Lesson-1: Introduction to Cyber Security and Ethical Hacking (Duration- 2 Hours)
• Cyber Security vs Information security
• CIA Triad and Security Standards
• Ethical Hacking
• Penetration Testing Methodology
Lesson-2: Lab Setup with Kali Linux (Duration- 2 Hours)
• Introduction to Kali Linux
• Setting up the Virtualization environment
• Kali Linux Installation
• Linux special commands for Penetration Testing
Lesson-3: Reconnaissance (Duration- 3 Hours)
• Collecting information on target
• Active Reconnaissance
• Passive Reconnaissance
• OSINT Framework
• Gathering information on Websites and IP addresses
Lesson-4: Scanning and Enumerating Networks (Duration- 3 Hours)
• Introduction to Scanning
• Performing Host Discovery - Nmap
• Performing Port Scanning - Nmap
• Enumerating services - FTP, SSH, RDP, SMB, Kerberos, DNS, SMTP, Telnet, VNC, MySQL, etc.
• Vulnerability Scanning
• Vulnerability Scoring System
• Tool for Vulnerability Scanning
• Acunetix, Nessus, Qualys, Crashtest, Nikto, MSF-Pro, Nmap, NSE Script, Pentest toolbox etc.
Lesson-5: Exploiting Vulnerabilities (Duration- 3 Hours)
• Gathering information about Active Machines and targets
• Searching for exploits online and offline
Lesson-6: The Metasploit Framework (Duration- 3 Hours)
• Exploring Metasploit Framework
• The CLI Interface
• Meterpreter shell
• Searching exploits
• Exploiting vulnerabilities
Lesson-7: Manual Vulnerability Scanning (Duration- 3 Hours)
• Service Version Detection Scan
• OS Detection scan
• Looking for vulnerabilities using NVD database.
• Exploring Exploit Database
Lesson-8: Understanding Web Application Vulnerabilities (Duration- 10 Hours)
• Introduction of Web Architecture
• Reconnaissance of Websites
• Technology Analyses with Wappalyzer, Built With, WHOIS etc.
• Directory Busting with Gobuster, Dirbuster etc.
• Directory Traversal
• Exploiting Absolute Path and Relative Path
• File Inclusion
• Local File Inclusion (LFI)
• Remote File Inclusion (RFI)
• File Upload Vulnerabilities
• Command Injection.
• Broken Authentication
• Broken Access Control
• IDOR- Insecure Direct Object Reference
• Cross-Site Scripting (XSS)
• Stored and Reflected XSS
• Solving web based CTFs
Lesson-9: SQL Injection Attack (Duration- 8 Hours)
• Understanding SQL language and DBMS
• Authentication Bypass using SQL Injection attack
• Types of SQL Injection
• In-band SQL Injection
• Error-based SQL injection
• UNION-based SQL Injection
• Blind SQL Injection
• Time-based SQL Injection
• Boolean Based SQL Injection
• Out of band SQL Injection
Lesson-10: Client-side Attacks (Duration- 2 Hours)
• Understanding Client Side Attack
• Social Engineering
• Exploring techniques like Phishing web-pages, Mirroring websites, etc.
Lesson-11: Password-based Attacks (Duration- 3 Hours)
• Encryption, Hashing and Encoding
• Brute Forcing Credentials on Services
• Cracking different Password Hashes
• Exploring tools like John The Ripper, Hashcat, Hydra, NCrack & Medusa
Lesson-12: Troubleshooting with Exploits (Duration- 3 Hours)
• Python Scripting related Troubleshooting
• Troubleshooting the “index out of range” Error
• Fixing Exploits of Exploit DB
Lesson-13: Looking Public Exploits (Duration- 1 Hour)
• Exploring Online Exploits
• Exploring Manual Exploits on Kali Linux
Lesson-14: Antivirus Evasion and Anti-Virus Bypass (Duration- 3 Hours)
• Overview of Antivirus
• Working process of Antivirus and thread injection
• Bypassing Antivirus using Nim
Lesson-15: Exploring Windows Privilege Escalation (Duration- 7 Hours)
• Understanding concepts of Windows Privilege Escalation
• Enumerating Windows manually
• Enumerating Windows using Automated Scripts
• Enumerating Kernel details
• Exploitation of Privilege escalation techniques
Lesson-16: Exploring Linux Privilege Escalation (Duration- 7 Hours)
• Overview of Linux Privilege Escalation
• Enumerating Linux OS Manually
• Enumerating Linux OS using Automated Scripts
• Looking for Confidential Information like credentials
• Getting Root Account Privilege
• Exploitation of Privilege escalation techniques
Lesson-17: Active Directory Attacks (Duration- 8 Hours)
• Understanding Fundamentals of Active Directory
• Lab setup for AD
• Enumeration on Active Directory
• Bloodhound Setup
• Impacket Setup
• Analyzing domain data using Bloodhound
• Kerberosting attack
• Pass the Hash using MimiKatz
• NTLM Attack etc.
Lesson-18: Port Redirection and SSH Tunneling (Duration- 3 Hours)
• Understanding concepts of Port forwarding
• Introduction to SSH and HTTP Tunneling
• Tunneling through Deep Packet Analysis
• Binding Ports using MobaXterm, Putty, Chisel etc.
Lesson-19: Practicing (Duration- 8 Hours)
• Enumerating & exploiting the Public Network to learn
• Exploiting Internal Network for exploring
• Attacking on Internal Application
• Solving Machines
• Privilege access of the Domain Controller
• CTF Practice on TryHackMe, HackTheBox and VulnHub.
• Note Taking
• VAPT Report Making
• Proving Grounds
The Offensive Security Certified Professional (OSCP) enjoys a reputation as one of the most desired certifications worldwide. It holds high standards that put equal emphasis on practical application and theory in ethical hacking worldwide. For candidates in Ghaziabad willing to get a well-rounded learning experience and career boost as a penetration test specialist, the OSCP course in Ghaziabad is just what they need.
OSCP is primarily meant to equip the person with skills in identifying and exploiting various vulnerabilities in multiple operating systems and applications. The course offers a hands-on experience in which students undergo a series of practical exercises on numerous machines in a specified time frame, leading to the examination tests-based penetration. The knowledge of the OSCP course will create certified professionals who can face the significant challenges of cyber security in practical environments.
Several institutes offer OSCP training in Ghaziabad, indulging aspiring professionals in the penetration testing world to obtain this highly acclaimed certification. The certification not only helps to strengthen skills but also helps to build a successful career. The institutes in Ghaziabad offer comprehensive knowledge of OSCP, covering various aspects of ethical hacking, penetration testing, and network security.
Global Institute of Cyber Security and Ethical Hacking (GICSEH) deserves to be on the priority list of candidates considering joining an OSCP institute in Ghaziabad. Here are some reasons why GICSEH should be your top priority for the OSCP:
1. Experienced Trainers: GICSEH has highly skilled professional trainers with vast industry experience. Their knowledge allows individuals to get quality training with practical insights into cybersecurity.
2. Exam Preparation: It has formulated a perfect course depending on the industry's latest standards and the OSCP certification requirement. Hence, students are well-prepared to take the exam, with an overall knowledge required in the industry.
3. Thorough curriculum: The GICSEH training institute in Ghaziabad offers a well-structured curriculum designed by highly expert and skilled professionals. The curriculum is designed to align with the industry standard, ensuring students dont face cybersecurity challenges.
4. World-Class Infrastructure: GICSEH offers modern labs and amenities that provide a practical education experience beneficial for mastering the practical aspects of ethical hacking and penetration testing.
5. Placement Assistance: Keeping the growth of student careers foremost, GICSEH offers employment assistance to the students, establishing connections with various organizations and thus providing them with the right opportunity to work.
6. Flexible Schedules: GICSEH offers flexible learning schedules, like online or offline classes, to accommodate working professionals and other commitments.
If you want to establish yourself in a flourishing cybersecurity career, OSCP may be a judicious choice. This will take you to a globally well-recognized certification, which will help you become an expert in ethical hacking and penetration testing. If you are in Ghaziabad and searching for the best OSCP training, you must choose the right institute to learn and practice properly.