Cyber Security & Ethical Hacking



This Course will be taking you to the world of Cyber Security. Security Researchers of Rooman Technologies find the bugs/vulnerabilities in the large corporate organizations. They will be teaching you the Basics to the Advanced/Professional Level. You will be able to find out the bugs in the large corporate organizations which can lead you to succeed in the security world with much greater salary. Simultaneously you can have abroad opportunities in future.


This course covers Basics of Hardware & Networking, Linux commands, Programming & Operating System Essentials, Database Concepts. To Start with Ethical Hacking career, you don’t require a background of BE / BTech or very deep knowledge of Computers but gradually you can learn the technology. Even a Non-Technical Person can become an Expert Ethical Hacker as most of the topics covered in this domain will be Practical oriented. This domain doesn’t have the limitations on the employability. This sector will be growing in the future as well.


People who build software in many cases also understand how it can be broken," HackerOne co-founder Michiel Prins and we will be giving you the required skillsets which are necessary to succeed. Simultaneously we give 100% placements to our “Trainee candidates”. Other organizations will not be giving you this kind of support.


India's army of "ethical hackers", who earn millions protecting foreign corporations and global tech giants from cyber-attacks. India produces more ethical hackers those who break into computer networks to expose, rather than exploit weaknesses than anywhere else in the world. The latest data from BugCrowd, a global hacking network, showed Indians raked in the most "bug bounties".


Facebook pays more to Indian researchers in the first half of 2017 than any other researchers. Indians outnumbered all other bug hunters on HackerOne, another registry of around 1,00,000 hackers.


One anonymous Indian hacker "Geekboy" has found more than 700 vulnerabilities for companies like Yahoo, Uber and Rockstar Games.


Most are young "Techies" software engineers swelling the ranks of India's $154-billion IT outsourcing sector whose skill set makes them uniquely gifted at cracking cyber systems.


A 23-year-old security engineer has earned $350,000 in bug bounties, similar to that; you can also get the Bounties (financial gain) from Cyber Giants. “The Indian government definitely needs a bounty programme to make their system more secure". It was vital the government embrace its own through a programme like the "Hack the Pentagon" initiative, which last year saw 1,400 security engineers invited to poke holes in the US Department of Defence’s cyber fortifications.

Who Need This Training?


Fresher / Diploma / Graduate /Post-Graduate in any Stream.

DURATION


450 Hrs (2hrs/Day 12 Months, 4hrs/Day 6 Months or 8hrs/Day 3 Months).

course Outline

Introduction to Ethical Hacking

  • What is Hacking
  • Who is a Hacker
  • Skills of a Hacker
  • Types of Hackers
  • Reasons for Hacking
  • Who are at the risk of Hacking attacks
  • Effects of Computer Hacking on an organization
  • Network Security Challenges
  • Elements of Information Security: Confidentiality, Integrity & Availability
  • The Security, Functionality & Usability Triangle
  • What is Ethical Hacking
  • Why Ethical Hacking is Necessary
  • Scope & Limitations of Ethical Hacking
  • What is Penetration Testing
  • What is Vulnerability Auditing

Computer and Network Basics

  • Hacking
  • Internet protocol
  • Types of IP
  • Port
  • Protocol
  • Protocol service
  • OS for different hardware platforms
  • Vulnerability
  • Different Programming languages for different platforms/purposes.
  • What are Networks and what is networking
  • Network topologies
  • How the Networking devices communicate.
  • Vulnerable Hacking environments
  • Hashing checksums
  • Window/Linux commands
  • Php code overview
  • Assembly language programming overview
  • Introduction of kali
  • Introduction of backtrack
  • Introduction of parrot

Foot Printing / reconnaissance / Information Gathering

  • What is Foot Printing
  • Objectives of Foot Printing
  • Finding a company’s details
  • Finding a company’s domain name
  • Finding a company’s Internal URLs
  • Finding a company’s Public and Restricted URLs
  • Finding a company’s Server details
  • Finding the details of domain registration
  • Finding the range of IP Address
  • Finding the DNS information
  • Finding the services running on the server
  • Finding the location of servers
  • Trace route analysis
  • Tracking e-mail communications

 Scanning

  • What is network scanning
  • Objectives of network scanning
  • Finding the live hosts in a network
  • Finding open ports on a server
  • Finding the services on a server
  • OS fingerprinting
  • Server Banner grabbing tools
  • What is a Vulnerability Scanning
  • Vulnerability Scanner tools
  • Finding more details about a vulnerability
  • What is a proxy server
  • How does proxy server work
  • Types of proxy servers
  • How to find proxy servers
  • Why do hackers use proxy servers
  • What is a TOR network
  • Why hackers prefer to use TOR network

Enumeration

  • SNMP Enumeration
  • SMTP Enumeration
  • DNS Enumeration

Vulnerability Analysis

  • Perform vulnerability analysis to identify security loopholes in the target organization’s network, Communication infrastructure and end systems.

Sniffing and Sniffers

  • What is a sniffer
  • How sniffer works
  • Types of sniffing
  • Active sniffing
  • Passive Sniffing
  • What is promiscuous mode
  • How to put a PC into promiscuous mode
  • What is ARP
  • ARP poison attack
  • Threats of ARP poison attack
  • How MAC spoofing works
  • MAC Flooding
  • What is a CAM Table
  • How to defend against MAC Spoofing attacks
  • How to defend against Sniffers in network

System Hacking

  • What is system Hacking
  • Goals of System Hacking
  • Password Cracking
  • Password complexity
  • Finding the default passwords of network devices and softwares
  • Password cracking methods
  • Online password cracking
  • Man-in-the-middle attack
  • Password guessing
  • Offline password cracking
  • Brute force cracking
  • Dictionary based cracking
  • Hybrid attack
  • USB password stealers
  • Elcomsoft Distributed password recovery tools
  • Active password changer
  • What is a Keylogger
  • How to deploy a Keylogger to a remote pc
  • How to defend against a Keylogger.

Malware Threats

  • What is malware
  • Types of malware
  • Virus
  • What is a virus program
  • What are the properties of a virus program
  • How does a computer get infected by virus
  • Types of virus
  • Virus making tools
  • How to defend against virus attacks
  • Worm
  • What is a worm program
  • How worms are different from virus
  • Trojan
  • What is a Trojan horse
  • How does a Trojan operate
  • Types of Trojans
  • Identifying Trojan infections
  • How to defend against Trojans
  • Spyware
  • What is a spyware
  • Types of spywares
  • How to defend against spyware
  • Rootkits
  • What is a Rootkit
  • Types of Rootkits
  • How does Rootkit operate
  • How to defend against Rootkits

Phishing and Social engineering

  • What is Phishing
  • How Phishing website is hosted
  • How victims are tricked to access Phishing websites
  • How to differentiate a Phishing webpage from the original webpage
  • How to defend against Phishing attacks
  • SET: Social Engineering Toolkit

DOS : Denial of Service

  • What is a DOS attack
  • What is a DDOS attack
  • Symptoms of a Dos attack
  • DoS attack techniques
  • What is a Botnet
  • Defending DoS attacks

Session Hijacking

  • What is session hijacking.
  • Dangers of session hijacking attacks
  • Session hijacking techniques
  • Cross-Site scripting attack
  • Session hijacking tools
  • How to defend against session hijacking.

Hacking Web Servers & Web Applications

  • What is a web server
  • Different webserver applications in use
  • Why are webservers hacked & its consequences
  • Directory traversal attacks
  • Website defacement
  • Website password brute forcing
  • How to defend against web server hacking

SQL Injection

  • What is SQL Injection
  • Effects of SQL Injection attacks
  • Types of SQL Injection attacks
  • SQL Injection detection tools

Wireless Network Hacking

  • Types of wireless networks
  • Wi-Fi usage statistics
  • Finding a Wi-Fi network
  • Types of Wi-Fi authentications
  • Using a centralized authentication server
  • Using local authentication
  • Types of Wi-Fi encryption methods
  • WEP
  • WPA
  • WPAT
  • How does WEP work
  • Weakness of WEP encryption
  • How does WPA work
  • How does WPAT work
  • Hardware and software required to crack Wi-Fi networks
  • How to crack WEP encryption
  • How to crack WPA encryption
  • How to crack WPAT encryption
  • How to defend against Wi-Fi cracking attacks

Kali Linux

  • What is Kali Linux
  • How Kali Linux is different from other Linux distributions
  • What are the uses of Kali Linux
  • Tools for Footprinting, Scanning & Sniffing
  • What is Metasploit framework
  • Using Metasploit framework to attack Windows machines
  • Using Metasploit framework to attack Android mobile devices

Evading Firewalls, IDS & Honeypots

  • What is a Firewall
  • What are the functions of a Firewall
  • What is an IDS
  • How does an IDS work
  • SPAN
  • IDS tools
  • What is a honeypot
  • Types of honeypots
  • Honeypot tools
  • Honeypot detection tools

 IoT Hacking

  • Different threats to IoT platforms and learn how to defend IoT devices securely.

Cloud Computing

  • What is Cloud
  • What are the cloud services
  • Various cloud computing concepts, threats, attacks, and security techniques and tools (Cloud security).

Cryptography

  • What is Cryptography
  • Types of cryptography
  • Cipher algorithms
  • Public key infrastructure
  • What is a Hash
  • Cryptography attacks

Penetration Testing

  • What is Penetration Testing
  • Types of Penetration Testing
  • What is to be tested
  • Testing the network devices for misconfiguration
  • Testing the servers and hosting applications for misconfiguration
  • Testing the servers and hosting applications for vulnerabilities
  • Testing wireless networks
  • Testing for Denial of Service attack

Counter Measure Techniques for Network level attacks

  • Types of Firewall
  • Packet Filtering Firewall
  • Circuit-Level Gateway Firewall
  • Application-Level Firewall
  • Stateful Multilayer Inspection Firewall
  • Limitations of a Firewall
  • IDS / IPS
  • What is an IDS
  • What is a IPS
  • Difference between IDS & IPS
  • Placement of IDS in the Network
  • Configuring an IDS in the Network
  • Placement of IPS in the Network
  • Configuring an IPS in the Network
  • UTM / Next-Generation Firewall
  • What is a UTM
  • Features of UTM
  • Difference between a Firewall & a UTM
  • Placement of UTM in the Network
  • Configuring a UTM in the Network
  • Monitoring attacks using UTM
  • Configuring IPS module in UTM to detect and stop attacks

Counter Measure Techniques for Local Systems

  • Identifying the Vulnerabilities of a system
  • Understanding the Vulnerabilities of a system
  • CVE ID
  • Bugtraq ID
  • Patch Management
  • Identifying the patch for a Vulnerability
  • Downloading the Patch
  • Testing the patch for stability in test environment
  • Deploying the patch to Live Network
  • Finding the missing updates in an Operating System
  • Microsoft Baseline Security Analyser
  • Belarc Advisor

Counter Measure Techniques for Malware Attacks

  • Scanning systems for Malware infections
  • Types of anti-malwares
  • Anti-Virus
  • Anti-Worm
  • Anti-Trojan
  • Anti-Rootkit
  • Internet Security Suites
  • HIDS
  • HIPS

Course Content

  • Application Security & Ethical Hacking Technical Manager
  • Application Security- Analyst
  • Ethical Hacking Trainer - VAPT
  • Security Engineer
  • Information Security Engineer
  • Web Application Security Analyst
  • Sr Information Security Consultants / Solution Architects
  • VAPT tester
  • Chief Information Security Officer
  • Corporate Trainer - Information Security / CEH
  • Tech Mahindra Ltd.
  • Vulnerability Management Lead
  • Cyber Security Analyst