Summer Training Program 2013 CCSE V2.0 Certified Cyber Security Expert Version...
27
Summer Training Program 2014 CCSE V3.0 Certified Cyber Security Expert Version 3.0
Transcript of Summer Training Program 2013 CCSE V2.0 Certified Cyber Security Expert Version...
Summer Training Program 2014
CCSE V3.0 Certified Cyber Security Expert Version 3.0
TechD Facts
• Incorporated in November 2009
• Trained more than 40000 students, conducted 400 Workshops Including all IITs, NITs & Many colleges across India.
• Trained Professional from many reputed companies like Yahoo!,Google,ISACA,k7 Antivirus, Elitecore , Indian Oil, Temenos, ZOHO, HCL,TCS Infosys.
• Trained Investigation agencies of Gujarat, Maharashtra, Rajasthan, Tamilnadu, West Bengal.
• Successfully completed more than 10000 training hours into IT Security.
TechD Facts
• Trained & Certified 2000 Students & Professionals for CCSE ( Certified Cyber Security
Expert) Course.
• Helped Top Investigating Agencies to Solve Ahmedabad & Mumbai blasts Cyber trails.
• Associated for an out reach program with the Major Technical festivals of IIT Bombay, Kanpur, NIT Bhopal, NIT Calicut, Jadavpur University Kolkata, and BITS Pilani Goa for giving authorized certification.
• Major VAPT Clients includes Sulekha.com, Cyberoam.
• Supported by Ministry of Home Affairs, Malaysia & CMO, Gujarat. • Developed our own Crypters, Trojans, RATS for demonstrations.
TechD Facts
• Sunny Vaghela (Director & CTO) is recipient of Rajiv Gandhi Young
Achiever’s Award. • TechDefence has been awarded as Best Ethical Hacking & Information
Security Company by NBC at Trident Hotel , Mumbai.
TechD Facts
• TechDefence has also been awarded as Best Ethical Hacking & Information Security Company of Western India by BIG Research & IBN 7.
• Nominated for World Education Awards into category of Private Sector Initiative for use of innovative Technology for skilled education
CCSE Contents
Module 1 : Cyber Ethics - Hackers & hacking methodologies • Types of hackers • Communities of Hackers • Malicious Hacker Strategies • Steps to conduct Ethical Hacking • Hiding your identity while performing attacks Module 2: Basic Network Terminologies • TCP / IP protocols • IP addresses • Classes of IP addresses • NAT • Proxies and VPN’s • SSH and putty
CCSE Contents
Module 3: Information Gathering & Footprinting
• Whois information
• Active / Passive information gathering
• DNS report
• NS Report
• MX-information
• DNS-cache
• Maltego
• Doxing (Peoples & Digitals Boxes)
• Foot printing methodologies
• Tools that aid in foot printing
• Savitabhabhi.com case study
CCSE Contents
Module 4: Scanning & Enumeration
• Why scanning?
• Types of scanning
• Tools to aid in scanning
• Nmap - The Godfather
• Banner grabbing
• DNS Enumeration with Different Scripts
CCSE Contents
Module 5: Trojans, Backdoors • How to control victim’s computer using Trojans • Binding Trojans with another file • Undetection process of Trojans from Antivirus • Removal of Trojans from your computer • Analysis of Trojans/Virus Module 6: Virus & Worms • Introduction to viruses • How they work? • Methods use to hide themselves and replicate themselves • Introduction to worms • Causes of worms • Method used to replicate themselves • Role of antivirus product and goat file
CCSE Contents
Module 7: Phishing & its Prevention
• Making phishing pages (3 types of Phishing)
• How to detect phishing pages.
• Detecting Phishing Crimes
Module 8: System Hacking & Security
• Password cracking
• Privilege escalation
• Tools to aid in system hacking
• Understanding rootkits
• Clearing traces
• Countermeasures
CCSE Contents
Module 9: Social engineering & Honeypots
• Introduction • Laws of social engineering • Types of social engineering • Honeypots introduction • Types of honeypots • Setting up windows / Linux honeypot Module 10: Bot,Bots & DOS(Denial of Service) • Introduction to bots • Introduction to botnets and zombies • Botnet lifecycle • IRC bots • Customize your own bot
CCSE Contents
Module 11: Cryptography • Public-key Cryptography • Working of Encryption • Digital Signature • RSA & Example of RSA Algorithm • RC4, RC5, RC6, Blowfish • Algorithms and Security • Tools that aid in Cryptography Module 12: Google Hacking • Understanding how Google works • Google basic operators • Google advanced operators • Automated Google tools • How to use Google to find the desired website • How Google can aid in searching vulnerable website
CCSE Contents
Module 13: SQL Injection 1
• Web Application Overview
• Web Application Attacks
• OWASP Top 10 Vulnerabilities
• Putting Trojans on websites
• SQL injection attacks
• Executing Operating System Commands
• Getting Output of SQL Query
• Getting Data from the Database Using ODBC Error Message
• How to Mine all Column Names of a Table
• How to Retrieve any Data
• How to Update/Insert Data into Database
• SQL Injection in Oracle
• SQL Injection in MySql Database, 20 Hands on Demonstrations on real websites
CCSE Contents
Module 14: SQL Injection 2
• Attacking Against SQL Servers
• SQL Server Resolution Service (SSRS)
• SQL Injection Automated Tools
• MSSQL Injection
• Blind SQL Injection
• Preventing SQL Injection Attacks
Module 15: XSS – Cross Site Scripting
• Introduction to XSS & Types of XSS
• XSS worm and XSS shell
• Cookie grabbing
• Countermeasures
CCSE Contents
Module 16: CSRF, Click Jacking & Privilege Escalation Vulnerabilities
• Introduction to csrf
• Building proof of concept code
• Protections against csrf
• Click Jacking & Protections
Module 17: Information Disclosure Vulnerabilities
• Introduction
• Setting up the correct chmod
• Protecting the sensitive server files
• Preventing the data loss
CCSE Contents
Module 18: LFI / RFI
• Introduction to LFI / RFI
• Finding out LFI / RFI Vulnerabilities
• Demonstration & Prevention
Module 19:Hacking Web Servers
• Understanding IIS and apache
• How to use PHP and ASP backdoors
• What are local root exploits?
• Implementing web server security
• Patch management
CCSE Contents
Module 20: Vulnerability Assessment & Penetration Testing
• Burp Interceptor
• Burp Target
• Burp Spider
• Burp Scanner
• Burp Intruder
• Burp Repeater
• Burp Decoder
• Burp Sequencer
• Burp Extender
• Burp App Store- Introduction
• Live Hacking Through Burp
CCSE Contents
Module 21: Vulnerability Assessment & Penetration Testing
• Introduction to VAPT
• Categories of security assessments
• Vulnerability Assessment
• Limitations of Vulnerability Assessment
• Penetration Testing
• Types of Penetration Testing
• Do-It-Yourself Testing
• Outsourcing Penetration Testing Services
• Terms of Engagement
• Project Scope & Pentest Service Level Agreements
• Testing points & Locations
• Automated & Manual Testing
CCSE Contents
Module 22: Assembly Language Basics
• Difference Assembly Language Vs High-level Language
• Assembly Language Compilers
• Understanding Instruction operands, Directive & preprocessor
• Interrupts , Interrupt handler, External interrupts and Internal interrupts Handlers
• Assembling the & Compiling the C code
• Linking the object files & Understanding an assembly listing file
• Big and Little Endian Representation, Skeleton File
• Working with Integers, Signed integers & Signed Magnitude
• Understanding Two’s Compliment, If statements, Do while loops
• Indirect addressing, Subprogram
• Understanding The Stack, SS segment& ESP
• The Stack UsageThe CALL and RET Instructions
CCSE Contents
Module 23 & Module 24: Buffer Overflows 1-2
• Introduction
• How BOF works
• Stack based buffer overflow
• Heap based buffer overflow
• Heap spray
• Understanding the shellcode
• Mapping the memory
• Fuzzing
• Countermeasures
CCSE Contents
Module 25: Exploit Writing
• Exploits Overview
• Prerequisites for Writing Exploits and Shellcodes
• Purpose of Exploit Writing
• Types of Exploits
• Tools that aid in writing Shellcode
• Issues Involved With Shellcode Writing
• Addressing problem
• Null byte problem
• System call implementation
CCSE Contents
Module 26 : Reverse Engineering
• Introduction to RE
• Briefing OllyDbg
• Patching
• Cracking
• Keygening
• Countermeasures
Module 27: Firewalls, IDS, Evading IDS
• Introduction
• How to detect Intrusion
• Types of Intrusion
• Configuring IDPS
• Firewall and it’s types
• Evading Firewalls and IDS
CCSE Contents
Module 28 & Module 29: Metasploit Framework using BackTrack
• Introduction to this framework
• Getting hands on commands
• Hacking windows with metasploit
• Hacking Linux with metasploit
• Web Hacking through Metasploit
CCSE Contents
Module 30: Wireless Hacking & Security
• Wireless Protocols
• Wireless Routers-Working
• Attacks on Wireless Routers
• Cracking Wireless routers password(WEP)
• Securing routers from Hackers
• Countermeasures
Module 31: Mobile, VoIP Hacking & Security
• SMS & SMSC Introduction
• SMS forging & countermeasures
• Sending & Tracking fake SMSes
• VoIP Introduction
• Installing VoIP Server & Forging Call using VoIP
CCSE Contents
Module 32: Introduction to Cyber Crime Investigation & IT ACT 2000
• Types of Cyber Crimes
• Reporting Cyber Crimes & Incidence response
• Introduction to IT Act 2000 & its sections
• Flaws in IT ACT,2000
• Investigation Methodologies & Case Studies
• Different Logging Systems.
• Investigating Emails ( Email Tracing)
• Ahmedabad Bomb Blasts Terror Mail case study
• Investigating Phishing Cases
• Investigating Data Theft Cases
• Investigating Facebook Profile Impersonation Cases
• Investigating SMS & Call Spoofing Cases
CCSE Contents
Module 33: Cyber Forensics
• Cyber Forensics
• Understanding Cyber Forensics
• Hands on Cyber Forensics on Hard Disks
• Preparing Cyber Forensics Reports
Module 34 - 35: Project Work 1 , Project Work 2 & Final Exam.
• Training attendees will be getting exposures to live projects like Penetration testing, Creating own vulnerable penetration testing framework , Online Malware Scanners.
• Semi Final & Final Exam ( Online Hacking Challenge)
CCSE Contents
Total Hours: 80 hours
Training Duration : 30 – 45 Days.
Training Centers: Ahmedabad, Delhi , Hyderabad.
For More information Call on 7567867774, 9723373375 , 7567867770
