0172-2759785
Mon to Sat - 09:00 AM to 06:00 PM

Cyber Security Program

Join Program
on
Cyber Security

Our TRAINING Program

Relearn Academy introduces participants to major concepts in computer networks with linux administration, next generation firewall, active directories and network/web pentesting in an integrated and hands-on fashion.

As students progress to increasingly advanced topics, they gain considerable flexibility in shaping their career.

Six months certification program on Cyber Security: Novice to Expert is divided into two terms of three months each.

Term one consists of foundation subjects which builds depth and breadth in areas ranging from Computer Networks with Linux Administration, Next Generation Firewall, and Windows Active Directories which are needed for students to excel in the area of cyber security.

During the term two of the program students gain understanding, competence, and maturity by advancing step by step through topics of greater and greater complexity such as network (wired and wireless) pen testing, web-security & buffer overflow exploitation.

PRE-REQUISITE KNOWLEDGE/SKILLS FOR TERM-1

Basic understanding of computer network & TCP/IP is recommended however it is not mandatory.

COURSE OBJECTIVE FOR TERM-1

Upon successful completion of the first term, students should be able to:

  • Understand, design & implement various network topologies.
  • Configure routers with various routing protocols.
  • Configure network switches with various switching technologies
  • Configure & troubleshoot various linux based servers.
  • Configure & implement Next Generation Firewall
  • Configure & implement Window Active Directories

COURSE OUTLINE

  • The contents of this course are designed to support the course objectives. The following focus areas are included in this course:

Linux Administration

  1. Basics of Linux OS
  2. Permission & User Management
  3. File Systems & Software Management using RPM & YUM
  4. Linux Installation
  5. Processes and Task Schedulers
  6. Implementing FTP Server
  7. Configuring Apache Web Server
  8. Configuring NFS/NIS
  9. Configuring Samba Server
  10. Configuring Dynamic Host Configuration Protocol Server
  11. Configuring Domain Name Server
  12. Apache, NFS/NIS, Samba, DHCP, DNS, etc.
  13. Virtualization using KVM
  14. SAN & NAS Implementation
  15. SeLinux

Routing & Switching

  1. IP Addressing
  2. IPv4 Header
  3. IPv4: Classes
  4. Fixed Length Subnet Mask
  5. Variable Length Subnet Mask
  6. Static Routing
  7. Default Routing
  8. Difference between Distance Vector & Link State Routing Protocols
  9. Routing Information Protocol
  10. Enhanced Interior Gateway Routing Protocol
  11. Open Shortest Path First
  12. Access Control List: Standard, Extended & Named
  13. Network Address Translation
  14. Port Address Translation
  15. Challenges of IPv4
  16. IPv6 Header
  17. IPv6 Address Types
  18. IPv6 Address Format
  19. IPv6 Static Routing
  20. IPv6 Default Routing
  21. Routing Information Protocol Next Generation
  22. IPv6 over IPv4 Tunnels
  23. VLAN Trunking Protocol
  24. VTP Pruning
  25. Spanning Tree Protocol
  26. Ether Channels
  27. Switch Security

Next Generation Firewall

  1. Introduction to Firewall
  2. Setting up Firewall
  3. Securing your network using Firewall
  4. Management of Firewall
  5. Configuration of Firewall
  6. Network Monitoring Tools
  7. Traffic Shaper
  8. Configuring Firewall Rules
  9. Remote Firewall Rules
  10. VLAN Configuration in Firewall
  11. WAN Failover & Load Balancing
  12. NAT & Port Forwarding
  13. Open VPN
  14. Backup & Restore

Active Directories

  1. Overview
  2. Active Directories Components
  3. Administration
  4. Forest
  5. Domains
  6. Schema
  7. Trusts
  8. Sites, Subnets & Replication
  9. Organisational Units
  10. DNS
  11. Domain Controllers
  12. DCLocator
  13. Global Catalog
  14. FSMO
  15. Read Only Domain Controllers
  16. DNS Zone Hosting
  17. Kerberos Handing
  18. Authentication & Password Caching
  19. Directory Services Restore Mode (DSRM) Account
  20. Active Directory Database
  21. Group Policy
  22. Authentication
  23. The evolution of Windows Authentication
  24. NTLM
  25. Kerberos
  26. Active Directory Administration Group
  27. AD Security Enhancement
  28. Active Directory Security Best Practices

PRE-REQUISITE KNOWLEDGE/SKILLS FOR TERM-2

  • Solid understanding of computer network & TCP/IP.
  • Working knowledge of python scripting.
  • Sound understanding of Linux.

COURSE OBJECTIVE FOR TERM-2

Upon successful completion of the second term, students should be able to:

  • Audit Computer Networks (Wired & Wireless)
  • Pentest Web Applications
  • Identify Buffer Overflow Attacks
  • Apply Powershell & Pentest Active Directories Environment
  • Implement Server Hardening Techniques

Auditing Network Security

  1. Introduction to Network Security
  2. Netcat
  3. Ncat
  4. Wireshark
  5. TCP Dump
  6. Auditing Routers: Setting up Lab
  7. Attacking SSH with Metasploit, Hydra & Medusa
  8. Attacking SNMP with NMap, Hydra & Medusa.
  9. Attacking Web-Admin Interface
  10. SNMP Post Exploitation
  11. SNMP audit with SNMPCheck & OneSixtyOne
  12. SNMP Audit using Braa & NMAP NSE Scripts
  13. Google Hacking
  14. Passive Information Gathering
  15. Active Information Gathering
  16. DNS Enumeration
  17. Port Scanning
  18. TCP Connect Scanning
  19. TCP SYN Scanning
  20. Network Sweeping
  21. OS Fingerprinting
  22. Banner Grabbing/Service Enumeration
  23. Nmap Scripting Engine (NSE)
  24. SMB Enumeration
  25. Scanning for the NetBIOS Service
  26. Null Session Enumeration
  27. Nmap SMB NSE Scripts
  28. SMTP Enumeration
  29. Social Engineering
  30. Bind Shell
  31. Reverse Shell
  32. Mastering Metasploit
  33. Auditing Window Based Systems
  34. HTTP/HTTPS Tunneling Payload
  35. Automatic Outbound port detection
  36. Port Forwarding
  37. Pivoting
  38. AV Evasion
  39. Encoding Payloads with Metasploit
  40. Encrypting known malwares with software protectors
  41. Win 7 Privilege Escalation & UAC Bypass
  42. Win7 Hash dumping & Mimikatz
  43. AV Evasion with VEIL Framework
  44. DNS File Exploitation
  45. Understanding Windows Prefetch Directory
  46. Disabling Windows Prefetch
  47. Remote Memory Dumping & Analysis
  48. Dumping Passwords from Browser Memory
  49. Full Memory Analysis with HxD
  50. Dumping process memory with volatility
  51. Password Attacks 

Auditing WLAN Security

  1. Understanding various bands & channels.
  2. Pwning Beacon Frames
  3. Pwning Hidden SSIDs
  4. Hotspot based Attacks
  5. Understanding WEP
  6. Attacking WEP Authentication
  7. Understanding WPA/WPA2
  8. WPA-PSK
  9. WPA-PSK Cracking
  10. Setting up FreeRadius-WPE
  11. Basics of EAP-MD5
  12. EAP Types & PEAP
  13. Cracking PEAP
  14. Cracking EAP-TTLS

Auditing Web Application Security

Introduction to Open Web Application Security Project (OWASP)

  1. A1-Injection
  2. A2-Broken Authentication and Session Management
  3. A3-Cross-Site Scripting (XSS)
  4. A4-Insecure Direct Object References
  5. A5-Security Misconfiguration
  6. A6-Sensitive Data Exposure
  7. A7-Missing Function Level Access Control
  8. A8-Cross-Site Request Forgery
  9. A9-Using Components with Known Vulnerabilities
  10. A10-Unvalidated Redirects and Forwards
  11. SQL Injection
  12. Authentication Bypass
  13. Enumerating Databases
  14. Leveraging SQL Injection for code
  15. Types of XSS
  16. Persistent, Reflected & Dome-Based
  17. Browser Redirection & IFRAME Injection
  18. Stealing cookies & Session Information.
  19. Command Injection
  20. Web to Shell on a server
  21. Web Shell using Python
  22. File upload vulnerability
  23. Local File Inclusion
  24. Remote File Inclusion
  25. Insecure Direct Object Reference

Server Hardening

  1. Server Hardening
  2. Firewalls/IPTables
  3. Disabling direct root login
  4. Disabling unwanted SUID & GUID
  5. Hiding DNS Binding & Apache Version
  6. Hardening sysctl.conf
  7. Logwatch
  8. Mod Security
  9. Securing /tmp /var/tmp /dev/shm

Buffer Overflow Exploitation

  1. Fuzzing
  2. Vulnerability History
  3. A Word About DEP and ASLR
  4. Interacting with the POP3 Protocol
  5. Replicating the Crash
  6. Controlling EIP
  7. Binary Tree Analysis
  8. Sending a Unique String
  9. Locating Space for Your Shellcode
  10. Checking for Bad Characters
  11. Redirecting the Execution Flow
  12. Finding a Return Address
  13. Generating Shellcode with Metasploit
  14. Getting a Shell
  15. Improving the Exploit

Attacking Windows Active Directories

  1. Domain Enumeration
  2. Local Privilege Escalation
  3. Domain Enumeration Bloodhound
  4. Lateral Movement
  5. Domain Persistence
  6. Domain Privilege Escalation
  7. Kerberoast
  8. Cross Forest Attacks