Ethical Hacking Course Syllabus

Introduction To Ethical Hacking

Hands-on: Setting up the environment, tools, and networks

Introduction To Penetration Testing

Objective: In this module, we will be learning about how and why to perform penetration testing. What are all the security measures you have followed?

Topics:

Understand what penetration testing is
Understand penetration testing methodologies
Understand various penetration testing approaches
Nature of the Test (Box Testing)
Everything Is Confidential
If You Break It, You Bought It

Hands-on: Installing and configuring protection tools to be anonymous in a network

Setting Up a Penetration Testing and Network Security Lab

Objective: In this module, we will be learning about how to setup a penetration testing lab for experimenting tools

Topics:

Why Virtualization?
Installing VirtualBox
Installing Our Vulnerable Machines
Installing Our Target Machines
Installing our Beast Machine

Hands-on: Installing virtual machine and necessary operating systems for both Attacker and target

Final preparation to begin hacking

Objective: In this module, we will be learning about operating system basics, commands, scripting, network configuration

Topics :

Configuring our hacking Machine
Taking a small trip
Bash Scripting – Automate the system Updation
Elementary Linux commands
Networking Basics

Hands-on: Understanding command-line interface with shell scripting

How to Stay Anonymous Before you start Hacking

Objective: In this module, we will be learning about staying anonymous while browsing, accessing a filesystem

Topics :

Setting up a Tor browser
Working With Proxychains
Free Proxy Server
Setting up and Using a VPN
Working MAC Address

Hands-on: Installing VPN, Tor service and Anonymous browser, evade from firewall and rules

Information Gathering – Getting to Know Your Targets

Objective: In this module, we will be learning about gathering basic information about a target from different sources. These steps involve manual and automated frameworks.

Topics :

Information Gathering and its Types
Tools, Methods, and Frameworks
Intelligence Gathering
Importance of Open Source Intelligence
Data Mining (OSINT Framework)
Specialized Search Engines
DNS Footprinting
Email Footprinting
Finding Website Backend Technologies
Automated Tools
How Automated Tools Work
Tricks that you must know in Info gather

Hands-on: How to get an IP address, email, software used, version, vulnerabilities, operating system, and miscellaneous data.

Network Scanning and Enumeration

Objective: In this module, we will be learning about enumerating data from different services In a network and operating system.

Topics :

Host Discovery
Port Scanning Methods – Complete Guide
Version Detection
OS Detection
Packet Crafting Techniques
Automating Port Scanning
Samba Enumeration
DNS enumeration
SSH enumeration
HTTP enumeration
FTP enumeration

Hands-on: When and where to use enumeration tools and how to scan hosts and ports

Vulnerability Scanning and Analysis

Objective: In this module, we will be learning about how to find vulnerabilities, exploits and how to use them

Topics:

Why we do Vulnerability Scanning and why is it mandatory?
Exploring Vulnerable databases
Offline Vulnerable Databases
Online vulnerable Databases
Exploring Searchsploit
Network Vulnerability Scanning
Finding WEB Vulnerability
Finding Vulnerability in CMS
Mobile Application Vulnerability Scanning

Hands-on: How to scan an application for vulnerability and exploit using frameworks

Sniffing and Spoofing the Network

Objective: In this module, we will be learning about how to sniff, analyze packets in a network

Topics :

Art of Sniffing
Network traffic analyzer
Sniffing your own network
Tools to sniff network traffic
ARP poisoning Attack
Spoofing Attacks – Explained (Real-time Scenario)

Hands-on: How to sniff data using packet capturing tools on windows, Linux, mac

NGROK

Objective: In this module, we will be learning about port forwarding and its importance.

Topics :

Difference between static and dynamic IP
Setting Up NGROK
Creating Secret Tunnel And File Hosting using NGROK

Hands-on: How to use NGROK command-line tool and forward a specific port

Network-Based Attacks

Objective : In this module, we will be learning about creating exploits and social networking techniques.

Topics :

Metasploit Framework
Importing 3rd party modules into MSF
Msfvenom Utility – Malware Creation – Method 1
Malware Creation – Method 2
Setting Up Listener – Method 1
Setting Up Listener – Method 2
Automate the process using SEToolkit
Remote Code Execution – Ransomware Exploit
Server Side Exploitation
Third-Party Exploitation Tools

Hands-on: How to create custom payload with the listener for windows, Linux, android

Post Exploitation

Objective: In this module, we will be learning about operating system architecture and operations

Topics :

Help Menu
Backgrounding Our Session
Networking commands
File operation commands
Webcam Commands
Migrating to safer processes
Getting full system rights – privilege escalation
Gathering windows password using phishing
Maintaining Access – persistence Attacks

Hands-on: How to create a backdoor and operate a shell in the background

Password Cracking Techniques

Objective: In this module, we will be learning about passwords, hash, cryptography, wordlists

Topics :

How password originated and why?
Importance of Using Password
Password Cracking Techniques
How Password Cracking works
Hashes and encoders
NTLM/ NTLMv1/v2 / Net-NTLMv1/v2
BruteForce Attacks
Dictionary Based Attacks
Cracking windows password
Cracking Linux password

Hands-on: How to obtain hashes using various tools and how to decrypt it

Netcat for Ethical Hacking

Objective: In this module, we will be learning about reading and writing data in TCP or UDP connections.

Topics :

Necat explained and it uses
Importance of Netcat
Port scanning using Netcat
Automation Using Netcat
Different flavors of Netcat
Reverse Shell using Netcat
Bind shell using Netcat

Hands-on: How to install and use Netcat with various options and combinations

Social Engineering Attacks

Objective: In this module, we will be learning about social engineering and its types to exploit humans and not computers.

Topics :

Why Hackers Love Social Engineering Attacks
phishing, vishing, and smishing
Social Engineering toolkit – explained
Setting Up a Phishing Campaign
Phishing Outside Network
Social engineering attacks with Powershell
Social engineering attacks with HTML Application

Hands-on: Installing SEToolkit and creating fake webpage like Gmail, Facebook, Instagram to harvest credentials from users

Android Hacking

Objective: In this module, we will be learning about android os architecture, vulnerabilities and how to create custom malware for remote administration.

Topics :

Creating Custom Malware
Creating Listener
Post exploitation
Hacking outside network

Hands-on: Creating a custom malware using Metasploit Framework and access remotely

Wireless Attacks

Objective: In this module, we will be learning about how to monitor, hack wifi networks and passwords.

Topics :

Wireless Concepts
Cracking WPA2
Creating Custom Password List
Getting Wifi Password Using Phishing

Hands-on: How to install wireless hacking tools, set your nic in monitor mode to scan the networks, obtain the hash, and decrypt the password

Web Application Attacks

Objective: In this module, we will be learning about how web services work, and identify vulnerabilities.

Topics :

Owasp Top 10 Vulnerabilities
Tools For Web Application Attacks
Finding Subdomains
Finding Sub-Directories
Cross-Site Scripting Attacks
Sql Injection Attacks
File Upload Vulnerabilities
Command Injection

Hands-on: Turn your pc to web server, setting up a database, and how to use a web vulnerability scanner

Anti Forensics

Objective: In this module, we will be learning about logs, reports, and evading

Topics :

Covering Your Track
Clearing Attacker Logs
TimeStomping

Hands-on: How to clear logs and cover your track by using evading tools.