OS Basic

- Kali Linux
- Terminal commands
- bash scripting
- Installing & Updating Tools
- CMD commands

Lab 1

- writing bash script to make an automatic backup.

Network Basic

- IP addresses
- TCP and UDP
- OSI model
- Subnetting
- ports and protocols and DNS
- IDS, IPS and Firewalls
- Router, Switch and Hub

Lab 2

- Network packets analysis.
-Scanning the network for live machines with bash scripting.

Cyber security introduction

- What is Cybersecurity.
-Cybersecurity History.
-Threat, Vulnerability, and Risk
- CIA Trails (Confidentiality , Integrity, Availability).
- Cybersecurity teams (Red Team vs Blue Team and other Cybersecurity teams).
- Penetration testing ,Vulnerability assessment and Risk Assessment
-Cyber Security Terminology
-Types of Malware.

The Ethical Hacker Methodology

- Information Gathering (Reconnaissance)
- Scanning & Enumeration
- Exploitation
- Post Exploitation

Information Gathering (Reconnaissance)

- active Information Gathering.
- passive Information Gathering.
- Information Gathering tools.

Lab 3

- Discover target IP addresses, Subnet, physical location, phone number, emails, employee names and more.
- Discover target DNS, MX records and more.

Scanning & Enumeration

-Scanning network Subnet and IPs.
- Discover open ports and protocols.
- Discover Running services and its versions.
- DNS Enumeration.
- SMB and netBios Enumeration.

Lab 4

- Scanning the network and get full Information about its port protocols and Running services.
- Discover network Running services Vulnerabilities.

Exploitation Basics

- Metasploit.
- MSFconsole.
- Exploit modules.
- Auxiliary modules.
- Payload modules.
- Meterpreter.

Lab 5

- using the previous discovered Vulnerabilities and gain access to the system.
- take screenshots, steal files, inject files and more to the victim machine.

Post Exploitation

- Metasploit.
- Post-exploitation modules.
- privilage sclaltion.

Lab 6

- Try to inject a back door and gain administrator access.

Web Application

- What is web Application.
- Scanning and Enumeration Web Application.
- Find out the Ports.
- Well Known Files.
- Web Directories discovery.
- Subdomains.
- Web Technologies used.

Lab 7

- Discover web app IPs and Subdomains.
- Discover open ports and its Running services.
- Discover Hidden folders and directories.
- Enumerate the web Application Vulnerabilities.

Web Application Vulnerabilities

- XXS.
- SQL injection.
- CSRF.
- Cross-Origin Resource Sharing (CORS) Policy.
- open redirect.
- Operating System (OS) command injection.
- Sensitive data exposure.
- Unrestricted File Upload.
- wordpress attacks.

Lab 8

- lab for every topic

Wireless Penetration Testing

- the basics of WLANs.
- bypassing the WLAN authentication.
- capture the handshake encrypted key.
- Cracking WLAN encryption.

Lab 9

- Attacking wireless network and gain access by cracking its encrypted handshake.

encryption

- Hashing vs encryption
- Symmetric encryption
- Asymmetric encryption
- Digital Signature and certificates

Report Writing

- how to document every Vulnerability you found.
- show the impact for each Vulnerability.
- Suggest a patch or fix or the discovered Vulnerabilities.

capture the flag (CTF)

- This will be a good practice for every topic we discussed during the course.
- the one how will get the flag will win the competition.