istock-518556682
User Avatar
skm9977
(0 review)

Overview

Overview

Introduction to Cyber Security and Penetration Testing

  • Virtualization overview
  • Demonstration of Kali Linux
  • What is Risk?
  • 5 Phases of Hacking
  • TCP/IP and OSI model

Linux for Pentesters

  • Linux Overview
  • Footprinting Concepts

Information Gathering and NMAP Scanning

  • Maltego Overview :
  • Nikto Overview :
  • Dirbuster Overview :
  • NMAP : Scanning the Network :

Networking and Scanning Methods

  • Nessus vulnerability assessment
  • Netcat for Pentester
  • Wireshark · Go Deep.

Burp Suite – Application Security Testing Software

  • Introduction to Burp suite
  • Website Fundamentals

Introduction to WAPT (Web Application Penetration Testing)

  • Basic Overview of OWASP Projects
  • THC-Hydra overview

Basic Overview of Command Injection, File upload Vulnerability

  • Command Injection vulnerability :
  • File Uploads Vulnerability :

SQL injection, XSS attacks :

  • What is SQL Injection Vulnerability?
  • Practical with SQLMAP
  • What is XSS?
  • Types of XSS

Information Security Compliance, Python For Offensive PenTest

  • Python For Offensive PenTest
  • VAPT Life Cycle
  • HIPAA Privacy

Information security compliance and management

  • ISMS 27001 Risk Management
  • NIST Cyber Framework
  • HiTrust Compliance.

OS Hardening and Linux Security

    • OS Compliance
      • Vulnerability scan with Nessus/ Nexpose
      • Intro to CIS Benchmarks
      • CIS Controls
    • Account Security
      • PAM
      • Password Security
      • User-level Access Management
      • Security by Account Type
    • Network Security
      • Network Security Basics
      • Securing SSHD
      • Linux Firewall Fundamentals
      • Configuring the Firewall from the Command Line
      • SELinux
      • Port Scanning
    • Application and Filesystem Security
      • File and Directory Permissions
      • Special Modes – Sticky Bits and SUID
      • File Attributes
      • ACLs
      • Rootkits
      • OS Patching and vulnerability management with yum
    • Logging and Auditing
      • Linux OS logs – dmesg, btmp, wtmp, messages and access logs
      • Audit
    • Automated server hardening with Ansible

AWS Cloud Security

    • Access Control and Management
      • IAM
      • MFA
      • Identity Federation
    • Network Security, Logging, Encryption, and Application security
      • NaCl and VPC Security
      • AWS WAF & Shield
      • CloudTrail
      • KMS
    • Governance, Risk Management, and Compliance
      • Guard duty
      • AWS Inspector
      • AWS Config
      • AWS Security Hub
    • Data Protection and secrets management
      • S3 security
      • DynamoDB security
      • Secrets Manager

Compliance as Code and monitoring

    • Intro to Compliance as Code and policy enforcement
      • Sentinel
      • Inspec
    • Intro to Dashboards and Automated Vulnerability Detection
      • Archery

Container Security

    • Securing Docker
      • Docker Namespaces
      • Control groups and Docker
      • Using AppArmor profiles
      • Using seccomp profiles
      • Using capabilities
    • Container Security Monitoring
      • Monitor Container Security Parameters with OSQuery
      • Compliance and monitoring with Falco
    • Container Vulnerability Scanning and Audit
      • Static Analysis – Container Security Scanning
      • Intro to Clair / Anchor
      • Intro to Docker-Bench
    • Docker Runtime Security
      • Twistlock

DevSecOps – Build & Deployment Security

    • DevOps – Recap
    • Security Challenges in DevOps
      • Risk Assessments and Lightweight Threat Modeling
      • DevSecOps Maturity Model (DSOMM)
      • Maturity levels and tasks involved
      • 4-axes in DSOMM
    • Basics of Deployment Strategy
      • Blue/Green deployment strategy
      • Shift Left
    • Security in pre-commit
      • Sonar lint
    • Security in commit
      • SAST and component analysis
      • Veracode or checkmark or SonarQube
    • Security in acceptance
      • DAST and security acceptance testing along with automated pen-testing.
      • OWASP ZAP
      • Arachni
    • Secrets Management
      • Hashicorp Vault or others
    • Runtime Application Self-Protection (RASP)
      • Introduction
      • Contrast/ tCell

Course Features

  • Lectures 19
  • Quizzes 1
  • Duration 60 hours
  • Skill level All levels
  • Language English
  • Students 234
  • Assessments Yes

Curriculum

Curriculum

Instructor

Instructor
author avatar
skm9977

Reviews

Reviews

Reviews

Average Rating

0
0 rating

Detailed Rating

5
0%
4
0%
3
0%
2
0%
1
0%
$400.00

You May Like

You May Like

Leave A Reply

Your email address will not be published. Required fields are marked *

Message modal