CEH

Ethical Hacking & Countermeasures (CEHv7):

Ethical Hacking Course more emphasis on techniques and methodologies, which attackers may use to carry out possible attacks against system/networks. This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

Course Content:

• Introduction to Ethical Hacking
• Foot-printing and Reconnaissance
• Scanning Networks
• Enumeration
• System Hacking
• Trojans and Backdoors
• Viruses and Worms
• Sniffers
• Social Engineering
• Denial of Service
• Session Hijacking
• Hacking Webservers
• Hacking Web Applications
• SQL Injection
• Hacking Wireless Networks
• Evading IDS, Firewalls and Honeypots
• Buffer Overflows
• Cryptography
• Penetration Testing

Pre-Requisite:

Candidates who have understanding of Windows and/or Linux Operating System and overview of Networking will be an added advantage.

 

 

CBSP

Penetration Testing with Backtrack -

Certified Backtrack Security Professional (CBSP): This course is a real-life penetration testing certification, requiring holders to successfully attack and penetrate various live machines in a safe lab environment. It is currently one of the renowned courses offered by us and it requires proof of real-life penetration testing skills. CBSP Certification is 100% Practical designed to cope with real world cyber threats and our exam lab is designed to meet the immediate security needs of an organization in a relative short time. Candidates will be going through wide variety of task including (but not limited to) SSL Analysis, Hacking Cisco Networks, Exploiting Windows/Linux/Macintosh Environment, OWASP Vulnerabilities, Attacking IIS, Apache Servers, Oracle, Web based Banking Application. There will always be a combination of different attacks i:e Web Apps plus Network exploitation.

Course Content:

• Penetration Testing Methodology
• Vulnerability Assessment versus Penetration Testing
• Business Objectives, Scheduling & Project Management
• Exploring Backtrack (Making you familiar with Backtrack)
• Packet Analysis
• Information Gathering
• Enumeration
• Port Scanning
• Metasploit In Depth ( Scratch to Advance level)
• Social Engineering Toolkit
• Diving into Cisco Networks ( Hacking Cisco, you never did before)
• Cracking Passwords
• Trojans, Rootkits, Stuxnet
• OWASP Top 10 Vulnerabilities
• Working with Additional Weapons
• Cisco Network Attacks ( Includes Network Based attacks of CCIE Security)
• VOIP Penetration Testing
• Penetration Testing Report

Pre-requisite:

Candidates should have good understanding of TCP/IP & OSI Model as well as basic hands-on knowledge of Linux/Unix Commands.

 

CWSP

Wireless Hacking with Backtrack

Certified Wireless Security Professional (CWSP): This course will give provide insight of Wireless Network Penetration Testing, Flaws, and Security. We will start from scratch of Wireless Networks, moving towards sniffing and injection attacks, finding Enterprise Loopholes, Cracking Wi-Fi and other advance attacks involving wireless and applications.

Course Content:

• Installing Backtrack & Wireless Hardware requirements
• Basics on Wireless Networks
• Penetration Testing Methodologies
• Sniffing
• Packet Injections
• Finding Hidden Access Point
• Bypassing MAC Filtering
• Encrypting/Decrypting WEP & WPA Attacks
• DOS, MAC Spoofing, De-Authentication Attacks
• Honeypots, Hirte Attack
• Retrieving WEP key using Isolated Client
• Wireless Eavesdropping using Man in the Middle Attack
• Session Hijacking over Wireless Networks
• Attacking WEP/WPA/WPA2

Pre-requisite:

Candidate must have attended Penetration Testing with Backtrack Course and/or has good understanding of Wireless Networks and Backtrack/or hands on Linux Commands.

 

Forensics

Computer Forensics & Incident Response

This course covers the fundamental steps of the in-depth computer forensic and media exploitation methodology so that each student will have the complete qualifications to work as a computer forensic investigator in the field helping solve and fight crime. In addition to in-depth technical digital forensic knowledge on Windows Digital Forensics (Windows XP through Windows 7 and Server 2008) you will be exposed to well-known computer forensic tools so such as Access Data's Forensic Toolkit (FTK), Guidance Software's EnCase, Registry Analyzer, FTK Imager, Prefetch Analyzer, and much more. Many of the tools covered in the course are freeware, comprising a full-featured forensic laboratory that each student can take with them.

Course Content:

Windows In-Depth:

• Windows File System Basics
• Evidence Acquisition Tools and Techniques
• Law Enforcement Bag and Tag
• Evidence Integrity
• Registry Forensics

Windows Artifact Analysis

• Facebook, Gmail, Hotmail, Yahoo Chat and Webmail Analysis
• E-mail Forensics (Host, Server, Web)
• Microsoft Office Document Analysis
• Windows Link File Investigation
• Windows Recycle Bin Analysis
• File and Picture Metadata Tracking and Examination
• Prefetch Analysis
• Event Log File Analysis
• Firefox and Internet Explorer Browser Forensics
• Deleted File Recovery
• String Searching and Data Carving
• Examine cases involving Windows XP, VISTA, and Windows 7

Media Analysis & Exploitation Involving

• Tracking user communications using a windows PC (email, chat, IM, webmail)
• Tell if and how the suspect downloaded a specific file to the PC
• Determine the exact time and the number of times a suspect executed a program
• Show when any file was first and last opened by a suspect
• Determine if a suspect had knowledge of a specific file
• Show the exact physical location of the system
• USB device tracking and analysis
• Show how the suspect logged into the machine via the console, RDP, or network
• Recover and examine browser artifacts even those used in private browsing mode
• Fully Updated to include full Windows 7 and Server 2008 Examinations

Pre-requisite:

Candidates who have attended our Ethical Hacking Training program can directly attend this class.

AWSE

Web Hacking 2.0 (Advance Web Security Expert) Web applications are a major point of vulnerability in organizations today. Web app holes have resulted in the theft of millions of credit cards, major financial and reputational damage for hundreds of enterprises, and even the compromise of thousands of browsing machines that visited Web sites altered by attackers. In this intermediate to advanced level class, you'll learn the art of exploiting Web applications so you can find flaws in your enterprise's Web apps before the bad guys do.

Course Content:

• Web Architecture & It’s Loopholes
• OWASP Top 10 Vulnerabilities
• WASC Consortium
• Advance SQL Injection
• Advance XSS, CSRF Attacks
• Session Hijacking
• Buffer Over flows
• Cookie Poisoning
• Filter Bypass
• DNS Pinning
• Command execution attacks
• Shell Injection
• Dynamic Evaluation
• Business Logic Attacks
• Race Conditions
• Web Vulnerability Assessment Tools

Pre-requisite:

Advanced Web Security Expert is NOT an entry level course. The pace or learning is fast and furious - students are expected to have a solid understanding of how to perform basic web application attacks, at a minimum. This class is aimed at penetration testers and security auditors who need to take their web application penetration testing skills to a new level.