1. Introduction to Ethical Hacking
o Ethical Hacking and Cyber Security
o Intro to Information Security & Cyber World
o Threats & Attacks of Today’s World
o Hacking Concepts
o Ethical Hacking Concepts
o Introduction to Security Policy & Security Controls
o Information Security Laws and Standards
o Basic difference between Hacking & Ethical Hacking
o Phases of Hacking.
o Types of Hacking & Types of Hacker’s
o Types of OS in Cyber Security
2. Lab Setup
o Kali Linux Installation
o How to make a Bootable Pen drive
o How to use KALI LIVE
o Dual Booting
o Kali Linux update and upgrade
o Basic Commands of Kali Linux
3.Foot Printing & Reconnaissance of Target
o Foot Printing of website via way back machine
o Foot Printing of Domains Registration
o Foot Printing on Sub-Domains
o Foot Printing on DNS Server
o Finding Cpanel of website
o Finding User Login page
o Finding Hosting Details (Who is)
o Foot Printing of Emails via search Engine
o Foot Printing of Emails via Social Engineering (social Sites)
o Foot Printing of Emails via OSINT Tools
o Whois Footprinting
4. Hacking Begins
o Kali Linux Discussion as well as Lab Discussion
o Getting Actual Size of ISP packets
o Kali Linux MAC changer
o Windows MAC Changer
o Hiding Own IP(NGROK)
5. Google Dorks with Advance Technique
o What is Google Dorks
o Google dorks with example
DAY 2:
6. Social Engineering Attacks
o What is Social Engineering Attacks
o Types of Social Engineering Attacks
o What is Email Phishing Attack
o What is Email Phishing via HTTPS
o What is Smishing Attack
o What is Vishing Attack
o What is Whaling Attack
o What is Spear Phishing Attack
7. Phishing Attack LAB LIVE.(NGROK)
o Introduction to Tunnels
o NGROK Installation
o LAN Attack
o WAN Attack
o Introduction to Setoolkit in Kali Linux
o Step to make a live lab of Phishing Attack
o Steps to avoid Phishing Link and Attack
o Introduction to Cyber Law.
o E-mail Abuse Sec .500 IPC
o Sending threatening messages by e-mail Sec .503 IPC
o Sending defamatory messages by e-mail Sec .499 IPC
8.SPF Record and Spoofing Mail Technique
o What is SPF Record
o Impact Of SPF
o Introduction to Kitterman
o Live Report of Hackerone for References
o Live Reporting of SPF
o Steps to identify SPF Mail
o Introduction to Cyber Law.
o E-mail Abuse Sec .500 IPC
DAY 3:
9.Pharming Attack
o What is Pharming Attack
o Steps to avoid Pharming Attack
o URL Crazy
o Bits Flipping
o Httrack website
o Sublist 3r Master
o Free domain booking tricks
o Introduction to CERT-IN
o Introduction to Cyber Law.
o Sending offensive messages through communication service, etc Sec.66A
o Bogus websites , Cyber Frauds Sec .420 IPC
o Penalty for misrepresentation Sec.71
10.Web Jacking Attack
o What is Web Jacking and Why we use it
o Steps for Web-jacking Attack Lab
o Domain Booking & Cloning Page.
o Getting Credentials Details through SETOOLKIT
o Remaning Process will be same as Phishing Attack
o Introduction to Cyber Law.
o Web-Jacking Sec .383 IPC
o Bogus websites , Cyber Frauds Sec .420 IPC
o Penalty for misrepresentation Sec.71
DAY 4:
11.LIVE System Shell Hacking through SETOOLKIT
o Creation of Shell (cmd) Payloads
o Creation of Listener
o Migration of Payloads
o Managing PID
o Hacking CMD.
o Getting Connected Wi-Fi password
o Getting Open PORTS(TCP/UDP)
o Fetching Live MAC.
o Managing Task Manager from CMD
o Nslookup.
o Nbtstat.
o Netstat
o Extra CMD Commads for Networking
o Introduction to Cyber Law.
o Hacking with computer systems , Data Alteration Sec.66
o Penalty for misrepresentation Sec.71
o Violation of privacy Sec.66E
o Un-authorized access to protected system Sec.70
12.LIVE System Hacking through SETOOLKIT
o Creation of Payload through Setoolkit
o Creation of Listener
o Fetching SysInfo
o Taking Screenshot
o Capturing Live Screen
o Capturing Connected Pid Info
o Migration of PID
o Killing of PID
o Opening CMD through Setoolkit.
o Managing Task Manager
o Enabling Key Logger
o Keyboard Sniffing
o Drives info
o Capturing Live Data from Connected Hard-Drives
o Capturing Live Data from Pen drive
o Enabling Remote desktop of Victim Machine
o Uploading and Downloading files
o Enabling and Disabling mouse and keyboard
o Creating Folders on Victim Machine
o Web-Camera Hacking.
o Fetching Idle-Time of Victim System
o Mic Hacking
o Introduction to Cyber Law.
o Hacking with computer systems , Data Alteration Sec.66
o Penalty for misrepresentation Sec.71
o Violation of privacy Sec.66E
o Un-authorized access to protected system Sec.70
13.Password Cracking
o Collecting Hash Value of System
o Using OphCrack
o John the Ripper Assignment
DAY 5:
14.Multi Handling Process
o Introduction to Multi Handling Process
o Live Running of Same Payloads into Different-Different System.
o Accessing Both System Simultaneously
15.Regaining Process (LIVE)
o Gaining Breakdown Time of Payloads
o Creation of Payload through commands and getting Access of Victim
o Converting .exe file into an image file.
16.Egress Buster Attack(LIVE)
o Creation of Payload through NGROK technique
o NGROK Authentication token Activation
o Creation of Payload & Listener through commands
o Muti-Handler Tricks
o Rest of the commands will be same from system hacking
17.VNC Hacking
o Creation of Payload through MSF-Console
o Capturing Live Screen through Browser
DAY 6:
18.Hacking Mobile Platforms(Cyber Law As per System)
o Creation of Dummy APK through Metasploit Framework
o Using Ngrok Technique
o Tracking Live Location
o Hacking SMS & OTP
o Hacking Camera
o Capturing Live Videos
o Recording Mic
o Hacking Contacts
o Hacking Call-logs
o Hacking Whatsapp
o Hacking SD Card
o Hacking all Gallery
o Hacking Application Data
o Uploading and Downloading of Files
19.Live Application Binding. (Cyber Law As per System)
o Any Original APK cloning
o What is Google Bouncer
o What is Android Application Sandbox
o Decompiling Original APK
o Fetching Payload into Original APK
o Binding Process via msfvenom
o Creating Listeners
o Rest of the process is same as Mobile Hacking.
o CYBER LAW
20.Mobile Apk Online Vulnerability Scanning Binding.
- Introduction to Mobile APK VA
- Tools to scan APK
Report Generation of APK
DAY 7:
21.Network Security Tools &
o IP to MAC Binding Process.
o Spoofing MAC Technique
o DHCP POOL Setting
o DORA Principle
o Firewall Protecting.
o Router Login Page Security
o Local Management Security
o Remote Management Security
o CYBER LAW
22.System Security Tools & Techniques
o Port Vulnerability Scanning
o PID Vulnerability Scanning
o File Vulnerability Scanning
o Software Vulnerability Scanning
o Registry Vulnerability Scanning
23.System Auditing Tools & Techniques
o Global Network Scanning & Reporting
o Belarc Advisor Scanning & Reporting
34.Packet Monitoring Tools & Techniques
o Introduction to Wireshark Tool
o Installation Process with win-pcap
o Introduction to Network Miner Tool
o External and Internal Network Capturing of Packets
o Packets Introduction.
Day 8:
25. SQL Injection
o What is SQL Injection
o Types of SQL Injection
o Introduction to GET Base SQL Injection
o Introduction to POST Base SQL Injection
o Introduction to Header Base SQL Injection
o Introduction to Cookie Base SQL Injection
o Introduction to SQL Google Dorks
26.SQL Database Exploitation
o Technique to Exploit SQL
o Error Fixing Technique
o Introduction to SQL MAP tool
o Live Database Information Exploitation
o Live Row Information Exploitation
o Live Column Information Exploitation
o Live Table Information Exploitation
o Live Website Hacking
o Hackerone Report
o CYBER LAW
27.Introduction to WAF Bypass
o Introduction to WAF Bypass
o Introduction to Level and Risk in sqlmap
o Live Example for WAF Bypass
o Hackerone Report
28.Introduction to SQL Login Bypass
o Introduction to Bypass Cheat Code
o Introduction to Rate Limit
o Introduction to skeleton key
o Hackerone Report
DAY 9:
29.Introduction to Wireless Networks
o Introduction to Wireless Networks
o Introduction to WEP
o Introduction to WPA
o Introduction to WPA2
o Introduction to WPA3
o What is BSSID,ESSID,PWR,CH & Beacons
o How to generate wordlist
o Basic Difference between Wordlist & Dictionary
o Fern Wifi Hacking
30.WIFI Hacking Live through Msfconsole
o how to change wifi port into monitor/managed mode
o Complete Wifi Hacking through MSFconsole.
o How to Make Our WIFI Network Secure.
o CYBER LAW
31.Mac Spoofing Technique
o Fetching Live Mac of Any Network
o Technique of GHOST
o Fake AP Creation
o CYBER LAW
DAY 10:
32.DOS & DDOS Attack
o Introduction to DOS & DDOS
o Basic Difference between DOS & DDOS
o Introduction to Hping 3 Packet
o Introduction to Flag in Packet
o Introduction to 3- way-Handshake
o Live Website Attack for DOS & DDOS
o DOS on Wireless-Devices
33.Evading IDS-IPS, Firewalls & Honeypots
o Introduction to IDS & IPS
o Types of IDS & IPS
o Introduction to Firewall
o Detection of Firewall
o Introduction to Honey-pots
o Live Lab with Attack
35.Cryptography and Its Types.
o What is Cryptography?
o What is Public Key.
o What is Private Key.
o What is Symmetric Key.
o What is A-Symmetric Key
o What is Hash Value
o Introduction to Hash Calculator
DAY 11:
Burp Suite
➢ 36.Introduction to Burp Suite
o What is Burp Suite
o Types of Burp Suite
o Introduction to CA Certificate Installation
o Introduction to Proxy Setting.
o Introduction to GET Method Url Arguments
o Introduction to POST Method Url Arguments
o Introduction to HTML in MIME
o Introduction to Script in MIME
o Introduction to Status Value and its Different Types
o Introduction to Repeater Process
o Introduction to Request & Response Method in Repeater Mode
o Introduction to Spider Process
o Introduction to Scanner Process
o Introduction to Intruder Process
o Introduction to Filter Process
o Save and Restore Process
➢ 37. Introduction to Brute Force Technique / Rate Limit
➢ 38.Reflected XSS or Stored Xss
➢ 39.NCIIPC for governemt
➢ 40.Open bug bounty.
.Introduction to Anti-Phishing Unit
o What is Anti-Phishing Unit of MAH.
o Goal of is Anti-Phishing Unit of MAH
.Introduction to Maharashtra CERT or INDIA CERT
o Introduction to CERT
o How to Report Vulnerability to MAH-CERT/ INDIA CERTWhat is CERT audit?
o computer security incident response team (CSIRT)
o CERT Audit? The “Comprehensive Error Rate Testing” (CERT)
o https://www.cyberswachhtakendra.gov.in/
o https://cybercrime.gov.in/Default.aspx
