VAPT Training

Prerequisites

To apply for the VAPT Training, you need to either:

• You should have a basic understanding of computer networking concepts like TCP/IP, DNS and firewalls
• You should have a basic understanding of Operating systems like Windows & Linux
• You should have a basic understanding of security concepts like access control, encryption and authentication
• You should also be familiar with at least one programming language like Java, Ruby or Python.

Course Curriculum

 Module 1: Introduction to Linux

• Basics of Linux
• Linux architecture
• File directory architecture
• Basic commands of Linux
• Installation of Linux
• Introduction to file password and shadow

Module 2: Vulnerability Assessment & Penetration Testin

• Hacking networks
• VAPT
• Information gathering tools
• Secure network design
• OS and Database security
• LINUX server hardening

Module 3: Concepts of Ethical Hacking

• Windows server hardening
• Database security
• Hijacking Windows using RAT and Trojan
• Web Application Security
• Burp suite tool
• SQL injection

Module 4: Concepts of vulnerabilities

• XSS Attack
• The Defence mechanism of SQL Injection and XSS attack
• Broken authentication and session hijacking
• Security misconfiguration
• Session Hijacking
• Malicious file inclusion

Module 5: Vulnerability Measures

• RFI & LFI (remote file inclusion & local file inclusion) vulnerability
• Denial of service (DOS) and distributed denial of service (DDOS) attacks
• Countermeasures of DoS and DDoS
• Web platform security issues and countermeasures
• Website code review and secure coding principles
• FORENSICS

Module 6: Handling the Vulnerabilities

• Insecure direct object reference
• Information leakage and improper error handling
• Failure to restrict URL access
• Request forgery attack and countermeasures
• Remote code execution
• Vulnerability study

Module 7: Types of Forensics

• A legal study of evidence acquisition
• Disk-based forensics
• Network Forensics
• Data packet analysis
• Browser forensics
• USB forensics

Module 8: Forensics tools and Data recovery

• Memory analysis
• windows forensics
• Tools based on forensic study
• Deleted data recovery
• Image Forensics
• Case investigation

Module 9: Firewalls and Security

• Evidence Recovery
• Protocol standards.
• Firewalls
• WLAN Security
• Dead vs Live forensics
• Computer Investigation process.

Module 10: Assessment & Auditing

• Investigating attacks
• COMPLIANCE
• Basic principles of assessment & auditing
• IT LAWS and ACTS
• ISO 27001:2005:2013 basics
• PCI DSS