• Identify, describe, and enumerate the vulnerabilities of different servers.
• Key issues plaguing the information security world, incident management process, and penetration testing
• Various types of foot printing, foot printing tools, and countermeasures
• Network scanning techniques and scanning countermeasures
• Enumeration techniques and enumeration countermeasures
• System hacking methodology, steganography, steganography attacks, and covering tracks
• Different types of Trojans, Trojan analysis, and Trojan countermeasures
• Working of viruses, virus analysis, computer worms, malware analysis procedure, and countermeasures
• Packet sniffing techniques and how to defend against sniffing
• Social Engineering techniques, identify theft, and social engineering countermeasures
• DoS/DDoS attack techniques, botnets, DDoS attack tools, and DoS/DDoS countermeasures Session hijacking techniques and countermeasures
• Different types of webserver attacks, attack methodology, and countermeasures
• Different types of web application attacks, web application hacking methodology, and countermeasures
• SQL injection attacks and injection detection tools
• Wireless Encryption, wireless hacking methodology, wireless hacking tools, and wi-fi security tools
• Mobile platform attack vector, android vulnerabilities, jailbreaking iOS, mobile vulnerabilities, mobile security guidelines, and tools
• Firewall, IDS and honeypot evasion techniques, evasion tools, and countermeasures
• Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools
• Various types of penetration testing, security audit, vulnerability assessment, and penetration testing roadmap

This course is created to impart knowledge and skills related to security fundamentals, network access, information security, web application security and malware. This course will help candidates prepare to tackle real world Certified Ethical Hacking incidents. The following topics are general guidelines to better reflect the contents of the course and for clarity purposes, the guidelines below may change at any time without notice.

• Introduction to Ethical Hacking

1. 1. Understand and build the hacker mindset, infrastructure security, policies and standards and other case studies to recognize the importance of Cyber Security in today’s world and understand concepts such as:
   2. Cyber Kill Chain
   3. MITRE attack framework
   4. Diamond model of intrusion
   5. Analysis techniques for establishing persistence
   6. Evading NAC & endpoint security
   7. Fog computing
   8. Edge computing 
   9. Grid computing
   10. Hacking Concepts
   11. Ethics
   12. Information Security Controls
   13. Information Laws and Standards

• Foot printing & Reconnaissance

1. 1. Understand how an attacker gathers information to plan out an attack in a step-by-step instruction with various case studies, how to mitigate such attacks and understand concepts such as:
   2. What is Foot printing?
   3. Advanced Google Search Techniques & Google Dorks
   4. Top Level Domains and Sub Domains of an Organization
   5. Locating a target
   6. Searching People on Social Media Websites.
   7. Harvesting Emails
   8. Dark Web Surfing
   9. Shodan Search Engine
   10. Competitive Intelligence
   11. Website Foot printing
   12. Web Spiders
   13. Tracking Email Communications
   14. DNS Lookup
   15. Tracerouting
   16. Eavesdropping, Shoulder Surfing, Impersonation and Dumpster Diving

• Network Scanning

1. 1. Gather information about the network and other infrastructure details to find a way inside a network and understand concepts such as:
   2. Network Architecture of an organization
   3. TCP Communication
   4. TCP Communication Flags
   5. Network Scanning

• Enumeration

1. 1. List out potential entry points in a system and how to mitigate such attacks and understand concepts such as:
   2. What is Enumeration?
   3. Enumeration Techniques

• Vulnerability Assessment

1. 1. Assess and determine weaknesses in a system or a network and understand concepts such as:
   2. What is Vulnerability Assessment?
   3. Vulnerability Lifecycle-Management
   4. Vulnerability Databases and scoring systems
   5. Common terminologies related to vulnerabilities.
   6. Phases of Vulnerability Assessment
   7. Vulnerability Reporting
   8. Bug Bounty Hunting

• System Hacking

Understand what needs to be done in order to successfully get access to the system and gradually own the infrastructure and how to mitigate such attacks and understand concepts such as:

1. 1. Exploitation
   2. Payloads
   3. Auxiliary
   4. NOPS
   5. Shellcode
   6. Backdoors
   7. Clearing Evidence
   8. Memory Allocation of programs
   9. CPU Architecture and registers
   10. Memory Buffers and Stacks
   11. Stack based Buffer Overflow
   12. Goals of Hacking

• Malware Threats

Understand the different types of malwares in-depth and analyze the behaviors and characteristics of different malware. Understand incident response and disaster management with case studies and understand concepts such as:

1. 1. Malware and Propagation Techniques
   2. Advanced Persistent Threats and its lifecycle
   3. Trojans, their types and how to use them.
   4. Viruses, their types and which one to use in what scenario
   5. Worms
   6. Fileless Malware
   7. Countermeasure Tools

• Sniffing

Learn information about a network and capture data by using various tools and techniques and how to mitigate such attacks and understand concepts such as:

1. 1. Sniffing Concepts along with vulnerable protocols
   2. Hardware Protocol Analyzers
   3. Various Sniffing techniques such as MAC Attacks, DHCP Attacks, ARP Poisoning, Spoofing, DNS Poisoning etc. along with countermeasures

• Social Engineering

Learn how modern-day hackers use Social Engineering to perform various client-side attacks with different case studies and demonstration and how to mitigate such attacks. and understand concepts such as:

1. 1. Social Engineering Concepts
   2. Human, Computer and mobile based techniques
   3. Impersonation
   4. Insider Threats
   5. Identity Theft and its various forms
   6. Countermeasures

• Denial of Service

Understand how various hacker groups and cyber crime organizations work together to bring down even the most sophisticated networks and systems to their knees and how to mitigate such attacks and understand concepts such as:

1. 1. DoS & DDoS attacks
   2. Various types of DoS/DDoS attacks
   3. Concepts of Botnets along with the Botnet Ecosystem
   4. DDoS Case Studies
   5. Mitigation

• Session Hijacking

Capture different types of user and application data to hijack online accounts and how to mitigate such attacks and understand concepts such as:

1. 1. Session Hijacking and its different types
   2. Application level and Network Level Session Hijacking
   3. Detect, Protect and Defend against Session Hijacking attacks using different tools

• Evading IDS, Firewalls and Honeypots

1. 1. Understand the working, placement, difference and usage of firewalls, IDS/IPS and Honeypots and what works best in different use case scenarios, how to bypass them as an attacker and how to mitigate such attacks and techniques and understand concepts such as:
   2. Firewall Concept and Solutions
   3. IDS/IPS Concept and Solutions
   4. Various techniques to bypass Firewalls and IDS/IPS
   5. How to detect and defeat Honeypots

• Hacking Webservers

Conceptualize how to attack different types of webs servers and how to mitigate such attacks and techniques and understand concepts such as:

1. 1. Web Server Concepts
   2. Various Web Server attack vectors in detail
   3. Web Server Attack methods including information gathering, web server foot printing, website mirroring, vulnerability assessment, session hijacking, web server password hacking
   4. Various web server hacking tools
   5. Countermeasures
   6. Patch Management Concepts

• Hacking Web Applications

Understand the OWASP Top 10 attacks and how attackers use them to infiltrate in web applications and compromise user data and how to mitigate such attacks and techniques and understand concepts such as:

1. 1. Web Application Concepts
   2. Various Web Application Attacks (OWASP Top 10)
   3. Foot printing Web App infrastructure
   4. Bypassing Client-Side Controls
   5. Attack Authentication mechanisms
   6. Web APIs
   7. Webhooks and web shells
   8. Countermeasures

• SQL Injection

Understand how SQL databases work, vulnerabilities and exploitation techniques to extract all the data and how to mitigate such attacks and understand concepts such as:

1. 1. What is a Database?
   2. How Database works
   3. Why is SQL?
   4. What is SQL Injection?
   5. Basic SQL Injection concepts
   6. SQL Injection Vulnerability and Types
   7. Manual SQL Injection
   8. Automated SQL Injection
   9. Countermeasures

• Hacking Wireless Networks

Understand Wireless Networks, Encryption Algorithms used, Communication, vulnerabilities and various attack techniques used in the real world with case studies and how to mitigate such attacks and understand concepts such as:

1. 1. Wireless Network Concepts and different types of wireless encryption algorithms
   2. Various Wireless threats
   3. Wireless hacking methods including Wi-Fi discovery, GPS Mapping, Wireless Traffic Analysis, launching wireless attacks and cracking Wi-Fi Encryption
   4. Various Wireless hacking tools
   5. Bluetooth Attacks and tools
   6. Countermeasures

• Hacking Mobile Platforms

Understand how Android Applications work with an attack scenario and how to mitigate such attacks and understand concepts such as:

1. 1. Various mobile platform attack vectors and attacks
   2. Various techniques and tools for android phone hacking
   3. iOS Jailbreaking tools
   4. Malware used for iOS Hacking
   5. Mobile Device Management concepts
   6. Countermeasures

• IoT & OT Hacking

Understand how Internet of Things work, Protocols used, vulnerabilities, exploitation techniques and mitigation techniques. Also understand Operational Technology for Industrial Control Systems (SCADA systems) and how they are compromised with recent case studies and understand concepts such as:

1. 1. IoT Concepts along with different types of IoT Communication models
   2. Various threats and attacks to IoT networks and devices
   3. IoT hacking methods and tools for information gathering, vulnerability assessment, gain remote access, DoS Attacks, maintaining access etc.
   4. Countermeasures
   5. OT Concepts with threats and attacks
   6. OT Hacking tools and techniques
   7. Countermeasures

• Cloud Computing

Understand Virtualization, Containerization, Cloud Computing and the latest emerging threats to systems and how to attackers exploit cloud services and how to mitigate such attacks and understand concepts such as:

1. 1. Cloud Computing and its services
   2. Serverless Computing
   3. Threats and Attacks
   4. Cloud Service Hacking Techniques
   5. Countermeasures and Security Responsibility

• Cryptography

Understand CIA Triad, Encryption Algorithms, Hashing, Origin-Authenticity, Digital Signatures and Public Key Infrastructure with demonstration and how it can be used to secure networks, data and users and understand concepts such as:

1. 1. Basic cryptography concepts used to protect confidential data along with different types of cryptography
   2. Ciphers and different encryption algorithms used to encrypt or decrypt the data
   3. Various cryptography tools
   4. Email Encryption and tools
   5. Disk Encryption
   6. Types of cryptanalysis methods
   7. Steganography and Malware Obfuscation
   8. Hashing Concepts
   9. Digital Signatures
   10. Public Key Infrastructure
   11. Countermeasures against cryptographic attacks

Followings labs will be performed by candidates during lab practice sessions:

Lab 1: Foot printing & Reconnaissance:

• Task 1 : Email Foot printing & Reconnaissance using OSINT Tools (Self-Study Tasks)
• Task 2 : Person Foot printing & Reconnaissance using OSINT Tools (Self Study Tasks)
• Task 3 : Organization Foot printing & Reconnaissance using OSINT Tools (Self Study Tasks)
• Task 4 : Device Foot printing & Reconnaissance using OSINT Tools (Self Study Tasks)

Lab 2: Network Scanning:

• Task 1 : Host Discovery
• Task 2 : Port & Service Discovery
• Task 3 : OS Discovery
• Task 4 : Scanning Beyond Firewalls and IDS/IPS
• Task 5 : Draw Network Diagrams

Lab 3: Enumeration:

• Task 1 : NetBIOS Enumeration
• Task 2 : SNMP Enumeration
• Task 3 : LDAP Enumeration
• Task 4 : NFS & NTP Enumeration
• Task 5 : SMTP & DNS Enumeration

Lab 4: Vulnerability Assessment:

• Task 1 : Assessing Windows Server 2016 SMB Vulnerabilities

Lab 5: System Hacking:

• Task 1 : Windows Server 2016 Hacking with SMB vulnerabilities
• Task 2 : Windows Privilege Escalation
• Task 3 : Kerberos Golden Ticket Attack
• Task 4 : Ransomware Attack (Step by Step Demonstration Only)
• Task 5 : Maintaining Access
• Task 6 : Clearing logs and evidence
• Task 7 : Windows 10 Client System Hacking
• Task 8 : Evading Anti-virus
• Task 9 : Credential Harvesting using various method such as NBT/NS-Poisoning and dictionary attacks
• Task 10 : Simple Buffer Overflow Programming & Detection

Lab 5: Malware Threats:

• Task 1 : Malware Analysis Case Studies (Self-Study)

Lab 6: Sniffing:

• Task 1 : Sniffing network traffic using various open-source tools
• Task 2 : Analyze Traffic

Lab 7: Social Engineering:

• Task 1 : Credential Harvesting using Website Phishing

Lab 8: DDOS:

• Task 1 : Distributed Denial of Service Attack using various tools

Lab 9: Web Applications:

• Task 1 : Web Application Password Brute Force Attacks on WordPress and other Vulnerable websites
• Task 2 : Inject Commands to a Linux based Web Server using a Web Application Vulnerability
• Task 3 : Change a victim’s password with Cross Site Request Forgery Attack
• Task 4 : Defacing Website with Cross Site Scripting Attacks – DOM, Reflected & Stored
• Task 5 : Steal Data and crack hashed passwords from Database using SQL Injection Attacks – Manual & Automated
• Task 6 : Local File Inclusion – Capture the Flag Challenge
• Task 7 : Remote File Inclusion – Gain access to a Linux Server
• Task 8 : Hijack Session by stealing cookies and Sessions IDs of an authenticated user.

Lab 10: Firewall:

• Task 1 : Bypassing Firewall rules to verify open ports and services

Lab 11: Android Hacking:

• Task 1 : Hack into any Android Phone and steal phone logs, SMS, Contacts, spy with camera and extract location.

Lab 12: Cloud Computing:

• Task 1 : Dump AWS Cloud Simple Storage Service Data (Demonstration Only)

Lab 13: Cryptography:

• Task 1 : Cryptography tools to encrypt, decrypt and steganography to hide malware in images.

• Minimum batch size required for batch is 10 participants in the this course.
• The RST Forum reserves the right to cancel/postpone the class.
• Course schedule will be provided before commencement of the course.
• Certificate of participation will be awarded to participants with a minimum 90% attendance.
• All attendees are to observe the Copyright Law on intellectual properties such as software and courseware from respective vendors.
• The RST Forum reserves the right to include external participants in the program either for the entire course or individual courses.
• The RST Forum reserves the right to change/alter the sequence of courses. RST FORUM published Book would be given at 50% discounted rate to the forum students.