Cyber Security Complete Master Course

This module introduces the key concepts of offensive security, focusing on the role of ethical hacking in identifying and mitigating system vulnerabilities. You'll gain an understanding of how hackers think and operate to effectively exploit weaknesses.

• Introduction to Cyber World
• Attacks, Concepts, Techniques & Preventions
• Protecting Personal Data, Privacy, and Information
• Organizational approach to protect data
• Cyber Laws & Ethics
• Common forms of Cyber Crimes

This module covers networking basics, including components, types, and connections, alongside wireless networks, IP protocols (IPv4/IPv6), and routing concepts. It introduces key protocols like DHCP, ARP, NAT, and compares TCP and UDP, concluding with network testing utilities.

• Communication in Connected World
• Network Component, Types and Connections
• Wireless and Mobile Network
• Communication Principles
• Network Media
• IP Protocol (IPv4 & IPv6)
• DHCP, ARP, NAT
• Routing Between Networks & Subnetting
• TCP & UDP
• Network Testing Utilities

Explore how attackers exploit misconfigurations in network devices like routers, switches, and firewalls. This module teaches you to identify and leverage configuration vulnerabilities to assess and enhance network security.

• Network Design
• Cloud and Virtualization
• Number System
• Ethernet Switching and Network Layer
• Address Resolution, IP Addressing Services, Transport Layer
• Network Security Infrastructure
• Wire Shark Intro
• Wireshark Labs

This module explores how attackers use vulnerabilities on endpoint devices ranging from workstations to mobile devices for unauthorized access. It explains endpoint defenses, their breach, and mitigation.

• Securing Networks
• Attacking What We Do
• Wireless Network Communication
• Cloud Security
• Network Security Infrastructure
• System and Endpoint Protection

This module covers the identification and mitigation of various network threats and vulnerabilities, focusing on securing network infrastructures against possible risks.

• Network Security Testing
• Threat Intelligence

Focuses on strategies, tools, and techniques to secure a network. Some of the basic concepts are about system defence, access control, ACL, firewall technologies, and Windows OS security configurations.

• Understanding Defence
• System and Network Defence
• Access Control
• ACL's
• Firewall Technology
• Windows Operating System

Focuses on understanding the fundamentals of project management that include methodologies and processes as well as the basic phases of the initiation, planning, and executing a project with successful delivery.

• What is Project Management, Project Management Process, and Importance
• What is Project Initiation, Planning and Execution

Understanding Of All Linux Basics to Advance Commands.

• Performing Basic Linux Tasks
• Managing Users and Groups
• Managing Permissions and Ownership
• Managing Storage and Devices
• Managing Files and Directories
• Managing Kernel Modules
• Managing the Linux Boot Process
• Managing System Components
• Managing Networking
• Managing Packages and Software
• Securing Linux Systems
• Working with Bash Scripts and Automating Tasks
• Installing Linux

Focuses on identifying, assessing, and mitigating cyber threats, encompassing risk management, security controls, threat intelligence, governance, compliance, and endpoint vulnerability assessment to enhance organizational cybersecurity posture.

• Risk Management and Security Controls
• Governance and Compliance
• Endpoint Vulnerability Assessment

Focusing on the fundamental of computer hardware that includes motherboards, CPUs, and RAM along with peripheral devices. It also entails the process of installing and configuring hardware in keeping with the best practices of remote workforce requirements.

• Identifying Hardware Components
• Peripheral Devices
• Hardware Installation and Configuration
• Remote Workforce Hardware Requirements

Understanding the support and troubleshooting of tablets, smartphones, and e-readers. Included discussion about device components, application management, and security considerations like data protection, device tracking, and remote wiping for efficient performance and safety.

• Mobile Device Components
• Mobile Applications
• Troubleshooting connectivity and sync issues

Understanding Emphasizing best practices in the handling of safety, sustainability, and professionalism in IT operations. It includes handling safe hardware, minimizing environmental impact, and effective communication and documentation in technical environments.

• Safety Operations
• Environmental Impact
• Communication and Professionalism

This module will allow the students to know and acquire the skills for the identification, diagnosis, and solving of common software problems in PCs and mobile devices, such as operating system errors, malware infections, and security-related issues.

• Introduction to Software Troubleshooting
• Troubleshooting PC Operating Systems
• Troubleshooting Mobile Device Operating Systems
• Malware Troubleshooting
• Security Issues and Troubleshooting
• Tools for Troubleshooting
• Advanced Troubleshooting Techniques

This module equips learners with the ability to troubleshoot real-world problems with devices and networks. It is a structured diagnosis, analysis, and solution of commonly encountered hardware, software, and network-related problems in the professional world.

• Introduction to Troubleshooting
• Device Troubleshooting
• Network Troubleshooting
• Tools and Techniques
• Real-World Scenarios

This module will install, support, and troubleshoot various operating systems such as Windows, Mac OS, Chrome OS, Android, and Linux. It also has hands-on exercises on system configuration, command-line tools, client support, imaging, and advanced troubleshooting techniques. It is meant to prepare the learner with skills in the effective management and maintenance of multiple operating systems.

• Windows Operating System
• Mac OS
• Chrome OS
• Android Operating System
• Linux Operating System

This module introduces Offensive Security, highlighting how it differs from Defensive Security and why Ethical Hacking & Penetration Testing are essential for identifying vulnerabilities. It also covers legal and ethical considerations in cybersecurity. Additionally, learners will explore the Cyber Kill Chain, understanding how cyberattacks unfold step-by-step, along with an introduction to the MITRE ATTACK Framework and real-world attack techniques.

• Introduction to Offensive Security
  • What is Offensive Security and how it differs from Defensive Security
  • Importance of Ethical Hacking & Penetration Testing
  • Legal & Ethical considerations in cyber security engagements
• Cyber Kill Chain & Attack Lifecycle
  • Understanding how cyber attacks progress step-by-step
  • Introduction to MITRE ATTACK Framework
  • Common attack techniques used in real-world cybersecurity incidents

Teaches information gathering and OSINT techniques to identify targets.

• Submodules & Techniques
  • Search Engine Footprinting
  • IoT Footprinting
  • Web Services Footprinting
  • Network, Website, Email, and DNS Footprinting
• Tools
  • Google Dorking, Exploit DB, Google Advanced Search
  • Archive, WHOIS, Shodan.io, Censys.io
  • Netcraft, Wappalyzer, Hunter.io, Recon-ng
  • Maltego, Sherlock, theHarvester, NSLookup

Explores network scanning techniques to discover live hosts and services, also focuses on extracting useful information like usernames, machine names, and network shares.

• Submodules & Techniques
  • Active & Passive Scanning
  • TCP Connect Scan, SYN Scan (Half-Open Scan), UDP Scan
  • Stealth Scan, Fragmentation Scan, OS Fingerprinting
  • Banner Grabbing, Service Version Detection, Port Range Scanning
  • IDS Evasion Techniques, Decoy Scanning, Spoofed Scanning
• Tools
  • Nmap, Zenmap, Netcat, Angry IP Scanner

Covers identifying and assessing security weaknesses in systems and networks with proper exploitation and privilege escalation.

• Submodules & Techniques
  • Identifying System & Software Vulnerabilities
  • Patch Analysis & Version Enumeration
  • Misconfiguration Exploitation
  • CVE (Common Vulnerabilities and Exposures) Mapping
  • Exploitability Testing
• Tools
  • Vulnerability Analysis: Nmap, OpenVAS
  • System Hacking & Exploitation
    • Password Cracking (Brute Force, Dictionary, Rainbow Tables)
    • Exploiting Weak Credentials (Default Passwords)
    • Privilege Escalation (Windows/Linux)
    • Registry Exploitation (Windows)
    • Tools: Metasploit Framework, Exploit-DB / SearchSploit, Hydra

Explores types of malware, attack techniques, and countermeasures.

• Submodules & Techniques
  • Payload Creation
  • Generating Reverse Shells
• Tools
  • Msfvenom, msfconsole, RAT

Covers packet capturing and analyzing network traffic for sensitive information and stealing active user sessions.

• Submodules & Techniques
  • Wireshark Capturing
  • HTTP Unprotected Traffic Sniffing
  • Checking TCP HTTP Stream Analysis
  • ARP Poisoning
  • Session Hijacking
• Tools
  • Wireshark, Ettercap, Bettercap

Explains how to perform DoS/DDoS attacks and prevent service disruptions. Also covers psychological manipulation techniques used in phishing attacks to exploit human vulnerabilities.

• Submodules & Techniques
  • DDoS Attacks
    • DHCP Starvation (Exhausting DHCP Pool)
    • MAC Flooding (CAM Table Overflow)
    • SYN Flooding (Excessive TCP SYN Requests)
  • Social Engineering Attacks
    • Phishing (Credential Harvesting via Fake Pages)
    • Location Tracking (IP & GPS-Based Target Tracking)
• Tools
  • DDoS Tools: Wireshark, HPING3, macof
  • Social Engineering Tools: msfconsole, setoolkit, zphisher, nexphisher

Teaches methods to bypass security defenses and monitoring systems.

• Submodules & Techniques
  • IDS/IPS & Honeypots Implementation
  • Adding Network Adapters in pfSense
  • Installing & Configuring IDS/IPS in pfSense (Snort/Suricata)
  • Creating & Managing Firewall Rules
  • Blocking Malicious IPs
  • Generating Alerts for Flooding IPs
• Tools
  • pfSense, Snort

Explains attacks targeting web servers and web application vulnerabilities, also focuses on database exploitation using SQL injection.

• Submodules & Techniques
  • Web Vulnerability Scanning
  • Detecting OWASP Top 10 Issues
  • Spidering & Crawling
  • Active Scanning & Fuzzing
  • SQL Injection Exploitation
• Tools
  • OWASP ZAP, Burp Suite, Nikto, WhatWeb

Covers vulnerabilities and attack methods for mobile and wireless devices.

• Submodules & Techniques
  • Android Exploitation
    • Android Payload Creation
    • Remote Access via AndroRat
    • ADB Shell Exploitation
    • Dumping & Cracking Android Passwords
  • Wireless Exploitation
    • Capturing WPA/WPA2 Handshakes
    • Cracking Wi-Fi Passwords
    • De-authentication Attacks
• Tools
  • Android Exploitation: msfconsole, msfvenom, AndroRat, ADB Shell
  • Wireless Exploitation: airmon-ng, airodump-ng, aircrack-ng, wifite

Explores security risks in IoT devices and cloud environments using various exploitation techniques.

• Submodules & Techniques
  • IoT Security: Finding & Identifying Vulnerable IoT Devices
  • AWS S3 Bucket Enumeration & Misconfiguration Exploitation
• Tools
  • IoT Security Tools: Shodan.io, Censys.io, Nmap
  • Cloud Security Tools: LAZYS3, S3Scanner, AWS-CLI

Exploiting cryptographic weaknesses and cracking encryption algorithms.

• Submodules & Techniques
  • Encoding & Decoding (Base64, Hex, URL Encoding)
  • Symmetric & Asymmetric Encryption/Decryption
  • Hashing & Integrity Verification
• Tools
  • echo, base64, openssl, John the Ripper

This module focuses on the fundamental concepts of digital forensics — how it is used to investigate cybercrimes or to retrieve digital evidence. And the procedure in which evidence is collected, preserved, analyzed, and physically presented in a court of law. With this, students can learn the tools and techniques used in digital forensics, as well as the ethical and legal aspects of it. It also covers keeping chain of custody and following industry best practices to maintain the integrity and reliability of digital evidence during investigations.

• Overview of Digital Forensics and Investigation
• Autopsy
• Files Recovery
• Steganalyses
• Steganography

This module introduces the core purpose and functions of a Security Operations Center (SOC), emphasizing its role in threat detection, analysis, and response. It also covers the structure of SOC teams, their workflows, and the responsibilities assigned to different roles to ensure seamless security operations. This module also focuses on the UK’s regulatory landscape, highlighting the importance of compliance with GDPR for data protection and NIS for securing critical infrastructure.

• Overview of SOC Operations and Functions
• Structure of SOC
• UK Regulations: GDPR, NIS Compliance

Learn the principles of log collection and correlation, essential for identifying suspicious activity. This module introduces SIEM (Security Information and Event Management) systems and their critical role in SOC operations. Additionally, it explores integrating the Elastic Stack (ELK) with SIEM for advanced log analysis and threat detection.

• Log Collection and Correlation Concepts
• Introduction to SIEM and Its Role in SOC
• Integrating Elastic Stack (ELK) with SIEM

This module covers the fundamentals of Intrusion Detection and Prevention Systems (IDS/IPS) and their role in monitoring and protecting networks. It provides an overview of open-source tools like Snort and Suricata and demonstrates setting alerts and monitoring traffic for suspicious patterns.

• Introduction to IDS/IPS
• Open-Source IDS/IPS: Snort/Suricata Overview
• Monitoring Traffic and Setting Alerts in Snort

Understand the importance of Threat Intelligence (TI) in SOC for proactive threat identification and response. This module explains the incident response workflow, leveraging tools like MISP for managing threat intelligence and integrating it with SIEM for enhanced detection and mitigation.

• Introduction to Threat Intelligence (TI)
• Incident Response Workflow in SOC
• Using MISP for Threat Intelligence in SOC
• Integrating Threat Intelligence with SIEM

This module introduces Endpoint Detection and Response (EDR) and its significance in SOC operations for detecting endpoint-based threats. It covers tools like Osquery for querying endpoint data and offers hands-on practice analyzing endpoint threat data for real-world scenarios.

• Introduction to EDR and Its Importance
• Overview of Osquery: EDR Tool for Endpoint Threat Detection
• Querying Endpoint Data and Detecting Threats

Learn the principles of vulnerability management in SOC, focusing on identifying, analyzing, and prioritizing vulnerabilities. The module provides an overview of tools like OpenVAS and Vuls, enabling participants to create actionable plans for mitigating security risks effectively.

• Understanding Vulnerability Management in SOC
• Overview of Vulnerability Scanning Tools: OpenVAS, Vuls
• Analyzing Vulnerabilities and Creating Action Plans

This module introduces Network Traffic Analysis (NTA) for detecting malicious network activities. It covers tools like Wireshark for packet analysis and Zeek for monitoring network traffic and identifying suspicious patterns to strengthen network defenses.

• Introduction to Network Traffic Analysis
• Packet Analysis Tools: Wireshark Overview
• Zeek: Monitoring Network for Malicious Patterns

Discover the role of SOAR platforms in automating repetitive SOC tasks to enhance efficiency. This module introduces tools like TheHive, Cortex, and Shuffle to demonstrate automated threat response workflows and orchestration of security operations.

• Introduction to SOAR and its role in SOC
• Automating SOC Tasks Using TheHive + Cortex
• SOAR Automation Platforms: Shuffle Overview

This module highlights the importance of firewalls and Unified Threat Management (UTM) in network security. It provides an overview of pfSense as a robust UTM solution and demonstrates its application in securing network environments.

• Introduction to Firewall and UTM
• Overview of pfSense for Network Security