Ethical Hacking

SC
SITH Computer Institute
Last Update 17/11/2022

About This Course

SITH’s Ethical Hacking certification course provides the practical training required to learn how hackers leverage to infiltrate network systems and strengthen yours against them. This ethical hacking course covers all the crucial modules, such as Networking, Footprinting, Cloud Computing, Malware Threats, System hacking, Cryptography, etc.

COURSE CURRICULUM

Helpie FAQ

  • Introduction to Computer Security & Ethical Hacking
    • Types of Hackers
    • Ethical Hacking Importance, Scope & Limitations
      • Ethical Hacking
      • Why Ethical Hacking is Important?
      • Major Types of Advanced Cyber Attacks
      • Scope and Limitation of Ethical Hacking
      • Phases of Ethical Hacking
    • Skills of an Ethical Hacker
      • Technical Skills
      • Non-Technical Skills
  • Networking
    • Basics of Ip
    • What is Ip?
    • Types of Ip's
      • IPv4
      • IPv6
    • Static vs Dynamic
    • Ip Classes
    • Subnet Classes
    • IANA / Allotment of Ip's
    •  Domains
      • Registrar, Registry, Registrant
      • Life Cycle of TLD's
    • Ping and Ping Sweep
  • Footprinting and Reconnaissance
    • Footprinting Concepts
    • Objectives of Footprinting
    • Reconnaissance
      • Scanning
      • Gaining Access
      • Maintaining Access / Escalation of Privileges
      • Clearing Tracks
    • Types of Footprinting
      • Footprinting through Search Engines
      • Footprinting through Google Hacking
        • Basic Operators
        • Advanced Search Operators
      • Footprinting through Advance Google Hacking Techniques
      • Footprinting through Social Networking Sites
      • Footprinting through Websites
        • Determining Operating System
        • Mirroring Entire Website
        • Website Mirroring Tools
      • Footprinting through Email
        • What is E-mail
        • IMAP
        • POP
        • SMTP
        • How does Email work?
        • Email Forging
        • How to Detect Fake Email
        • Mx Tool Box
        • Overview of MX Toolbox Benefits
        • Introduction to Email Security
        • The need for Email Security
        • Countermeasures
      • Footprinting through WHOIS
        • WHOIS Lookup Result Analysis
        • WHOIS Lookup Tools:
      • Footprinting through DNS
        • Extracting DNS information using CentralOps:
      • Footprinting through Network
        • Traceroute
        • Traceroute tools
      • Footprinting through Social Engineering
        • Social Engineering
        • Eavesdropping
        • Phishing
        • Shoulder Surfing
        • Dumpster Diving
      • Footprinting Tool: Maltego
        • Additional Footprinting Tools
    • Countermeasures
  • Lab Preparation (Installing Multiple OS)
    • Virtualization Technology
      • What is a virtual machine?
      • Benefits of using a virtual machine
      • Challenges in using a virtual machine
    • Downloading & Installing Virtual Box
    • Downloading & Installing Virtual Box Extension Pack
    • Configuring Nat Networks (Network Address Translation)
    • Downloading & Installing Parrot Sec OS
      • Parrot Linux Basic Commands
    • Downloading & Installing Windows 10
    • Downloading & Installing Windows Server 2016
    • Downloading & Installing Windows 7
    • Downloading & Installing Metasploitable
    • Downloading & Installing Android
    • Configuring Folder Sharing
      • Creating Snapshots
  • Scanning Networks
    • Need for Network Scanning
      • Network Scanning
      • Vulnerability Scanning
      • Port Scanning
    • Scanning Methodologies
      • Checking for Live Systems
        • ICMP Scanning
        • Ping Sweep
      • Discovering Open Ports
        • SSDP Scanning
        • Scanning Tools
        • Nmap
        • Scanning Techniques
          • TCP Connect / Full Open Scan
          • Stealth Scan (Half-open Scan)
          • Inverse TCP Flag Scanning
            • Xmas Scan
            • FIN Scan
            • NULL Scan
            • ACK Flag Probe Scanning
            • UDP Scanning
      • Scanning Beyond IDS
      • OS Fingerprinting & Banner Grabbing
        • Active OS Fingerprinting or Banner Grabbing
        • Passive OS Fingerprinting or Banner Grabbing
        • Banner Grabbing Tools
    • Proxy Servers
    • Proxy Chaining
    • Proxy Tools
  • Enumeration
    • Significance of Enumeration
    • Enumeration Concepts
    • Techniques for Enumeration
      • Enumeration Using Email ID
      • Enumeration using Default Password
      • Enumeration using SNMP
      • Brute Force Attack on Active Directory
      • Enumeration through DNS Zone Transfer
      • Services and Ports to Enumerate
    • Enumeration Using Nmap
    • Enumeration Using Super Scan Tool
    • Enumeration Using Soft Perfect Network Scanner Tool
    • Enumeration Countermeasures
  • Vulnerability Analysis
    • Vulnerability Assessment Concept
    • Types of Vulnerability Assessments
      • Active Assessments
      • Passive Assessments
      • External Assessment
      • Internal Assessment
    • Vulnerability Assessment Life-Cycle
      • Creating Baseline
      • Vulnerability Assessment
      • Risk Assessment
      • Remediation
      • Verification
      • Monitor
    • Vulnerability Assessment Solutions
      • Product based Solution Vs Service based Solution
      • Tree-based Assessment Vs. Inference-based Assessment
      • Best Practice for Vulnerability Assessment
      • Common Vulnerability Scoring Systems (CVSS)
    • Vulnerability Scanning
      • Vulnerability Scanning with Nessus
      • Vulnerability Scanning with GFI Languard
  • Denial of Service
    • DoS/DDoS Concepts
      • Denial of Service (DoS)
      • Distributed Denial of Service (DDoS)
      • How Distributed Denial of Service Attacks Work?
    • DoS/DDoS Attack Techniques
      • Basic Categories of DoS/DDoS Attacks
      • Volumetric Attacks
      • Fragmentation Attacks
      • TCP-State-Exhaustion Attacks
      • Application Layer Attacks
      • DoS/DDoS Attack Techniques
        • Bandwidth Attacks
        • Service Request Floods
        • SYN Attack / Flooding
        • ICMP Flood Attack
        • Peer-to-Peer Attacks
        • Permanent Denial-of-Service Attack
        • Application-Level Flood Attacks
        • Distributed Reflection Denial of Service (DRDoS)
    • DoS/DDoS Attack Tools
    • SYN Flooding Attack using Metasploit
    • SYN Flooding Attack using Hping3
    • Attack using LOIC
    • Countermeasures
      • Activity Profiling
      • Wavelet Analysis
      • Sequential Change-Point Detection
    • DoS/DDoS Countermeasure Strategies
  • Malware Threats
    • Malware
    • Malware Propagation ways
      • Free Software
      • File Sharing Services
      • Removable Media
      • Email Communication
      • Not using Firewall and Anti-Virus
    • Trojan Concept
      • Trojan
      • Types of Trojans
        • Command Shell Trojans
        • Defacement Trojans
        • HTTP/HTTPS Trojans
        • Botnet Trojans
        • Proxy Server Trojans
        • Remote Access Trojans (RAT)
    • Trojan Countermeasures
    • Virus and Worms Concepts
      • Viruses
      • Stages of Virus Life
        • Design
        • Replication
        • Launch
        • Detection
        • Incorporation
        • Elimination
      • Working of Viruses
        • Infection Phase
        • Attack Phase
      • Types of Viruses
        • System or Boot Sector Viruses
        • File and Multiparte Viruses
        • Macro Viruses
        • Cluster Viruses
        • Stealth / Tunneling Viruses
        • Logic Bombs
        • Encryption Virus
      • Computer Virus
    • Ransomware
    • Writing a Simple Virus Program
    • Virus Generating Tools
      • JPS Virus Maker
      • Andreinick05’s Batch Virus Maker
      • Sonic Bat
      • Poison Virus Maker
  • System Hacking
    • System Hacking
    • System Hacking Methodology
    • Goals of System hacking
    • Cracking passwords
      • Types of Password Attacks
        • Non-Electric Attacks
        • Active Online Attacks
          • Dictionary Attack
          • Brute Force Attack
          • Hash Injection
      • Passive Online Attacks
        • Wire Sniffing
        • Man-in-the-middle attack
        • Replay Attack
      • Default Password
      • Offline Attack
        • Precomputed Hashes and Rainbow Table
        • Distributed Network Attack
    • Password Cracking Tools
    • Escalating privileges
    • Executing applications
    • Hiding files
    • Covering tracks
    • System Hacking Countermeasures
  • Android Hacking (LAN)
    • Mobile Technology Brief
    • Mobile Platform Attack Vectors
    • Mobile Attack Vector
    • Vulnerabilities and Risk on Mobile Platform
    • Hacking Android OS over Local Area Network
    • Introduction to Android Operating System
    • Device Administration API
    • Root Access / Android Rooting
    • Mobile Spyware
      • Securing Android Devices
  • Social Engineering
    • Social Engineering Concepts
      • Introduction to Social Engineering
      • Vulnerability to Social Engineering Attacks
      • Phases of a Social Engineering Attack
      • Research
      • Select Target
      • Relationship
      • Exploit
    • Social Engineering Techniques
      • Types of Social Engineering
      • Human-based Social Engineering
        • Impersonation
        • Eavesdropping and Shoulder Surfing
        • Dumpster Diving
        • Reverse Social Engineering
        • Piggy Backing and Tailgating
    • Computer-based Social Engineering
      • Phishing
      • Spear Phishing
    • Impersonation on Social Networking Sites
      • Social Engineering Through Impersonation on Social Networking Sites
      • Risks of Social Networking in Corporate Networks
    • Identity Theft
      • Identify Theft Overview
      • The Process of Identify Theft
    • Social Engineering Countermeasures
  • SQL Injection
    • SQL Injection Concepts
      • SQL Injection
      • The scope of SQL Injection
    • Types of SQL injection
      • In-Band SQL Injection
        • Error-Based SQL Injection
        • Union Based SQL Injection
      • Inferential SQL Injection (Blind Injection)
      • Out-of-band SQL Injection
    • SQL Injection Methodology
      • Information Gathering and SQL Injection Vulnerability Detection
      • Launch SQL Injection Attacks
      • Advanced SQL Injection
    • SQL Injection Tools
    • Countermeasures
  • Cross-site scripting
    • What is cross-site scripting (XSS)
    • How does XSS work?
    • What are the types of XSS attacks?
    • Reflected cross-site scripting
    • Impact of reflected XSS attacks
    • Reflected XSS in different contexts
    • How to find and test for reflected XSS vulnerabilities
    • Stored cross-site scripting
    • Impact of stored XSS attacks
    • Stored XSS in different contexts
    • How to find and test for stored XSS vulnerabilities
    • DOM-based cross-site scripting
    • What can XSS be used for?
    • Impact of XSS vulnerabilities
    • How to find and test for XSS vulnerabilities
    • Countermeasures
  • Hacking Wireless Networks
    • Wireless Concepts
      • Wireless Networks
      • Wireless Terminologies
        • GSM
        • Access Point
        • SSID
        • BSSID
        • ISM Band
        • Types of Wireless Networks
    • Wireless Standards
    • Wi-Fi Chalking
    • Types of Wireless Antenna
      • Directional Antenna
      • Omnidirectional Antenna
      • Parabolic Antenna
      • Yagi Antenna
      • Dipole Antenna
    • Wireless Encryption
      • WEP Encryption
      • Breaking WEP Encryption
      • WPA Encryption
      • WPA2 Encryption
      • Breaking WPA Encryption
    • Wireless Threats
      • Access Control Attacks
      • Integrity and Confidentiality Attacks
      • Availability Attacks
      • Authentication Attacks
      • Rogue Access Point Attack
      • Client Mis-Association
      • Misconfigured Access Point Attack
      • Unauthorized Association
      • Ad Hoc Connection Attack
      • Jamming Signal Attack
    • Wireless Hacking Methodology
      • Wi-Fi Discovery
      • GPS Mapping
      • Wireless Traffic Analysis
      • Launch Wireless Attacks
    • Countermeasures
  • Sniffing
    • Sniffing Concepts
      • Introduction to Sniffing
      • Working of Sniffers
    • Types of Sniffing
      • Active Sniffing
      • Passive Sniffing
    • Hardware Protocol Analyzer
    • Wiretapping
      • Active Wiretapping
      • Passive Wiretapping
      • Lawful Interception
      • Planning tool for Resource Integration (PRISM)
    • ARP Poisoning
      • Address Resolution Protocol
      • ARP Spoofing Attack
    • ARP Spoofing Attack with Better cap
    • Countermeasures
    • Defending Against Sniffing
    • Sniffer Detection Technique
      • Ping Method
      • ARP Method
      • Promiscuous Detection Tool
  • IOT Hacking
    • Internet of Things (IoT) Concept
      • How does the Internet of Things work?
    • IoT Communication Models
      • Device-to-Device Model
      • Device-to-cloud Model
      • Device-to-Gateway Model
      • Back-End Data-Sharing Model
    • Understanding IoT Attacks
      • Challenges to IoT
      • OWASP Top 10 IoT Vulnerabilities
    • IoT Attack Areas
    • IoT Attacks
      • DDos Attack
      • Rolling Code Attack
      • BlueBorne Attack
      • Jamming Attack
      • Backdoor
    • IoT Hacking Methodology
      • Information Gathering
      • Vulnerability Scanning
      • Launch Attack
      • Gain Access
      • Maintain Attack
    • Countermeasures
  • Cloud Computing
    • Introduction to Cloud Computing
    • Types of Cloud Computing Services
      • IaaS
      • PaaS
      • SaaS
    • Could Computing Benefits
      • Increased Capacity
      • Increased Speed
      • Low Latency
      • Less Economic Expense
      • Security
      • Understanding Virtualization
      • Benefits of Virtualization in Cloud
    • Cloud Computing Threats
      • Data Loss/Breach
      • Abusing Cloud Services
      • Insecure interface APIs
    • Cloud Computing Attacks
      • Service Hijacking using Social Engineering Attacks
      • Service Hijacking using Network Sniffing
      • Session Hijacking using XSS Attack
      • Session Hijacking using Session Riding
      • Domain Name System (DNS) Attacks
      • Side Channel Attacks or Cross-guest VM Breaches
    • Cloud Security
      • Cloud Security Control Layers
        • Application Layer
        • Information
        • Management
        • Network layer
        • Trusted Computing
        • Computer and Storage
        • Physical Security
    • Responsibilities in Cloud Security
      • Cloud Service Provider
      • Cloud Service Consumer
  • Cyber Law
    • What is Cyber Law?
    • Why are cyber laws needed?
    • What happens if you break a cyber law?
    • Cyberspace
    • Cyber Crimes in India- What is, Types, Web Hijacking, Cyber Stalking
    • WHAT ARE CYBER CRIMES
    • Different types of Cyber Crimes
      • i. Unauthorized Access and Hacking
      • Web Hijacking
      • Pornography
      • Child Pornography
      • Cyber Stalking
      • Denial of service Attack
      • Virus attacks
      • Software Piracy
      • Salami attacks
      • Phishing
      • Sale of illegal articles
      • Online gambling
      • Email spoofing
      • Cyber Defamation
      • Forgery
      • Theft of information contained in electronic form
        • Email bombing
        • Data diddling
        • Internet time theft
        • Theft of computer system
      • Physically damaging a computer system
        • Breach of Privacy and Confidentiality
        • Data diddling:
        • E-commerce/ Investment Frauds:
        • Cyber Terrorism:
    • Cyber Crime under IT Act, Under IPC and Special laws and Special Acts
      • Cyber Crimes under the IT Act
      • Cyber Crimes under IPC and Special Laws
      • Cyber Crimes under the Special Acts
  • Cryptography and Steganography
    • Cryptography Concepts
      • Cryptography
      • Types of Cryptography
        • Symmetric Cryptography
        • Asymmetric Cryptography / Public Key Cryptography
        • Government Access to Keys (GAK)
    • Encryption Algorithms
      • Ciphers
      • Substitution
      • Polyalphabetic
      • Keys
      • Stream Cipher
      • Block Cipher
      • Data Encryption Standard (DES
      • Advanced Encryption Standard (AES)
      • RC4, RC5, RC6 Algorithms
      • Message Digest (One-way Hash) Functions
      • Message Digest Function: MD5
      • Secure Hashing Algorithm (SHA)
    • Cryptography Tools
      • MD5 Hash Calculators
    • Calculating Md5 using tool HashCalc
    • Advance Encryption Package 2014
    • Steganography
    • Classification of Steganography
    • Types of Steganography
      • Whitespace Steganography
      • Image Steganography
        • Tools for Image Steganography
      • Audio Steganography
      • Video Steganography
    • Best Tools to Perform Steganography
    • Steganography with Snow Tool
    • Steganography with Quick Stego.

  • TOOLS

    Learning Objectives

    This ethical hacking certification verifies the skills required to thrive in the information security domain. Many IT departments have made Ethical Hacking Certification compulsory for security-related job posts.
    Certified ethical hacker professionals get jobs as Information Security Officers, Network Security engineers, Computer Forensic engineers, etc.

    Requirements

    • As per eligibility, an undergraduate degree/ Higher College Diploma (Preferable from the IT department)
    • Basic Computer Knowledge & Skills