Penetration testing and ethical hacking
Course Duration: 48 Hours . Total Classes: 24 . Course Fee: TK. 20,000
Expertise in emerging technologies is currently in strong demand across all sectors. On completion of any one of the courses, learners will have highly marketable, up-to-date and confidence-building knowledge and skillsets. They will have practiced, and been assessed on, a range of technical and transferable skills which will be beneficial at the personal, enterprise and community levels.
What you will learn?
- How to explore real-world cyber challenges
- How to communicate across technical boundaries
- Work as part of a team
- Finding security faults
- How earn through bounty program
- Personal branding as a cyber security professional
Topics Covered
Introduction
- Introduction to Linux OS
- Set up Linux environment for web application testing.
- Introduction to learn from best and updated platforms.
- Web Fundamentals
- Bugbounty platforms and how to approach
Environment and installation guides
- OWASP TOP 10 Basic
- OWASP top 10 vulnerability basics
- How to test for OWASP top 10
Tools
- Burpsuite
- OWASP ZAP
- Windows Subsystem for Linux
- Kali Linux
Information Gathering
- Basic Information Gathering
- Introduction with CVEâs, Exploit-DB & other public exploit searching
- Finding Endpoints (JS Files, WayBack Machine, Running Through Proxies, application developer doc, Method based testing)
- Using Search Engines (Google, Shodan, Bing, CenSys)
Approach to Hunt Bugs
- Testing for Different Bugs (URL Redirection, Parameter Tampering, XSS, Sqli e.t.c)
- Searching Public Exploits
- SubDomain Takeover
Hacking APIS
- Privilege Escalations – Token / Cookies Based
- Sessions – Token / Cookies Based
- XML External Entity Attacks (XXE) – Token / Cookies Based
- CORS and JSONP – Cookies Based
- Cross Site Request Forgery (CSRF) – Cookies Based
Advanced Testing
- Hacking oAuth 2.0
- GraphQL Testing for Finding Bugs
Case Studies
- Analyzing previous Vulnerabilities found.