Ethical Hacking
Course Rate: INR 70000.00
Duration: 2 Months
About the Course:
Ethical Hacking syllabus covers topics from **basic to advanced**, including penetration testing, network security, malware analysis, and cybersecurity tools. It is ideal for **beginners, cybersecurity professionals, and penetration testers** who want to master **ethical hacking and cybersecurity techniques**.
---
## **1. Introduction to Ethical Hacking**
- What is Ethical Hacking?
- Ethical Hacking vs. Black Hat Hacking vs. Grey Hat Hacking
- Cybersecurity Terminologies
- Legal & Ethical Aspects of Hacking
- Cyber Laws & Compliance (GDPR, HIPAA, PCI-DSS)
- Career Paths in Ethical Hacking
---
## **2. Networking Basics for Ethical Hacking**
- OSI & TCP/IP Models
- IP Addressing, Subnetting, and CIDR Notation
- MAC Address, ARP, and DNS
- Ports & Protocols (HTTP, HTTPS, FTP, SSH, SMTP, SNMP)
- Network Devices (Routers, Switches, Firewalls)
- Packet Analysis with Wireshark
---
## **3. Linux for Ethical Hacking**
- Basics of Linux & Terminal Commands
- File & Directory Permissions
- User Management in Linux
- Process Management & Background Jobs
- Networking Commands (`ifconfig`, `netstat`, `ping`, `traceroute`)
- Introduction to Kali Linux & Parrot OS
---
## **4. Footprinting & Reconnaissance**
- What is Footprinting?
- Passive vs. Active Reconnaissance
- Google Dorking for Information Gathering
- WHOIS Lookup & DNS Enumeration
- Social Engineering Techniques
- OSINT (Open-Source Intelligence) Techniques
- Tools for Footprinting (Maltego, Recon-ng, theHarvester)
---
## **5. Scanning & Enumeration**
- Introduction to Scanning Networks
- Port Scanning (Nmap, Zenmap)
- Service & OS Fingerprinting
- Vulnerability Scanning (Nessus, OpenVAS)
- Banner Grabbing
- SNMP & SMTP Enumeration
- Tools for Enumeration (`enum4linux`, `Netcat`)
---
## **6. System Hacking**
- Password Cracking Techniques
- Brute Force & Dictionary Attacks (Hydra, John the Ripper)
- Hash Cracking (`hashcat`, `rainbow tables`)
- Privilege Escalation Techniques
- Malware & Rootkits
- Keyloggers & Spyware
- Windows & Linux Exploitation
---
## **7. Web Application Hacking**
- Introduction to Web Hacking
- OWASP Top 10 Vulnerabilities
- SQL Injection
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- Security Misconfigurations
- Broken Authentication & Session Management
- Web Penetration Testing Tools (Burp Suite, ZAP, Nikto)
---
## **8. Wireless Network Hacking**
- Introduction to Wireless Security
- Wi-Fi Encryption Standards (WEP, WPA, WPA2, WPA3)
- Cracking Wi-Fi Passwords (Aircrack-ng, Reaver)
- Evil Twin Attacks
- Man-in-the-Middle (MITM) Attacks on Wireless Networks
- Deauthentication Attacks
---
## **9. Malware Analysis & Reverse Engineering**
- Introduction to Malware & Types (Virus, Worms, Trojans, Ransomware)
- How Malware Works & Propagates
- Reverse Engineering Basics
- Static & Dynamic Malware Analysis
- Sandboxing & Virtual Machines for Malware Analysis
- Tools (IDA Pro, Ghidra, OllyDbg, PE Explorer)
---
## **10. Social Engineering Attacks**
- Introduction to Social Engineering
- Phishing & Spear Phishing Attacks
- Baiting & Pretexting
- Shoulder Surfing & Dumpster Diving
- Spoofing Attacks (Email, Caller ID, SMS)
- Tools for Social Engineering (`SET`, `BeEF`)
---
## **11. Denial-of-Service (DoS) & Distributed Denial-of-Service (DDoS) Attacks**
- What is a DoS & DDoS Attack?
- Types of DoS Attacks (SYN Flood, UDP Flood, HTTP Flood)
- Botnets & Mirai Malware
- Tools for DoS/DDoS (`LOIC`, `HOIC`, `Slowloris`)
- Mitigation Techniques & Countermeasures
---
## **12. Cloud Security & Hacking**
- Introduction to Cloud Computing Security
- Common Cloud Vulnerabilities
- Attacking Cloud Infrastructure
- Securing Cloud Environments (AWS, Azure, Google Cloud)
- Cloud Penetration Testing
---
## **13. Cryptography & Steganography**
- Introduction to Cryptography
- Encryption Algorithms (AES, DES, RSA, ECC)
- Hashing Techniques (MD5, SHA-1, SHA-256)
- Steganography Techniques (Hiding Data in Images, Audio, and Text)
- Digital Signatures & Certificates
- Tools for Cryptography (`OpenSSL`, `TrueCrypt`, `VeraCrypt`)
---
## **14. Exploitation & Post Exploitation**
- Exploiting Vulnerabilities
- Metasploit Framework Basics
- Writing Exploits (Python, Bash, PowerShell)
- Post-Exploitation Techniques
- Maintaining Access & Persistence
- Creating Backdoors (`msfvenom`, `Netcat`, `Empire`)
---
## **15. Penetration Testing Methodology**
- What is Penetration Testing?
- Types of Penetration Testing (Black Box, White Box, Grey Box)
- Penetration Testing Phases
- Writing a Penetration Testing Report
- Tools for Penetration Testing (Kali Linux, Burp Suite, Nikto, Metasploit)
---
## **16. Incident Response & Forensics**
- Basics of Digital Forensics
- Incident Response Frameworks (NIST, SANS)
- Collecting & Analyzing Logs
- Memory Forensics (`Volatility`, `FTK Imager`)
- Network Forensics (`Wireshark`, `NetworkMiner`)
- Disk Forensics (`Autopsy`, `Sleuth Kit`)
---
## **17. Bug Bounty & Capture The Flag (CTF) Challenges**
- Introduction to Bug Bounty Programs
- Platforms (HackerOne, Bugcrowd, Open Bug Bounty)
- Writing Bug Reports
- Participating in CTF Challenges (`TryHackMe`, `Hack The Box`, `Root Me`)
---
### **18. Ethical Hacking Tools & Labs**
- Kali Linux
- Parrot Security OS
- Metasploit
- Nmap
- Wireshark
- Burp Suite
- Aircrack-ng
- Hydra
- Hashcat
- John the Ripper
- Maltego
- BeEF
- OpenVAS
---
### **19. Real-World Ethical Hacking Projects**
- Penetration Testing on a Live System
- Website Vulnerability Assessment
- Wireless Network Security Audit
- Phishing Attack Simulation
- Malware Analysis & Reverse Engineering
- Security Hardening of a Web Application
---
## **20. Ethical Hacking Certifications**
- **CEH (Certified Ethical Hacker) – EC-Council**
- **OSCP (Offensive Security Certified Professional)**
- **CISSP (Certified Information Systems Security Professional)**
- **Pentest+ (CompTIA Penetration Testing Certification)**
- **CISA, CISM, GIAC Certifications**