Diploma in Cyber Security & Ethical Hacking 2024

Module 1- Network Fundamentals (Day- 1-5)
• Clarify the objectives and operations of diverse network devices.
• Differentiate between TCP/IP & OSI models
• Analyze the influence of network topologies on operations.
• Identify the components of Ethernet LANs.
• Evaluate the differences between collapsed and three-tier architectures.
• Compare various network topologies for their advantages and disadvantages.
• Determine the suitable cabling type based on specific implementation needs.
• Apply troubleshooting methodologies to resolve network issues effectively.

Module 2- Network Access (Day- 6-10)
• Set up and confirm VLAN configurations.
• Configure and authenticate trunking on Cisco switches.
• Establish and confirm Layer 2 discovery protocols like CDP and LLDP.
• Configure and ensure proper functioning of interVLAN routing.
• Resolve connectivity problems related to VLANs and interVLAN routing.
• Verify and manage wireless client access.
• Compare different Cisco Wireless Architectures and AP modes.
• Describe the access connections for AP and WLC.

Module 3- IP Connectivity (Day- 11-15)
• Interpret the elements of a routing table.
• Examine how routers make routing decisions.
• Set up, confirm, and troubleshoot IPv4 and IPv6 static routing.
• Configure and troubleshoot routing protocols like RIP, OSPF, etc.
• Employ troubleshooting techniques using ping, traceroute, and telnet.

Module 4- IP Services (Day- 16-20)
• Configure and authenticate DHCP on IOS Routers.
• Explain the functions of DHCP and DNS in a network setup.
• Describe the types, features, and applications of Access Control Lists (ACLs).
• Establish and confirm ACLs in a network environment.
• Set up and verify NTP operating in both client and server modes.
• Configure network devices for remote access using SSH.
• Explain the functionalities and role of TFTP in a network.
• Identify the fundamental operation of NAT and its variations.

Module 5- Security Fundamentals (Day- 21-25)
• Define crucial security concepts.
• Outline the elements of a security program.
• Explain how network components contribute to network security.
• Discuss the functions of firewalls, intrusion prevention systems, and VPNs.
• Describe technologies ensuring endpoint security.
• Explain wireless security protocols such as WPA, WPA2, and WPA3.
• Configure WLAN using WPA2 PSK through a graphical interface.

Module 6- Automation and Programmability (Day- 25-30)
• Detail the impact of automation on network management.
• Compare traditional networks with controller-based networking.
• Describe controller-based and software-defined architectures.
• Understanding configuration management tools like Puppet, Chef & Ansible.
• Interpret data encoded in JSON format

Red Hat Certified System Administrator (RHCSA- 9.0)

Module 1- System Configuration and Management (Day- 1)
• Introduction to Linux Operating System
• Different Linux Distributions Overview
• Installing Red Hat Linux on a Virtual Platform

Module 2- File Handling (Day- 2-3)
• Accessing and Navigating the Command Line Interface
• Managing Files through Command Line Operations
• Creating, Viewing, and Editing Text Files
• Managing Linux File System Permissions for File Access Control
• Monitoring and Administering Linux Processes
• Working with Vim and Nano text editors
• Using Find and Grep commands for searching and pattern matching

Module 3- User Administration (Day- 4-5)
• Creating New User Accounts
• Setting and Changing Passwords for Users
• Removing or Deleting User Accounts
• Retrieving User Information
• Obtaining Password Hashes of Linux Users

Module 4- Group Administration (Day- 6-7)
• Creating New Groups
• Adding Users to Specific Groups
• Establishing Administrative Users for Groups
• Removing Users from Groups
• Deleting Existing Groups
• Obtaining Group Information

Module 5- Storage Management (Day- 8-9)
• Creating, Deleting, and Formatting Partitions and File Systems
• Setting up Swap Space Configuration
• Mounting and Unmounting Network File Systems like NFS
• Extending Existing Logical Volumes
• Setting up and Configuring LUKS-Encrypted Partitions

Module 6- Network Configuration and Administration (Day- 10-12)
• Configuring Network Settings
• Enabling and Disabling Network Interfaces
• Setting Host Names and Configuring Name Resolution
• Configuring Local Network Services such as NTP and SSH
• Setting up SSH and SecureCopy (SCP) configurations
• Basic Firewall Configuration using Firewalld

Module 7- Docker Container Management (Day- 13-15)
• Installing Docker and Managing Its Environment
• Handling Docker Images: Pulling, Pushing, and Committing
• Running and Administering Docker Containers
• Managing Docker Storage and Networking

Module 8- Security Management (Day- 16-17)
• Configuring Firewall Settings via Firewalld
• Implementing SSH Key-Based Authentication
• Configuring Logging for Monitoring and Analysis

Module 9- Automation and Deployment (Day- 18-20)
• Managing Simple Shell Scripts for Automation
• Automating System Tasks through systemd
• Scheduling Future Tasks in Linux via cronjobs
• Managing Software Packages using yum
• Configuring Network Services for Auto-Startup during Boot

C Programming Language

Module 1- C Language Environment (Day- 1-2)
• Overview of Compiler, Interpreter, and Assembler
• Understanding the Compiler's Operations
• Process of Compiling, Linking, and Running Programs
• Introduction to Integrated Development Environments (IDEs)

Module 2- Basics of C Language and Key Terms (Day- 3-4)
• Preprocessor Directives
• Data Types
• Variables
• Tokens
• Keywords
• Constants
• Identifiers

Module 3- Input and Output Instructions (Day- 5)
• Input and Output Functions
• Built-in Functions for I/O Operations

Module 4- Control Flow Statements (Day- 6-8)
• Jump Statements (goto, break, continue)
• If Statement
• If-Else Statement
• Nested If-Else Statement
• If-Else If Ladder Statement
• Switch-Case Statement
• Loops (for, while, do-while)

Module 5- Arrays and Strings (Day- 9-12)
• Overview of Arrays
• Single, Two, and Multi-dimensional Arrays
• Array Operations
• Applications of Arrays
• Sorting and Searching Algorithms for Arrays
• Introduction to Strings
• String Operations
• Applications of Strings

Module 6- Pointers (Day- 13-15)
• Introduction to Pointers
• Pointer Expressions
• Types of Pointers
• Void Pointers
• NULL Pointers
• Wild Pointers
• Dangling Pointers
• Various Pointer Examples
• Pointer Arithmetic
• Working with Arrays using Pointers
• Manipulating Strings using Pointers
• Pointers in Functions

Module 7- Enumerations (Enums) (Day- 16)
• Introduction to Enums
• Enum Examples

Module 8- File Management (Day- 17-18)
• Introduction to File Management
• File Opening Modes
• Opening and Closing Files
• File Input-Output Operations
• Error Handling with Files
• Handling Command Line Arguments
• Applications of File Management

Module 9- Preprocessor Directives (Day- 19)
• Macros
• File Inclusions
• Compiler Control Directives

Module 10- Functions (Day- 20-22)
• Introduction to Functions
• Types of Functions
• Nesting of Functions
• Examples Illustrating Functions
• Passing Integers in Functions
• Passing Strings in Functions
• Functions Returning Addresses
• Recursion
• Understanding Storage Classes

Module 11- Unions (Day- 23-25)
• Introduction to Unions
• Advantages of Using Unions

Module 12- Structures (Day- 26-28)
• Introduction to Structures
• Advantages of Using Structures
• Arrays of Structures
• Structures Utilizing Pointers
• Structures in Conjunction with Functions
• Applications of Structures

Module 13- Dynamic Memory Allocation (Day- 29-30)
• Introduction to Dynamic Memory Allocation
• Benefits of Dynamic Memory Allocation
• Functions such as Malloc(), Calloc(), Realloc(), Free()
• Implementing Arrays Using Dynamic Memory Allocation

Python Programming- 3.12

Module 1- Python Introduction (Day- 1-2)
• An Overview of Python and Its Characteristics
• Installing Python and Establishing the Development Environment
• Executing Python Code
• Fundamental Syntax and Data Types

Module 2- Control Structures (Day- 3-5)
• Conditional Statements (if, elif, else)
• Looping Constructs (for and while loops)
• Loop Control Statements (break, continue)
• Utilizing Lists and Tuples

Module 3- Functions and Modules (Day- 6-8)
• Definition and Invocation of Functions
• Parameters and Return Values in Functions
• Exploring Built-in Functions and Standard Modules
• Creating and Importing Custom Modules

Module 4- Data Structures (Day- 9-10)
• Handling Lists, Tuples, Sets, and Dictionaries
• Employing List Comprehensions and Generator Expressions
• Iterating Through Data Structures

Module 5- String Manipulation (Day- 11-12)
• Operations and Methods on Strings
• String Formatting
• Utilizing Regular Expressions

Module 6 Object-Oriented Programming (OOP) (Day- 13-18)
• Introduction to OOP Concepts
• Creating Classes and Objects
• Instance Variables and Methods
• Understanding Inheritance and Polymorphism

Module 7- Functional Programming (Day- 19-21)
• Implementing Lambda Functions
• Utilizing Map, Filter, and Reduce Functions
• Working with Higher-Order Functions

Module 8- File Handling (Day- 22-23)
• Reading and Writing Text Files
• Working with CSV and JSON Files
• Implementing Exception Handling

Module 9- Data Processing (Day- 24-25)
• Managing Dates and Times (datetime Module)
• File and Directory Operations (os and shutil Modules)
• Parsing and Generating XML and JSON Data

Module 10- Debugging and Testing (Day- 26)
• Techniques and Tools for Debugging
• Conducting Unit Testing with the unittest Module

Module 11- Introduction to GUI Programming (Day- 27-28)
• Basic Concepts of GUI Programming using tkinter

Module 12- Web Scraping (Day- 29)
• Extracting Web Data using Requests and Beautiful Soup

Module 13- Introduction to Data Science (Day- 30-32)
• Basics of Data Analysis & Visualization with Libraries like Pandas & Matplotlib
• Exploratory Data Analysis (EDA)
• Data Cleaning and Preprocessing
• A Case Study in Data Analysis

Structure Query Language- SQL

Module 1: Introduction to SQL (Day- 1-2)
• Understanding Databases and Database Management Systems (DBMS)
• Overview of Structured Query Language (SQL)
• SQL Standards and Versions
• Basic SQL Commands: SELECT, INSERT, UPDATE, DELETE
• Creating and Dropping Databases and Tables

Module 2: Retrieving Data with SQL (Day- 3-4)
• SELECT Statement: Retrieving Data from Tables
• Filtering Data using WHERE Clause
• Sorting Results using ORDER BY Clause
• Using DISTINCT Keyword to Fetch Unique Records
• Limiting Results with LIMIT and OFFSET

Module 3: Data Manipulation in SQL (Day- 5-6)
• INSERT Statement: Adding Records to Tables
• Updating Existing Records with UPDATE Statement
• Deleting Records using DELETE Statement
• Transaction Control Commands: COMMIT, ROLLBACK, SAVEPOINT

Module 4: SQL Functions and Operators (Day- 7-8)
• String Functions (e.g., CONCAT, SUBSTRING, LENGTH)
• Numeric Functions (e.g., ROUND, ABS, MOD)
• Date and Time Functions (e.g., DATE, TIME, TIMESTAMP)
• Aggregate Functions (e.g., COUNT, SUM, AVG, MAX, MIN)
• Conditional Functions (e.g., CASE, COALESCE)

Module 5: Working with Multiple Tables (Day- 9-12)
• Understanding Table Joins: INNER JOIN, LEFT JOIN, RIGHT JOIN, FULL OUTER JOIN
• Combining Results using UNION, INTERSECT, and EXCEPT Operators
• Nested Queries and Subqueries
• Set Operations: UNION, UNION ALL, INTERSECT, EXCEPT

Module 6: SQL Constraints and Indexes (Day- 13-15)
• Defining Constraints: PRIMARY KEY, FOREIGN KEY, UNIQUE, NOT NULL, CHECK
• Implementing Indexes for Performance Optimization
• Working with Views: Creating, Altering, and Dropping Views
• Sequences and Identity Columns

Module 7: Advanced SQL Topics (Day- 16-18)
• Working with Stored Procedures and Functions
• Triggers: Creating and Managing Database Triggers
• Understanding and Utilizing Cursors
• Handling Errors and Exceptions
• Dynamic SQL and Parameterized Queries

Module 8: Data Control and Security (Day- 19-22)
• User Management: Creating and Managing Users
• Granting and Revoking Permissions with GRANT and REVOKE Statements
• Implementing Security Policies
• Auditing Database Activities

Module 9: Database Design and Optimization (Day- 23-26)
• Normalization and Database Design Principles
• Indexing Strategies and Performance Tuning
• Analyzing Query Execution Plans
• Utilizing EXPLAIN and Analyzing Query Performance
• Monitoring and Optimization Techniques

Module 10: NoSQL and New Database Technologies (Day- 27-30)
• Introduction to NoSQL Databases
• Comparison of SQL and NoSQL Databases
• Overview of New Database Technologies and Trends

Certified Ethical Hacker (CEHv12)

Unit 01: Introduction to Ethical Hacking (Day- 1-2)
• Understanding Information Security
• Identifying Information Security Threats and Attack Vectors
• Fundamental Hacking Concepts
• Ethical Hacking Principles
• Implementing Information Security Controls
• Exploring Penetration Testing Concepts
• Comprehending Information Security Laws and Standards

Unit 02: Footprinting and Reconnaissance (Day- 3-5)
• Exploring Footprinting Fundamentals
• Utilizing Search Engines for Footprinting
• Gathering Information via Web Services
• Leveraging Social Networking Sites for Footprinting
• Footprinting Websites
• Conducting Email Footprinting
• Understanding Competitive Intelligence Gathering
• Identifying Individuals via Footprinting
• Utilizing DNS for Footprinting
• Conducting Network Footprinting
• Employing Social Engineering for Footprinting
• Utilizing Footprinting Tools
• Implementing Countermeasures for Footprinting
• Conducting Footprinting Penetration Testing

Unit 03: Scanning Networks (Day- 6-7)
• Understanding Network Scanning Principles
• Exploring Various Network Scanning Tools
• Implementing Different Scanning Techniques
• Banner Grabbing Techniques
• Creating Network Diagrams
• Performing Scanning Penetration Testing

Unit 04: Enumeration (Day- 8-9)
• Understanding Enumeration Concepts
• Conducting NetBIOS Enumeration
• Exploring SNMP Enumeration
• Identifying LDAP Enumeration Techniques
• NTP Enumeration Methodologies
• Enumerating SMTP and DNS
• Utilizing Other Enumeration Techniques
• Implementing Enumeration Countermeasures

Unit 05: Vulnerability Analysis (Day- 10)
• Exploring Vulnerability Assessment Concepts
• Implementing Vulnerability Assessment Solutions
• Understanding Vulnerability Scoring Systems
• Utilizing Vulnerability Assessment Tools
• Generating Vulnerability Assessment Reports

Unit 06: System Hacking (Day- 11-14)
• Understanding System Hacking Concepts
• Cracking Passwords and Gaining Unauthorized Access
• Conducting System Hacking using malicious files
• Exploiting vulnerabilities on Applications for Unauthorized Access
• Hiding Files to Maintain Access
• Covering tracks
• Logs clearing

Unit 07: Malware Threats (Day- 15-17)
• Understanding Malware Concepts
• Exploring Trojan, Virus, and Worm Concepts
• Analyzing Malware and Conducting Malware Analysis
• Implementing Countermeasures Against Malware
• Utilizing Anti-Malware Software
• Conducting Malware Penetration Testing

Unit 08: Sniffing (Day- 18-19)
• Understanding Sniffing Concepts
• Utilizing MAC Attacks for Sniffing
• Implementing DHCP Attacks for Sniffing
• Employing ARP Poisoning for Sniffing
• Exploring Spoofing Attacks for Sniffing
• Implementing Countermeasures Against Sniffing
• Detecting Sniffing Attempts Using Specific Techniques
• Conducting Sniffing Penetration Testing

Unit 09: Social Engineering (Day- 20-21)
• Understanding Social Engineering Concepts
• Exploring Various Social Engineering Techniques
• Addressing Insider Threats in Organizations
• Understanding Impersonation on Social Networking Sites
• Implementing Countermeasures Against Social Engineering Attacks

Unit 10: Denial-of-Service (Day- 22-23)
• Understanding DoS/DDoS Concepts
• Exploring DoS/DDoS Attack Techniques
• Investigating Botnets and their Role in DDoS Attacks
• Analyzing DDoS Case Studies
• Exploring DoS/DDoS Attack Tools
• Implementing Countermeasures Against DoS/DDoS Attacks

Unit 11: Session Hijacking (Day- 24)
• Understanding Session Hijacking Concepts
• Implementing Application-Level Session Hijacking Techniques
• Implementing Countermeasures Against Session Hijacking Attacks
• Conducting Session Hijacking Penetration Testing

Unit 12: Evading IDS, Firewalls, and Honeypots (Day- 25-26)
• Understanding IDS, Firewall, and Honeypot Concepts
• Implementing IDS, Firewall, and Honeypot Solutions
• Evading Firewalls and Detecting Honeypots
• Implementing IDS/Firewall Evasion Countermeasures
• Conducting Penetration Testing Against IDS, Firewalls, and Honeypots

Unit 13: Hacking Web Servers (Day- 27)
• Understanding Web Server Concepts
• Exploring Web Server Attack Methods
• Following a Web Server Attack Methodology
• Implementing Patch Management for Web Servers
• Utilizing Web Server Security Tools
• Conducting Web Server Penetration Testing

Unit 14: Hacking Web Applications (Day- 28-29)
• Understanding Web Application Concepts
• Exploring Web Application Threats
• Implementing Web Application Hacking Methodologies
• Utilizing Web Application Hacking Tools
• Implementing Countermeasures Against Web Application Attacks
• Conducting Web Application Security Testing and Penetration Testing

Unit 15: SQL Injection (Day- 30)
• Understanding SQL Injection Concepts
• Exploring Different Types of SQL Injection
• Following a Methodology for SQL Injection Attacks
• Implementing Evasion Techniques for SQL Injection
• Utilizing Countermeasures Against SQL Injection Attacks

Unit 16: Hacking Wireless Networks (Day- 31-32)
• Understanding Wireless Concepts
• Exploring Wireless Encryption Methods
• Conducting Wireless Hacking Methodologies
• Utilizing Wireless Hacking Tools
• Exploring Bluetooth Hacking Techniques
• Implementing Countermeasures for Wireless Networks
• Conducting Wireless Security Testing and Penetration Testing

Unit 17: Hacking Mobile Platforms (Day- 33-34)
• Understanding Attack Vectors for Mobile Platforms
• Exploring Hacking Techniques for iOS
• Analyzing Mobile Spyware and Mobile Device Management
• Implementing Mobile Security Guidelines and Tools
• Conducting Mobile Penetration Testing

Unit 18: IoT and OT Hacking (Day- 35-36)
• Understanding IoT Concepts and Attack Vectors
• Understanding IoT Attack methodology
• Understanding OT Concepts and Attack Vectors
• Understanding OT Attack methodology

Unit 19: Cloud Computing (Day- 37-38)
• Understanding Cloud Computing Concepts and Threats
• Implementing Cloud Security Measures and Tools
• Conducting Cloud Penetration Testing

Unit 20: Cryptography (Day- 39-40)
• Understanding Cryptography Concepts
• Exploring Encryption Algorithms and Tools
• Implementing Public Key Infrastructure (PKI)
• Utilizing Email and Disk Encryption Methods
• Conducting Cryptanalysis and Implementing Countermeasures

Amazon Web Services (AWS)

Module 1- Introduction to AWS Cloud Computing (Day-1)
• Grasping Cloud Computing Concepts
• Advantages and Benefits of Cloud Computing
• Different Types of Cloud Services Offered
• Various Cloud Deployment Models
• Overview of AWS and its Array of Services and Offerings

Module 2- Amazon EC2 (Elastic Compute Cloud) (Day- 2-5)
• Initiating and Setting Up EC2 Instances
• Understanding EC2 Instance Types and their Use Cases
• Management of EC2 Instances and Security Groups
• Launching Windows and Linux Instances
• Configuration of Web Servers
• Implementing Elastic IP
• Load Balancing Varieties with EC2
• Auto Scaling Applications with EC2
• Snapshotting Volumes and Instances

Module 3- Amazon S3 (Simple Storage Service) (Day- 6-8)
• Creation and Management of S3 Buckets
• Utilizing S3 for Object Storage and Ensuring Data Consistency
• S3 Security Measures and Bucket Policies
• Implementing S3 Versioning and Lifecycle Policies
• Hosting Static Web Pages using S3 Buckets

Module 4- Amazon RDS (Relational Database Service) (Day- 9-11)
• Establishing RDS Instances (MySQL, PostgreSQL, etc.)
• Configuring RDS Multi-AZ Deployments and Read Replicas
• Handling Backups, Restoration, and Snapshots
• Strategies for Scaling and Performance Tuning RDS

Module 5- Amazon VPC (Virtual Private Cloud) (Day- 12-15)
• Understanding VPC Components and Concepts
• Working with Subnets, Route Tables, and Security Groups
• Implementing VPC Peering and VPN Connections
• Leveraging Network ACLs and Bastion Hosts

Module 6- AWS Lambda and Serverless Computing (Day- 16-18)
• Introduction to Serverless Architecture
• Creation and Deployment of Lambda Functions
• Integration of Lambda with Other AWS Services
• Utilizing Event Triggers and Adhering to Serverless Best Practices

Module 7- DNS Management with Amazon Route53 (Day- 19-21)
• Exploring Amazon Route 53 and its Role in DNS
• Domain Name Registration and Configuration
• Managing Hosted Zones and DNS Records
• Traffic Flow Management using Route 53
• Integration of Route 53 with Additional AWS Services (Elastic BeanStalk, EC2, etc.)
• Monitoring and Logging DNS Queries within Route 53
• Best Practices for Configuration and Administration of DNS with Route 53

Module 8- AWS Elastic Beanstalk (Day- 22-24)
• Introduction to AWS Elastic Beanstalk and Platform-as-a-Service (PaaS)
• Understanding Application Environments and Deployment Platforms
• Application Creation and Deployment through Elastic Beanstalk
• Effective Management of Application Versions and Deployment Environments
• Customization of Application Environments via Configuration Files
• Implementation of Autoscaling and Load Balancing with Elastic Beanstalk
• Application Monitoring and Logging within Elastic Beanstalk
• Best Practices for Application Development and Deployment on Elastic Beanstalk

Module 9- AWS IAM (Identity and Access Management) (Day- 25-27)
• Administration of Users, Groups, and Roles
• Managing AWS Resource Policies and Permissions
• Utilization of Multi-Factor Authentication (MFA) and Identity Federation
• Secure Practices for Safeguarding AWS Resources

Module 10- AWS Monitoring and Logging (Day-28-29)
• Utilizing Amazon CloudWatch for Monitoring
• CloudWatch Metrics, Alarms, and Dashboards
• Log Management using CloudWatch Logs
• Configuration of CloudWatch Events and Triggers

Module 11- Amazon Simple Notification Service (SNS) (Day-30)
• Introduction to Amazon SNS and its Pub/Sub Messaging Model
• Creating Topics and Subscriptions within SNS
• Different Subscription Types (HTTP, HTTPS, Email, SMS, Lambda, etc.)
• Setting up Message Filtering and Delivery Policies
• Best Practices for Effective SNS Usage and Design

Network Security & Penetration Testing

Module 1- Introduction to Network Security and Penetration Testing (Day-1)
• Defining Vulnerability Assessment and Penetration Testing (VAPT)
• Describing the Methodology for Network Penetration Testing

Module 2- Lab Setup for Network Penetration Testing (Day-2)
• Installing Kali as the attack box on Virtual Platform
• Creating accounts on some online platforms like TryHackMe and HackTheBox
• Installing vulnerable machines for practice

Module 3- Reconnaissance and Scanning (Day- 3-4)
• Host discovery using Nmap and other tools
• Port scanning using Nmap and Rustscan
• Advanced commands for port scanning using Nmap

Module 4- Enumeration (Day- 5-8)
• Enumeration of network protocols
• Brute forcing the credentials
• FTP enumeration
• SSH enumeration
• SMTP enumeration
• SMB enumeration
• HTTP enumeration
• NFS enumeration
• Database enumeration
• RDP enumeration
• VNC enumeration

Module 5- Exploitation of Vulnerabilities (Day- 9-13)
• Understanding Metasploit Framework
• Understanding Exploit Database
• Methods for Gaining Access
• Gaining Access by Exploiting Vulnerabilities
• Gaining Access by Password Cracking
• Gaining Access by Uploading Malicious Files

Module 6- Post Exploitation (Day- 14-20)
• Transferring file between two machine (Windows and Linux)
• Steganography
• Privilege Escalations of Windows and Linux
• Pivoting in Linux and Windows
• Credential Looting

Module 7- Exploring Capture the Flag (CTF) (Day- 21-28)
• Solving Easy, Medium and Hard level Linux Machines on TryHackMe, VulnHub and HackTheBox platforms
• Solving Easy, Medium and Hard level Windows Machines on TryHackMe, VulnHub and HackTheBox platforms

Module 8- Report Writing (Day- 29-30)
• Understanding the importance of report writing
• Format of VAPT Report
• Tools for taking Screenshots and Notes

Web Application Penetration Testing (WAPT)

Module 1- Introduction to Web applications (Day- 1-2)
• Understanding the Web Architecture
• Describing HTTP protocol and its Request and Response Headers
• HTTP Methods
• Difference between HTTP and HTTPS
• Concepts of Cookies

Module 2- Introduction to Web Application Penetration Testing (Day-3)
• Defining Vulnerability Assessment and Penetration Testing (VAPT)
• Describing the Methodology for Network Penetration Testing

Module 3- Lab Setup for Web Application Penetration Testing (Day-4)
• Installing Kali as the attack box on Virtual Platform
• Creating account on PortSwigger
• Installing vulnerable machines for practice

Module 4- Introduction to Burp Suite (Day- 5-6)
• What is Burp Suite?
• How to install and setup Burp Suite on Kali and Windows?
• How to install Burp Suite Professional version?
• Exploring Burp Suite

Module 5- Reconnaissance and Scanning (Day- 7-8)
• Subdomain Enumeration
• Web Technology profiling
• Sub Directories Enumeration
• Port Scanning
• Vulnerability Scanning

Module 6- Identification and Exploitation of Web Application Vulnerabilities (Day- 9-35)
• OWASP Top 10
• Sensitive Data/file exposure
• Source Code Review
• Host Header Injection Vulnerability
• Command Injection
• Session Hijacking
• File Upload Vulnerability
• Directory Traversal/Path Traversal
• Clickjacking
• Broken Authentication
• Cross Site Request Forgery (CSRF)
• Server Site Request Forgery (SSRF)
• Broken Access Control
• XML External Entities (XXE)
• SQL Injection
• Cross Site Scripting (XSS)
• Web Sockets Vulnerability
• OAuth Authentication Vulnerabilities

Module 7- Bug Bounty (Day- 36-37)
• What is Bug Bounty?
• How to start with Bug Bounty Programs?
• What is Responsible Vulnerability Disclosure?

Module 8- Report Writing (Day- 38-39)
• Understanding the importance of report writing
• Format of VAPT Report
• Tools for taking Screenshots and Notes