Objective: Build a clear understanding of cybersecurity basics, ethical hacking principles, and career opportunities, helping you confidently start your journey in this field.

• Fundamentals of Cyber Security & Information Security
• Fundamentals of Ethical Hacking
• Security Principles, Controls, Laws, and Standards
• Indian Cyber Law
• Careers in Cyber Security

Minor Practicals:

• Explore different cyber threats in lab scenarios
• Case study: Understanding real-world cyber attacks

Objective: Learn networking concepts, protocols, IP addressing, and web architectures to analyze networks effectively and support ethical hacking tasks in real-world scenarios.

• Introduction to Computer Network, Topologies, and Types
• IP Addressing & Subnetting
• TCP/IP Model Overview
• Most Common Protocols
• Overview of Web Architecture

Tools: Cisco Packet Tracer

Minor Practicals:

• Draw and label different network topologies
• Calculate subnets for given IP ranges
• Match protocols to their functions (HTTP, FTP, DNS)
• Diagram a basic web architecture
• Simulate network topologies in Cisco Packet Tracer
• Capture and analyze packets using Wireshark

Objective: Gain hands-on Linux skills for navigating systems, managing files, configuring networks, and writing simple scripts, essential for security testing and administration.

• Lab Setup & OS Virtualization
• Introduction to Linux
• Basic Commands
• Creating, Viewing, and Editing Text Files
• Process Management
• Linux Networking
• Introduction to Bash Scripting

Tools: VMware, Kali Linux, Parrot OS

Minor Practicals:

• Install Kali/Parrot OS on VMware
• Practice common Linux commands
• List running processes and terminate a specific process
• Configure a static IP address in Linux
• Write a simple Bash script to automate a task

Objective: Master ethical methods to gather valuable information about systems, websites, and networks using tools and search techniques to identify potential vulnerabilities.

• Passive & Active Reconnaissance Techniques
• Footprinting Through Search Engines & Web Services
• Website, Network, Email, DNS, and Whois Footprinting

Tools: Maltego, Recon-ng, theHarvester, Shodan, WHOIS Lookup Tools, Google Dorks, Nslookup, Dig, dirb, gobuster

Minor Practicals:

• Perform Google Dorks search for sensitive data
• Use WHOIS to gather domain info
• Run DNS queries using nslookup/dig
• Identify open directories using dirb/gobuster
• Map relationships using Maltego
• Conduct reconnaissance using Recon-ng and theHarvester

Objective: Learn to scan networks and systems for open ports, services, and vulnerabilities, analyze results, and prioritize risks responsibly.

• Port & Service Scanning
• OS Identification & Banner Grabbing
• Scanning Beyond Firewalls

Tools: Nmap, Zenmap, Angry IP Scanner, Hping3

Minor Practicals:

• Run basic Nmap scans to identify open ports
• Perform banner grabbing on target systems
• Identify OS using Nmap
• Compare scan results with Angry IP Scanner & Zenmap
• Execute full Nmap scan with OS detection & service enumeration

Objective: Explore techniques to extract detailed system and network information, identify exposed services, and understand potential security weaknesses ethically.

• NetBIOS Enumeration
• SMB Enumeration
• LDAP Enumeration
• SNMP Enumeration
• Other Common Protocols Enumeration

Tools: enum4linux, Nmap scripts (NSE), SNMPwalk, LDAPsearch

Minor Practicals:

• Run Nmap scripts for SMB enumeration
• Perform NetBIOS enumeration on a target
• Query SNMP services using SNMPwalk
• Extract LDAP attributes using LDAPsearch
• Enumerate a target system using enum4linux & Nmap scripts

Objective: Conduct vulnerability scans, analyze findings, research exploits, and learn to prioritize risks to improve overall system security.

• Vulnerability Scanning
• Vulnerability Assessment Techniques
• Vulnerability Research

Tools: Nessus, OpenVAS, Nikto

Minor Practicals:

• Run basic Nikto scan on a web server
• Identify CVEs for known vulnerabilities
• Compare Nessus and OpenVAS scan outputs
• Categorize vulnerabilities by severity
• Perform vulnerability scan using OpenVAS and generate a report

Objective: Understand how attackers exploit vulnerabilities, practice ethical hacking to escalate privileges, maintain access, and simulate real-world attacks safely.

• Password Cracking
• Vulnerability Exploitation
• Privilege Escalation
• Maintaining Access
• Covering Tracks

Tools: John the Ripper, Hashcat, Metasploit Framework, Pwdump7, Mimikatz, Netcat, Hydra, Searchsploit, Exploit-db, WinPEAS, LinPEAS, CCleaner

Minor Practicals:

• Crack password hashes using John the Ripper
• Extract credentials using Mimikatz
• Identify privilege escalation vectors with WinPEAS
• Exploit system vulnerabilities using Metasploit

Escalate privileges and maintain access ethically

Objective: Learn about malware types, behaviors, and components, and perform ethical analysis to detect, dissect, and prevent malicious software threats.

• Malware & Its Types
• Components of Malware
• Virus & Its Types
• Malware Analysis

Tools: Strings, PEStudio, VirusTotal, Sandbox, Remnux, Ghidra, Regshot

Minor Practicals:

• Extract strings from a binary using Strings
• Analyze files with PEStudio
• Submit samples to VirusTotal
• Compare system snapshots using Regshot

Conduct malware analysis in a sandbox environment

Objective: Explore human-focused attacks, simulate social engineering ethically, and understand techniques to protect individuals and organizations from manipulation.

• Social Engineering & Its Types
• Countermeasures

Tools: SET (Social Engineering Toolkit), Ohphish

Minor Practicals:

• Create phishing email templates
• Identify phishing indicators in sample emails
• Simulate pretexting scenarios
• Set up a phishing campaign using SET and analyze results

Objective: Understand DoS and DDoS attacks, learn how botnets work, and ethically simulate attacks to strengthen network defenses.

• DoS Attack
• Botnet
• DDoS Attack
• Countermeasures

Tools: LOIC, HOIC, Hping3

Minor Practicals:

• Simulate basic DoS attacks with Hping3
• Identify botnet characteristics
• List DoS countermeasures
• Analyze DoS attack logs
• Perform controlled DoS simulation using LOIC

Objective: Capture and analyze network traffic to identify sensitive information and learn ethical ways to prevent sniffing attacks.

• Sniffing Concepts
• Different Sniffing Techniques
• Sniffing Countermeasures

Tools: Wireshark, Ettercap

Minor Practicals:

• Capture HTTP traffic with Wireshark
• Identify clear-text credentials in packets
• Perform ARP spoofing using Ettercap
• Analyze network traffic in lab environment

Objective: Understand session hijacking methods, test vulnerabilities in a safe environment, and implement strategies to secure applications and user sessions.

• Session Hacking Concepts
• Application-Level & Network-Level Session Hacking
• Session Hacking Tools & Countermeasures

Tools: Wireshark, Burp Suite, OWASP ZAP, Cookie Editor

Minor Practicals:

• Capture session cookies with Wireshark
• Manipulate cookies using Cookie Editor
• Test session vulnerabilities using OWASP ZAP

Perform session hijacking in lab using Burp Suite

Objective: Learn ethical ways to bypass IDS, firewalls, and detect honeypots while understanding how to improve network defenses effectively.

• IDS, IPS, Firewall, and Honeypot Concepts
• Evading IDS & Firewalls
• Detecting Honeypots
• Countermeasures

Tools: Nmap, MSF, Snort, Honeyd

Minor Practicals:

• Run Nmap scan to evade IDS detection
• Identify firewall rules using MSF
• Detect honeypots with probes
• Evade firewall using lab simulations