TechHacker Ethical Hacking and Cyber Security Mega Bundle

Module 1: Introduction

1. Introduction to Information Security

2. Information Security Threats
3. Introduction to Cyber Security
4. The CIA Triad
5. Introduction to Hacking and Hackers
6. Types of Hackers
7. Introduction to Ethical Hacking
8. Information Warfare
9. Need for Ethical Hackers
10. Careers in Ethical Hacking
11. Course Overview
12. General Terminologies
13. How to become an Ethical Hacker

Module 2: Basics and Environment Setup

1. Cyber Security Basics

1. Advantages and Limitations of Cyber Security

2. Cyber Defense
3. Skills of an Ethical Hacker
4. Information Security Policies
5. Vulnerability Research

2. Operating Systems: Linux

1. Introduction and Evolution of Linux

2. Major Distributions of Linux
3. Advantages of Linux
4. Linux for Penetration Testing

3. Types of Hackers contd.

1. Crackers
2. White hat, black hat, grey hat
3. Hacktivist
4. Script kiddie
5. Neophyte

4. Phases of Hacking

1. Footprinting
2. Scanning
3. Gaining Access
4. Maintaining Access
5. Clearing logs

5. Penetration Testing

6. Phases of Penetration Testing

1. Pre engagement Actions

2. Reconnaissance
3. Threat Modeling & Vulnerability Identification
4. Exploitation
5. Post-Exploitation
6. Reporting
7. Resolution & Re-Testing

7. Cyber Security vs. Ethical Hacking

8. Ethical Hacking Laws and Policies

9. IT Act 2000

10. Risk Management and Methodology

11. Software/Hardware Requirements for Hacking Lab

12. Installation and Configuration of VMWare

13. Dual Boot vs Virtual Machine

13. Installing Kali in Virtual Machine

1. Selecting an appropriate distro

2. Downloading the machine
3. Downloading VMWare
4. Installing on Windows 10 host
5. Configuring Kali 2019.4 in VMWare
6. Installation

15. Managing Network Interfaces

1. NAT vs. Bridged vs. Host only

16. Download and installation of DVWA and BWAPP

17. Installing Metasploitable

18. Installing OWASP Broken Web Application

Module 3: Linux Refresher

1. Introduction to Command Line

1. Command Shell basics

2. Windows Command Line
3. Linux Command Line

2. File Systems

1. Unix File System

2. NTFS vs. FAT vs. EXT

3. User Hierarchy

1. Linux User administration

4. Terminal and shell commands

1. Major DOS commands

2. Major Linux Terminal commands
3. Working with Linux User Administation
4. Working with Linux File permissions
5. Working with Linux Files and Directories
6. Working with Linux groups
7. Linux Package Manager: apt
8. Linux Useful Files

Module 4: Networking Refresher

1. The OSI/TCP-IP Model

1. Introduction to Layered Network Architecture

2. Significance of each Layer
3. Protocol Data Unit (PDU)
4. Working of each Layer

2. Data Link Layer

1. Working of DLL
2. Introduction to MAC addresses
3. MAC address structure

3. Network Layer

1. Working of NL
2. Basics of IP addresses
3. Types of IP addresses
4. Classful and classless addressing

4. Transport Layer

1. Working of TL
2. Working of TCP and UDP
3. Differences and Similarilities of TCP and UDP
4. Basics of Port addressing
5. Types of Ports

5. Proxy and Proxy Servers

1. Introduction to Proxies
2. How proxies work
3. Applications of proxies
4. Types of Proxies
5. Types of Proxy Servers

6. TOR

1. Introduction to Onion Routing

2. The TOR Network
3. Advantages and Disadvantages of TOR

7. VPN

1. Introduction to Virtual Networks

2. Introduction to Tunneling
3. Encapsulation and Encryption
4. Working of VPN
5. Protocols Implementing VPNs
6. Advantages and Disadvantages of VPN
7. Types of VPN
8. Remote login: SSH and telnet

1. Working of Remote Login

2. Introduction to telnet
3. Introduction to Secure Shell (SSH)

9. Introduction to NAT and Port Forwarding

Module 5: Footprinting and Reconnaissance

1. Basics of Footprinting

1. Terminology
2. Why Footprinting?
3. Objectives of Footprinting

2. Types of Footprinting

1. Footprinting through Search Engines

2. OSINT
3. Email Footprinting
4. Website Footprinting
5. Footprinting using Google
6. Competitive Intelligence

3. Website Footprinting

1. Extract Website Information from archive.org (Wayback Machine)

2. Website Mirroring
1. HTTrack Web Site Copier

4. whois

1. Introduction
2. Working with whois database

5. DNS

1. Introduction DNS footprinting

2. DNS Resource Records
3. DNS footprinting with dnsdumpster
4. DNS footprinting with dns.google.com

6. Network Footprinting

1. Locate the Network Range

2. Determine the Operating System
3. Traceroute
4. Traceroute Analysis

7. Footprinting Tools

1. Maltego

1. Introduction to Maltego
2. Information Gathering with domain name
3. Information Gathering with IP address
4. Using the tool efficiently
5. Transform Hub
6. Integration with Shodan API

2. OSINT Framework
3. Traceroute
4. Harvester
5. Shodan

1. Introduction and Working

2. Working with Shodan Dorks

6. WhatWeb,
7. Wappalyzer
8. Subdomain finder
1. sublist3r
2. Websites: Pentest-tools and Virustotal

9. netdiscover
10. Major IP Block

8. Google Hacking

1. Introduction to Google Hacking

2. Dorks and Advanced Search Operators
3. Working with Google Dorks

9. Footprinting with Social Engineering

1. Collect Information Using

1. Eavesdropping
2. Shoulder Surfing
3. Dumpster Diving

10. Footprinting Countermeasures

Module 6: Scanning

1. Overview

2. Scanning Methodology

1. Check for Live systems

1. Working with ping command

2. Angry IP scanner

2. ICMP scan
3. TCP flags
4. TCP 3-Way Handshake
5. Check for open ports/Port scanning

1. Types of Port scanning

2. TCP Connect Scan
3. TCP Stealth Scan
4. FIN, NULL scan
5. XMAS scan
6. ACK Probe scan
7. UDP scan
6. Nmap scanning

1. Introduction and First Look

2. Port Scanning
3. Advanced Port Scanning
4. Bypassing Firewalls and IDS
5. Types of Scans

7. hping3 port scanning

8. Pentest-tools.com
9. Colasoft Packet Builder

3. Banner Grabbing

1. Active and passive

2. OS Fingerprinting
3. Banner grabbing tools
1. ID Serve
2. NetCraft
3. NetCat

4. Evading IDS and Firewalls

1. IDS Evasion Techniques

2. SYN/FIN Scanning Using IP Fragments

5. Vulnerability Scanning

1. Nessus tool
2. Nmap Scripting Engine
3. Nikto scan
4. OpenVAS
5. wpscan

6. Mapping Networks

1. Network Topology Mapper

2. Spiceworks

7. Scanning Countermeasures

1. Port scanning
2. Banner Grabbing
3. Hiding File Extensions from Web Pages

Module 7: Enumeration

1. Basics and overview

2. Techniques of enumeration

3. NetBIOS Enumeration

1. NetBIOS Enumeration Tool: nbtstat

2. Enumerating NetBios Name Tables
3. Enumerating User Accounts

4. SNMP Enum
1. Working of SNMP
2. SNMP Architecture

5. LDAP Enum
1. Introduction to LDAP
2. LDAP Directory Struture

6. SMTP Enum

1. SMTP Enumeration Tool: telnet

2. MetaSploit SMTP enum exploits

7. DNS Enum

1. Introduction to DNS Zones

2. Introduction to DNS Zone Transfer
3. DNS Zone Transfer Enumeration Using NSLookup
4. DNS Zone Transfer Enumeration Using host command
5. The dig command
6. DNS Zone Transfer Enumeration Using dig command

8. SMB Enum

1. Working of SMB
2. nmap smb scripts
3. smbclient

9. NTP Enum
1. Introduction to NTP
2. NTP Servers Architecture

10. Enumeration Countermeasures

8. Module 8: System Hacking

1. Introduction

1. What is system hacking

2. System hacking goals

2. Password Cracking

1. Password Complexity
2. Techniques
3. Passive Online Attack: Eavesdropping
4. Active Online Attack: Password Guessing
5. Active Online Attack: Trojan/Spyware/Keylogger
6. Rainbow attacks
7. Stealing Passwords Using Keyloggers
8. Microsoft Authentication
9. How Hash Passwords Are Stored in Windows SAM?
10. What Is LAN Manager Hash?
11. LM, NTLMv1, and NTLMv2
12. NTLM Authentication Process
13. Kerberos Authentication
14. Salting
15. Tools
1. Crunch
2. Cain & Abel
3. RainbowCrack
4. HashCat
5. John The Ripper

4. MetaSploit

1. Introduction
2. Components
3. System exploitation with metasploit
4. Post exploitation

5. Windows Pentesting

1. Active Directory: Introduction

2. Active Directory: Components
3. Active Directory: Lab Requirements
4. Active Directory: Downloading Necessary Files
5. Active Directory: Installing and setting up Domain Controller
(Server)
6. Active Directory: Creating users, groups and services
7. Active Directory: Setting up Windows 10 User machines
8. Active Directory: Joining Users to the domain
9. Active Directory Attacks
1. LLMNR/MBT-NS Poisoning
2. Kerberoasting
10. Pwning with DLL Hijacking
11. Password stealing with Mimikatz

6. Privilege Escalation

1. Introduction
2. Windows Privilege Escalation (UAC Bypass)
3. Linux Privilege Escalation (Metasploitable)

7. Executing Applications

1. Keyloggers

1. Types of Keystroke Loggers

2. Methodology of Attacker in Using Remote Keylogger
3. Hardware Keyloggers
4. Anti keyloggers

2. Spywares
3. Antispyware

8. Hiding Files

1. Rootkits
2. Anti Rootkits

1. Stinger
2. UnHackMe
3. GMER

3. Steganography
1. Image stego
2. Document
3. Video stego
4. Audio stego
5. Steganalysis

9. Covering Tracks
10. Countermeasures

9. Module 9: Malwares

1. Malware concepts

1. Introduction
2. How malware gets into systems
3. How attackers spread malwares

2. Viruses

1. Introduction
2. Stages of a virus lifetime
3. Phases of a Virus attack
4. Working of Viruses
5. Indications of a virus attack
6. Types of Viruses
7. Generating Viruses
1. JPS Virus Maker
2. Sonic Bat

3. Ransomwares

1. Types of ransomware
2. Case study: WannaCry
3. Case Study: Cryptolocker
4. Ransomware families
5. How to remove ransomware

3. Worms

1. Worm vs. Virus

2. Internet Worm Maker Thing

4. Trojans

1. Introduction
2. How Hackers use Trojans?
3. Common Ports Used by Trojans
4. How to Infect Systems Using a Trojan
5. Exploit Kits
6. Evading Antiviruses
7. Types of trojans

6. Malware Detection

1. Malware detection methods

2. Tools
3. WinMD5

7. Malware Analysis
1. What is Sheep Dip Computer?
2. Virus Analysis Tool: VirusTotal
3. Online Malware Testing: VirusTotal, AntiScan
4. Static Analysis: Analyzing strings
5. Static Analysis: Analyzing PE header
6. Static Analysis: File Type Identification
7. Static Analysis: Hash calculation

8. Countermeasures

1. How to prevent malwares

2. How to prevent ransomware

10. Module 10: Sniffing and Spoofing

1. Sniffing concepts

1. Introduction
2. Types of Sniffing
3. Hardware Protocol Analyzers
4. Wiretapping

2. MAC Attacks

1. MAC Flooding
2. MAC Flooding Tool: macof
3. Switch port stealing
4. Defend againts MAC attacks

3. DHCP Attacks

1. How DHCP Works

2. DHCP Starvation attack
3. Rogue DHCP Server Attack
4. How to Defend Against DHCP Starvation and Rogue Server Attack

4. IP Spoofing

5. ARP Poisoning

1. What Is Address Resolution Protocol (ARP)?

2. ARP Spoofing attack with arpspoof
3. How Does ARP Spoofing Work
4. ARP Poisoning Tool: Ettercap
5. How to Defend Against ARP Poisoning
6. DHCP Snooping

6. Spoofing Attacks

1. MAC Spoofing/Duplicating with macchanger

2. How to Defend Against MAC Spoofing
3. IRDP Spoofing

7. DNS Poisoning

1. Intranet DNS Spoofing

2. Internet DNS Spoofing
3. Proxy DNS Poisoning
4. DNS Cache Poisoning
5. Defense measures

8. Sniffing Tools

1. Wireshark introduction
2. Reading wireshark captures
3. Using wireshark for pentesting
4. Gathering sensitive data from wireshark captures

9. Countermeasures

1. How to Detect Sniffing

2. Sniffer Detection Technique: Ping Method
3. Sniffer Detection Technique: ARP Method
4. Sniffer Detection Technique: DNS Method

11. Module 11: Social Engineering

1. SE Concepts

1. What is Social Engineering?

2. Behaviors Vulnerable to Attacks
3. Factors that Make Companies Vulnerable to Attacks
4. Why Is Social Engineering Effective?
5. Phases of a Social Engineering attack

2. SE Techniques

1. Types of Social Engineering

2. Human-based Social Engineering: Impersonation, Eavesdropping and
Shoulder Surfing, Dumpster Diving, Reverse SE, Piggybacking, tailgating
3. Watch these Movies
4. Computer-based Social Engineering: Popups, Phishing, Spear Phishing
5. Mobile-based Social Engineering: Publishing Malicious Apps,
Repackaging Legitimate Apps, Fake Security Applications, using SMS
6. Insider Attack
7. Common Social Engineering Targets and Defense Strategies
8. Impersonation of Social Networking Sites

3. Identity thefts

1. Identity Theft Statistics

2. How to Steal an Identity

4. SE Tools

1. Social Engineering Toolkit (SEToolkit)

2. Creating a fake login page manually (Facebook)

5. SE Countermeasures

1. How to Detect Phishing Emails

2. Anti-Phishing Toolbar: Netcraft
3. Anti-Phishing Toolbar: PhishTank
4. Identity Theft Countermeasures

12. Module 12: Denial of Service

1. DoS/DDoS Concepts

1. What is DoS and DDoS?

2. How Distributed Denial of Service Attacks Work

2. DoS attack techniques

1. Bandwidth Attacks
2. Service Request Floods
3. SYN Flooding
4. ICMP Flooding
5. Permanent Denial-of-Service Attack
6. Application Level flooding

3. Botnet

1. Botnet Propagation Technique

2. Botnet Ecosystem
3. Botnet Trojans

4. Attack tools

1. hping3
2. slowloris
2. GoldenEye
4. Low Orbit Ion Cannon (LOIC)
5. RUDY

5. Countermeasures

1. Detection Techniques
2. Activity Profiling
3. DDoS Attack Countermeasures
4. DoS/DDoS Countermeasures: Detect and Neutralize Handlers
5. DoS/DDoS Countermeasures: Mitigate Attacks
6. Post-Attack Forensics
7. Techniques to Defend against Botnets

13. Module 13: Session Hijacking

1. Concepts

1. What is Session Hijacking?

2. Dangers Posed by Hijacking
3. Why Session Hijacking is Successful?
4. Key Session Hijacking Techniques
5. Brute Forcing Attack
6. Spoofing vs. Hijacking
7. Packet Analysis of a Local Session Hijack

2. Application level session hijacking

1. Application level Hijacking techniques

2. How to Predict a Session Token
3. Session Replay
4. Man in the middle
5. Man-in the–Browser
6. Client Side Attacks
7. Replay attacks
8. Proxy hijacking

3. Network level session hijacking

1. Sequence Numbers Prediction

2. TCP/IP Hijacking
3. UDP Hijacking
4. IP Spoofing: Source Routed Packets
5. RST Hijacking
6. Blind Hijacking
7. Man-in-the-Middle Attack Using Packet Sniffer

4. Session Hijacking tools

1. Session Hijacking Tool: Zaproxy

2. Session Hijacking Tool: Burp Suite

5. Countermeasures

1. Protecting against Session Hijacking

2. Methods to Prevent Session Hijacking: To be Followed by Web
Developers
3. Methods to Prevent Session Hijacking: To be Followed by Web Users
4. IPSec

14. Module 14: Hacking Web Servers

1. Web server concepts

1. Web Server Introduction

2. Types of Web Servers
3. Web Server Market Shares
4. Web Server security issue
5. Why Web Servers are compromised?
6. Impact of Webserver Attacks
7. Open Source Webserver Architecture

2. Webserver Attacks

1. Webserver Misconfiguration
2. Directory Traversal Attacks
3. HTTP Response Splitting Attack
4. Web Cache Poisoning Attack
5. SSH Bruteforce Attack

3. Attack Methodology

1. Information Gathering
2. Webserver Footprinting
3. Mirroring a Website
4. Vulnerability Scanning
5. Session Hijacking
6. Hacking Web Passwords

4. Web server attack tools

1. Metasploit
2. THCHydra
5. Countermeasures

1. Patche Management (MBSA)

2. Web Servers in Separate Secure Segment
3. Protocols
4. Accounts
5. Files and Directories
6. Detecting Web Server Hacking Attempts
7. How to Defend Against Web Server Attacks
8. Web Server Security Tools

15. Module 15: Hacking Web Applications

1. Web App Concepts

1. Introduction
2. Web Application Components
3. Web Application Architecture
4. Web 2.0 Applications
5. Vulnerability Stack

2. Web App threats and attacks

1. Unvalidated Input
2. Parameter Tampering
3. Injection Flaws
4. SQL Injection
5. Directory Traversal
6. Cookie/Session Poisoning
7. Command Injection
8. Unvalidated redirects and forwards
9. Broken Access Control
10. Information Disclosure
11. Improper Error Handling
12. CAPTCHA Attacks
13. Insufficient Logging and Monitoring
14. Broken Authentication and Session Management
15. Security Misconfiguration
16. Cross Site Scripting
17. Cross Site Request Forgery
18. Hidden Field Manipulation
19. Insecure Direct Object References
20. File Injection/Upload (Local and Remote)
21. CORS Misconfiguration
22. Web Services Attacks
23. Insufficient Transport Layer Protection
24. Failure to Restrict URL Access
25. Server Side Request Forgery
26. Buffer Overflow
27. Clickjacking
28. Server Side Template Injection
29. Web Application Denial of Service
30. Insecure Cryptographic Storage
31. XML External Entity
32. Insecure Deserialization
33. Known Vulnerable Components
34. Session fixation
3. Web app attack methodology

1. Footprint Web Infrastructure

2. Attacking Web Servers (WebInspect)
3. Analyze Web Application
4. Attack Authentication Mechanism
5. Authorization Attack Schemes
6. Attack Session Management Mechanism
7. Performing Various Attacks
8. Attack Web App Client
9. Attack Web Services

4. Web App Hacking Tools

1. Burp Suite

5. Countermeasures

1. Encoding Schemes
2. How to Defend Against:

1. SQL Injection Attacks

2. Command Injection
3. XSS
4. DoS
5. Web Services attacks

3. How to Defend Against Web Application Attacks?

16. Module 16: IDS, Firewalls and Honeypots

1. Firewalls

1. Introduction
2. Firewall Architecture
3. DeMilitarized Zone (DMZ)
4. Bastion Host
5. Types of Firewalls
6. Honeypots and types
7. Honeypot Tools

2. Intrusion Detection/Prevention Systems

1. The concept
2. Ways to Detect an Intrusion
3. General Indications of Intrusions
4. IDS vs Firewall vs IPS
5. Intrusion Detection Tool: Snort
6. How Snort Works
7. Snort Rules

3. Honeypots

1. Introduction
2. Types of Honeypots
3. Honeypot Strategies
4. False positives
5. Placement of Honeypots
3. Evading IDS

1. Payload Obfuscation
2. Insertion attacks
3. Denial of Service
4. Session Splicing

4. Evading Firewalls (Bitvise)

1. SSH Tunneling
2. IP Address Spoofing
3. Source Routing
4. Bypass Blocked Sites Using IP Address in Place of URL
5. Bypass a Firewall using Proxy Server
6. Bypassing Firewall through ICMP Tunneling Method
7. Bypassing Firewall through HTTP Tunneling Method

17. Module 17: Wireless Pentesting

1. Wireless Concepts

1. Wireless Networks
2. Wireless Terminologies
3. Wi-Fi Networks at Home and Public Places
4. Wireless Technology Statistics
5. Types of Wireless Networks
6. Wireless Standards
7. Service Set Identifier (SSID)
8. Wi-Fi Authentication Modes
9. WiFi Encryption
10. WiFi Protected Setup (WPS)

2. Wireless Encryption

1. Types of Wireless Encryption

2. WEP Encryption
3. What is WPA?
4. What is WPA2?
5. WEP vs. WPA vs. WPA2
6. WEP Issues, Weak IV
7. How to Break WEP Encryption?
8. How to Break WPA/WPA2 Encryption?

3. Wireless threats

1. Access Control Attacks

2. Integrity Attacks
3. Confidentiality Attacks
4. Availability Attacks
5. Authentication Attacks
6. Rogue Access Point Attacks
7. Client Misassociation
8. Misconfigured Access Point Attack

4. Wireless Hacking Methodology

1. Wi-Fi Discovery (Xirrus Wi-Fi Inspector, NetStumbler, airodump)

2. GPS Mapping
3. Wireless Traffic Analysis
4. Launch Wireless Attacks

1. Aircrack-ng Suite
2. How to Reveal Hidden SSIDs
3. Fragmentation Attack
4. Denial of Service: Deauthentication and Disassociation Attacks
5. Man-in-the-Middle Attack
6. Wireless ARP Poisoning Attack
7. Rogue Access Point
8. Evil Twin

5. Wireless hacking tools

1. Wi-Fi Pentesting Suite: Aircrack

2. Wardriving Tools
3. Wi-Fi Traffic Analyzer Tools

6. Countermeasures

1. How to Detect and Block Rogue AP?

2. How to Defend Against Wireless Attacks?

7. Wireless Security tools

1. Wireless Intrusion Prevention Systems (Wireless IPS: Snort)

2. AirMagnet WiFi Analyzer
3. AirDefense
4. RogueScanner

18. Module 18: Mobile Platform Pentesting

1. Mobile attack vectors

1. Mobile Threat Report

2. Terminology
3. Mobile Platform Vulnerabilities and Risks
4. Top ten mobile vulnerabilties (owasp)

2. Hacking Android OS

1. Android OS Architecture
2. Android Rooting
3. Android Pentesting

1. Genymotion Setup
2. Burpsuite for Android
3. Setting up ADB
4. Working with Android Proxies
5. White box and Black Box testing
4. Top 10 Vulnerabilities and Exploitation

5. Android apk reverse engineering

1. Dex2jar
2. Java De-compiler
3. Apktool
4. Apk analyzer

6. Hacking Android with Metasploit

7. Securing Android devices

3. Hacking iOS

1. Jailbreaking iOS
2. Jailbreaking vs. Android rooting
3. Types of Jailbreaking
4. Jailbreaking Tools (Pangu, TaiG, PP 25, Evasi0n, p0sixspwn, Redsn0w,
Absinthe, PwnageTool, Sn0wBreeze, Seas0nPass, GreenPois0n, LimeRa1n)
5. Guidelines for Securing iOS Devices

4. Mobile Security Guidelines and tools

19. Module 19: Cryptography

1. Cryptography concepts
2. Encryption algorithms

1. Ciphers
2. Classical Cryptosystem vs Modern Cryptosystem
3. Fiestel Cipher
4. Data Encryption Standard (DES)
5. Attacks on DES
6. Advanced Encryption Standard (AES)
7. RC4, RC5, RC6 Algorithms
8. Public Key Cryptography, RSA (Rivest Shamir Adleman)
9. Message Digest (One-way Hash) Functions
10. Secure Hashing Algorithm (SHA)
11. Transport Layer Security
12. Pretty Good Privacy

3. Cryptography tools

1. MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles

2. Cryptography Tool: Advanced Encryption Package
3. Cryptography Tool: BCTextEncoder

4. Public Key Infrastructure (PKI)

1. Digital Signatures
2. Certification Authorities
3. CA Cerftificates
4. Certification Hierarchy

6. Cryptanalysis

1. Types of Cryptanalytic algorithms

2. Side channel attack
3. Cryptanalysis Tool: CrypTool
4. Online MD5 Decryption Tool

20. Module 20: Cloud Computing

1. CC concepts

1. What is cloud
2. What is cloud computing
3. Deployment models
4. Service models
5. Benefits of cloud computing
6. Risks of cloud computing
7. Virtualization

2. CC threats

1. Cloud security stack

2. Attacks on cloud service levels
3. Top cloud security attacks

3. CC attacks

4. Cloud security

1. Cloud Security Controls

2. Security and Privacy
3. Data security
4. Encryption

5. AWS Demo

21. Module 21: Forensics

1. Computer Forensics
2. Investigation Process
3. Incident Response
4. Hard Disks and File systems

1. Hard Disks
2. Master Boot Record
3. Registry Data (Registry Monitor, Registry Checker)
4. Boot Sequence

5. Windows Forensics

1. Volatile Information
2. Non Volatile Information
3. Cache Analysis (IECacheView, CacheMonitor2, Pasco)
4. MD5 Calculation (ChaosMD5, Secure Hash Signature Generator, MatMD5,
MD5 Checksum Verifier)
5. Recycle Bin
6. NTFS Alternate Data Streams
7. Executable file analysis

6. Linux Forensics

1. Sleuth Kit
2. Autopsy

4. Mobile forensics

1. Seizure
2. Aquisition
3. Analysis

5. Digital Forensic Tools

1. Autopsy
2. Sleuth Kit
3. foremost
4. bulkextractor
5. ftkimager
6. guymager

6. Digital Forensics with Autopsy

7. Forensic Reporting

22: Module 22: Bug Hunting and Pentesting

1. Introduction

1. Security Assessments
2. Vulnerability Assessment
3. Introduction to Penetration Testing
4. Penetration Testing vs Vulnerability Assessment
5. Why Penetration Testing?
6. When to Perform Penetration Testing?
7. Types of Pen Testing
8. Requirements of a Pen Tester
9. Manual vs Automated Pentesting
10. Pen Testing Tools

2. Pentesting Methodology

1. Phases of Penetration Testing

2. Pre-Attack Phase
3. Enumerating Devices
4. Activity: Execute, Implant, and Retract
5. Post-Attack Phase and Activities
6. Pen Testing Report Writing

3. Bug bounty concepts

1. What is bug bounty?

2. Bug Bounty methodology
3. How to become a bug bounty hunter
4. How to choose a target
5. Program listing breakdown
6. Resources for bug bounty

4. Report Writing

1. Understanding audience standards

2. Essential Components of a report
3. Proof of Concept
4. Impact Prediction
5. Stating mitigation and remediation measures
6. Tips for writing a good report

5. Ethics and standards

1. Responsible disclosure
2. Organizational standards
3. Vulnerability scopes
4. Communication skills

BONUS SECTION:
1. Scanning at scale: Introduction to Masscan
2. Active Directory Attacks: Golden Ticket
3. Active Directory Attacks: Pass The Hash
4. Packet Sniffing: Introduction to tcpdump
5. Post Exploitation: Port Pivot Relay
6. Windows Remote Command Execution: psexec, wmic, sc and schtasks
7. Cryptography: Introduction to Modern Hashing
8. Digital Forensics: Memory Forensics with Volatility