Post on 09-Jun-2020
Summer Training Program 2013
CCSE V2.0 Certified Cyber Security Expert Version 2.0
TechD Facts
• Incorporated in November 2009
• Established 5 Branch offices in India & 2 International Branches in 2 years
• Trained more than 25000 students, conducted 280 Workshops Including all IITs, NITs & Many colleges across India.
• Trained Professional from many reputed companies like Yahoo!,Google,ISACA,k7 Antivirus, Elitecore , Indian Oil, Temenos, ZOHO, HCL,TCS Infosys.
• Trained Investigation agencies of Gujarat, Maharashtra, Rajasthan, Tamilnadu, West Bengal.
TechD Facts
• Trained & Certified 2000 Students & Professionals for CCSE ( Certified Cyber Security
Expert) Course.
• Helped Top Investigating Agencies to Solve Ahmedabad & Mumbai blasts Cyber trails.
• Associated for an out reach program with the Major Technical festivals of IIT Bombay, Kanpur, NIT Bhopal, NIT Calicut, Jadavpur University Kolkata, and BITS Pilani Goa for giving authorized certification.
• Major VAPT Clients includes Sulekha.com, Cyberoam.
• Supported by Ministry of Home Affairs, Malaysia & CMO, Gujarat. • Developed our own Crypters, Trojans, RATS for demonstrations.
TechD Facts
• Sunny Vaghela (Director & CTO) is recipient of Rajiv Gandhi Young
Achiever’s Award. • TechDefence has been awarded as Best Ethical Hacking & Information
Security Company by NBC on 1st May’12 at Trident Hotel , Mumbai.
TechD Facts
• TechDefence has also been awarded as Best Ethical Hacking & Information Security Company of Western India by BIG Research & IBN 7.
• Nominated for World Education Awards into category of Private Sector Initiative for use of innovative Technology for skilled education
CCSE Contents
Module 1 : Cyber Ethics - Hackers & hacking methodologies • Types of hackers • Communities of Hackers • Malicious Hacker Strategies • Steps to conduct Ethical Hacking • Hiding your identity while performing attacks Module 2: Basic Network Terminologies • TCP / IP protocols • IP addresses • Classes of IP addresses • NAT • Proxies and VPN’s • SSH and putty
CCSE Contents
Module 3: Information Gathering & Footprinting • Whois information • Active / Passive information gathering • Information gathering using • Foot printing methodologies • Tools that aid in foot printing • Savitabhabhi.com case studies Module 4: Scanning & Enumeration
• Why scanning? • Types of scanning • Tools to aid in scanning • Nmap - The Godfather • Banner grabbing
CCSE Contents
Module 5: Trojans, Backdoors • How to control victim’s computer using Trojans • Binding Trojans with another file • Undetection process of Trojans from Antivirus • Removal of Trojans from your computer • Analysis of Trojans/Virus Module 6: Virus & Worms • Introduction to viruses • How they work? • Methods use to hide themselves and replicate themselves • Introduction to worms • Causes of worms • Method used to replicate themselves • Role of antivirus product and goat file
CCSE Contents
Module 7: Phishing & its Prevention
• Making phishing pages
• How to detect phishing pages
• Detecting Phishing Crimes
Module 8: System Hacking & Security
• Password cracking
• Privilege escalation
• Tools to aid in system hacking
• Understanding rootkits
• Clearing traces
• Countermeasures
CCSE Contents
Module 9: Social engineering & Honeypots
• Introduction • Laws of social engineering • Types of social engineering • Honeypots introduction • Types of honeypots • Setting up windows / Linux honeypot Module 10: Bot,Bots & DOS(Denial of Service) • Introduction to bots • Introduction to botnets and zombies • Botnet lifecycle • IRC bots • Customize your own bot
CCSE Contents
Module 11: Cryptography • Public-key Cryptography • Working of Encryption • Digital Signature • RSA & Example of RSA Algorithm • RC4, RC5, RC6, Blowfish • Algorithms and Security • Tools that aid in Cryptography Module 12: Google Hacking • Understanding how Google works • Google basic operators • Google advanced operators • Automated Google tools • How to use Google to find the desired website • How Google can aid in searching vulnerable website
CCSE Contents
Module 13: SQL Injection 1
• Web Application Overview
• Web Application Attacks
• OWASP Top 10 Vulnerabilities
• Putting Trojans on websites
• SQL injection attacks
• Executing Operating System Commands
• Getting Output of SQL Query
• Getting Data from the Database Using ODBC Error Message
• How to Mine all Column Names of a Table
• How to Retrieve any Data
• How to Update/Insert Data into Database
• SQL Injection in Oracle
• SQL Injection in MySql Database, 20 Hands on Demonstrations on real websites
CCSE Contents
Module 14: SQL Injection 2
• Attacking Against SQL Servers
• SQL Server Resolution Service (SSRS)
• SQL Injection Automated Tools
• MSSQL Injection
• Blind SQL Injection
• Preventing SQL Injection Attacks
Module 15: XSS – Cross Site Scripting
• Introduction to XSS & Types of XSS
• XSS worm and XSS shell
• Cookie grabbing
• Countermeasures
CCSE Contents
Module 16: Secure Coding Practices
• Why secure coding?
• Secure coding standards
• Secure coding methods
• Dissecting the source code
Module 17: Information Disclosure Vulnerabilities
• Introduction
• Setting up the correct chmod
• Protecting the sensitive server files
• Preventing the data loss
CCSE Contents
Module 18: Session Hijacking
• Introduction
• Types of session hijacking
• Tools that aid in session hijacking
• Countermeasures
Module 19:Hacking Web Servers
• Understanding IIS and apache
• How to use PHP and ASP backdoors
• What are local root exploits?
• Implementing web server security
• Patch management
CCSE Contents
Module 20: Vulnerability Assessment & Penetration Testing
• Introduction to VAPT
• Categories of security assessments
• Vulnerability Assessment
• Limitations of Vulnerability Assessment
• Penetration Testing
• Types of Penetration Testing
• Do-It-Yourself Testing
• Outsourcing Penetration Testing Services
• Terms of Engagement
• Project Scope & Pentest Service Level Agreements
• Testing points & Locations
• Automated & Manual Testing
CCSE Contents
Module 21: Assembly Language Basics
• Difference Assembly Language Vs High-level Language
• Assembly Language Compilers
• Understanding Instruction operands, Directive & preprocessor
• Interrupts , Interrupt handler, External interrupts and Internal interrupts Handlers
• Assembling the & Compiling the C code
• Linking the object files & Understanding an assembly listing file
• Big and Little Endian Representation, Skeleton File
• Working with Integers, Signed integers & Signed Magnitude
• Understanding Two’s Compliment, If statements, Do while loops
• Indirect addressing, Subprogram
• Understanding The Stack, SS segment& ESP
• The Stack UsageThe CALL and RET Instructions
CCSE Contents
Module 22 & Module 23: Buffer Overflows 1-2
• Introduction
• How BOF works
• Stack based buffer overflow
• Heap based buffer overflow
• Heap spray
• Understanding the shellcode
• Mapping the memory
• Fuzzing
• Countermeasures
CCSE Contents
Module 24: Exploit Writing
• Exploits Overview
• Prerequisites for Writing Exploits and Shellcodes
• Purpose of Exploit Writing
• Types of Exploits
• Tools that aid in writing Shellcode
• Issues Involved With Shellcode Writing
• Addressing problem
• Null byte problem
• System call implementation
CCSE Contents
Module 25: Reverse Engineering
• Introduction to RE
• Briefing OllyDbg
• Patching
• Cracking
• Keygening
• Countermeasures
Module 26: Firewalls, IDS, Evading IDS
• Introduction
• How to detect Intrusion
• Types of Intrusion
• Configuring IDPS
• Firewall and it’s types
• Evading Firewalls and IDS
CCSE Contents
Module 27: Wireless Hacking & Security
• Wireless Protocols
• Wireless Routers-Working
• Attacks on Wireless Routers
• Cracking Wireless routers password(WEP)
• Securing routers from Hackers
• Countermeasures
Module 28: Mobile, VoIP Hacking & Security
• SMS & SMSC Introduction
• SMS forging & countermeasures
• Sending & Tracking fake SMSes
• VoIP Introduction
• Installing VoIP Server & Forging Call using VoIP
CCSE Contents
Module 29: Introduction to Cyber Crime Investigation & IT ACT 2000
• Types of Cyber Crimes
• Reporting Cyber Crimes & Incidence response
• Introduction to IT Act 2000 & its sections
• Flaws in IT ACT,2000
• Investigation Methodologies & Case Studies
• Different Logging Systems.
• Investigating Emails ( Email Tracing)
• Ahmedabad Bomb Blasts Terror Mail case study
• Investigating Phishing Cases
• Investigating Data Theft Cases
• Investigating Orkut Profile Impersonation Cases
• Investigating SMS & Call Spoofing Cases
CCSE Contents
Module 30: Cyber Forensics
• Cyber Forensics
• Understanding Cyber Forensics
• Hands on Cyber Forensics on Hard Disks
• Preparing Cyber Forensics Reports
Module 31:Enterprise Information Security Management
• Establishment of ISMS
• Implementation ,Monitoring ,Review & Maintenance of ISMS
• Resource Management & Management Responsabilités.
• Internal Audits
• Selection of Appropriate Controls
• Corrective & Preventive Actions
CCSE Contents
Module 32 - 35: Project Work 1 , Project Work 2 & Final Exam.
• Training attendees will be getting exposures to live projects like Penetration testing, Creating own vulnerable penetration testing framework , Online Malware Scanners.
• Semi Final & Final Exam ( Online Hacking Challenge)
Total Hours: 80 hours
Training Duration : 30 – 45 Days.
Training Centers: Ahmedabad, Delhi , Hyderabad, Navsari