View
215
Download
1
Category
Preview:
Citation preview
Summer Training Program 2014
CCSE V3.0 Certified Cyber Security Expert Version 3.0
TechD Facts
• Incorporated in November 2009
• Trained more than 40000 students, conducted 400 Workshops Including all IITs, NITs & Many colleges across India.
• Trained Professional from many reputed companies like Yahoo!,Google,ISACA,k7 Antivirus, Elitecore , Indian Oil, Temenos, ZOHO, HCL,TCS Infosys.
• Trained Investigation agencies of Gujarat, Maharashtra, Rajasthan, Tamilnadu, West Bengal.
• Successfully completed more than 10000 training hours into IT Security.
TechD Facts
• Trained & Certified 2000 Students & Professionals for CCSE ( Certified Cyber Security
Expert) Course.
• Helped Top Investigating Agencies to Solve Ahmedabad & Mumbai blasts Cyber trails.
• Associated for an out reach program with the Major Technical festivals of IIT Bombay, Kanpur, NIT Bhopal, NIT Calicut, Jadavpur University Kolkata, and BITS Pilani Goa for giving authorized certification.
• Major VAPT Clients includes Sulekha.com, Cyberoam.
• Supported by Ministry of Home Affairs, Malaysia & CMO, Gujarat. • Developed our own Crypters, Trojans, RATS for demonstrations.
TechD Facts
• Sunny Vaghela (Director & CTO) is recipient of Rajiv Gandhi Young
Achiever’s Award. • TechDefence has been awarded as Best Ethical Hacking & Information
Security Company by NBC at Trident Hotel , Mumbai.
TechD Facts
• TechDefence has also been awarded as Best Ethical Hacking & Information Security Company of Western India by BIG Research & IBN 7.
• Nominated for World Education Awards into category of Private Sector Initiative for use of innovative Technology for skilled education
CCSE Contents
Module 1 : Cyber Ethics - Hackers & hacking methodologies • Types of hackers • Communities of Hackers • Malicious Hacker Strategies • Steps to conduct Ethical Hacking • Hiding your identity while performing attacks Module 2: Basic Network Terminologies • TCP / IP protocols • IP addresses • Classes of IP addresses • NAT • Proxies and VPN’s • SSH and putty
CCSE Contents
Module 3: Information Gathering & Footprinting
• Whois information
• Active / Passive information gathering
• DNS report
• NS Report
• MX-information
• DNS-cache
• Maltego
• Doxing (Peoples & Digitals Boxes)
• Foot printing methodologies
• Tools that aid in foot printing
• Savitabhabhi.com case study
CCSE Contents
Module 4: Scanning & Enumeration
• Why scanning?
• Types of scanning
• Tools to aid in scanning
• Nmap - The Godfather
• Banner grabbing
• DNS Enumeration with Different Scripts
CCSE Contents
Module 5: Trojans, Backdoors • How to control victim’s computer using Trojans • Binding Trojans with another file • Undetection process of Trojans from Antivirus • Removal of Trojans from your computer • Analysis of Trojans/Virus Module 6: Virus & Worms • Introduction to viruses • How they work? • Methods use to hide themselves and replicate themselves • Introduction to worms • Causes of worms • Method used to replicate themselves • Role of antivirus product and goat file
CCSE Contents
Module 7: Phishing & its Prevention
• Making phishing pages (3 types of Phishing)
• How to detect phishing pages.
• Detecting Phishing Crimes
Module 8: System Hacking & Security
• Password cracking
• Privilege escalation
• Tools to aid in system hacking
• Understanding rootkits
• Clearing traces
• Countermeasures
CCSE Contents
Module 9: Social engineering & Honeypots
• Introduction • Laws of social engineering • Types of social engineering • Honeypots introduction • Types of honeypots • Setting up windows / Linux honeypot Module 10: Bot,Bots & DOS(Denial of Service) • Introduction to bots • Introduction to botnets and zombies • Botnet lifecycle • IRC bots • Customize your own bot
CCSE Contents
Module 11: Cryptography • Public-key Cryptography • Working of Encryption • Digital Signature • RSA & Example of RSA Algorithm • RC4, RC5, RC6, Blowfish • Algorithms and Security • Tools that aid in Cryptography Module 12: Google Hacking • Understanding how Google works • Google basic operators • Google advanced operators • Automated Google tools • How to use Google to find the desired website • How Google can aid in searching vulnerable website
CCSE Contents
Module 13: SQL Injection 1
• Web Application Overview
• Web Application Attacks
• OWASP Top 10 Vulnerabilities
• Putting Trojans on websites
• SQL injection attacks
• Executing Operating System Commands
• Getting Output of SQL Query
• Getting Data from the Database Using ODBC Error Message
• How to Mine all Column Names of a Table
• How to Retrieve any Data
• How to Update/Insert Data into Database
• SQL Injection in Oracle
• SQL Injection in MySql Database, 20 Hands on Demonstrations on real websites
CCSE Contents
Module 14: SQL Injection 2
• Attacking Against SQL Servers
• SQL Server Resolution Service (SSRS)
• SQL Injection Automated Tools
• MSSQL Injection
• Blind SQL Injection
• Preventing SQL Injection Attacks
Module 15: XSS – Cross Site Scripting
• Introduction to XSS & Types of XSS
• XSS worm and XSS shell
• Cookie grabbing
• Countermeasures
CCSE Contents
Module 16: CSRF, Click Jacking & Privilege Escalation Vulnerabilities
• Introduction to csrf
• Building proof of concept code
• Protections against csrf
• Click Jacking & Protections
Module 17: Information Disclosure Vulnerabilities
• Introduction
• Setting up the correct chmod
• Protecting the sensitive server files
• Preventing the data loss
CCSE Contents
Module 18: LFI / RFI
• Introduction to LFI / RFI
• Finding out LFI / RFI Vulnerabilities
• Demonstration & Prevention
Module 19:Hacking Web Servers
• Understanding IIS and apache
• How to use PHP and ASP backdoors
• What are local root exploits?
• Implementing web server security
• Patch management
CCSE Contents
Module 20: Vulnerability Assessment & Penetration Testing
• Burp Interceptor
• Burp Target
• Burp Spider
• Burp Scanner
• Burp Intruder
• Burp Repeater
• Burp Decoder
• Burp Sequencer
• Burp Extender
• Burp App Store- Introduction
• Live Hacking Through Burp
CCSE Contents
Module 21: Vulnerability Assessment & Penetration Testing
• Introduction to VAPT
• Categories of security assessments
• Vulnerability Assessment
• Limitations of Vulnerability Assessment
• Penetration Testing
• Types of Penetration Testing
• Do-It-Yourself Testing
• Outsourcing Penetration Testing Services
• Terms of Engagement
• Project Scope & Pentest Service Level Agreements
• Testing points & Locations
• Automated & Manual Testing
CCSE Contents
Module 22: Assembly Language Basics
• Difference Assembly Language Vs High-level Language
• Assembly Language Compilers
• Understanding Instruction operands, Directive & preprocessor
• Interrupts , Interrupt handler, External interrupts and Internal interrupts Handlers
• Assembling the & Compiling the C code
• Linking the object files & Understanding an assembly listing file
• Big and Little Endian Representation, Skeleton File
• Working with Integers, Signed integers & Signed Magnitude
• Understanding Two’s Compliment, If statements, Do while loops
• Indirect addressing, Subprogram
• Understanding The Stack, SS segment& ESP
• The Stack UsageThe CALL and RET Instructions
CCSE Contents
Module 23 & Module 24: Buffer Overflows 1-2
• Introduction
• How BOF works
• Stack based buffer overflow
• Heap based buffer overflow
• Heap spray
• Understanding the shellcode
• Mapping the memory
• Fuzzing
• Countermeasures
CCSE Contents
Module 25: Exploit Writing
• Exploits Overview
• Prerequisites for Writing Exploits and Shellcodes
• Purpose of Exploit Writing
• Types of Exploits
• Tools that aid in writing Shellcode
• Issues Involved With Shellcode Writing
• Addressing problem
• Null byte problem
• System call implementation
CCSE Contents
Module 26 : Reverse Engineering
• Introduction to RE
• Briefing OllyDbg
• Patching
• Cracking
• Keygening
• Countermeasures
Module 27: Firewalls, IDS, Evading IDS
• Introduction
• How to detect Intrusion
• Types of Intrusion
• Configuring IDPS
• Firewall and it’s types
• Evading Firewalls and IDS
CCSE Contents
Module 28 & Module 29: Metasploit Framework using BackTrack
• Introduction to this framework
• Getting hands on commands
• Hacking windows with metasploit
• Hacking Linux with metasploit
• Web Hacking through Metasploit
CCSE Contents
Module 30: Wireless Hacking & Security
• Wireless Protocols
• Wireless Routers-Working
• Attacks on Wireless Routers
• Cracking Wireless routers password(WEP)
• Securing routers from Hackers
• Countermeasures
Module 31: Mobile, VoIP Hacking & Security
• SMS & SMSC Introduction
• SMS forging & countermeasures
• Sending & Tracking fake SMSes
• VoIP Introduction
• Installing VoIP Server & Forging Call using VoIP
CCSE Contents
Module 32: Introduction to Cyber Crime Investigation & IT ACT 2000
• Types of Cyber Crimes
• Reporting Cyber Crimes & Incidence response
• Introduction to IT Act 2000 & its sections
• Flaws in IT ACT,2000
• Investigation Methodologies & Case Studies
• Different Logging Systems.
• Investigating Emails ( Email Tracing)
• Ahmedabad Bomb Blasts Terror Mail case study
• Investigating Phishing Cases
• Investigating Data Theft Cases
• Investigating Facebook Profile Impersonation Cases
• Investigating SMS & Call Spoofing Cases
CCSE Contents
Module 33: Cyber Forensics
• Cyber Forensics
• Understanding Cyber Forensics
• Hands on Cyber Forensics on Hard Disks
• Preparing Cyber Forensics Reports
Module 34 - 35: Project Work 1 , Project Work 2 & Final Exam.
• Training attendees will be getting exposures to live projects like Penetration testing, Creating own vulnerable penetration testing framework , Online Malware Scanners.
• Semi Final & Final Exam ( Online Hacking Challenge)
CCSE Contents
Total Hours: 80 hours
Training Duration : 30 – 45 Days.
Training Centers: Ahmedabad, Delhi , Hyderabad.
For More information Call on 7567867774, 9723373375 , 7567867770
Recommended