Curriculum
- 12 Sections
- 119 Lessons
- 104 Weeks
Expand all sectionsCollapse all sections
- Month 1Introduction to Cybersecurity and Networking10
- 1.1Fundamentals of Cybersecurity & Its Importance60 Minutes
- 1.2Key Cybersecurity Terminologies & Concepts
- 1.3Understanding the CIA Triad: Confidentiality, Integrity, Availability
- 1.4Networking Fundamentals & Common Protocols (HTTP, HTTPS, FTP, SSH, DNS)
- 1.5Introduction to VAPT: Vulnerability Assessment & Penetration Testing
- 1.6Hands-on Vulnerability Assessment Using Tools (Nmap, Nessus, Angry IP Scanner)
- 1.7Network Traffic Analysis & Exploitation Using Wireshark & Metasploit
- 1.8Global Anonymity & Privacy Techniques (VPNs, Proxy Servers, Tunneling, etc.)
- 1.9Cybersecurity Case Studies: Hacking, IT Security & Cyber Forensics
- 1.10Phishing Attacks: Techniques, Detection, & Prevention Strategies
- Month 2Web Application Penetration Testing (WAPT) Basics10
- 2.1Understanding HTTP/HTTPS Requests and Responses60 Minutes
- 2.2Introduction to Hacking Standards: OWASP, SANS, OSSTMM, NIST, ISMS, PCI
- 2.3Overview of OWASP Top 10 Vulnerabilities
- 2.4SQL Injection: Identification, Exploitation, and Prevention
- 2.5Cross-Site Scripting (XSS) & Client-Side Attacks
- 2.6Broken Authentication & Sensitive Data Exposure Risks
- 2.7Hands-on Web Pentesting with Burp Suite Community Edition
- 2.8Identifying and Exploiting Advanced Web Vulnerabilities (IDOR, File Upload, No Redirect Issues, SSL Vulnerabilities)
- 2.9Automated Web App Scanning with OWASP ZAP & Acunetix
- 2.10Real-World Web Application Pentesting Labs & Case Studies
- Month 3Security Compliance & Mobile App Penetration Testing10
- 3.1Introduction to Security Compliance & Industry Standards60 Minutes
- 3.2Overview of OWASP Mobile App Top 10 Vulnerabilities
- 3.3Fundamentals of Mobile Application Penetration Testing
- 3.4APK Decompiling & Reverse Engineering Techniques
- 3.5Identifying & Exploiting Common Mobile App Vulnerabilities
- 3.6Analyzing Mobile App Permissions & Security Configurations
- 3.7Hands-on Mobile Security Testing Using MobSF & JADX
- 3.8Emulating & Debugging Mobile Applications with Android Emulator
- 3.9Using Nessus & Angry IP Scanner for Mobile Network Security Testing
- 3.10Real-World Case Studies & Hands-on Labs in Mobile Pentesting
- Month 4Intermediate Networking and Advanced Scanning10
- 4.1Advanced Nmap Techniques: Port Scanning, OS Fingerprinting, and Service Enumeration
- 4.2Intermediate OWASP Top 10 Vulnerabilities & Exploitation Techniques
- 4.3Deep Dive into Advanced Exploitation with Metasploit
- 4.4Understanding API Security & Common API Vulnerabilities
- 4.5API Penetration Testing Basics: Identifying Weak Authentication & Authorization
- 4.6Automated Vulnerability Scanning with Nessus
- 4.7Exploiting Network Services & Misconfigured Protocols
- 4.8Combining Multiple Tools for Comprehensive Security Assessments
- 4.9Hands-on Network Traffic Analysis & Intrusion Detection
- 4.10Real-World Case Studies & Hands-on Labs in Network & API Pentesting
- Month 5API Security & Web Exploits10
- 5.1Introduction to API Security: REST vs. SOAP APIs
- 5.2Understanding API Authentication Mechanisms (OAuth 2.0, API Keys, JWT)
- 5.3API Authorization Issues: BOLA, BFLA, and Mass Assignment Attacks
- 5.4API Fuzzing & Error Handling for Vulnerability Discovery
- 5.5Exploiting Insecure API Endpoints & Business Logic Flaws
- 5.6Rate Limiting & Throttling Bypass Techniques in APIs
- 5.7Using Burp Suite & Postman for API Security Testing
- 5.8Swagger & OWASP APICheck for API Enumeration & Testing
- 5.9Securing APIs: Implementing Best Practices & Defenses
- 5.10Hands-on API Pentesting Labs & Real-World Case Studies
- Month 6Virtualization & Cyber Forensics10
- 6.1Understanding Virtualization & Its Role in Cybersecurity
- 6.2Exploring Hacking-Based Operating Systems: Kali Linux vs. Parrot OS
- 6.3Introduction to Cyber Forensics & Digital Evidence Collection
- 6.4IP Grabbing Techniques & Tracking Malicious Activities
- 6.5Email Analysis: Identifying Phishing, Spoofing & Malicious Attachments
- 6.6Disk & Memory Forensics Using Autopsy & Volatility
- 6.7Live vs. Dead Forensics: Investigating System Compromises
- 6.8Network Forensics: Capturing & Analyzing Traffic for Threat Detection
- 6.9Using Burp Suite for Deep Web & Dark Web Investigations
- 6.10Hands-on Cyber Forensics Lab: Real-World Incident Investigation
- Month 7Advanced Mobile Application Security10
- 7.1Introduction to Advanced Mobile Application Security
- 7.2Reverse Engineering Android Applications: Techniques & Tools
- 7.3Understanding APK Structure: Manifest, DEX, Resources, & Lib Files
- 7.4Decompiling & Recompiling APKs Using JADX & APKTool
- 7.5Modifying & Repacking APKs: Bypassing Security Mechanisms
- 7.6Identifying & Exploiting Mobile Security Vulnerabilities
- 7.7Analyzing Mobile Application Permissions & Hardcoded Secrets
- 7.8Intercepting & Manipulating Mobile App Traffic Using Burp Suite
- 7.9Bypassing Root Detection, Certificate Pinning & Debugging Protections
- 7.10Hands-on Mobile App Pentesting Labs & Real-World Case Studies
- Month 8Mobile Exploitation Techniques10
- 8.1Mobile Exploitation Techniques
- 8.2Introduction to Mobile Exploitation & Common Attack Vectors
- 8.3Identifying & Exploiting Insecure Data Storage in Mobile Apps
- 8.4Extracting Hardcoded Sensitive Information from APKs & Source Code
- 8.5Weak Authentication & Authorization Exploits in Mobile Applications
- 8.6Bypassing Root/Jailbreak Detection & Debugging Restrictions
- 8.7Breaking Insecure Communication: SSL/TLS Interception & MITM Attacks
- 8.8API Security in Mobile Apps: Exploiting Weak API Implementations
- 8.9Dynamic Analysis & Runtime Exploitation of Mobile Applications
- 8.10Dynamic Analysis & Runtime Exploitation of Mobile Applications
- Month 9Advanced API Security9
- 9.1Introduction to Advanced API Security & Threat Landscape
- 9.2Secure API Development Best Practices & Hardening Techniques
- 9.3Bypassing API Rate Limiting & Throttling Protections
- 9.4Exploiting Server-Side Request Forgery (SSRF) in APIs
- 9.5Broken Object Level Authorization (BOLA) & Mass Assignment Attacks
- 9.6Exploiting API Injection Attacks: SQL, NoSQL, and Command Injection
- 9.7GraphQL Security: Common Vulnerabilities & Exploits & Misconfigurations
- 9.8Automated API Security Testing Using Burp Suite & OWASP APICheck
- 9.9Hands-on API Hacking Labs & Real-World Case Studies
- Month 10Advanced Nessus Usage10
- 10.1Introduction to Nessus & Its Role in Vulnerability Management
- 10.2Customizing Scan Policies for Targeted Assessments
- 10.3Performing Credentialed Scanning for In-Depth Vulnerability Insights
- 10.4Automating Nessus Scans: Scheduling & Scripting for Efficiency
- 10.5Compliance & Configuration Checks Using Nessus
- 10.6Interpreting Nessus Reports: Understanding Risk Levels & Remediation
- 10.7Integrating Nessus with SIEM & Other Security Tools
- 10.8Advanced Exploitation & Post-Scan Analysis with Nessus Findings
- 10.9Bypassing Security Controls & Evasion Techniques in Nessus Scans
- 10.10Hands-on Labs: Real-World Vulnerability Assessments Using Nessus
- Month 11Vulnerability Analysis & Prioritization10
- 11.1Introduction to Vulnerability Analysis & Risk Management
- 11.2Understanding Severity Levels: High, Medium, Low, and Critical Risks
- 11.3Identifying & Eliminating False Positives in Vulnerability Scans
- 11.4Cross-referencing Exploit Databases: ExploitDB, Rapid7, Metasploit
- 11.5Mapping Vulnerabilities to CVE, CWE, and MITRE ATT&CK Framework
- 11.6Assessing Business Impact & Prioritizing Vulnerability Remediation
- 11.7Automating Vulnerability Analysis Using AI & Machine Learning
- 11.8Using CVSS (Common Vulnerability Scoring System) for Risk Evaluation
- 11.9Developing Effective Patch Management & Mitigation Strategies
- 11.10Hands-on Labs: Real-World Vulnerability Prioritization & Remediation
- Month 12VAPT Reporting & Documentation10
- 12.1Introduction to VAPT Reporting: Importance & Best Practices
- 12.2Structuring Professional Reports: Executive Summary & Technical details
- 12.3Writing Detailed Descriptions with Screenshots & Logs
- 12.4Providing Actionable Remediation Steps for Each Vulnerability
- 12.5Risk Categorization & Prioritization in Reports (CVSS Scoring)
- 12.6Compliance & Regulatory Requirements in VAPT Documentation
- 12.7Red Team vs. Blue Team Reporting Perspectives
- 12.8Common Mistakes in Reporting & How to Avoid Them
- 12.9Automating Report Generation Using Security Tools
- 12.10Hands-on Lab: Creating a Real-World VAPT Report