Cyber Security & Ethical Hacking Course Training

Welcome to the Best Ethical Hacking Training Institute in Hyderabad.

Real-Time Training | Job Assistance | Friendly Training

Cyber Security & Ethical Hacking Course Training

Tech Marshals is one of the most trusted brand of Hands-On Trainings in Ethical Hacking & Certification Courses in Hyderabad (India),

Ethical Hacking Training & Certification

Ethical Hacking is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CCEE credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective.

The Certified Cyber E-Expert v11 program is a trusted and respected ethical hacking training Program that any information security professional will need.

ETHICAL HACKING COURSE CONTENT  VERSION 10

1. Introduction to Ethical Hacking

  • What is Hacking
  • Who is a Hacker
  • Skills of a Hacker
  • Types of Hackers
  • Reasons for Hacking
  • Who are at the risk of Hacking attacks
  • Effects of Computer Hacking on an organization
  • Network Security Challenges
  • Elements of Information Security: Confidentiality, Integrity & Availability
  • The Security, Functionality & Usability Triangle
  • What is Ethical Hacking
  • Why Ethical Hacking is Necessary
  • Scope & Limitations of Ethical Hacking
  • What is Penetration Testing
  • What is Vulnerability Auditing

2. Computer and Network Basics:

  • Hacking
  • Internet protocol
  • Types of IP
  • Port
  • Protocol
  • Protocol service
  • OS for different hardware platforms
  • Vulnerability
  • Different Programming languages for different platforms/purposes.
  • What are Networks and what is networking
  • Network topologies
  • How the Networking devices communicate.
  • Vulnerable Hacking environments
  • Hashing checksums
  • Window/Linux commands
  • Php code overview
  • Assembly language programming overview
  • Introduction of kali
  • Introduction of backtrack
  • Introduction of parrot

 3. Foot Printing / reconnaissance / Information Gathering

  • What is Foot Printing
  • Objectives of Foot Printing
  • Finding a company’s details
  • Finding a company’s domain name
  • Finding a company’s Internal URLs
  • Finding a company’s Public and Restricted URLs
  • Finding a company’s Server details
  • Finding the details of domain registration
  • Finding the range of IP Address
  • Finding the DNS information
  • Finding the services running on the server
  • Finding the location of servers
  • Traceroute analysis
  • Tracking e-mail communications

4. Scanning

  • What is network scanning
  • Objectives of network scanning
  • Finding the live hosts in a network
  • Finding open ports on a server
  • Finding the services on a server
  • OS fingerprinting
  • Server Banner grabbing tools
  • What is a Vulnerability Scanning
  • Vulnerability Scanner tools
  • Finding more details about a vulnerability
  • What is a proxy server
  • How does proxy server work
  • Types of proxy servers
  • How to find proxy servers
  • Why do hackers use proxy servers
  • What is a TOR network
  • Why hackers prefer to use TOR network

5. Enumeration:

  • SNMP Enumeration
  • SMTP Enumeration
  • DNS Enumeration

6. Vulnerability Analysis

  • Perform vulnerability analysis to identify security loopholes in the target organization’s network, Communication infrastructure and end systems.

7. Sniffing and Sniffers

  • What is a sniffer
  • How sniffer works
  • Types of sniffing
  • Active sniffing
  • Passive Sniffing
  • What is promiscuous mode
  • How to put a PC into promiscuous mode
  • What is ARP
  • ARP poison attack
  • Threats of ARP poison attack
  • How MAC spoofing works
  • MAC Flooding
  • What is a CAM Table
  • How to defend against MAC Spoofing attacks
  • How to defend against Sniffers in network

8. System Hacking

  • What is system Hacking
  • Goals of System Hacking
  • Password Cracking
  • Password complexity
  • Finding the default passwords of network devices and softwares
  • Password cracking methods
  • Online password cracking
  • Man-in-the-middle attack
  • Password guessing
  • Offline password cracking
  • Brute force cracking
  • Dictionary based crackingZ
  • Hybrid attack
  • USB password stealers
  • Elcomsoft Distributed password recovery tools
  • Active password changer
  • What is a Keylogger
  • How to deploy a Keylogger to a remote pc
  • How to defend against a Keylogger.

 9. Malware Threats

  • What is malware
  • Types of malware
  • Virus
  • What is a virus program
  • What are the properties of a virus program
  • How does a computer get infected by virus
  • Types of virus
  • Virus making tools
  • How to defend against virus attacks
  • Worm
  • What is a worm program
  • How worms are different from virus
  • Trojan
  • What is a Trojan horse
  • How does a Trojan operate
  • Types of Trojans
  • Identifying Trojan infections
  • How to defend against Trojans
  • Spyware
  • What is a spyware
  • Types of spywares
  • How to defend against spyware
  • Rootkits
  • What is a Rootkit
  • Types of Rootkits
  • How does Rootkit operate
  • How to defend against Rootkits

10. Phishing and Social engineering

  • What is Phishing
  • How Phishing website is hosted
  • How victims are tricked to access Phishing websites
  • How to differentiate a Phishing webpage from the original webpage
  • How to defend against Phishing attacks
  • SET: Social Engineering Toolkit

11. DOS : Denial of Service

  • What is a DOS attack
  • What is a DDOS attack
  • Symptoms of a Dos attack
  • DoS attack techniques
  • What is a Botnet
  • Defending DoS attacks 

12. Session Hijacking

  • What is session hijacking.
  • Dangers of session hijacking attacks
  • Session hijacking techniques
  • Cross-Site scripting attack
  • Session hijacking tools
  • How to defend against session hijacking.

13. Hacking Web Servers & Web Applications

  • What is a web server
  • Different webserver applications in use
  • Why are webservers hacked & its consequences
  • Directory traversal attacks
  • Website defacement
  • Website password brute forcing
  • How to defend against web server hacking

14. SQL Injection

  • What is SQL Injection
  • Effects of SQL Injection attacks
  • Types of SQL Injection attacks
  • SQL Injection detection tools

15. Wireless Network Hacking

  • Types of wireless networks
  • Wi-Fi usage statistics
  • Finding a Wi-Fi network
  • Types of Wi-Fi authentications
  • Using a centralized authentication server
  • Using local authentication
  • Types of Wi-Fi encryption methods
  • WEP
  • WPA
  • WPAT
  • How does WEP work
  • Weakness of WEP encryption
  • How does WPA work
  • How does WPAT work
  • Hardware and software required to crack Wi-Fi networks
  • How to crack WEP encryption
  • How to crack WPA encryption
  • How to crack WPAT encryption
  • How to defend against Wi-Fi cracking attacks

16. Kali Linux

  • What is Kali Linux
  • How Kali Linux is different from other Linux distributions
  • What are the uses of Kali Linux
  • Tools for Footprinting, Scanning & Sniffing
  • What is Metasploit framework
  • Using Metasploit framework to attack Windows machines
  • Using Metasploit framework to attack Android mobile devices

17. Evading Firewalls, IDS & Honeypots

  • What is a Firewall
  • What are the functions of a Firewall
  • What is an IDS
  • How does an IDS work
  • SPAN
  • IDS tools
  • What is a honeypot
  • Types of honeypots
  • Honeypot tools
  • Honeypot detection tools

18.  IoT Hacking

  • Different threats to IoT platforms and learn how to defend IoT devices securely.

19. Cloud Computing

  • What is Cloud
  • What are the cloud services
  • Various cloud computing concepts, threats, attacks, and security techniques and tools (Cloud security).

20. Cryptography

  • What is Cryptography
  • Types of cryptography
  • Cipher algorithms
  • Public key infrastructure
  • What is a Hash
  • Cryptography attacks

21. Penetration Testing

  • What is Penetration Testing
  • Types of Penetration Testing
  • What is to be tested
  • Testing the network devices for misconfiguration
  • Testing the servers and hosting applications for misconfiguration
  • Testing the servers and hosting applications for vulnerabilities
  • Testing wireless networks
  • Testing for Denial of Service attack

22. Counter Measure Techniques for Network level attacks

  • Types of Firewall
  • Packet Filtering Firewall
  • Circuit-Level Gateway Firewall
  • Application-Level Firewall
  • Stateful Multilayer Inspection Firewall
  • Limitations of a Firewall
  • IDS / IPS
  • What is an IDS
  • What is a IPS
  • Difference between IDS & IPS
  • Placement of IDS in the Network
  • Configuring an IDS in the Network
  • Placement of IPS in the Network
  • Configuring an IPS in the Network
  • UTM / Next-Generation Firewall
  • What is a UTM
  • Features of UTM
  • Difference between a Firewall & a UTM
  • Placement of UTM in the Network
  • Configuring a UTM in the Network
  • Monitoring attacks using UTM
  • Configuring IPS module in UTM to detect and stop attacks

23. Counter Measure Techniques for Local Systems

  • Identifying the Vulnerabilities of a system
  • Understanding the Vulnerabilities of a system
  • CVE ID
  • Bugtraq ID
  • Patch Management
  • Identifying the patch for a Vulnerability
  • Downloading the Patch
  • Testing the patch for stability in test environment
  • Deploying the patch to Live Network
  • Finding the missing updates in an Operating System
  • Microsoft Baseline Security Analyser
  • Belarc Advisor

24. Counter Measure Techniques for Malware Attacks

  • Scanning systems for Malware infections
  • Types of anti-malwares
  • Anti-Virus
  • Anti-Worm
  • Anti-Trojan
  • Anti-Rootkit
  • Internet Security Suites
  • HIDS
  • HIPS

CERTIFIED Certified Cyber E-Expert  TRAINING PROGRAM

The Certified Cyber E-Expert  Training program is the pinnacle of the most desired information security training program any information security professional will ever want to be in. To master the hacking technologies, you will need to become one, but an ethical one! The accredited course provides the advanced hacking tools and techniques used by hackers and information security professionals alike to break into an organization. As we put it, “To beat a hacker, you need to think like a hacker”.

WHAT’S NEXT AFTER THE ETHICAL HACKING ?

Top Ethical Hacking Interview Questions

If you’ve got hacking skills, you can turn your ethical hacking into a career. Ethical Hacking is the term given to penetration testing and prevention. Your career is based on your hacking skills, but you use them to protect companies against malicious hackers.

1. What is the difference between Hacking and Ethical Hacking?

Broadly speaking, both Hacking and Ethical Hacking refers to break-in the network or check for the vulnerabilities of a website. Hacking is illegal and rewards you with sentences that ranges from months to lifetime, whereas Ethical Hacking is an entirely legal and professional work which showers you with recognition and promotions in the security domain.

3. What is scanning and what are some examples of the types of scanning used?

Scanning may be referred to as a set of procedures for identifying hosts, ports and the services attached to a network. Scanning is a critical component for information gathering. It allows the hacker to create a profile on the site of the organization to be hacked. Types of scanning include:

  • Port scanning
  • Vulnerability scanning
  • Network scanning

4.What is footprinting? What are the techniques used for footprinting?

Footprinting refers to accumulating and uncovering information about the target network before attempting to gain access. Hacking techniques include: 

  • Open source footprinting: This technique will search for administrator contact information, which can be later used for guessing the correct password in social engineering.
  • Network enumeration: This is when the hacker attempts to identify the domain names and network blocks of the targeted
  • Scanning: Once the network is known, the second step is to pry on the active IP addresses on the network.
  • Stack fingerprinting: This techinique should be the final footprinting step that takes place once the port and host are mapped.

7.What is network sniffing?

Network sniffing involves using sniffer tools that enable real-time monitoring and analysis of data packets flowing over computer networks. Sniffers can be used for different purposes, whether it’s to steal information or manage networks.

Network sniffing is used for ethical as well as unethical purposes. Network administrators use these as network monitoring and analysis tools to diagnose and prevent network-related problems such as traffic bottlenecks. Cybercriminals use these tools for dishonest purposes such as identity usurpation, email, sensitive data hijacking and more.

9. What is cross-site scripting and its different variations?

Cross-site scripting (XSS) attacks are a type of injection where malicious scripts are injected into otherwise benign and trusted websites. XSS takes place when an attacker inserts a malicious payload, usually in the form of JavaScript code in a web form. XSS vulnerabilities are categorized as follows:

  • Reflected cross-site scripting
  • Stored cross-site scripting
  • DOM-based cross-site scripting

11. How can you avoid or prevent ARP poisoning?

ARP poisoning is a form of network attack that can be mitigated through the following methods:

  • Use packet filtering: Packet filters can filter out and block packets with conflicting source address information.
  • Avoid trust relationship: Organizations should develop a protocol that relies on trust relationship as little as possible.
  • Use ARP spoofing detection software: Some programs inspect and certify data before it is transmitted and blocks data that is spoofed.
  • Use cryptographic network protocols: ARP spoofing attacks can be mitigated by the use of secure protocols such as SSH, TLS and HTTPS which send data encrypted before transmission and after reception.

2. What are the hacking stages?

Hacking, or targeting a specific machine, should follow and go through the following five phases:

  • Reconnaissance: This is the first phase where the hacker attempts to collect as much information as possible about the target.
  • Scanning: This stage involves exploiting the information gathered during reconnaissance phase and using it to examine the victim. The hacker can use automated tools during the scanning phase which can include port scanners, mappers and vulnerability scanners.
  • Gaining access: This is the phase where the real hacking takes place. The hacker now attempts to exploit vulnerabilities discovered during the reconnaissance and scanning phase to gain access.
  • Maintaining access: Once access is gained, hackers want to keep that access for future exploitation and attacks by securing their exclusive access with backdoors, rootkits and trojans.
  • Covering tracks: Once hackers have been able to gain and maintain access, they cover their tracks and traces to avoid detection. This also allows them to continue the use of the hacked system and avoid legal actions.

5. What are some of the standard tools used by cyber security Experts?

To facilitate some manual tasks and speed up the hacking process, hackers can use a set of tools such as:

  • Metasploit
  • Wireshark
  • NMAP
  • Burp Suite
  • OWASP ZAP
  • Nikto
  • SQLmap

6. What is Burp Suite? What tools does it contain?

Burp Suite is an integrated platform used for attacking web applications. It contains all the possible tools a hacker would require for attacking an application. Some of these functionalities include, but are not limited to:

  • Proxy
  • Spider
  • Scanner
  • Intruder
  • Repeater
  • Decoder
  • Comparer
  • Sequencer

8.What is SQL injection and its types?

A SQL injection occurs when the application does not sanitize the user input. Thus a malicious hacker would inject SQL query to gain unauthorized access and execute administration operations on the database. SQL injections can be classified as follows:

  • Error-based SQL injection
  • Blind SQL injection
  • Time-based SQL injection

10. What is a denial of service (DOS) attack and what are the common forms?

DOS attacks involve flooding servers, systems or networks with traffic to cause over-consumption of victim resources. This makes it difficult or impossible for legitimate users to access or use targeted sites.

Common DOS attacks include:

  • Buffer overflow attacks
  • ICMP flood
  • SYN flood
  • Teardrop attack
  • Smurf attack
Still have questions?

" This time you might ignore the security but soon after you will care the time Hackers around the world doing right now "

– Jonny leet

Mon-Sat: 8 am - 7 pm

Sunday: Closed

9133333875 | 04040034050

Call us for more information

#B2, 2nd Floror, KVR ENCLAVE, AMEERPET, HYDERABAD

Beside Satyam Theatre, Above Bata Showroom,

Contact Us

Share This