Scribd
Upload
262 views3 pages

Ethical Hacking Syllabus

The document outlines an ethical hacking syllabus that covers 20 modules across 18 days. It includes topics like information gathering, scanning, system hacking using Metasploit, privilege escalation, Active Directory, Kerberos, cryptography, wireless attacks, website attacks like XSS and SQL injection, IoT hacking, DDoS attacks, and intrusion detection and prevention systems. The syllabus aims to teach students the various phases of ethical hacking through hands-on activities in a structured manner over the course of multiple modules.

Uploaded by

Adarsh YALLA
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
262 views3 pages

Ethical Hacking Syllabus

The document outlines an ethical hacking syllabus that covers 20 modules across 18 days. It includes topics like information gathering, scanning, system hacking using Metasploit, privilege escalation, Active Directory, Kerberos, cryptography, wireless attacks, website attacks like XSS and SQL injection, IoT hacking, DDoS attacks, and intrusion detection and prevention systems. The syllabus aims to teach students the various phases of ethical hacking through hands-on activities in a structured manner over the course of multiple modules.

Uploaded by

Adarsh YALLA
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Ethical Hacking Syllabus

Module 1: 2 Hours - 3 Topics


 Introduction: (Day 1)
o What is Ethical Hacking
o What are the different types of hackers
o Five phases of hacking
o Scope of Ethical Hacking
 Brush up Linux (Optional) (Day 1)
 Brush up networking (Optional) (Day 1)

Module 2: 2 Hours - 3 Topics


 Information Gathering: (Day 2)
o Passie Information Gathering
o Active Information Gathering
o Five phases of hacking
o Scope of Ethical Hacking
 Brush up Linux (Optional) (Day 2)
 Brush up networking (Optional) (Day 2)

Module 3: 2 Hours - 1 Topic


 Scanning (Day 3)

Module 4: 2 Hours - 1 Topic


 Syatem Hacking: (Day 4)
o Introduction to Metasploit Framework
o Exploit MS17-010 Vulnerability
o Reerse TCP Connection

Module 5: 2 Hours - 1 Topic


 Syatem Hacking (Cont.): (Day 5)
o Priviledge Escalation using post exploit bypassuac and getsystem
o Reverse connection in different network using port forwarding
o Android hacking using reverse TCP connection

Module 6: 2 Hours - 1 Topic


 System Hacking (Cont) (Day 6)
o Show software based vulnerabilities (Badblue/iceblaster)

Module 7: 2 Hours - 1 Topic


 System Hacking (cont) (Day 7)
o Introduction to Active Directory
o Explain OU, DC, TREE, FOREST

Page 1
o Explain LDAP
o Explain how AD works
o Explain smb share
o Explain SPN

Module 8: 2 Hours - 1 Topic


 System Hacking (cont) (Day 8)
o Introduction to Kerberos
o Explain how Kerberos works (Authentication Server, Ticket Granting
Server, TGT etc)
o Explain Kerberoasting attack
o Mention
o ASREPROASTING
o Golden Ticket

Module 9: 2 Hours - 1 Topic


 Syatem Hacking (Cont.): (Day 9)
o Malware (Different types of Malware, Virus and Trojan)
o AV bypass

Module 10: 2 Hours - 2 Topics


 Sniffing using Wireshark (Day 10)
 Man In the Middle Attack using the concept of ARP poisoning (Day 10)

Module 11: 2 Hours - 2 Topics


 Cryptography (Day 11)
o Symmetric Encryption Algorithm
o Asymmetric Encryption Algorithm
o Hash Algorithm
 Steganography (Day 11)

Module 12: 2 Hours - 1 Topic


 Wireless Attacks (Day 12)
o Explain Wifi attacks (Deauth packets)
o Explain Wifi 4 way handshake
o Explain the attack scenario and procedure
o Explain fake access point attacks

Module 13: 2 Hours - 1 Topic


 Website Attacks (Day 13)

Module 14: 2 Hours - 1 Topic


 Website Attacks(cont) (Day 14)
o Explain XSS attacks
o Explain different types of XSS attacks

Page 2
o Prevention

Module 15: 2 Hours - 1 Topic


 Website Attacks(cont) (Day 15)
o Explain sql injection attacks
o Explain different kinds of sql injection attacks
 error based
 boolean based
 union based
 Mention: blind/time based
o Prevention

Module 16: 2 Hours - 1 Topic


 Website Attacks (cont) (Day 16)
o Explain CSRF attacks and prevention
o Explain cookie stealing, session hijacking
o Show a login brute force example
o Talk about how to prevent such attacks

Module 17: 2 Hours - 1 Topic


 Website Attacks (cont) (Day 17)
o Show data tampering attacks
o Phishing Attack
o File upload vulnerability

Module 18: 2 Hours - 1 Topic


 IOT Hacking (cont) (Day 18)
o Explain various attack vectors in IOT hacking

Module 19: 2 Hours - 2 Topics


 DOS and DDOS attacks (Day 19)
 Cloud based attacks: (Day 19)
o Explain cloud based attacks vectors

Module 20: 2 Hours - 2 Topics


 IDS (Day 20)
 IPS (Day 20)

Page 3

You might also like