Career Path1034 Ratings

A Ethical hacker is skilled professional who is capable for looking on weakness and vulnerabilities in an organization systems and resources. They use various tools and perform various kinds of  tests on softwares and in Network. Their roles also Include finding server vulnerabilities on web servers , file sharing servers etc.

 Here are some famous Ethical hacker Certifications :-

  1. CEH (Certified Ethical Hacker)
  2. Global Information Assurance Certification Penetration Tester
  3. Offensive Security Certified Professional

 

Who can choose this career

Professional, Student, Researcher and anyone who wants to build career in Security Domain

Requirements

Must have Good knowledge in Linux and Windows Server.

Must have knowledge in Networking and Firewalls.

Learning Path

Course 1

CISSP Certification

Course curriculum

Module 1: Test-Taking Tips and Study Techniques

  • 1.1  Preparation for the CISSP Exam
  • 1.2  Submitting Required Paperwork
  • 1.3  Resources and Study Aids
  • 1.4  Passing the Exam the First Time

Module 2: Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity)

  • 2.1  Confidentiality
  • 2.2   Integrity
  • 2.3   and Availability Concepts
  • 2.4  Security Governance Principles
  • 2.5  Compliance
  • 2.6  Legal and Regulatory Issues
  • 2.7  Professional Ethic
  • 2.8  Security Policies
  • 2.9   Standards
  • 2.10   Procedures and Guidelines

Module 3: Asset Security (Protecting Security of Assets)

  • 3.1  Information and Asset Classification
  • 3.2  Ownership (e.g. Data Owners
  • 3.3   System Owners)
  • 3.4  Protect Privacy
  • 3.5  Appropriate Retention
  • 3.6  Data security Controls
  • 3.7  Handling Requirements (e.g. Markings
  • 3.8   Labels
  • 3.9   Storage)

Module 4: Security Engineering (Engineering and Management of Security)

  • 4.1  Engineering processes using secure design principles
  • 4.2  Security models fundamental concepts
  • 4.3  Security evaluation models
  • 4.4  Security capabilities of information systems
  • 4.5  Security architectures
  • 4.6   designs
  • 4.7   and solution elements vulnerabilities
  • 4.8  Web-based systems vulnerabilities
  • 4.9  Mobile systems vulnerabilities
  • 4.10  Embedded devices and cyber-physical systems vulnerabilities
  • 4.11  Cryptography
  • 4.12  Site and facility design secure principles
  • 4.13  Physical security

Module 5: Communication and Network Security (Designing and Protecting Network Security)

  • 5.1  Secure network architecture design (e.g. IP & non-IP protocols
  • 5.2   segmentation)
  • 5.3  Secure network components
  • 5.4  Secure communication channels
  • 5.5  Network attacks

Module 6: Identity and Access Management (Controlling Access and Managing Identity)

  • 6.1  Physical and logical assets control
  • 6.2  Identification and authentication of people and devices
  • 6.3  Identity as a service (e.g. cloud identity)
  • 6.4  Third-party identity services
  • 6.5  Access control attacks
  • 6.6  Identity and access provisioning lifecycle

Module 7: Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

  • 7.1  Assessment and test strategies
  • 7.2  Security process data (e.g. management and operational controls)
  • 7.3  Security control testing
  • 7.4  Test outputs (e.g. automated
  • 7.5   manual)
  • 7.6  Security architectures vulnerabilities

Module 8: Security Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recove

  • 8.1  Investigations support and requirements
  • 8.2  Logging and monitoring activities
  • 8.3  Provisioning of resources
  • 8.4  Foundational security operations concepts
  • 8.5  Resource protection techniques
  • 8.6  Incident management
  • 8.7  Preventative measures
  • 8.8  Patch and vulnerability management
  • 8.9  Change management processes
  • 8.10  Recovery strategies
  • 8.11  Disaster recovery processes and plans
  • 8.12  Business continuity planning and exercises
  • 8.13  Physical security
  • 8.14  Personnel safety concerns

Module 9: Software Development Security (Understanding, Applying, and Enforcing Software Security)

  • 9.1  Security in the software development lifecycle
  • 9.2  Development environment security controls
  • 9.3  Software security effectiveness
  • 9.4  Acquired software security impact
Course 2

Ethical Hacking and Penetration Testing with Kali Linux Certification

Course curriculum

Module 1: Introduction to Ethical Hacking

  • 1.1  Hacking Terminologies
  • 1.2  About Ethical Hacking
  • 1.3  Vulnerability assessment & Penetration Testing
  • 1.4  Laws and Standards

Module 2: Installation of Kali linux

  • 2.1  kali linux Installation Process

Module 3: Password Cracking practicals

  • 3.1  Create your own Dictionary
  • 3.2  FTP password hacking
  • 3.3  Protocol Password Cracking
  • 3.4  Crack Hashes

Module 4: Scanning Networks

  • 4.1  Introduction to Scanning Networks
  • 4.2  Port Scanning process
  • 4.3  NMAP (Port Scanner)
  • 4.4  Nessus Vulnerability Scanner
  • 4.5  Proxy Chaining and Softwares
  • 4.6  NMAP Practical
  • 4.7  Colasoft Builder and Advance ip scanner practical
  • 4.8  Proxy Practical
  • 4.9  Nessus Installation Practical

Module 5: Enumeration

  • 5.1  Introduction to enumeration
  • 5.2  Various enumeration techniques
  • 5.3  Enumeration Tools and Techniques

Module 6: System hacking and Malware Threats

  • 6.1  Ophcrack and Quickstego Practical
  • 6.2  Buffer Overflow Practical with metasploit
  • 6.3  Crunch Command
  • 6.4  Introduction to System Hacking
  • 6.5  SAM file in windows
  • 6.6  Privilege Escalation and Keyloggers
  • 6.7  Spywares and Steganography Techniques
  • 6.8  Log Tempering

Module 7: Sniffing

  • 7.1  Find Mac Address using arp
  • 7.2  Mac Changer

Module 8: Dos Attack ( Denial Of Service Attack)

  • 8.1  Introduction to Denial Of Service
  • 8.2  DOS attack mitigation Techniques
  • 8.3  Techniques to Flood a network
  • 8.4  Type of dos attack and dos tools
  • 8.5  DosHTTP Practical
  • 8.6  Hping Practical

Module 9: Vulnerability Analysis

  • 9.1  System Vulnerability Scanner
  • 9.2  Audit A system
  • 9.3  Vulnerability Scanner
  • 9.4  Port Scanning and Banner Grabbing

Module 10: Hacking Web Applications

  • 10.1  Introduction to Web Hacking
  • 10.2  Methods to web hacking
  • 10.3  SQL Injection and XSS attack
  • 10.4  Web Application Pentesting Tools
  • 10.5  Burpsuite Installation
  • 10.6  Web Pentesting using Burpsuite
  • 10.7  Web application security scanner
  • 10.8  Wordpress website security scanner

Module 11: SQL Injection

  • 11.1  Introduction to SQL Injection
  • 11.2  SQL injection technique without tools
  • 11.3  Sqlmap Tool in Kali linux
  • 11.4  Acunetix Web Vulnerability Scanner Practical
  • 11.5  Pentest a website using sqlmap

Module 12: Social Engineering

  • 12.1  Introduction to Social Engineering
  • 12.2  Types of Social Engineering
  • 12.3  Top Methodologies of Social Engineering

Module 13: Database Assessment

  • 13.1  Sql injection using jsql in kali linux
  • 13.2  About SQL Database
  • 13.3  Sql injection using sqlsus tool

Learning Path

Course 1

CISSP Certification

Course curriculum

Module 1: Test-Taking Tips and Study Techniques

  • 1.1  Preparation for the CISSP Exam
  • 1.2  Submitting Required Paperwork
  • 1.3  Resources and Study Aids
  • 1.4  Passing the Exam the First Time

Module 2: Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity)

  • 2.1  Confidentiality
  • 2.2   Integrity
  • 2.3   and Availability Concepts
  • 2.4  Security Governance Principles
  • 2.5  Compliance
  • 2.6  Legal and Regulatory Issues
  • 2.7  Professional Ethic
  • 2.8  Security Policies
  • 2.9   Standards
  • 2.10   Procedures and Guidelines

Module 3: Asset Security (Protecting Security of Assets)

  • 3.1  Information and Asset Classification
  • 3.2  Ownership (e.g. Data Owners
  • 3.3   System Owners)
  • 3.4  Protect Privacy
  • 3.5  Appropriate Retention
  • 3.6  Data security Controls
  • 3.7  Handling Requirements (e.g. Markings
  • 3.8   Labels
  • 3.9   Storage)

Module 4: Security Engineering (Engineering and Management of Security)

  • 4.1  Engineering processes using secure design principles
  • 4.2  Security models fundamental concepts
  • 4.3  Security evaluation models
  • 4.4  Security capabilities of information systems
  • 4.5  Security architectures
  • 4.6   designs
  • 4.7   and solution elements vulnerabilities
  • 4.8  Web-based systems vulnerabilities
  • 4.9  Mobile systems vulnerabilities
  • 4.10  Embedded devices and cyber-physical systems vulnerabilities
  • 4.11  Cryptography
  • 4.12  Site and facility design secure principles
  • 4.13  Physical security

Module 5: Communication and Network Security (Designing and Protecting Network Security)

  • 5.1  Secure network architecture design (e.g. IP & non-IP protocols
  • 5.2   segmentation)
  • 5.3  Secure network components
  • 5.4  Secure communication channels
  • 5.5  Network attacks

Module 6: Identity and Access Management (Controlling Access and Managing Identity)

  • 6.1  Physical and logical assets control
  • 6.2  Identification and authentication of people and devices
  • 6.3  Identity as a service (e.g. cloud identity)
  • 6.4  Third-party identity services
  • 6.5  Access control attacks
  • 6.6  Identity and access provisioning lifecycle

Module 7: Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

  • 7.1  Assessment and test strategies
  • 7.2  Security process data (e.g. management and operational controls)
  • 7.3  Security control testing
  • 7.4  Test outputs (e.g. automated
  • 7.5   manual)
  • 7.6  Security architectures vulnerabilities

Module 8: Security Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recove

  • 8.1  Investigations support and requirements
  • 8.2  Logging and monitoring activities
  • 8.3  Provisioning of resources
  • 8.4  Foundational security operations concepts
  • 8.5  Resource protection techniques
  • 8.6  Incident management
  • 8.7  Preventative measures
  • 8.8  Patch and vulnerability management
  • 8.9  Change management processes
  • 8.10  Recovery strategies
  • 8.11  Disaster recovery processes and plans
  • 8.12  Business continuity planning and exercises
  • 8.13  Physical security
  • 8.14  Personnel safety concerns

Module 9: Software Development Security (Understanding, Applying, and Enforcing Software Security)

  • 9.1  Security in the software development lifecycle
  • 9.2  Development environment security controls
  • 9.3  Software security effectiveness
  • 9.4  Acquired software security impact
Course 2

Ethical Hacking and Penetration Testing with Kali Linux Certification

Course curriculum

Module 1: Introduction to Ethical Hacking

  • 1.1  Hacking Terminologies
  • 1.2  About Ethical Hacking
  • 1.3  Vulnerability assessment & Penetration Testing
  • 1.4  Laws and Standards

Module 2: Installation of Kali linux

  • 2.1  kali linux Installation Process

Module 3: Password Cracking practicals

  • 3.1  Create your own Dictionary
  • 3.2  FTP password hacking
  • 3.3  Protocol Password Cracking
  • 3.4  Crack Hashes

Module 4: Scanning Networks

  • 4.1  Introduction to Scanning Networks
  • 4.2  Port Scanning process
  • 4.3  NMAP (Port Scanner)
  • 4.4  Nessus Vulnerability Scanner
  • 4.5  Proxy Chaining and Softwares
  • 4.6  NMAP Practical
  • 4.7  Colasoft Builder and Advance ip scanner practical
  • 4.8  Proxy Practical
  • 4.9  Nessus Installation Practical

Module 5: Enumeration

  • 5.1  Introduction to enumeration
  • 5.2  Various enumeration techniques
  • 5.3  Enumeration Tools and Techniques

Module 6: System hacking and Malware Threats

  • 6.1  Ophcrack and Quickstego Practical
  • 6.2  Buffer Overflow Practical with metasploit
  • 6.3  Crunch Command
  • 6.4  Introduction to System Hacking
  • 6.5  SAM file in windows
  • 6.6  Privilege Escalation and Keyloggers
  • 6.7  Spywares and Steganography Techniques
  • 6.8  Log Tempering

Module 7: Sniffing

  • 7.1  Find Mac Address using arp
  • 7.2  Mac Changer

Module 8: Dos Attack ( Denial Of Service Attack)

  • 8.1  Introduction to Denial Of Service
  • 8.2  DOS attack mitigation Techniques
  • 8.3  Techniques to Flood a network
  • 8.4  Type of dos attack and dos tools
  • 8.5  DosHTTP Practical
  • 8.6  Hping Practical

Module 9: Vulnerability Analysis

  • 9.1  System Vulnerability Scanner
  • 9.2  Audit A system
  • 9.3  Vulnerability Scanner
  • 9.4  Port Scanning and Banner Grabbing

Module 10: Hacking Web Applications

  • 10.1  Introduction to Web Hacking
  • 10.2  Methods to web hacking
  • 10.3  SQL Injection and XSS attack
  • 10.4  Web Application Pentesting Tools
  • 10.5  Burpsuite Installation
  • 10.6  Web Pentesting using Burpsuite
  • 10.7  Web application security scanner
  • 10.8  Wordpress website security scanner

Module 11: SQL Injection

  • 11.1  Introduction to SQL Injection
  • 11.2  SQL injection technique without tools
  • 11.3  Sqlmap Tool in Kali linux
  • 11.4  Acunetix Web Vulnerability Scanner Practical
  • 11.5  Pentest a website using sqlmap

Module 12: Social Engineering

  • 12.1  Introduction to Social Engineering
  • 12.2  Types of Social Engineering
  • 12.3  Top Methodologies of Social Engineering

Module 13: Database Assessment

  • 13.1  Sql injection using jsql in kali linux
  • 13.2  About SQL Database
  • 13.3  Sql injection using sqlsus tool