Choose another country to see content specific to your location

//Select a site

Certified Ethical Hacker (CEH)

Penetration Testing & Information Security Training Program

ABOUT THE COURSE

This Penetration Testing & Information Security Training Program will empower you with the requisite skills and knowledge in a simplified and easily graspable manner. As a part of the course curriculum, we teach the participants how hackers break into the systems, networks, mobiles, and websites to make them aware of possible loopholes and, therefore, proficient in penetration testing. By doing so, they can create a virtual wall between their data and the hackers. 

This training will enable you to carry out attacking and defensive methodologies, which will help you and your organization protect and assess the safety and vulnerability ratio.

YOUR BENEFITS

At the end of this course, participants will be able to:

  • Understand and perform Information Gathering on Digital Footprints 
  • Understand Email attacks and will be able to protect their email accounts as well as social networking accounts from these attacks  
  • Analyse malwares from a computer system and remove them manually
  • Understand web application attacks and to patch them to produce a secure web application
  • Understand windows memory management and assembly language to perform basic Reverse Engineering
  • Understand Enterprise Network Security Architecture
  • Understand exploitation
  • Understand wireless security
  • Understand security architecture of mobile platforms

Course Content/Outline

  • OS Fundamentals
    • Introduction to Windows OS
    • Introduction to Windows File System
    • Introduction to Windows Command File (Powershell)
    • Introduction to Linux OS
    • Basic commands and file structures
    • Bash Scripting
  • Networking Fundamentals
    • Introduction to Networking
    • IP address, Classes and Subnet
    • OSI & TCP/IP Model
    • Networking Port - Common defaulter ports
    • Protocols
      •  Common Protocols
      • HTTP
      • HTTPS
      • DNS
      • Email Protocols
    • Protocols Analysis using Wireshark
  • Web Fundamentals
    • Introduction to Web Technology
    • Setting up local web server
    • Setting up lamp stack
      • Installing Apache2
      • Installing MYSQL DB
      • Installing PHP
    • Configuring a VWA (Vulnerable Web Application)
  • Foot Printing
    • IP Information
      • ASN Blocks
      • SHODAN
      • CENSYS
      • GREYNOISE
    • Google Hacking
      • GHDB
      • Google Advance Search
      • Google Alerts
    • SSL Certificate
      •  CRT.SH
      • Google CT
    • User Information Gathering (OSINT)
      • OSINT
      • SPIDERFOOT
  • Enumeration
    • Domain name Enumeration
      • Subdomain Finder
    • DNS Enumeration
    • Port Scanning using Map
      • NMAP Basic Scanning
      • NMAP Script Scanning
      • NMAP Output Files
      • NMAP Vulnerability Scanning
    • Vulnerability Scanning
      • NESSUS
  • System Hacking
    • Hacking Windows 7
      • Vulnerability Scanning
      • Hacking using eternal blue exploit
      • Hacking using malware.exe
    • Hacking WIN 10
      • Vulnerability Scanning
      • Exploiting Vulnerable Application
      • Hacking using malware
      • Hacking using MAL Doc file
    • MSF Framework
    • Powershell Empire
  • Privilege Escalation
    • Privilege escalation from standard user to administrator
  • OWASP Top 10 (2021)
    • Broken Access Control
    • Cryptographic Failures
    • Injection
    • Insecure Design
    • Security Misconfiguration
    • Vulnerable and Outdated components
    • Identification and Authentication Failures
    • Software and Data Integrity Failures
    • Security Logging and Monitoring Failures
    • Server-side Request Frogery
  • Web Application Attack
    • SQL Injection
      •  Writing a custom web application (vuln)
      • Exploiting the vulnerability
    • XSS (cross site scripting)
      • Writing a custom web application (vuln)
      • Exploiting the vulnerability
  • Holding Public Exploits
    • Exploiting OMI GOD vulnerability
    • Exploiting Zero Logo Vulnerability
  • Password Cracking
    • LLMNR poisoning to get the Hash (windows)
    • Hash cracking
    • Web application
      • Fetch user data
      • Cracking password

Who should attend?

This course can be attended by security officers, auditors, security professionals, website administrators, anyone who is concerned about the security of their network infrastructure and everyone who want to have a promising career in cyber security.

TRAINING DURATION

1.5 days

Pre-requisites

Basic understanding of computer and networking

Exam Details

Duration: 90 mins MCQ/LAB 

Certification

Candidates who score minimum or above 70% in the online examination will be certified as Ethical Hacker.
Unsuccessful candidates will be issued a certificate of attendance.

Next Steps

Site Selector