Course Overview

Ethical Hacking Summer Crash Course

Description

Week 1:
● Introduction to Ethical Hacking:
Gain an understanding of the fundamentals of ethical hacking and
its importance in modern-day cybersecurity.
● Fields and Job Roles:
Explore the various fields and job roles available in the ethical
hacking industry, such as penetration tester, vulnerability analyst, and
security consultant.
● Cyber Security vs Ethical Hacking:
Understand the differences and similarities between
cybersecurity and ethical hacking, including their goals, tools, and
techniques.
● CIA Triads:
Learn about the CIA triad, a widely recognized security model that
defines the three core principles of information security:
confidentiality, integrity, and availability.
● CTF:
Engage in Capture the Flag (CTF) exercises to put your newly
acquired ethical hacking skills to the test and gain practical
experience.
Week 2:
● Introduction to Linux:
An overview of Linux, an open-source operating system,
including its history, key features, and popularity among developers
and system administrators.
● Linux Installation:
A step-by-step guide on how to install Linux on a computer or
virtual machine, including the different installation options and
prerequisites.
● Directory Structure:
An explanation of the Linux directory structure, which is
hierarchical and organized into a tree-like structure, including the root
directory and subdirectories.
● Basic File Commands:
An introduction to basic file commands in Linux, including
commands for navigating the file system and listing files and
directories.
● CTF on Linux:
A Capture the Flag (CTF) challenge focused on Linux, where
participants are presented with a set of tasks and objectives related
to Linux, such as finding hidden files, cracking passwords, or
manipulating file permissions.
Week 3:
● Root User in Linux:
An explanation of the root user in Linux, including its privileged
status and the importance of understanding its use.
● Groups Introduction:
An introduction to groups in Linux, including how they are used
to manage user access and permissions, and how they can be used
to organize users based on common attributes.
● Creating and Modifying Users:
A guide on how to create and modify users in Linux, including
commands such as “useradd” to create a new user, and “usermod” to
modify existing users.
● Creating and Modifying Groups:
A guide on how to create and modify groups in Linux, including
commands such as “groupadd” to create a new group, and
“groupmod” to modify existing groups.
● Managing Users and Groups Permissions:
An explanation of how to manage user and group permissions
in Linux, including the use of commands such as “chmod” to change
file permissions, and “chown” to change file ownership.
Week 4:
● Introduction to Packages:
An overview of Linux packages, including what they are, how they
are installed and managed, and common package management
tools.
● Installing and Removing Packages:
A guide on how to install and remove packages in Linux using
command-line tools, including examples of common use cases.
● Processes and Daemons:
An explanation of processes and daemons in Linux, including how
they are created, managed, and monitored, and how they relate to
system performance and resource usage.
● Networking Commands in Linux:
An introduction to common networking commands in Linux,
including tools for network configuration, troubleshooting, and
monitoring.
● Logs in Linux:
An overview of system logs in Linux, including the types of logs,
how they are generated, and how they can be analyzed to diagnose
system issues.
Week 5:
● Hacker Methodology:
This topic covers the various stages of a hacker’s methodology,
including reconnaissance, scanning, enumeration, exploitation, privilege
escalation, and maintaining access.
● OSINT:
This topic covers the use of Open-Source Intelligence (OSINT) to
gather information about targets, such as individuals, organizations,
or systems, using publicly available sources.
● Web OSINT:
This topic covers the use of OSINT techniques to gather
information about web targets, such as websites, web applications,
and web services.
● Google Dorking:
This topic covers the use of advanced search operators in Google
to gather information about a target, such as website vulnerabilities,
sensitive information, or leaked credentials.
Week 6:
● Introduction to Password Attacks:
Students will learn about the different types of password attacks
and their importance in cybersecurity.
● Brute-Force Attack Definition, Working and Techniques:
This module covers the basics of Brute-Force Attack, how it
works and techniques used by hackers to crack passwords using this
method.
● Wordlist Attack: Definition, Working and Techniques:
This module covers the basics of Wordlist Attack, how it works
and techniques used by hackers to crack passwords using this
method.
● Cracking Passwords using Different Attack Techniques:
This module covers different attack techniques that hackers use to
crack passwords, such as dictionary attack, rainbow table attack,
hybrid attack, etc.
● CTF on Password Attacks:
Students will participate in a Capture The Flag (CTF)
competition where they will apply their knowledge of password
attacks to solve real-world challenges and scenarios.
Week 7:
● Introduction to Steganography:
This module covers the basics of Steganography, which is the
practice of concealing a message within another message or a
physical object.
● Meta Data:
This section explains what meta data is, how it can be used to
extract information, and how it can be hidden within an image.
● Image Signatures:
This part of the course teaches students how to identify image
signatures, which are unique patterns within the data of an image.
● Using Steganography Techniques to Hide Data:
This module explores the different techniques used in
steganography to conceal data, including hiding data within the pixels
of an image, using encryption, and embedding messages within
audio files.
● CTF:
To put the learned concepts into practice, this module includes
a Capture The Flag (CTF) challenge that allows students to apply
their knowledge of steganography to solve real-world problems.
Week 8:
● Introduction to Layer 2 Attacks:
Understanding the basics of Layer 2 and its vulnerabilities to
different types of attacks.
● Sniffing and Spoofing:
Definition, Techniques and Tools used to perform sniffing and
spoofing attacks on Layer 2.
● MITM Attacks:
Definition, Types and Examples of Man-In-The-Middle (MITM)
Attacks and how they can be executed on Layer 2.
● Performing Layer 2 Attacks:
Understanding the steps involved in carrying out Layer 2
attacks such as ARP Spoofing, MAC Spoofing, etc.
● How to Protect Yourself from these Attacks:
Best Practices and Strategies to prevent and detect Layer 2
attacks, including the use of network monitoring tools, secure
protocols and configurations, and proper employee training.
Week 9:
● Introduction to WiFi Attacks:
This topic introduces the concept of WiFi attacks and their impact
on the security of wireless networks.
● WiFi Password Attacks:
This topic covers various techniques that attackers use to crack
WiFi passwords, such as dictionary attacks, brute force attacks, and
rainbow table attacks.
● Evil Twin Attack:
This topic explains the evil twin attack, which involves creating a
fake WiFi access point that looks legitimate to users and stealing their
sensitive information.
● DOS Attack on WiFi:
This topic covers denial-of-service (DOS) attacks on WiFi
networks, which aim to disrupt the normal functioning of a network by
flooding it with traffic.
● How to Protect Your WiFi from These Attacks:
This topic covers various best practices and countermeasures
that can be used to prevent or mitigate WiFi attacks. Some examples
include using strong passwords, enabling network encryption, and
using intrusion detection systems.
Week 10:
● Introduction to Social Engineering Attacks:
Learn about the various types of social engineering attacks and
how they can be used to exploit human vulnerabilities.
● Performing Phishing Attacks:
Explore the concept of phishing attacks using fake websites and
how attackers can trick users into divulging sensitive information.
● Designing Payloads for Hacking Android, Windows:
In this topic, you will learn how to develop payloads for
Windows,android and linux hacking using viruses. You will
understand the techniques and tools required to design these
payloads.
● Using Social Engineering Attack To Hack Devices:
In this topic, you will learn how to deliver the virus you created to
victim to hack.
Week 11:
● Introduction to web pentesting 101:
Learn the fundamentals of web pentesting and the importance of
security testing for web applications.
● OWASP TOP 10 Day 1:
Get an overview of the top 10 web application security risks
identified by OWASP, and how to identify and mitigate them.
● OWASP TOP 10 Day 2:
Deepen your understanding of the OWASP TOP 10 risks and
learn advanced techniques for detecting and exploiting them.
● Performing different web attacks using Burpsuite, Nikto, Zap:
Gain hands-on experience with popular web application testing
tools and learn how to use them to detect and exploit vulnerabilities.
● CTF:
Test your skills by participating in a Capture the Flag (CTF)
challenge designed to simulate real-world web application security
scenarios.
Week 12:
● Introduction to Python for Pentesters
● Basic Python Day 1:
Understanding the fundamentals of Python programming
language and its features
● Basic Python Day 2:
Deep dive into Python’s libraries, modules, and functions
● Designing Hacking Tools using Python:
Learn how to design and develop custom hacking tools using
Python programming language
● Designing Keyloggers and Viruses using Python:
Develop keyloggers and viruses using Python to gain practical
experience and insights
Week 13:
● Scanning:
Learn the techniques and tools used for identifying hosts, services,
and vulnerabilities on a network.
● Vulnerability Scanning:
Discover how to assess and identify vulnerabilities in your network
and applications using various scanning tools and techniques.
● Exploitation:
Explore how to use the information gathered from network and
vulnerability scanning to exploit and compromise vulnerable systems.
● Reporting:
Develop your skills in documenting and reporting your findings to
help organizations identify and mitigate vulnerabilities.
● CTF:
Participate in Capture The Flag (CTF) competitions to apply and
test your knowledge in a practical, real-world scenario.