Overview

A hands-on training dedicated to helping you master the techniques malicious hackers use to penetrate digital infrastructure to predict their actions beforehand for safeguarding your infrastructure.

  • 108+ modules aligned to latest curriculum.

  • Learn step-by-step methodologies hackers use to penetrate network systems.

  • Master all tools and techniques supported demonstrated with real-life case scenarios.

  • Dedicated support team to help you grow and innovate.

Course curriculum

  • 1

    About the Course

  • 2

    Introduction to Red Team Essentials

  • 3

    Introduction to VAPT

    • Red Team Testing Phases

    • Reconnaissance and Hands-On: GoogleDorks

    • Reconnaissance and Hands-On: Default Passwords

    • Reconnaissance and Hands-On: Web Server

    • Reconnaissance and Hands-On: Maltego for information

    • Reconnaissance and Hands-On: RedHawk for information

    • Scanning and Hands-On: Network Discovery

    • Scanning and Hands-On: Ettercap for network scan

    • Scanning and Hands-On: NMap

    • Scanning and Hands-On: Simple bash script for ping sweep using search engine

    • Scanning and Hands-On: Simple bash script for ping sweep

    • Scanning and Hands-On: Port Scanning

    • Scanning and Hands-On: Scanning Types

    • Vulnerability Scanning Setup: OpenVAS tool

    • GVM (Greenbone Vulnerability Management) installation on kali Linux 2020 and latest versions.

    • Lab tips for Installing GVM openvas and updating latest vulnerabilities database

    • Performing a vulnerability scan using OpenVAS

    • Vulnerability Scanning Setup: OpenVAS report

    • Vulnerability Scanning Setup: Nessus tool

    • Vulnerability Analysis and Penetration Testing (VAPT) Assessment Report Sample

    • Vulnerability Analysis and Penetration Testing (VAPT) Sample Questionnaire

    • Vulnerability Analysis and Penetration Testing (VAPT) Summary Report Sample

    • Sample Web application VAPT report

    • Assessment to Introduction to VAPT

  • 4

    Exploiting Vulnerabilities

    • Exploiting Existing Vulnerabilities: On Server

    • Exploiting Existing Vulnerabilities: Critical vulnerability in Windows 7 found in report

    • Metasploit Framework (MSF): Introduction

    • Metasploit Framework (MSF): Software Architecture

    • Metasploit Framework (MSF): Understanding payloads

    • Understanding a Real Scenario: Introduction

    • Understanding a Real Scenario: Windows Static NAT for hacking

    • Configuring & Running an Exploit: Metasploit Reverse Shell

    • Understanding Meterpreter shell: Meterpreter usage

    • Understanding Meterpreter shell: Meterpreter usage privilege escalation

    • Understanding Meterpreter shell: Persistence

    • Understanding Meterpreter shell: Process Migration

    • Understanding Meterpreter shell: Keylogger

    • Understanding Meterpreter shell: Changing user password and firewall settings

    • Understanding Meterpreter shell: Clearing tracks

    • What is Pass the Hash Attack?

    • 17.Pass the Hash Attack (Lab)

    • Pivoting: What is it?

    • Pivoting (Lab)

    • Assessment of Exploiting Vulnerabilities

  • 5

    Post Exploitation

    • Introduction to Post Exploitation

    • Introduction to Privilege Escalation

    • Privilege Escalation on Linux systems

    • Privilege Escalation Labs: MS2 privilege escalation distcc vuln

    • Privilege Escalation Labs: Using Kernel Exploit

    • Privilege Escalation on Windows Systems: Windows Privilege Escalation

    • Privilege Escalation on Windows Systems: Local Privilege Escalation Exploit Suggester

    • What is Persistence?

    • Persistence Module in Meterpreter (Lab)

    • Different ways of maintaining Persistence: Using backdoor

    • Different ways of maintaining Persistence: Using post module

    • Meterpreter for Post-Exploitation: Post module reference

    • Post exploitation Gathering and Managing Modules

    • Assessment for Post Exploitation ( Maintaining Access )

  • 6

    Maintain anonymity and confidentiality

    • Anonymity tools and services: Introduction to Anonymity and confidentiality

    • Configuring proxy chains for anonymity: Using KaliTorify (Lab)

    • Configuring proxy chains for anonymity: Using proxy chain configuration

    • Assessment for maintaining anonymity and confidentiality

  • 7

    Password attacks

    • Introduction to Password Cracking: Password Attacks

    • Introduction to Password Cracking: Password hashes of Windows system

    • Introduction to Password Cracking: Password hashes of Linux system

    • Introduction to Password Cracking: Some password cracking tools

    • Introduction to Password Cracking: Gathering password hashes from victims

    • Offline password cracking using John the Ripper

    • Password Cracking using Ophcrack

    • Online SSH password cracking using Hydra

    • Cracking the password of a Web app: Using Hydra HTTP Login Brute Force

    • Brute force attack using Burp Suite Dynamic Brute Force

    • Passwords while sniffing the traffic: Using Ettercap

    • Unhiding hidden passwords in Google Chrome

    • Cracking Wi-Fi passwords: Introduction

    • Cracking Wi-Fi passwords: Sample documentation

    • Assessment for Password attacks

  • 8

    Cyber malware threats

    • Malware threats: Introduction and types

    • Malware threats: Life cycle of a virus

    • Malware threats: Virus (Lab)

    • Malware threats: Worms

    • Malware threats: Trojans

    • Malware threats Ransomware Lab: Dissecting a Ransomware

    • Malware threats Ransomware Lab: WannaCry Demonstration

    • Malware threats Ransomware Lab: Hidden Tear Open-Source Ransomware

    • Malware threats Ransomware Lab: Hidden Tear Encryption

    • Malware threats Ransomware Lab: Hidden Tear Decryption

    • Malware threats Ransomware Lab: Hidden Tear Analysis (Lab)

    • Malware threats Open-Source Labs: theZoo (Lab)

    • Malware threats: Malware Analysis Tools

      FREE PREVIEW
    • Assessment for Cyber Malware Threats

  • 9

    Social Engineering Attacks

    • Social Engineering Terminologies

    • Tools For Creating Malwares for Phishing

    • Social Engineering Toolkit (SET) for Phishing (x264)

    • Embedding malware in Firefox Add-ons

    • Embedding Malware in PDF Files (x264)

    • Exploit Adobe reader software vulnerability: Social Engineering attack - Lab Document

    • Creating a malicious Office document payload

    • Creating undetectable payloads for Phishing Attacks: FatRat

    • Creating undetectable payloads for Phishing Attacks: Veil

    • Creating undetectable payloads for Phishing Attacks: Veil detection in VirusTotal

    • Android mobile platform attack using phishing

    • Sending fake emails and other online services for phishing

    • Steganography for hiding a malicious payload: Introduction

    • Steganography for hiding a malicious payload: Lab

    • Assessment for Social Engineering Attacks

  • 10

    WireShark for Offensive Security

    • WireShark usage and its advantages in offensive security

    • ARP Cache Poisoning using Ettercap detection

    • SSL decryption

    • Traffic analysis for confirming successful attack: Brute Force Attack Analysis

    • Traffic analysis for confirming successful attack: SYN Flood DDoS

    • Assessment for WireShark for Offensive Security

  • 11

    Important Remedies and Protections

  • 12

    Web Application Penetration Testing

    • Approaching Web App Pen Testing Engagement and configuring Burp Suite

    • Command Injection Attacks

    • File Inclusion Attacks

    • File Upload Attacks

    • Exploiting Broken Authentications

    • Reflected, Stored & DOM-based XSS (Cross Site Scripting) attacks

    • XML Injection

    • Exploiting applications with vulnerable components

    • Assessment for Web Application Penetration Testing

  • 13

    Add-ons

    • Some of the free online resources for practical web application testing

    • What Malicious Hackers do? Basic awareness by Murali

    • VAPT using Open Source Tools

    • How Buffer Overflow Vulnerability is Exploited?

    • Basics of Wireshark tool

    • Dissecting a simple open source Ransomware

    • Cyber kill chain

    • MITRE ATT&CK framework

    • How to kickstart your Cybersecurity Career after this course ?

  • 14

    Scenario Library

    • Scenario 1: Understand the importance of Reconnaissance phase of attack .Crate a blue print of attack using OSINT.

    • Scenario 2: Practice how to find and exploit SQL Injection vulnerability

    • Scenario 3 : Practice how to find and exploit File upload vulnerability

    • Scenario 4: Understanding about GET flood (DOS) attack

    • Scenario 5: Creating Malicious PDF file and understanding it's execution while the defender is on.

    • Scenario 6: Perform a real VAPT for this 2 websites.

    • Scenario 7: Perform a VAPT for the website

    • Scenario 8: Hacking forensic investigation

    • Scenario 9: Malicious traffic analysis

    • Scenario 10: List out and implement top 10 CIS recommendation for drive by compromise attack .

    • Scenario 11: Perform best security practices on your server

Aspirant Ratings

5 star rating

Fun-learn -Ethical Hacking Skills

SURAKSHA DUDDU

Great approach to learn in detail Ethical Hacking skills

Great approach to learn in detail Ethical Hacking skills

Read Less
5 star rating

Good overview of Ethical Hacking

Karthik Girraju

Murali and Piyush are incredible teachers! I learned tons and I had a lot of fun going through it. Each section was explained very well with examples and det...

Read More

Murali and Piyush are incredible teachers! I learned tons and I had a lot of fun going through it. Each section was explained very well with examples and detailed the methodology used in Cybersecurity. I would recommend this course to anyone entering Cybersecurity for the first time. Thank you.

Read Less
5 star rating

Great assimilation of Red Teaming fundamentals!

Sudhanshu Kumar

5 star rating

Red Teaming.

Eakam veer

Simple language covers practically every topic with a detailed explanation, watching this course is a good starting to understand and start a carrier in red ...

Read More

Simple language covers practically every topic with a detailed explanation, watching this course is a good starting to understand and start a carrier in red teaming and penetration testing.

Read Less
5 star rating

Good description

Gauri Lande

Really useful ...

Really useful ...

Read Less

Meet Your Instructor

Principal Consultant

Murali M

Murali is a certified Ethical Hacking Professional with 5+ years of experience teaching multiple subjects related to Red Teaming and Penetration Testing.

He is not only a CCSA, CCSE, CCSBA, CCSVA, CEH, CNSS, CHFI, and CCSM certified professional, but has also been certified in Web Application Scanning and Vulnerability Management from Qualys, Inc.

Subscribe to our Newsletter

Add your email to the mailing list to get the latest updates.

Skill-up to Stay Ahead

Brush-up your Cybersecurity knowledge and skills to stay relevant and ahead of Hackers.