Summer Training Program 2016

CCSE V3.0 Certified Cyber Security Expert Version 3.0

TechD Facts

Incorporated in November 2009

Trained more than 50,000 students, conducted 400 Workshops Including all IITs, NITs & Many colleges across India.

Trained Professional from many reputed companies like Yahoo!,Google,ISACA,k7 Antivirus, Elitecore , Indian Oil, Temenos, ZOHO, HCL,TCS Infosys.

Trained Investigation agencies of Gujarat, Maharashtra, Rajasthan, Tamilnadu, West Bengal.

Successfully completed more than 15000 training hours into IT Security.

TechD Facts

Trained & Certified 2100 Students & Professionals for CCSE ( Certified Cyber Security Expert) Course. Helped Top Investigating Agencies to Solve Ahmedabad & Mumbai blasts Cyber trails. Associated for an out reach program with the Major Technical festivals of IIT Bombay, Kanpur, NIT Bhopal, NIT Calicut, Jadavpur University Kolkata, and BITS Pilani Goa for giving authorized certification. Major VAPT Clients includes Sulekha.com, Cyberoam. Supported by Ministry of Home Affairs, Malaysia & CMO, Gujarat. Developed our own Crypters, Trojans, RATS for demonstrations.

TechD Facts

Sunny Vaghela (Director & CTO) is recipient of Rajiv Gandhi Young Achiever’s Award. TechDefence has been awarded as Best Ethical Hacking & Information Security Company by NBC at Trident Hotel , Mumbai.

TechD Facts

TechDefence has also been awarded as Best Ethical Hacking & Information Security Company of Western India by BIG Research & IBN 7.

Nominated for World Education Awards into category of Private Sector Initiative for use of innovative Technology for skilled education

TechD Facts

TechDefence Certified Cyber Security Expert is career oriented hands on training program on Advanced Ethical Hacking, Cyber Crime Investigation, Cyber Forensics & Information Security.

CCSE Contents

Module 1 : Cyber Ethics - Hackers & hacking methodologies

Why Security ?

Why Attacks ?

Hacking – Introduction

Communities of Hackers

Types of Hackers

Malicious Hacker Strategies

Ethical Hacker Strategies

Steps for conducting Ethical Hacking.

Importance of Vulnerability Research.

Vulnerability Research References.

Conclusion

CCSE Contents

Module 2: Basic Network Terminologies

IP address

Versions of IP Address

Types of IP Address

Classes of IP addresses

Categories of IP Address

Network Address Translation

TCP protocol

UDP Protocol

Difference between TCP & UDP

Proxies and VPN’s

CCSE Contents

Module 3: Information Gathering

WHOIS Information Gathering

DNS Information Gathering

DNS Report

MX-information

NS LookUp

Website Mirroring

Website Information Gathering

Email Information Gathering

Doxing (Peoples & Digitals Boxes)

Tools that aid in Information Gathering

Savitabhabhi.com Case Study

Maltego & Kartoo Search Engines

CCSE Contents

Module 4: Scanning & Enumeration

Why Scanning?

Types of Scanning.

Objective of Scanning.

Port Scanning.

Port Scanning Techniques.

Port Scanning using Nmap

Advance Nmap Scanning(Nmap Scripting Engine)

Banner Grabbing techniques

Network Scanning Techniques.

Network Auditors.

Enumeration

CCSE Contents

Module 5: Virus, Worms, Malware, Spyware, Adware & Trojans

What is Virus?

What are Worms?

Difference between Virus & Worms

What are Trojans?

How Trojans Work?

How to hack a computer system using Trojan?

How to create a Trojan?

Introduction to some RAT Tools

Issues in sending and executing a Trojan

Overcoming above issues.

CCSE Contents

Module 6: Phishing & its Prevention

History of Phishing

What is Phishing?

Types of Phishing

Why it is called as a Social Engineering Technique?

Steps to perform Phishing

Tricks to perform Phishing

Precautions against Phishing Attempts

Detecting Phishing Crimes

Investigating Phishing Crimes

CCSE Contents

Module 7: System Hacking & Security

Password Cracking

Privilege Escalation

Tools to aid in System Hacking

Understanding Rootkits

Clearing Traces

Countermeasures

CCSE Contents

Module 8: Windows Honeypot & Web Based Honeypot

Introduction to Honeypots

Setting up Account

Setting up a Honeypot

Managing Honeypot

Prevention against Spammers

CCSE Contents

Module 9: Cryptography

Public-key Cryptography

Working of Encryption

Digital Signature

RSA & Example of RSA Algorithm

RC4, RC5, RC6, Blowfish

Algorithms and Security

Email Encryption

Tools that aid in Cryptography

CCSE Contents

Module 10: Introduction to Web Application & Database

What is a Website?

What is a Web Application?

Website Vs. Web Application

Categories of Website

Architecture

One-Tier Architecture

Two-Tier Architecture

Three-Tier Architecture

Multi/N-Tier Architecture

Technologies

What is a Database?

Well Known Databases

CCSE Contents

Module 11: Introduction to OWASP Top 10

What is a OWASP?

Understanding OWASP

Introduction to OWASP Top 10 Vulnerabilities

CCSE Contents

Module 12: Authentication Bypass (Basic SQL Injection)

What is Authentication?

Database Basics

What is SQL?

Basics of SQL Query

Introduction to Logic Gates

How to Bypass Authentication?

Video Demonstration

Basic Combinations to Bypass

Bypass Cheat Sheet

Remediation Approach

CCSE Contents

Module 13: Google Hacking

Understanding how Google works

Google basic operators

Google advanced operators

Automated Google tools

How to use Google to find the desired website

How Google can aid in searching vulnerable website

CCSE Contents

Module 14: Advance SQL Injection(MySQL)

Definition

Vulnerability

Testing for Vulnerability

Injection Type

Integer Based Injection

String Based Injection

Exploiting Vulnerability

Enumerating Database Name and Version

Enumerating Table Names

Enumerating Column Names

Enumerating Data from Column Names

Remediation Approach / Preventing MySQL Injection

CCSE Contents

Module 15: SQL Injection – Firewall Evasion

What is WAF?

Working of WAF

How to know if there is a Web Application Firewall?

Techniques to Bypass WAF

Video Demonstration – SQL Injection Firewall Evasion

Scope of this technique

CCSE Contents

Module 16: Advance SQL Injection(MSSQL Injection)

What is MSSQL?

What would be Target Applications?

Finding Vulnerable Links

Testing Vulnerability

Exploiting Vulnerability

Enumerating Table Names

Enumerating Column Names

Enumerating Data

CCSE Contents

Module 17: SQL Injection using Automated Tools

Introduction to Automated Tools

Why to use Automated Tools?

Introduction to Best Tools

Using Tools - Hands on Demonstration

CCSE Contents

Module 18: Hacking Web Servers

Introduction to Web Server

Web Application & Web Server

Way to Hack Web Server

Vulnerability on Web Application

What is Shell?

List of Shells

Functionalities of Shell

How to Upload Shell?

Video Demonstration

CCSE Contents

Module 19: XSS – Cross Site Scripting

Introduction to HTML

Introduction to JavaScripts

Introduction to Cookies

What is XSS?

Impact of XSS

Severity of XSS

How to test for XSS

Bypassing Filters

How to Exploit XSS

Cookie Grabbing using XSS

CCSE Contents

Module 20: CSRF, Click Jacking

Introduction to CSRF

Building Proof of Concept Code

Protections against CSRF

Click Jacking & Protections

Module 21: Information Disclosure Vulnerabilities

Introduction

Setting up the correct chmod

Protecting the sensitive server files

Preventing the data loss

CCSE Contents

Module 22: Introduction to Burp Suite

Burp Interceptor

Burp Target

Burp Spider

Burp Scanner

Burp Intruder

Burp Repeater

Burp Decoder

Burp Sequencer

Burp Extender

Burp App Store- Introduction

Live Hacking Through Burp

CCSE Contents

Module 23: Vulnerability Assessment & Penetration Testing

Introduction to VAPT

Categories of security assessments

Vulnerability Assessment

Limitations of Vulnerability Assessment

Penetration Testing

Types of Penetration Testing

Do-It-Yourself Testing

Outsourcing Penetration Testing Services

Terms of Engagement

Project Scope & Pentest Service Level Agreements

Testing points & Locations

Automated & Manual Testing

CCSE Contents

Module 24: Assembly Language Basics

Difference Assembly Language Vs High-level Language

Assembly Language Compilers

Understanding Instruction operands, Directive & preprocessor

Interrupts , Interrupt handler, External interrupts and Internal interrupts Handlers

Assembling the & Compiling the C code

Linking the object files & Understanding an assembly listing file

Big and Little Endian Representation, Skeleton File

Working with Integers, Signed integers & Signed Magnitude

Understanding Two’s Compliment, If statements, Do while loops

Indirect addressing, Subprogram

Understanding The Stack, SS segment& ESP

The Stack UsageThe CALL and RET Instructions

CCSE Contents

Module 25 : Reverse Engineering

Introduction to RE

Briefing OllyDbg

Patching – SMAC, ClassRoomSpyPro & PowerISO

Cracking – SMAC, ClassRoomSpyPro & PowerISO

Keygening – SMAC, ClassRoomSpyPro & PowerISO

Countermeasures

CCSE Contents

Module 26 & Module 27: Buffer Overflows 1-2

Introduction

How BOF works

Stack based buffer overflow

Understanding the Shellcode

Mapping the memory

Countermeasures

CCSE Contents

Module 28: Exploit Writing

Exploits Overview

Prerequisites for Writing Exploits and Shellcodes

Purpose of Exploit Writing

Types of Exploits

Tools that aid in writing Shellcode

Issues Involved With Shellcode Writing

Addressing problem

Null byte problem

System call implementation

CCSE Contents

Module 29 : Metasploit Framework using BackTrack or Kali Linux

Introduction to this framework

Getting hands on commands

Hacking windows with Metasploit

Hacking Linux with Metasploit

WebServer Hacking through Metasploit

Android Hacking using Metasploit

MSFVenom – Payload creation

MSFVenom - Creating Malicious PDF Files through MSF Modules

CCSE Contents

Module 30: Wireless Hacking & Security

Wireless Protocols

Wireless Routers-Working

Attacks on Wireless Routers

Cracking Wireless routers password(WEP)

Wi-Fi Phisher

Securing routers from Hackers

Countermeasures

CCSE Contents

Module 31: Mobile, VoIP Hacking & Security

SMS & SMSC Introduction

SMS forging & countermeasures

Sending & Tracking fake SMSes

Call Forging & countermeasures

Android Hacking using Android Malware

Android Hacking using Android Trojan

VoIP Introduction

Installing VoIP Server & Forging Call using VoIP

Android Phone Rooting

Understanding ADB

Pattern Lock Bypass using ADB Shell

CCSE Contents

Module 32: Mobile Application Security (Android)

What is Android?

History of Android

Android Application Fundamentals

Understanding AndroidManifest.xml file

Android Application Vulnerabilities

Static Analysis of Android Binaries

Live Demonstrations

CCSE Contents

Module 33: Introduction to Cyber Crime Investigation & IT ACT 2000

Types of Cyber Crimes

Reporting Cyber Crimes & Incidence response

Introduction to IT Act 2000 & its sections

Flaws in IT ACT,2000

Investigation Methodologies & Case Studies

Different Logging Systems.

Investigating Emails ( Email Tracing)

Ahmedabad Bomb Blasts Terror Mail case study

Investigating Phishing Cases

Investigating Data Theft Cases

Investigating Facebook Profile Impersonation Cases

Investigating SMS & Call Spoofing Cases

CCSE Contents

Module 34: Cyber Forensics

Cyber Forensics

Understanding Cyber Forensics

Hands on Cyber Forensics on Hard Disks

Whatsapp Forensics

Module 35 : Final Exam

To know about portal visit www.ccseonline.in

Other Details

Total Hours: 80 hours

Training Duration : 30 – 45 Days.

Training Centers: Ahmedabad, Delhi , Hyderabad.

For More information Call on 9723373375 , 7567867774