View
217
Download
0
Category
Preview:
Citation preview
7/28/2019 Summer Training Program 2013
1/24
Summer Training Program 2013
CCSE V2.0
Certified Cyber Security Expert Version 2.0
7/28/2019 Summer Training Program 2013
2/24
TechD Facts
Incorporated in November 2009
Established 5 Branch offices in India & 2 International Branches in 2 years
Trained more than 25000 students, conducted 280 Workshops Including all IITs, NITs& Many colleges across India.
Trained Professional from many reputed companies like Yahoo!,Google,ISACA,k7
Antivirus, Elitecore , Indian Oil, Temenos, ZOHO, HCL,TCS Infosys.
Trained Investigation agencies of Gujarat, Maharashtra, Rajasthan, Tamilnadu, West
Bengal.
7/28/2019 Summer Training Program 2013
3/24
TechD Facts
Trained & Certified 2000 Students & Professionals for CCSE ( Certified Cyber SecurityExpert) Course.
Helped Top Investigating Agencies to Solve Ahmedabad & Mumbai blasts Cybertrails.
Associated for an out reach program with the Major Technical festivals of IIT Bombay,Kanpur, NIT Bhopal, NIT Calicut, Jadavpur University Kolkata, and BITS Pilani Goa forgiving authorized certification.
Major VAPT Clients includes Sulekha.com, Cyberoam.
Supported by Ministry of Home Affairs, Malaysia & CMO, Gujarat.
Developed our own Crypters, Trojans, RATS for demonstrations.
7/28/2019 Summer Training Program 2013
4/24
TechD Facts
Sunny Vaghela (Director & CTO) is recipient of Rajiv Gandhi YoungAchievers Award.
TechDefence has been awarded as Best Ethical Hacking & InformationSecurity Company by NBC on 1stMay12 at Trident Hotel , Mumbai.
7/28/2019 Summer Training Program 2013
5/24
TechD Facts
TechDefence has also been awarded as Best Ethical Hacking & InformationSecurity Company of Western India by BIG Research & IBN 7.
Nominated for World Education Awards into category of Private Sector Initiativefor use of innovative Technology for skilled education
7/28/2019 Summer Training Program 2013
6/24
CCSE Contents
Module 1 : Cyber Ethics - Hackers & hacking methodologies
Types of hackers
Communities of Hackers
Malicious Hacker Strategies
Steps to conduct Ethical Hacking
Hiding your identity while performing attacks
Module 2: Basic Network Terminologies
TCP / IP protocols
IP addresses
Classes of IP addresses NAT
Proxies and VPNs
SSH and putty
7/28/2019 Summer Training Program 2013
7/24
CCSE Contents
Module 3: Information Gathering & Footprinting
Whois information
Active / Passive information gathering
Information gathering using
Foot printing methodologies
Tools that aid in foot printing
Savitabhabhi.com case studies
Module 4: Scanning & Enumeration
Why scanning?
Types of scanning Tools to aid in scanning
Nmap - The Godfather
Banner grabbing
7/28/2019 Summer Training Program 2013
8/24
CCSE Contents
Module 5: Trojans, Backdoors
How to control victims computer using Trojans
Binding Trojans with another file
Undetection process of Trojans from Antivirus
Removal of Trojans from your computer
Analysis of Trojans/Virus
Module 6: Virus & Worms
Introduction to viruses
How they work?
Methods use to hide themselves and replicate themselves Introduction to worms
Causes of worms
Method used to replicate themselves
Role of antivirus product and goat file
7/28/2019 Summer Training Program 2013
9/24
CCSE Contents
Module 7: Phishing & its Prevention
Making phishing pages
How to detect phishing pages
Detecting Phishing Crimes
Module 8: System Hacking & Security
Password cracking
Privilege escalation
Tools to aid in system hacking Understanding rootkits
Clearing traces
Countermeasures
7/28/2019 Summer Training Program 2013
10/24
CCSE Contents
Module 9: Social engineering & Honeypots
Introduction
Laws of social engineering
Types of social engineering
Honeypots introduction
Types of honeypots
Setting up windows / Linux honeypot
Module 10: Bot,Bots & DOS(Denial of Service)
Introduction to bots Introduction to botnets and zombies
Botnet lifecycle
IRC bots
Customize your own bot
7/28/2019 Summer Training Program 2013
11/24
CCSE Contents
Module 11: Cryptography
Public-key Cryptography
Working of Encryption
Digital Signature
RSA & Example of RSA Algorithm
RC4, RC5, RC6, Blowfish
Algorithms and Security
Tools that aid in Cryptography
Module 12: Google Hacking
Understanding how Google works Google basic operators
Google advanced operators
Automated Google tools
How to use Google to find the desired website
How Google can aid in searching vulnerable website
7/28/2019 Summer Training Program 2013
12/24
CCSE Contents
Module 13: SQL Injection 1
Web Application Overview
Web Application Attacks
OWASP Top 10 Vulnerabilities
Putting Trojans on websites SQL injection attacks
Executing Operating System Commands
Getting Output of SQL Query
Getting Data from the Database Using ODBC Error Message
How to Mine all Column Names of a Table
How to Retrieve any Data
How to Update/Insert Data into Database
SQL Injection in Oracle
SQL Injection in MySql Database, 20 Hands on Demonstrations on real websites
7/28/2019 Summer Training Program 2013
13/24
CCSE Contents
Module 14: SQL Injection 2
Attacking Against SQL Servers
SQL Server Resolution Service (SSRS)
SQL Injection Automated Tools
MSSQL Injection
Blind SQL Injection
Preventing SQL Injection Attacks
Module 15: XSS Cross Site Scripting
Introduction to XSS & Types of XSS
XSS worm and XSS shell
Cookie grabbing
Countermeasures
7/28/2019 Summer Training Program 2013
14/24
CCSE Contents
Module 16: Secure Coding Practices
Why secure coding?
Secure coding standards
Secure coding methods
Dissecting the source code
Module 17: Information Disclosure Vulnerabilities
Introduction
Setting up the correct chmod Protecting the sensitive server files
Preventing the data loss
7/28/2019 Summer Training Program 2013
15/24
CCSE Contents
Module 18: Session Hijacking
Introduction
Types of session hijacking
Tools that aid in session hijacking
Countermeasures
Module 19:Hacking Web Servers
Understanding IIS and apache
How to use PHP and ASP backdoors What are local root exploits?
Implementing web server security
Patch management
7/28/2019 Summer Training Program 2013
16/24
CCSE Contents
Module 20: Vulnerability Assessment & Penetration Testing
Introduction to VAPT
Categories of security assessments
Vulnerability Assessment
Limitations of Vulnerability Assessment
Penetration Testing
Types of Penetration Testing
Do-It-Yourself Testing
Outsourcing Penetration Testing Services
Terms of Engagement Project Scope & Pentest Service Level Agreements
Testing points & Locations
Automated & Manual Testing
7/28/2019 Summer Training Program 2013
17/24
CCSE Contents
Module 21: Assembly Language Basics
Difference Assembly Language Vs High-level Language
Assembly Language Compilers
Understanding Instruction operands, Directive & preprocessor
Interrupts , Interrupt handler, External interrupts and Internal interrupts Handlers
Assembling the & Compiling the C code
Linking the object files & Understanding an assembly listing file
Big and Little Endian Representation, Skeleton File
Working with Integers, Signed integers & Signed Magnitude
Understanding Twos Compliment, If statements, Do while loops Indirect addressing, Subprogram
Understanding The Stack, SS segment& ESP
The Stack UsageThe CALL and RET Instructions
7/28/2019 Summer Training Program 2013
18/24
CCSE Contents
Module 22 & Module 23: Buffer Overflows 1-2
Introduction
How BOF works
Stack based buffer overflow
Heap based buffer overflow
Heap spray
Understanding the shellcode
Mapping the memory
Fuzzing
Countermeasures
7/28/2019 Summer Training Program 2013
19/24
CCSE Contents
Module 24: Exploit Writing
Exploits Overview
Prerequisites for Writing Exploits and Shellcodes
Purpose of Exploit Writing
Types of Exploits
Tools that aid in writing Shellcode
Issues Involved With Shellcode Writing
Addressing problem
Null byte problem
System call implementation
7/28/2019 Summer Training Program 2013
20/24
CCSE Contents
Module 25: Reverse Engineering
Introduction to RE
Briefing OllyDbg
Patching
Cracking
Keygening Countermeasures
Module 26: Firewalls, IDS, Evading IDS
Introduction
How to detect Intrusion
Types of Intrusion
Configuring IDPS
Firewall and it s types
Evading Firewalls and IDS
7/28/2019 Summer Training Program 2013
21/24
CCSE Contents
Module 27: Wireless Hacking & Security Wireless Protocols
Wireless Routers-Working
Attacks on Wireless Routers
Cracking Wireless routers password(WEP)
Securing routers from Hackers
Countermeasures
Module 28: Mobile, VoIP Hacking & Security
SMS & SMSC Introduction
SMS forging & countermeasures Sending & Tracking fake SMSes
VoIP Introduction
Installing VoIP Server & Forging Call using VoIP
7/28/2019 Summer Training Program 2013
22/24
CCSE Contents
Module 29: Introduction to Cyber Crime Investigation & IT ACT 2000
Types of Cyber Crimes
Reporting Cyber Crimes & Incidence response
Introduction to IT Act 2000 & its sections
Flaws in IT ACT,2000
Investigation Methodologies & Case Studies
Different Logging Systems.
Investigating Emails ( Email Tracing)
Ahmedabad Bomb Blasts Terror Mail case study
Investigating Phishing Cases Investigating Data Theft Cases
Investigating Orkut Profile Impersonation Cases
Investigating SMS & Call Spoofing Cases
7/28/2019 Summer Training Program 2013
23/24
CCSE Contents
Module 30: Cyber Forensics
Cyber Forensics
Understanding Cyber Forensics
Hands on Cyber Forensics on Hard Disks
Preparing Cyber Forensics Reports
Module 31:Enterprise Information Security Management
Establishment of ISMS
Implementation ,Monitoring ,Review & Maintenance of ISMS Resource Management & Management Responsabilits.
Internal Audits
Selection of Appropriate Controls
Corrective & Preventive Actions
7/28/2019 Summer Training Program 2013
24/24
CCSE Contents
Module 32 - 35: Project Work 1 , Project Work 2 & Final Exam.
Training attendees will be getting exposures to live projects like Penetration testing,
Creating own vulnerable penetration testing framework , Online Malware Scanners.
Semi Final & Final Exam ( Online Hacking Challenge)
Total Hours: 80 hours
Training Duration : 30 45 Days.
Training Centers: Ahmedabad, Delhi , Hyderabad, Navsari
Recommended