Short Course Details

Course Outline
Copyright © 2021 by RedTeam Hacker Academy Pvt. Ltd.
All rights reserved.
MODULE 1
NETWORKS AND CYBERSECURITY ESSENTIALS
(3 hours)

Introduction to the Module
Networks
Networking Devices
Basic Terminologies
OSI Model
Protocols
IP and Subnetting
Docker
Active Directory
LDAP
Kerberos

The module will introduce the candidates to the basics of cybersecurity, terminologies, IT Infrastructure, and tactics
commonly heard of in the cyber world. The objective of this module is to make sure the students understand the core
concepts on Network Devices, Communications and Cloud Technologies along with Cybersecurity Essentials.

MODULE 2
LINUX FOR SECURITY PROFESSIONALS
(2 hours)
Introduction to the Module
Introduction to Linux
Types of Linux
Linux File System
Virtualization
Installing Kali Linux
Basic Linux Commands
Exploring Kali Linux
This module gives candidates hands-on skills on Linux platforms to explore the skills required during Security
Assessments.
Certified Cyber
Security Analyst

MODULE 3
ANONYMITY AND VPN
(1 hours)
Introduction to TOR Network
TOR Browser
TOR Bridge
VPN
Anonymity describes situations where the acting person's identity is unknown. A VPN doesn't make you
anonymous either, but does greatly increase your privacy and security online. A VPN is similar to the curtains for
the windows of your house. The curtains provide privacy for activities happening inside your house – even though
your house address is public.

MODULE 4
OPEN SOURCE INTELLIGENCE
(1 hours)
OSINT with Buscador
OSINT with TLabs
Raccoon
Sherlock
Google Hacking
Shodan
OSINT, or open source intelligence, is the practice of collecting information from published or otherwise
publicly available sources. OSINT operations, whether practiced by IT security pros, malicious hackers, or
state-sanctioned intelligence operatives, use advanced techniques to search through the vast haystack of
visible data to find the needles they're looking for to achieve their goals—and learn information that many
don't realize is public

MODULE 5
ART OF SCANNING AND PROTOCOL ENUMERATIONS
(2 hours)
Scanning is a set of procedures for identifying live hosts, ports, and services, discovering Operating system and
architecture of target system, Identifying vulnerabilities and threats in the network. Network scanning is used
to create a profile of the target organization.
Enumeration is the next step after scanning. The goal of enumeration is to get a complete picture of the target.
In this phase, a penetration tester tries to identify valid user accounts or poorly-protected shared resources
using active connections to systems.
Scanning refers to collecting more information using complex and aggressive reconnaissance techniques.
Certified Cyber
Security Analyst
Scanning vs Enumeration
Scanning with NMAP – Part 1
Scanning with NMAP – Part 2
Low Profiling Scan with NMAP
Scanning a Real Lab using Powershell
Scanning with Sparta

MODULE 6
VULNERABILITY ASSESSMENT
(2 hours)
Introduction to Vulnerability Assessment
Importance of Vulnerability Assessment
Types of Vulnerability Assessment
Vulnerability Assessment using Nikto
NMAP Scripts for Vulnerability Assessment
OpenVas Tool
A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates
if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and
recommends remediation or mitigation, if and whenever needed.

MODULE 7
PASSWORD CRACKING
(1 hours)
Introduction to Password Cracking
Methods of Password Cracking
Password Cracking with John The Ripper
Password Cracking with Hydra – Part 1
Password Cracking With Hydra – Part 2
In crypto analysis and computer security password cracking is the process of recovering passwords from data
that has been stored in or transmitted by a computer systems in scrambled form.

MODULE 8
SOCIAL ENGINEERING ATTACKS
(1 hours)
Introduction to Social Engineering
Types of Social Engineering Attacks
Web App Cloning with SEToolkit
Social Engineering in Android Mobiles
Social engineering is the art of manipulating people so they give up confidential information. The types of
information these criminals are seeking can vary, but when individuals are targeted the criminals are usually
trying to trick you into giving them your passwords or bank information or access your computer to secretly
install malicious software–that will give them access to your passwords and bank information as well as giving
them control over your computer.

MODULE 9
SYSTEM HACKING AND POST EXPLOITATIONS
(2 hours)
Hacking a Linux System
Post Exploitation Techniques
System hacking is a vast subject that consists of hacking the dierent software-based technological systems
such as laptops, desktops, etc. System hacking is defined as the compromise of computer systems and software
to access the target computer and steal or misuse their sensitive information. Here the malicious hacker
exploits the weaknesses in a computer system or network to gain unauthorized access to its data or take illegal
advantage
Post-exploitation refers to any actions taken after a session is opened. A session is an open shell from a
successful exploit or brute force attack. A shell can be a standard shell or Meterpreter

MODULE 10
APPLICATION SECURITY OVERVIEW
(2 hours)
Introduction to Web Application Penetration Testing
OWASP Top 10
Getting Started with Burp Suite
Burp Suite with OWASP Juice Shop
Application security is the protection of applications from external threats throughout their lifecycle. More
than 80 percent of successful breaches target vulnerabilities in the application layer, indicating the need for
enterprise IT departments to be vigilant about application security. Application security can protect backend
web applications used by employees as well as the mobile apps used by customers.
This Module gives the students a detailed understanding of Attacking the applications and how to implement
the security against the Top 10 Attacks happening nowadays.

MODULE 11
ENTERPRISE NETWORK SECURITY
(3 hours)
Network Security Part 1
Network Security Part 2
Account Management
Authentication Protocols
Authentication Types 1
Authentication Types 2
Authentication Types 3
Identity & Access Management
Defense In Depth Part 1
Defense In Depth Part 2
This module introduces the network security which is an activity designed to protect the usability and integrity net of
network and data. It gives the understanding of both hardware and software technologies with the targets for
variety of threats. Network security is the activity associated with maintaining the confidentiality, integrity and
availability of data traversing a network infrastructure. In this module, the learner will evaluate Internet security and
encryption, firewalls, Port security, Endpoint security and Intrusion Detection and Prevention Systems.

MODULE 12
SECURITY OPERATIONS AND MANAGEMENT
(1 hours)
Why SOC is Required
How a SOC works and Best Practices
Security Infrastructure ,Prevention and Operations
Security Incident Management
Vulnerability Management
Incident Reporting
Incident Management
Incident Detection
Log Management
Report Making
Copyright © 2021 by RedTeam Hacker Academy Pvt. Ltd.
All rights reserved.
Certified Cyber
Security Analyst

MODULE 13
SECURITY INFORMATION AND EVENT MANAGEMENT
(2 hours)
Need for Next Generation SOC
SIEM Implementation
Splunk Implementation and Onboarding Machines
Log Search in Splunk
Logs Correlation
What is Capture the Flag
Types of Challenges in CTF
Resources

MODULE 14
CAPTURE THE FLAG CHALLENGES AND COMPETITIONS
Familiarity with system and networks concepts
Understanding of Information Security fundamentals
Basic understanding of Ethical Hacking & Information Secutity concepts