Ethical Hacking
Ethical Hacking Advanced
Ethical Hacking
1. Basics of Information Security and Computer Networking
- Introduction to Information Security
- Hacking Methodologies and Security Auditing
- Computer Networking
- IP addressing and NAT
- The Google Maps of the Internet
- Ports and Services
- Protocols, TCP/IP and OSI Model
- Proxy and VPN
- Digital Footprints and Information Gathering
- Advanced Information Gathering about People and Websites
- Google Dorking- Hacking using Google
- Introduction to Web Architecture and Understanding Common Security
- Misconceptions
- HTML Basics
- HTML and Introduction to Javascript
- Introduction to PHP and Setting up XAMPP
- Putting Brains into Beauty- Working with PHP
- Handling User Input and Building Basic Applications using PHP
3. Introduction to Web VAPT, OWASP and SQL Injections
- Introduction to VAPT and OWASP
- Basics of Databases and SQL
- Authentication Bypass using SQL Injection
- GET based SQL Injection- Part 1
- GET based SQL Injection- Part 2
- POST based SQL Injection- Part 1
- POST based SQL Injection- Part 2
- Advanced SQL Injections
- Automating SQL Injections- SQL Map
- Bypassing Client Side Filters using Burp Suite
- IDOR and Rate-limiting issues
- Arbitrary File Upload Vulnerabilities
Ethical Hacking Advanced
5. Client Side Attacks
- Understanding Important Response Headers, DOM, and Event Listeners
- Fundamentals of Cross Site Scripting (XSS)
- Understanding Forced Browsing and Session-Cookie Flaws
- Cross Site Request Forgery (CSRF) and Open Redirections
- Dictionary Based Brute Force Attacks Logical Brute Force Attacks
- Personally Identifiable Information (PII) Leakage and Sensitive Information Disclosure
- Common Security Misconfigurations
- Default/Weak Password Vulnerabilities
- Fingerprinting Components with Known Vulnerabilities
- Scanning for Bugs in WordPress and Drupal
- Using Public Exploits
7. Automating VAPT and Secure Code Development
- Information Gathering for Endpoints
- Application Assessment using Nmap
- Automating VAPT with Nikto and Burp Suite Pro
- Documenting Stages of Vulnerabilities Using Tools
- VAPT Reports: Developer Report v/s Higher Management Report
- Concepts of Code Security and Patching
- Parts of a VAPT Report
- Common Good Practices and Bad Practices