorization & Session Security15
- 9.1Authentication vs Authorization – Core Differences
- 9.2Session Management: Cookies, Tokens, Sessions
- 9.3Importance of Compliance in Cybersecurity , Risk Assessment & Compliance AuditingCopyCopy
- 9.4Password Storage Best Practices (Hashing, Salting, Bcrypt)
- 9.5kareBrute Force & Credential Stuffing Attacks
- 9.6Multi-Factor Authentication (MFA) & OTP Mechanisms
- 9.7OAuth 2.0 & OpenID Connect: Flow & Exploitation
- 9.8JWT Tokens – Structure, Signature & Attacks (None Algo, Replay)
- 9.9Session Fixation & Session Hijacking Attacks
- 9.10Captcha Bypass Techniques
- 9.11Login/Signup Security Best Practices
- 9.12Tools: Hydra, Medusa, Burp Intruder, OWASP ZAP
- 9.13Hands-on: Bruteforce Login Portal with Hydra
- 9.14Case Study: GitHub Token Exposure Incident
- 9.15Lab: Simulating Session Hijack & Implementing Secure Cookie Flags
- Week 10Upload, RCE & Deserialization Attacks File13
- 10.1File Upload Vulnerabilities & Bypass Techniques
- 10.2MIME Type Misinterpretation & Content-Type Header
- 10.3Local File Inclusion (LFI) & Remote File Inclusion (RFI)
- 10.4Remote Code Execution (RCE) Overview
- 10.5Log Poisoning to RCE
- 10.6Uploading Web Shells (.php/.jsp/.aspx)
- 10.7Unrestricted File Upload – Impact & Mitigation
- 10.8Deserialization Vulnerabilities – PHP & Java
- 10.9Exploiting Serialized Objects & POP Chains
- 10.10Tools: ysoserial, Burp Suite Extenders
- 10.11Lab: LFI to RCE Walkthrough in DVWA
- 10.12Lab: Exploiting Unrestricted Upload to Gain Shell
- 10.13CTF Scenario: LFI + Upload Chain
- Week 11APIs, JSON Web Tokens & Mobile API Testing15
- 11.1What is an API? REST vs SOAP
- 11.2API Authentication Mechanisms (API Keys, JWT, OAuth2)
- 11.3Common API Attacks (BOLA, Broken Auth, Excessive Data Exposure)
- 11.4OWASP API Top 10 Overview
- 11.5GraphQL vs REST Security Flaws
- 11.6Postman/Burp Suite for API Testing
- 11.7Mitigation Techniques & Security Best PracticesCopyCopy
- 11.8Rate Limiting, Throttling & Replay Attack Mitigation
- 11.9Token Manipulation & JWT Tampering
- 11.10API Parameter Tampering & Mass Assignment
- 11.11Tools: Postman, Burp Suite, Insomnia, Swagger Exploitation
- 11.12Mobile API Testing Basics (Android/iOS APIs)
- 11.13Practical: API Scanning with Burp Suite + Manual Testing
- 11.14Hands-on: Token Forgery and Session Replay
- 11.15Lab: Vulnerable API Simulation using DVWS or Juice Shop
- Week 12: Source Code Review & Secure DevOps (DevSecOps)15
- 12.1Introduction to Source Code Review
- 12.2Reviewing Code for SQLi, XSS, File Uploads
- 12.3Static vs Dynamic Application Security Testing (SAST vs DAST)
- 12.4Tools: SonarQube, Semgrep, Bandit, Checkmarx (Intro)
- 12.5Secure SDLC (Software Development Life Cycle)
- 12.6DevSecOps Pipeline Overview
- 12.7Integrating Security in CI/CD (GitHub Actions, GitLab CI)
- 12.8Secrets Detection Tools: TruffleHog, Gitleaks
- 12.9Docker Security Basics
- 12.10Container Misconfigurations & Escape Techniques
- 12.11Infrastructure as Code (IaC) Security
- 12.12Dependency Scanning & SBOM (Software Bill of Materials)
- 12.13Hands-on: Code Review of Flask App for Vulnerabilities
- 12.14Lab: CI/CD Pipeline Scan with GitHub + SAST Tool
- 12.15Case Study: SolarWinds Supply Chain Attack
- Week 13Mobile Application Security (Android & iOS)15
- 13.1Introduction to Mobile App Architecture (Android vs iOS)
- 13.2Understanding APK Structure & Components (Activities, Services, etc.)
- 13.3Static vs Dynamic Analysis in Mobile Pentesting
- 13.4Tools: MobSF, JADX, APKTool, Frida, Drozer
- 13.5Reverse Engineering APKs with JADX & APKTool
- 13.6Identifying Insecure Data Storage (SharedPrefs, SQLite, etc.)
- 13.7Analyzing Network Traffic (MITMProxy + Burp on Emulator)
- 13.8Intercepting SSL Traffic – Certificate Pinning Bypass
- 13.9Runtime Instrumentation with Frida
- 13.10Testing Android Intents, Activities & Deep Links
- 13.11OWASP Mobile Top 10 Deep Dive
- 13.12Dynamic Analysis with Drozer
- 13.13iOS App Security Basics & Jailbreaking Concepts
- 13.14Hands-on: APK Decompile + Analyze for Hardcoded Secrets
- 13.15Lab: Capturing & Modifying Traffic from Android App via Burp
- Week 14Cloud Security – AWS, Azure, GCP (Part 1)14
- 14.1Introduction to Cloud Computing & Cloud Service Models (IaaS, PaaS, SaaS)
- 14.2Shared Responsibility Model
- 14.3Overview of AWS, Azure, GCP Architecture
- 14.4Identity & Access Management (IAM) Fundamentals
- 14.5Public vs Private Buckets – S3 Misconfigurations
- 14.6Tools: ScoutSuite, Prowler, Cloudsplaining
- 14.7Enumeration of Cloud Assets
- 14.8Credential Leaks & Misuse (Keys in GitHub, Hardcoded Tokens)
- 14.9Attacking Cloud Metadata Services (IMDSv1 vs IMDSv2)
- 14.10Hands-on: AWS CLI & IAM Policy Testing
- 14.11Introduction to CloudTrail, CloudWatch & Logging
- 14.12Case Study: Capital One AWS S3 Breach
- 14.13Lab: Exploiting Public S3 Bucket & IAM Misconfigurations
- 14.14Real-world Scenario: Attacking Cloud Dev Environment
- Week 15Cloud Security – AWS, Azure, GCP (Part 2)13
- 15.1Cloud Enumeration with Pacu (AWS Offensive Tool)
- 15.2Lambda Function Exploits (Code Injection, SSRF)
- 15.3Misconfigured Serverless Permissions
- 15.4Azure Identity Services Exploits (AAD, RBAC)
- 15.5Azure CLI & Portal Exploitation
- 15.6GCP IAM & Storage Exploitation Overview
- 15.7Cloud API Abuse & Access Escalation
- 15.8Kubernetes Basics: Pods, Services, etc.
- 15.9K8s Vulnerabilities (Exposed Dashboard, Secrets in Pods)
- 15.10Tools: Kube-Hunter, Kube-Bench
- 15.11Cloud Security Posture Management (CSPM) Concepts
- 15.12Lab: SSRF to IAM Token Extraction via Metadata
- 15.13Hands-on: Recon and Exploitation of AWS Misconfig with Pacu
- Week 16Cyber Forensics & Incident Response (Part 1)14
- 16.1Introduction to Digital Forensics: Process & Tools
- 16.2Forensic Acquisition: Disk Imaging (dd, FTK Imager)
- 16.3Memory Forensics with Volatility Framework
- 16.4Email Header Analysis for Phishing Detection
- 16.5Timeline Analysis & File System Forensics
- 16.6Windows Artifacts: Registry, Prefetch, MFT
- 16.7Linux Forensics: Logs, History, Bash Commands
- 16.8Log Analysis & Triage (Syslog, Event Viewer, Apache Logs)
- 16.9Identifying Indicators of Compromise (IOCs)
- 16.10Chain of Custody & Documentation Standards
- 16.11Tools: Autopsy, Volatility, Redline, Sleuth Kit
- 16.12Hands-on: RAM Dump Analysis Using Volatility
- 16.13Lab: Log Analysis of Compromised Web Server
- 16.14Case Study: Target POS Malware Breach
- Week 17Cyber Forensics & Incident Response (Part 2)14
- 17.1Deep Dive: Incident Response Lifecycle (Preparation to Lessons Learned)
- 17.2Playbook Development for Incident Handling
- 17.3Evidence Collection Techniques (Live vs Dead Box)
- 17.4Triage & Prioritization in Real-Time Incidents
- 17.5Threat Intelligence Integration in IR
- 17.6Analyzing Malware Behavior from Logs
- 17.7Host-Based Intrusion Detection (OSSEC, Wazuh)
- 17.8Network-Based Intrusion Detection (Snort, Suricata)
- 17.9SIEM Introduction (Splunk/ELK/Wazuh Dashboard)
- 17.10IOC Correlation & Threat Attribution
- 17.11Report Writing for Legal/Compliance
- 17.12Insider Threat Detection Techniques
- 17.13Case Study: SolarWinds Supply Chain Attack
- 17.14Lab: IR Simulation – Compromise Detection + Report Writing
- Week 18Malware Analysis & Reverse Engineering (Part 1)13
- 18.1Introduction to Malware Types & Attack Vectors
- 18.2Static vs Dynamic Malware Analysis
- 18.3Setting up a Safe Malware Lab (VM, INetSim, Remnux)
- 18.4Tools: PEStudio, CFF Explorer, Detect It Easy (DIE)
- 18.5File Signature Analysis & PE File Structure
- 18.6Strings Analysis & Obfuscation Techniques
- 18.7Identifying Indicators from Suspicious Executables
- 18.8Dynamic Tools: Process Monitor, Process Hacker, ProcDOT
- 18.9API Call Tracing & Behavior Logging
- 18.10Registry/Process/File System Artifacts
- 18.11Malware Sandbox Overview (Cuckoo Sandbox)
- 18.12Lab: Basic Static & Dynamic Analysis of Malware Sample
- 18.13Case Study: WannaCry Malware Behavior
- Week 19Malware Analysis & Reverse Engineering (Part 2)13
- 19.1Introduction to Assembly Language Basics
- 19.2Using x64dbg and Ghidra for Reverse Engineering
- 19.3Understanding Function Calls, Stack Frames
- 19.4Control Flow Graph (CFG) Navigation
- 19.5Anti-Analysis & Anti-Debugging Techniques
- 19.6Code Injection, DLL Hijacking Overview
- 19.7Unpacking Obfuscated Binaries
- 19.8Ransomware Behavior & Crypto-Malware Analysis
- 19.9Threat Hunting Techniques in Memory & Disk
- 19.10YARA Rules: Writing Signatures for Malware Detection
- 19.11Advanced Cuckoo Configuration & Custom Modules
- 19.12Lab: Analyze and Reverse a Packed Malware Sample
- 19.13Task: Create IOC list & Detection Strategy
- Week 20Threat Hunting, SIEM & EDR Tools14
- 20.1What is Threat Hunting? Role & Mindset
- 20.2Hypothesis-Driven vs IOC-Driven Hunting
- 20.3Data Sources: DNS, Proxy, Firewall, Host Logs
- 20.4Sigma Rules: Writing Behavioral Detections
- 20.5MITRE ATT&CK Integration in Hunting
- 20.6Blue Team Tools: Velociraptor, GRR, Osquery
- 20.7EDR Overview: CrowdStrike, SentinelOne, Defender for Endpoint
- 20.8Threat Hunting with Splunk Queries
- 20.9Using Kibana Dashboards for Anomaly Detection
- 20.10DNS Tunneling & Beaconing Detection
- 20.11Case Study: Detecting APT via Sysmon Logs
- 20.12Hunting Exercise: Detecting C2 via Proxy Logs
- 20.13Purple Team Collaboration Concepts
- 20.14Lab: Simulated Attack → Log Collection → Detection in SIEM
- Week 21Red Team Operations & TTPs (Part 1)16
- 21.1Introduction to Red Teaming vs Pentesting
- 21.2Objectives: APT Simulation, Persistence Testing
- 21.3Phases of Red Team Engagement
- 21.4Initial Access Vectors: Phishing, Exploits, USB Drops
- 21.5C2 Frameworks Overview: Cobalt Strike, Mythic, Sliver
- 21.6Memory & Disk Forensics TechniquesCopyCopy
- 21.7Payload Generation & AV Bypass (Veil, Shellter)
- 21.8Obfuscation Techniques (Invoke-Obfuscation, NimPlant)
- 21.9Enumeration Post Access (ADRecon, PowerView)
- 21.10Lateral Movement Techniques: Pass-the-Hash, PS Remoting
- 21.11Kerberoasting, Golden/Silver Ticket Attacks
- 21.12Hands-on: Setup C2 + Establish Callback on Target VM
- 21.13Case Study: Red Team Report Breakdown
- 21.14Windows Event Log Evasion & Cleansing
- 21.15Lab: Red Team Recon + Initial Foothold Simulation
- 21.16Red Team Toolkit Review
- Week 22IP Tracking & Network Analysis10
- 22.1Introduction to IP Tracking & Network Analysis
- 22.2Identifying Malicious IPs &; Threat Intelligence Sources
- 22.3Understanding IP Addressing & Geolocation
- 22.4Tracing IPs Using OSINT Tools (Shodan, Maltego, etc.)
- 22.5Network Traffic Analysis Fundamentals
- 22.6Packet Capturing & Inspection Using Wireshark
- 22.7Detecting Suspicious Traffic & Anomalies in Networks
- 22.8Investigating DDoS Attacks & Malicious Network Activity
- 22.9Forensic Analysis of Network Logs & Intrusions
- 22.10Hands-on Lab: Real-World Network Traffic Analysis Scenarios
- Week 23Blue Teaming, Defense & Communication Skills13
- 23.1SOC Operations and Tier Roles (Tier 1/2/3 Analyst)
- 23.2Log Analysis Practice (Windows, Linux, Firewall)
- 23.3Threat Containment & Eradication Steps
- 23.4Host-Based Artifact Analysis
- 23.5Email Analysis: Header, Attachment, Link Analysis
- 23.6Phishing Triage & User Awareness
- 23.7Creating SOPs & Runbooks for Incidents
- 23.8Effective Incident Communication Skills (Technical + Non-Tech)
- 23.9Cybersecurity Report Communication (CISO, Stakeholders)
- 23.10Resume Workshop: Tailoring for SOC Analyst, Red/Blue Team
- 23.11Presentation Skills: Explaining a Breach to Management
- 23.12Interview Body Language & Soft Skills Practice
- 23.13Mock Interview: 1-on-1 Role-Play with Feedback
- Week 24Incident Response & Hands-on Labs10
- 24.1Introduction to Incident Response & Its Importance
- 24.2Understanding the Incident Response Lifecycle (NIST Framework)
- 24.3Investigating Security Incidents & Digital Forensics Techniques
- 24.4Log Analysis & Threat Hunting in Incident Response
- 24.5Simulating Phishing Attacks & Social Engineering Scenarios
- 24.6Detecting & Mitigating Ransomware & Malware Attacks
- 24.7Incident Containment, Eradication, and Recovery Strategies
- 24.8Hands-on Threat Analysis Using SIEM Tools (Splunk, ELK, Wazuh)
- 24.9Creating an Effective Incident Response Plan (IRP)
- 24.10Final Lab Challenge: Real-World Cyber Attack Simulation & Response