Security Testing Course
- 1 Defining OWASP Top 10
- 2 >> Injections :
- 3 >> Broken Authentication
- 4 >> Sensitive Data Exposure
- 5 >> XML External Entities (XXE)
- 6 >> Broken Access Control
- 7 >> Security Misconfiguration
- 8 >> Cross Site Scripting (XSS)
- 9 >> Security Deserialization
- 10 >> Using Components with Known Vulnerabilities
- 11 >> Insufficient Logging and Monitoring
- 1 Application Attacks
- 2 >> Server Side Web Application Attacks
- 3 >> Client Side Web Application Attacks
- 4 Network Based Attacks
- 5 >> Denial Of Service
- 6 >> Interceptions
- 7 >> Poisoning
- 8 >>>> ARP Poisoning
- 9 >>>> DNS Cache Poisoning
- 10 >> Attacks On Access Rights
- 11 Introduction to Web servers
- 12 >> Types of web servers
- 13 >>>> Internet Information Service (IIS)
- 14 >>>> APACHE
- 15 >>>> Windows
- 1 Definition and Concepts
- 2 Types of Networking
- 3 >> LOCAL AREA NETWORK (LAN)
- 4 >> WIDE AREA NETWORK (WAN)
- 5 >> METROPOLITAN AREA NETWORK (MAN)
- 6 >> STORAGE AREA NETWORK (SAN)
- 7 Network Topologies
- 8 >> BUS Topology
- 9 >> RING Topology
- 10 >> STAR Topology
- 11 >> MESH Topology
- 12 >> TREE Topology
- 13 >> Point To Point Topology
- 14 Protocols of networking
- 15 >> TCP (Transmission Control Protocol )
- 16 >> UDP ( User Datagram Protocol )
- 17 Defining Networking Model
- 18 >> OSI (Open System Interconnections )
- 19 >>>> 7 Layers Of OSI Model
- 20 >> TCP/IP (Internet Protocol )
- 21 >>>> 5 Layers Of OSI Model
- 22 Working of:
- 23 >> Domain Name Server (DNS)
- 24 >> Dynamic Host Configuration Protocol ( DHCP)
- 25 >> Simple Network Management Protocol (SNMP)
- 26 >> Simple Mail Transfer Protocol ( SMTP)
- 27 >> Address Resolution Protocol ( ARP)
- 28 >> Inter Connection Management Protocol ( ICMP)
- 29 Introduction to Internet Protocol Version 4 IPv4 / IPv6
- 30 >> Difference Between Class full & Classless IP addresses
- 31 Working of Various Network components
- 32 >> Network interface card (NIC)
- 33 >> HUB
- 34 >> Switches
- 35 >> Routers
- 36 >> Bridges
- 37 >> Gateways
- 38 Using Wire Shark Tool to show how Data moves in networks Practically
- 1 What is information security
- 2 >> Understanding security
- 3 >> Defining security
- 4 Current Security Trend
- 5 Elements of information Security
- 6 >> Confidentiality
- 7 >> Availability
- 8 >> Integrity
- 9 >> Authenticity
- 10 >> Non Repudiation
- 11 Challenges of Securing Information
- 12 >> Today's security attacks
- 13 >> Difficulty in defending against attacks
- 14 Various laws governing information security
- 15 >> Health insurance portability and accountability act 1996 (HIPAA)
- 16 >> Sarbanes Oxley Act 2002 (SOX)
- 17 >> Gramm Leach Bliley Act 1999 (GLB)
- 18 >> Payment Card Industry Data Security Standard (PCI-DSS)
- 1 What is Hacking
- 2 >> Defining Hacking
- 3 >> Hacking Concepts
- 4 Types of hackers
- 5 >> Black Hat
- 6 >> White Hat
- 7 >> Grey Hat
- 8 >> Script Kiddies
- 9 >> Hacktivists
- 10 >> Cyber Terrorist
- 11 >> State Sponsored
- 12 Defining Ethical Hacking
- 13 >> Scope of Ethical Hacking
- 14 >> security audits
- 15 >> vulnerabilities assessment
- 16 Types of Pen Testing
- 17 >> Black Box Pen Testing
- 18 >> White Box Pen Testing
- 19 >> Grey Box Pen Testing
- 1 Introduction to Linux File System and Command Line
- 2 Installing Kali Linux
- 3 Configure Network Connection
- 4 Administering Kali Linux
- 5 Updating and upgrading kali Linux
- 6 Introduction to Bash Environment
- 1 Basics of computers
- 2 >> Types of Computer Memory
- 3 >> Volatile Memory : RAM , CACHE ,REGISTERS e.t.c
- 4 >> Non Volatile Memory : HDD, SDD ,FLASH DRIVES e.t.c
- 5 >> Slack Space
- 6 What is MBR /GPT
- 7 Difference Between BIOS & UEFI
- 8 File System of different Operating System
- 9 >> Windows : FAT16 , FAT 32 , NTFS
- 10 >> LINUX : EXT2 ,EXT3 , EXT4
- 11 >> MAC OS : HFS , HFS +
- 1 Foot Printing / Reconnaissance
- 2 >> Information Discovery
- 3 >>>> Google hacking
- 4 >>>> DNS Information Gathering
- 5 >>>> Who. Is Information gathering
- 6 >>>> Email Tracking
- 7 >>>> Net craft
- 8 >>>> Spokeo
- 9 >> 6.2 Scanning
- 10 >>>> Checking live host using PING /HPING
- 11 >>>> Checking Open Ports Using NMAP Tool
- 12 >>>> Checking Vulnerable Services Running
- 13 Gaining Access
- 14 >> Using Various Methods Of Password Cracking
- 15 >>>> Dictionary Attack
- 16 >>>> Brute Force Attack
- 17 >>>> Rainbow Table Attack
- 18 >>>> Hybrid Attack
- 19 Maintaining Access
- 20 >> Introduction to MALWARES
- 21 >> Types Of MALWARES
- 22 >>>> VIRUS
- 23 >>>> TROJAN
- 24 >>>> WORMS
- 25 >>>> ROOT KITS
- 26 >>>> SPYWARE
- 27 >>>> RANSOMEWARE
- 28 >>>> KEYLOGGERS
- 29 >>>> BOTS
- 30 >>>> ADWARES
- 31 >>>> HOAX
- 32 Covering Tracks
- 33 >> Removing Logs
- 34 >> Corrupting O.S
- 35 >> Removing Auditing Logs
- 1 Wireless Penetration Testing
- 2 Introduction to Wireless Security
- 3 >> Different Wireless Protocols
- 4 >>>> Wired Equivalent Privacy (WEP)
- 5 >>>> Wi-Fi Protected access (WPA)
- 6 >>>> Wi-Fi Protected access 2 (WPA2)
- 7 Cracking WPA and WPA2
- 8 Restricting Wireless Access through Wireless Jammer
- 1 Cryptography concepts
- 2 >> Defining Cryptography
- 3 >> Objectives of Cryptography
- 4 >> Types Of Cryptography
- 5 >>>> Symmetric Encryption
- 6 >>>> Asymmetric Encryption
- 7 Encryption Algorithm
- 8 >> Data Encryption Standard (DES)
- 9 >> Advanced Encryption Standard (AES)
- 10 >> RC4 ,RC5 ,RC6 Algorithm
- 11 >> Rivest Shamir Adelman (RSA )
- 12 >> MD5 algorithm
- 13 >> SHA1 , SHA2 , SHA256
- 14 Cryptography Tools
- 15 >> Hash Calculator
- 16 >> MD5Sum Calculator
- 17 >> Advanced Encryption Package
- 18 >> BCText Encoder
- 19 Public Key Infrastructure
- 20 >> Defining PKI
- 21 >> Components of PKI
- 22 >>>> Certificate Management System
- 23 >>>> Digital Certificates
- 24 >>>> Validation Authority
- 25 >>>> Certificate Authority
- 26 >>>> End user
- 27 >>>> Registration Authority
- 28 Email Encryption
- 29 >> Digital Signatures
- 30 >> Secure Socket Layers (SSL)
- 31 >> Transport Layer Security (TLS)
- 32 >> Pretty Good Privacy (PGP)
- 33 Disk Encryption
- 34 >> Tools For Disk Encryption
- 35 >>>> Symantec Drive Encryption
- 36 >>>> GiliSoft Full Disk Encryption
- 37 Cryptography Attacks
- 38 >> Known Plain Text Attack
- 39 >> Known Cipher Text Attack
- 40 >> Chosen Plain Text Attack
- 41 >> Chosen Cipher Text Attack
- 1 Introduction to Cloud Computing
- 2 >> Characteristics of Cloud Computing
- 3 >> Types of Cloud Computing
- 4 >>>> Infrastructure as a service (IaaS)
- 5 >>>> Platform as a service (PaaS)
- 6 >>>> Software as a service (SaaS)
- 7 >> Cloud Deployment Models
- 8 >>>> Private Cloud
- 9 >>>> Community Cloud
- 10 >>>> Hybrid Cloud
- 11 >>>> Public Cloud
- 12 >> NIST Cloud Computing Reference Architecture
- 13 Cloud Computing Attacks
- 14 >> Service Hijacking using Social Engineering
- 15 >> Session Hijacking Using XSS
- 16 >> Domain Name System (DNS) Attacks
- 17 >> SQL injections
- 18 >> DOS and DDOS Attack
- 19 Cloud Penetration Testing
- 1 Introduction to IDS/IPS
- 2 >> Working of IDS /IPS
- 3 >> Types of IDS/IPS
- 4 >> Difference Between NIDS ,NIPS ,HIDS ,HIPS
- 5 Introduction to Firewall
- 6 >> Working of Firewall
- 7 >> Types Of Firewall
- 8 Introduction To Honey Pots
- 9 >> Working of Honey Pots
- 10 >> Types of Honey pots
- 1 System Hacking (Windows & Linux)
- 2 >> Using Tools Like NMAP ,METASPLOIT FRAMEWORK
- 3 >> Extracting Password From SAM Folder
- 4 >> Using Rainbow Table To Decode the Password
- 5 Obtaining Passwords BY Sniffing Using MAN-IN-THE-MIDDLE ATTACK (MITM)
- 6 >> Demonstrating How To Spoof MAC Address
- 7 >> Demonstrating How To Spoof IP Address
- 8 Hacking Web Servers and Web Application (OWASP TOP 10)
- 9 Hands on Various Tools
- 10 >> Nmap
- 11 >> Wire shark
- 12 >> Beef
- 13 >> Burp Suite
- 14 >> Metasploit Framework
- 15 >> AirCrack-Ng