banner
Logo-CO-ISS

CO-NPE CyberOps Network Pentest Expert

Duration:One Month

Course Level:Specialization

Modules to be covered:

The Module is designed to give an introduction to the fundamentals of internet and its primary concepts from origin to the current trending concepts of information security world. For beginners course offers a complete knowledge of basic security concepts, principles, and the key terms associated with information security and cyber World. Intend of the module is to clear misbelieves and myths of cyber world and also to study recent trends as well as threats and modus operandi of cyber criminals and testers.

The module at beginning will define the basic terminologies, introduction of operating systems and technical aspects will follow in the later part of module that includes how multiple operating systems are installed and configured through virtualization. Course aims to implement understanding of how virtual machines are separated inside the same physical host and how they communicate with lower hardware levels, working of virtualization technology and components involved and the essentials to setup a lab for further modules in this course like web application hacking, malware analysis.

For Information protection data security is essential and thus it need to be encrypted. The module begins with introduction of cryptography from its origin to traditional methods and modern techniques. Cryptography has important applications in information security and data protection techniques. The second half of the module Explore and describe basic concepts of cryptography including secret key and private key systems, encoding and decoding. Difference between encryption and encoding along with techniques and methods of decryption also demonstrate how Hash Values are calculated using cryptographic hash function by studying hash techniques and also how to crack the hash. Introduction to data hiding techniques like steganography, understanding of how cryptography applies complex mathematics and logic to design strong encryption methods will also be discussed.

Networks are defined as medium for communication between two or multiple systems, i.e. it constitutes a mechanism, of information that travels across multiple devices using various mediums, concepts of Domain name system, Servers, Connection mechanism. The module will cover in depth knowledge of OSI model and TCP/IP model and how data is transmitted through network, along with various Protocols used at each layer with special focus on networking layers. Network design and implementation, what devices are used for the data transmission i.e. hardware associated with networking like switches, router, hub etc , along with types of network, internet protocol v4 & v6, ports & protocols, sub-netting concepts, domain name system and its working, Network architecture and standards.

Network scanning mechanism is based on an attempt to try to connect to the TCP and UDP ports of the examined computer in order to determine the running services and the corresponding ports. Serviced ports may be open or waiting for a request. The definition of ports that are in standby mode allows you to find out the type of operating system, as well as applications running on your target's computer.

Network enumeration is a technique through which the attacker gathers more sensitive information about the network, connected devices, servers with their service versions and user group information and shared data. Enumeration provides precise information which is crucial to launch a successful attack.

The module will begin with an introduction of loopholes in protected wi-fi networks and its testing. Students will be able to learn, how to test security of a protected wifi network. In the later phase module will include hands on demonstration of internal network attacks like sniffing, MITM, DNS cache poisoning. Introduction of misconfigurations and loopholes in router security. Module will also incorporate various internal security concepts like firewalls,IDS,IDPS. Module will cover scanning networks for live systems and their open ports further it will include operating system finger printing and grabbing banners of running services on remote system.

This module deals with various exploitation methods with the in-depth knowlege of Metasploit. Metasploit is a framework which allows a security tester to arrange their exploits and launch them easily and how metasploit cover different types of pre build exploits. The scope of exploitation after compromising a particular system and its effect on network and user. The module cover exploitation techniques for different types of systems like Windows, Android, iOS & MacOS.

In this module basics of C, shell scripting and Python language will be discussed with students. This module will also cover the techniques used by testers to create exploits. Participants will be able to create their own exploits using Buffer Overflow vulnerabilities.

This Module is desined to introduce the participants to various methods of gaining the administrative rights on their target through privilege escalation. Hands-on Windows and Linux based Privilege escalation methodologies will also be discussed.

This course aims to train the participants for various degrees of CTFs. CTFs are events that are usually hosted at information security conferences. These events consist of a series of challenges that vary in their degree of difficulty, and that require participants to exercise different skill sets to solve. Once an individual challenge is solved, a "flag" is given to the player and they submit this flag to the CTF server to earn points. Players can be lone wolves who attempt the various challenges by themselves, or they can work with others to attempt to score the highest number of points as a team.

This course starts with the introduction of the fundamentals of reporting a vulnerability. Building a well detailed report is very important, it helps the developer to understand where the problem is and how to patch it. Participants will be introduced to the proper method to make a well formatted concise report.

This session will include various cyber crime cases and criminal modus operands. Also will be discussed various cyber crime cases handled by cyberops along with investigation procedure. Methods to handle cyber crime cases and Dos and Don'ts of handling cyber crime cases will be discussed. Indian IT act with reference to case studies from cyberops will be discussed.

attend-icon

Who should attend?

Course is designed to address the needs of:

  • Anyone with Computer engineering background or pursuing BCA/MCA.
  • Ethical Hacking Students.
  • Security Analysts.
  • Law Enforcement Personnels.
  • IT Personnels working in Android Development domain.
  • IT Personnels working in IT-Security domain.

Recommendation:

Course is suitable for those who are looking to get a foothold in information security and join field of Android Application Penetration Testing as a profession or aim to explore new career opportunities. It is the most intensive course offered by Cyberops training which will provide a unique perspective into the intricate world of information and Cyber security. Thus the Course it highly recommended to:

  • Professionals who are looking for prospective career opportunities in cyber security field.
  • This course is most recommended for Security Enthusiasts, IT professionals, and Mobile Application Developers seeking to understand typical mobile application security issues in detail.

Pre-Requisite:

Basic knowledge of programming fundamentals.

Basic knowledge of programming languages such as Java.

Basic security concepts such as : cryptography, reverse engineering, SQL injections and web tools such as Wireshark and OWASP ZAP (or Burp).

gift-img

Course Package includes:

  • Cyberops Welcome Kit
  • Advanced Software Toolkit
  • Challenges of penetration testing.

At the end of the course you will be able to:

This certification course is designed as a complete guide to understand and practice Android Mobile Application hacking efficiently in real time. The course is very well structured which includes vivid explanation of the terminologies , functionality. For deep understanding, we have well equipped labs where we teach students to work on different platforms and help them build basics which includes working on different operating systems (windows, linux), briefing on android smart phones and its versions.

Techniques and methods how to penetrate Android Mobile Applications, how to begin with android app penetration testing, network monitoring on devices, hack vulnerable applications that has been created by our trainers in order to help you practice all the hands-on exercises and finally some automated tools to complete the task. The course contains more than 14 challenges where we will teach you how to crack it.

Discover all the android application security models which play an important role in the design and evaluation of high assurance security systems. It mainly focuses on Virtualization, APK File Structure, networking emulator, ARM packages in emulator, Android Application Development Basics, Privilege Management & Escalation, Analyzing,Root Access in Android.

All the doubts related to this course are thoroughly discussed by our qualified trainers in the discussion session.

certificate-icon

Certification:

The entire program covers basic outline of cyber security as well as methods and techniques of how attacks are performed and possible outcomes of attacks along with the detection and prevention methods for the same.

Thus the practical exam after the course is entitled for certification aiming at how participants use skills, expertise and knowledge gained throughout course to detect possible attacks and methods to penetrate, hence to be specialized for the modules covered candidates are required to clear the set performance criteria for certification.

Requirements:

We use Simulation test method to provide real time challenge which will help participants to use skills , expertise and knowledge acquired during the entire course.
Passing Criteria: 70% and above
Duration of test: 5 hrs

Excellence Award

Participant with highest score in batch will be awarded with Cyberops award of performance Excellency – CAPE Medal and certification of Merit.

Terms & Conditions:

  • No. of attempts :One
  • Verification method for certification: The certificate will incorporate a unique ID for every participant and the same can be used for verification from Our Website.