Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Diploma InCyber Security
Diploma InCyber Security
www.sevenmentor.com
www.sevenmentor.com
1.0 Introduction It Security
Information SecuritySecurity and Its NeedsIt Security Life Cycle
2.0 Desktop Security
Operating System BasicsWindows InstallationWindows PoliciesWhat Is VmwareBasic of Computer NetworkingOSI and TCP/IP ModelTcp Vs UdpTcp Frame HeaderUdp Frame HeaderTcp Communication FlagsNetworking Devices (Hub,Router,Switch,Etc.)Windows and Linux Dual Boot
3.0 Networking Security
Mac address, IP-address ClassesWhat is RouterStatic and Dynamic RoutingSending the MessagesRouting the TrafficTransmitting the PacketsConfiguration of RouterProtocols on RouterNat (Network Address Translation)Pat (Port Address Translation)What Is Dsl and Adsl RouterACLTroubleshootingSecuring the Routers
www.sevenmentor.com
4.0 Linux Security
IntroductionBenefits of LinuxKali Linux and Red HatLinux Directory and File System StructureFile Permission on LinuxLinux Commands (Find,grep,etc)How to Set Up a Firewall Under Linux?Iptables and ConfigurationWindows Vs. Linux Design
5.0 Introduction to Hacking
Introduction to Ethical HackingWindows and Linux IntroKali Linux (Usages)Deep/Dark Web
6.0 Reconnaissance
Information Intelligence.Organize Your InformationGoogle/bing Hacking.Whois Lookup.Os Info Hunting.Uptime Info Hunting.
7.0 Scanning
Web Server Info Hunting.Traceroute Target Ip Address.Tcp Port Scanning.Syn Port Scanning.Tcp Ack Firewall Scanning.Finding Live HostsUdp Sweeping and Probing
www.sevenmentor.com
8.0 Enumeration
Enumerating Username Groups and Passwords.Hunting and Profiling People.Gathering Email Accounts Sub Domains/host.Database Enumeration.Dns Enumeration.
9.0 Hacking Web Server
Attacking Apache Web Server.Attacking IIS Web Server.
10.0 System Hacking
Linux Hacking and SecuringWindows Hacking and Securing
11.0 Wireless Hacking
Attacking Wep Protected 802.11 Networks.Attacking Wpa/wpa2 Protected 802.11 Networks.Rogue Access PointMan in Middle Attack (Mitm)Evil Twin AttackBluetooth Hacking
12.0 Dos and Ddos
Dos and DDosDos and Ddos Tools and CommandsDDos Attack on Bank-WebsiteDos Attack on Server (Self)
13.0 Cryptography
What Is CryptographyWhat Is Cipher?Ciphers TypesTypes of CryptographyHashingHashing File and PasswordsPkc
www.sevenmentor.com
14.0 Steganography
What Is SteganographyLSB AlgorithmSteganography in ImagesSteganography in AudioWhitespace Steganography
15.0 PassWords Attacks
Cryptography AttacksPassword AttacksTypes of Password AttacksPassword Cracking of Windows, Linux, Ssh.Website Password Cracking
16.0 Social Engineering
PhishingAdvanced Social Engineering AttacksSpear Phishing Attacks.Sms SpoofingEmail SpoofingHacking Email AccountsCountermeasures
17.0 Sniffing and Spoofing
What Is a Cam TableSniffing Network PasswordsSniffing Http PasswordsSniffing Ftp and Telnet Passwords.Active SniffingPassive SniffingSniffing CookiesMan in the Middle Attack.
www.sevenmentor.com
18.0 Systems Hacking and Exploit-development
Windows and Linux HackingAdvanced Antivirus Detection Evasion and Bypassing.Advanced Firewall Outbound/inbound Rules Evasion and Bypassing.Advanced Windows User Access Control (Uac) Evasion and Bypassing.Assembly LanguageExploit WritingWindows Buffer Overflow ExploitLinux Buffer Overflow Exploit
19.0 Firewall,IDS,IPS and Honeypot
What Is IdsIds TypesWhat Is IpsFirewallFirewall TypesHardware and Software FirewallSecuring Network With (Smoothsec Express) Next-Gen Firewall.Honeypot and HoneynetHoneypot Low and High InteractionTracing Black-Hat HackerEvading Ids, Firewall,honeypot
20.0 VPN and Proxy-server
What Is ProxyProxy TypesSocks and Reverse-proxyVpnVpn TypesOpen VpnIpsec VpnVpn TypesVpn Security Issues
www.sevenmentor.com
21.0 Malwares
Writing Trojan for Windows.What Is a Botnet and Attacks.Mobile MalwareMobile Anti-malwareVirus and WormsRansomware for Linux and WindowsAnti-malwareMalware AnalysisSheep-dip SystemMalwares Countermeasures
22.0 Cloud Computing
What Is Cloud.What Is Types and Use.Cloud for Hackers
23.0 Android Introduction
Introduction to the CourseCourse InstructionsWhat Is Android.
24.0 Interacting With Android Devices
Rooting Termux for AndroidVnc-remote AccessBusybox Tools.
25.0 Android Hacking and Exploitation.
Exploiting Android Devices Using MetasploitHacking Windows,android Using Android Phone.Bypassing Android LocksData Hacking of Android
www.sevenmentor.com
26.0 Android Pentesting
Removing-ads From AndroidCracking Application for Free Use.Hiding Identity From Police.Hacking Calls Logs and Sms Messages From Android Devices.
27.0 Introduction to WAPT
What Is Web Penetration TestingWhat Is Web?Understanding the Depth of Web
28.0 Owasp Top 10 Injection
What Is Owasp Top 10 InjectionWhat Is Proxy?What Is Interception ProxiesBurp Suite Introduction
29.0 Information Gathering WAPT
Finding Whois and DnsDns Harvesting ExtractingA Open Source Information GatheringThe Http ProtocolsHttp MethodsHttp Status CodesHttp Request and ResponseWhat Is HTTPSHttp Methods and Verb TamperingHttp Method Testing With Nmap and Metasploit.30.0 Web App Basic Test
Web App Cryptography AttacksData EncodingEncoding Schemes, URL Encoding, Unicode EncodingBypassing Weak CipherTesting HttpsNmap ScanGathering Server Info
www.sevenmentor.com
31.0 Burp Suite in-depth
Burp TargetBurp ProxyBurp IntruderBurp RepeaterBurp ScriptingSpidering Web ApplicationAnalysing SpideringBurp Fuzzing
32.0 Broken Authentication and Session Management
Information LeakageDirectory BrowsingWhat Is AuthenticationHttp Response SplittingHttp Basic AuthenticationBypass Authentication PromptAttacking Http Basic Authentication With Nmap and MetasploitHttp Digest AuthenticationHttp Set-cookie With HttpcookieUsername Harvest
33.0 Injection Attacks
Html Injection BasicsHtml Injection in Tag ParametersSession TrackingSession FixationAuthentication Bypass
34.0 Command Injection
Command InjectionWeb to Shell on the ServerWeb Shell: Php MeterpreterWeb Shell: Netcat Reverse ConnectsWeb Shell: Using Python, Php Etc.
www.sevenmentor.com
35.0 LFI and RFI
Remote BasicsRFI to MeterpreterLFI BasicsLFI With Directory PrependsRemote Code Execution With LFI and File Upload Vulnerability
36.0 Upload Attacks
File Upload Vulnerability BasicsBeating Content-type Check in File UploadBypassing Blacklists in File UploadBypassing Whitelists Using Double Extensions in File UploadsNull Byte Injection in File UploadsExploiting File Uploads to Get Meterpreter
37.0 Unvalidated Redirects and Forwards
Unvalidated RedirectsExploitation Open RedirectsSecuring Open Redirects
38.0 Sql Injection
Sql InjectionSqli DiscoveringError Based SqliBlind Based SqliData ExtractionSql ToolsSqlmapSqlmap + Zap
www.sevenmentor.com
40.0 Csrf Attacks
Cross-site Request ForgeryExploitation CSRFLogin Attack
41.0 Web App Tools
What Is Automation TestingWhat Is Manual TestingWpscanW3afWordpress Testing
42.0 Firewall Testing
Web Application FirewallWap OptionsMod_securityWaf Detection
39.0 Client-side Attacks
What Is JavascriptDom-based XSSExplotating Dom-XSSJavascript InjectionCross-site ScriptingReflective XSSStored XSSXSS ToolsXSS FuzzingXSS ExploitationBeef Tool Stealing CookiesAjaxAjax XSS
43.0 Methodology and Reporting
Web Application Penetration Testing MethodsReporting and Presenting
www.sevenmentor.com
45.0 Platform
Cross-site Request ForgeryExploitation CSRFLogin Attack
46.0 Penetration testing with Bash script
Chapter 1: Getting to Know Bash Navigating and searching the filesystem Using I/O redirectionUsing pipesGetting to know grep
Chapter 2: Customizing your shell
Formatting the terminal OutputThe Prompt StringAliasesCustomizing the command historyCustomizing tab completion
Chapter 3: Network Reconnaissance
Interrogation the Whois serversInterrogating the DNS serversEnumerating target on the local network
44.0 Other Attacks
SSI AttacksServer-side Template InjectionIDOR InjectionLDAP InjectionXml External Entity
www.sevenmentor.com
47.0 Penetration testing with Python
Chapter 4: Exploitation and Reverse Engineering
Using the Metasploit command-line interfacePreparing payloads with MetsploitCreating and deploying a payloadDiassembling binariesDebugging binaries for dynamic analysis
Chapter 5: Network Exploitation and Monitoring
MAC and ARP abuseMan in the middle attacksInterrogating serversBrute forcing authenticationTraffic filtering with TCPDumpAssessing SSL Implementation securityAutomated web application security assessment
Chapter 1: Python with Penetration Testing and Networking
Introducing the scope of pentestingApproaches to pentestingIntroducing Python scriptingUnderstanding the tests and tools you'll needLearning the common testing platforms with PythonNetwork socketsServer socket methodsClient Socket methodsGeneral socket methodsMoving on the practical
Chapter 2: Scanning Pentesting
How to check live system in a network and concept of a live systemWhat are the services running on the target machine?
www.sevenmentor.com
Chapter 3: Sniffing and Penetration Testing
Introducing a network snifferImplementing a network sniffer using pythonLearning about packing crafingIntroducing ARP spoofing and implementing it using PythonTesing and Security system using custom packet crafting and injection
Chapter 4: Wireless Pentesting
Wireless SSID finding and wireless traffic analysis by pythonWireless attacks
Chapter 5: Foot Printing of a Web Server and a Web Application
The concept of foot printing of a web serverInformation gathering of a website from smartwhois by the parser BeautifulSoupBanner Grabbing of a websiteHardening of a web server
Chapter 6: Client-Side and DDoS Attacks
Introducing client-side validationTampering with the client-side parameter with PythonEffects of parameter tempering on businessIntroducing DoS and DDoS
Chaptr 7: Pentesting of SQLI and XSS
Introducing the SQL injection attackTypes of SQL injectionsUnderstanding the SQL injection by a Python ScriptLearning about Cross-site scripting
www.sevenmentor.com
49.0 Computer Forensics Investigation Process
Forensic Workstation Building SiftChain of CustodyData Imaging(FTK Imager)Data Integrity(Sha256sum)Data Carving(Physical Level)Data Analysis(FTK Toolkit)Expert Witness
48.0 Computer Forensics in Today’s World
Intro to Computer ForensicsNeed for Computer ForensicsWhat Is Cyber CrimeForensics Investigation ProcessCyber Crime ReportsDeft, Caine OS.
50.0 Hacking Laws
PCI-DSS, DMCA, FISMA ActIt Act 2000
51.0 Understanding Hard Disks and File Systems
Disk Drive OverviewThe Sleuth Kit(Tsk) and Autopsy
52.0 Data Acquisition and Duplication
Volatile Information From Linux and WindowsAcquiring Data on WindowsAcquiring Data on LinuxFtk Imager and Ddclfd(Bit-stream Copy)Netcat for Forensic
www.sevenmentor.com
54.0 Operating System Forensics
Network and Process InformationCache , Cookie and History AnalysisRegistry AnalysisLinux Configuration AnalysisWindows Event Viewer
53.0 Defeating Anti-forensics Techniques
Cryptography, PKI, PKC, VPNSteganography and SteganalysisPassword Cracking System and ApplicationCracking Bios PasswordAlternate Data StreamEncrypted File System
55.0 Network Forensics
Network ForensicIntrusion Detection System(IDS)Firewall, IPS and Reverse-proxy.Honeypot and Tracing.Traffic Capturing and Analysis
56.0 Investigating Web Attacks
Web Application ArchitectureWeb AttacksApache Web Server Logs InvestigationWeb Attack DetectionTracing Ip Address
57.0 Database Forensics
Logon Event in Windows and LinuxSyslog IdentificationLog Capturing and Analysis
www.sevenmentor.com
59.0 Investigating Email Crimes
Email System ArchitectureEmail CrimesEmail Header Analysis.Tracing Emails
58.0 Malware Forensic
Unstructured Memory AnalysisBulk ExtractorCridex Malware IdentificationNetwork Activity to a Process
60.0 Forensics Report Writing
Forensics ReportReport Writing and Documentation.Sample Report WritingWriting Reports Using FTLWriting Reports Using Autopsy
61.0 Case Studies
Mumbai CasePune Case