HACKING SYLLABUS

This course is for following individuals: 
  • Security Researchers (who wants to become)
  • Web Developers (for their websites security)
  • Ethical Hackers (Who wants to learn)
  • And of course, Hackers! (who wants to learn)
Module 0: Course Introduction
  • Welcome Video
  • Course overview
  • Course outline
  • Course Objectives
  • Exam Information
  • Additional Tips
  • Penetration testing standards
Module 1: Business and Technical Logistics of Penetration Testing
  • Overview
  • what is a Penetration Test?
  • Benefits of a Penetration Test
  • Recent Attacks & Security Breaches
  • what does a Hack cost you?
  • What is a Botnet?
  • How is a Botnet Formed?
  • How are Botnet’s growing
  • Types of Hackers
  • Common Mistakes
  • Types of Penetration Testing
  • Hacking Methodology
  • Methodology for Penetration Testing
  • Hacker vs. Penetration Tester
Module 2: Linux Fundamentals
  • Overview
  • Linux History: Linux + Minix = Linux
  • KALI Introduction
  • Backtrack to Kali
  • Linux Shell
  • Linux Bash Shell
  • Password & Shadow Files and File Formats
  • Linux Local Root Exploits
  • Compiling Programs in Linux
Module 3: Information Gathering
  • Overview
  • What Information is gathered by the Hacker?
  • Organizing Collected Information
  • Methods of Obtaining Information
  • Social Engineering Techniques
  • Foot printing defined
  • Footprinting tools
  • Google Hacking
  • Cache
  • WHOIS
  • Using Nslookup
  • Dig for Unix / Linux
  • Traceroute Operation
  • Websites and servers
  • Error Logs
Module 4 : Detecting Live System
  • Overview
  • Introduction to Port Scanning
  • Port Scan
  • NMAP Tips
  • NMAP
  • Is the Host online
  • Web Application Types .
  • Detecting Web Application
Module 5: Enumeration
  • Enumeration Overview
  • HTTP and HTTPS
  • MITM Attack
  • DNS Enumeration
  • Same Site Scripting
  • DNS Enumeration with Kali
  • NS Lookup
  • Cname
  • Sub domain scanning and Reverse IP scan
  • Directory Bruteforcing
Module 6: Malware Goes Undercover
  • Malware Infection in Windows
  • Malware Infection in Web Applications
  • Infection into backups
  • Introduction to Different types of Malwares
Module 7 : Hacking UNIX/Linux
  • File and Directory Permissions
  • Bypassing Restrictions
  • Encrypting Backdoors
  • Bypassing WEB AV,s
  • Symlink
  • Rooting a server
  • Clearing the Log Files
Module 8,9 : Advanced Exploitation Techniques
  • The Metasploit Project
  • The Metasploit Framework
  • Exploiting OS using viruses and worms
  • Creating a virus
  • Binding Malwares
  • Windows OS exploitation
  • Backdoor IIS server
  • Linux Based Exploitation
  • Anti-Virus Structure
  • Virus Signatures
  • Hexing
Module 10,11 : Network Exploitation
  • Introduction to WiFI Exploitation
  • Types of Network
  • Types of Network Security
  • BSSID and spoofing
  • Handshake Capturing
  • Cracking WEP Encryption
  • Cracking WPA/WPA2/WEP by PIN
  • Cracking WPA/WPA2/WEP by Social Eng
  • Cracking WPA/WPA2/WEP by Dictionary
  • Cracking WPA/WPA2/WEP by Wordlist
  • Cracking WPA/WPA2/WEP by crunch
  • DOS Attack on Network
  • DOS Attack on Wi-Fi Network
  • Flood Attack
  • DOS Attack on Smartphones and Smart TVs
  • DOS Attack TIPS
Module 12 : Injecting the Database
  • Overview
  • Vulnerabilities & Common Attacks
  • SQL Injection
  • Impacts of SQL Injection
  • Why SQL “Injection”?
  • SQL Injection: Enumeration
  • SQL Injection using tool
Module 13: Attacking Web Technologies
  • FPD
  • Common Web Application Threats
  • Injection Flaws
  • IIS Directory Traversal
  • XSS
  • CSRF
  • HTTP parameter pollution
  • Parameter Manipulation
  • Clickjacking
  • LFI
  • RFI
  • URL Redirection
  • Host Header Attack
  • Secured socket layer
  • WordPress exploitation
  • Logical Websites bugs
  • joomla exploitation
  • Directory Transversal attack
  • DOS attack
  • MITM attack
  • Security tools
  • Session hijacking
  • Bypassing Uploaders
  • Request Tampering
  • Android Hacking APPS
  • Backdoors
  • DNS Hijacking Introduction
  • DNS Hijacking Complete
  • Null sessions
  • Session Bypassing
  • Social Engineering
  • Email Spoofing
  • Phishing attacks
Module 14: Project Documentation and Bug reporting
  • Introduction
  • Overview
  • Creating Report
  • How to Deliver
  • Additional Items
  • The Report
  • Report Criteria:
  • Supporting Documentation
  • Analyzing Risk
  • Report Results Matrix
  • Findings Matrix
  • Delivering the Report
  • Stating Fact
  • Recommendations
  • Executive Summary
  • Technical Report
  • Report Table Of Contents
  • Summary Of Security Weaknesses Identified
  • Scope of Testing
  • Summary Recommendations
  • Summary Observations
  • Detailed Findings
  • Strategic and Tactical Directives
  • Statement of Responsibility / Appendices
Module 15: Kali Linux
  • Almost 80% of Kali Linux