MASTER CERTIFICATE IN CYBER SECURITY (RED TEAM) · format, whether to include a personal photo, and...

Introduction to Cyber

• Introduction to Cyber Security

• Hacker’s State of Mind

2 Hours

01 - Online Red Team Preparation

Infrastructure Fundamentals

• Computer Hardware

• Operating Systems

3 Hours

Virtualization Fundamentals

• Virtualization

• Creation of Virtual Machines

• Configuration of Virtual Environments

5 Hours

Networking Services

• Introduction to Networking

• Internal IP vs External IP & MAC Addresses

• Common Services: DHCP, DNS

• ARP Explanation & Exploitation

5 Hours

Network Security

• OSI & TCP/IP

• Wireshark Fundamentals

• Analyzing Unencrypted Website Communication

4 Hours

1 Hours

Linux Fundamentals

• Linux Distros & History

• Debian vs RedHat

• Basic Commands

5 Hours

Test Preparation

• Exam Breakdown & Review

• Review Questions

Powered by

- Total Teaching Hours: 600 Hours

MASTER CERTIFICATE IN CYBER SECURITY (RED TEAM)MCCS

20 Hours

02 - Linux Administration 25 Hours

5 Hours

3 Hours

7 Hours

4 Hours

1 Hours

Users & Permissions

• File System & File Structure

• Users & Groups

• Permissions

Bash Scripting

• I Bash Scripting

• I I/O Manipulation

• I/O Redirection

Introductory Course Exam

• Exam Breakdown & Review

• Review Questions

Cyber Attack Cycle & Cyber Kill Chain

• Cyber Attack Cycle: Attacker's Perspective

• Cyber Kill Chain: Defender's Perspective

2 Hours

Wireshark

• Packet Analysis

• Network Monitoring

• PCAP File Structure

3 Hours

Networking & Package Groups

• Package Management

• Configuring Network Settings

Linux Services

• Apache2 – Creating a Basic Website

• SSH & Telnet

• FTP

• SMB

02 - Linux Administration 25 Hours

03 - Cyber Fundamentals 15 Hours



Powered by

Connecting Clients to the Forest

• Installation of Additional Clients (Win7/10)

• Adding & Connecting Clients to the Domain

6 Hours

Cryptography & PKI

• Encryption

• Hashing

• Encoding

• PKI

5 Hours

Workgroup vs Domain

• Workgroup vs Domain Environments1 Hours

Server Installation

• GUI vs Core

• Server Roles & Features

3 Hours

Creating a Domain Environment

• Creating a Forest

• Configuring a Domain

• Configuring DNS & DHCP

6 Hours

Managing Active Directories

• Managing Active Directories

• Creating Objects

• Creating Groups

5 Hours

Anonymity on the Web

• I VPN vs Proxies

• Proxy Chains

• Anonymity on the Web

• TOR & DarkNe

5 Hours

03 - Cyber Fundamentals 15 Hours

04 - Windows Server 2016 25 Hours



Powered by

Delegations & Permissions

• Group Permissions

• Access Control

4 Hours

Identifying an Entry Point

• OSINT & Reconnaissance

• Enumeration

• Scanning

• Social Networks

5 Hours

Brute-Force & Password Cracking

• Brute-Force

• Password Cracking

• Dictionary Attacks

5 Hours

Metasploit & Known CVE

• Identifying Vulnerabilities

• Creating Payloads

• Command & Control

• Bind Shell/Reverse Shell

10 Hours

Exploiting Services

• Metasploitable Training5 Hours

WiFi Attacks

• Mail Relay

• Phishing

- Phishing Campaigns

- Site Cloning

5 Hours

Group Policy Objects

• Group Policy Objects5 Hours

04 - Windows Server 2016 25 Hours

05 - Bypassing the Perimeter 40 Hours



Powered by

DDoS

• Denial of Service Attacks

• DDoS vs DoS

• Application vs Volumetric

5 Hours

Local Privilege Escalation

• Windows Local Escalation

• Linux Local Privilege Escalation

10 Hours

Post Exploitation

• Post Exploitation Techniques

• Credential Extraction

• Persistence & Hidden Users

• Covering the Tracks

5 Hours

Linux Remote Escalation

• Automated Tasks

• Bad Path Configuration

5 Hours

Windows Advanced Remote Escalation

• DLL Hijacking

• DLL Injection

• Exploiting Unquoted Services

• Exploiting Group Policy Preferences

10 Hours

Advanced Phishing

• Social Engineering

• SpearPhishing

• SEToolkit

5 Hours



05 - Bypassing the Perimeter 40 Hours

06 - Cross-Platform Elevation of Privileges 40 Hours

Powered by

Architecture Vulnerabilities

• Dirty COW

• Eternal Blue

5 Hours

Organization Enumeration

• Manual Enumeration

• Bloodhound

7 Hours

Cryptography in a Domain

• LM & NTLM

• MS-Cache & DPAPI

• Kerberos Tickets

• John vs Hashcat

10 Hours

Responder & SMB Relay

• Responder

• SMB Relay

5 Hours

Lateral Movement & Cyber Attack Cycle In Depth

• Combining Lateral Movement Methods

• Keeping Track of Owned Stations

3 Hours

Creating Organization

• I Revision of Organization Creation5 Hours

Pivoting

• PsExec & WMIexec

• Pass the Hash & NTLM

• Session Hijacking

5 Hours



06 - Cross-Platform Elevation of Privileges 40 Hours

07 - Advanced Infrastructure 50 Hours

Powered by

PowerShell as a Weapon

• PowerShell–Common Usage

• Offensive PowerShell

5 Hours

Python Intro

• Introduction to Python Syntax

• Variables & Data Types

• String Manipulation

• IDE

5 Hours

Conditions & Loops

• Complex Data Types

• Conditions

• Loops

5 Hours

Obfuscation & AV Evasion

• Bypassing Endpoint Protection

• Obfuscating PowerShell

• Veil & Empire

5 Hours

Tunneling & Persistent Access

• SSH Tunneling

• ICMP Tunneling

• DNS Tunneling

5 Hours

Office Exploitation

• Macro Injection

• Formula Injection

5 Hours



07 - Advanced Infrastructure 50 Hours

08 - Python for Hacking 50 Hours

Powered by

Working with Functions

• Defining Functions

• Importing Modules

5 Hours

Code Handling

• Try & Except

• Error Handling

5 Hours

Sockets

• Client vs Server

• Transferring Data Using Sockets

5 Hours

Web Scraping

• Urllib

• Beautifulsoup

5 Hours

Automation

• Automating MITM

• Parameter Handling

5 Hours

FTP Brute-Force

• Sockets

• Building an FTP Brute-Forcer

5 Hours

Scapy

• Packet Creation

• Packet Manipulation

5 Hours

Final Project

• Build Your Own Tools5 Hours



08 - Python for Hacking 50 Hours

Powered by

Web Server Installation

• Apache Secure Installation

• Apache Secure Configuration

• Handling Information Disclosure

5 Hours

Traffic Manipulation

• Burp Suite

• Fiddler

• Web Application Brute-Force Challenge

5 Hours

Web Cryptography

• HTTP vs HTTPS

• SSL vs TLS

• Cipher Suites

• OpenSSL – CA vs self-signed certificates

5 Hours

Introduction to OWASP Top 10

• Web PT Methodology

• Enumeration Techniques & Common Scanners

5 Hours

Cross-Site-Scripting (XSS)

• Reflected XSS

• Stored XSS

• DOM XSS

5 Hours

Web Fundamentals

• Web Components & Their Jobs – What exactly are Javascript, HTML, and CSS?

• HTML – Markup language hierarchy, element names, attributes, and events.

• The DOM – Using JS to give functionality to and manipulate HTML

• CSS – A set of instructions for the browser to "draw" your page

• My First Website – Develop a functional, nice looking website from scratch

• Browser Debugging

25 Hours



09 - Web Application PT 100 Hours

Powered by

XML Attacks

• XML Usage in Web Applications

• XML Injections

5 Hours

Marinating Databases

• Configuring Databases

• MariaDB

5 Hours

SQL & NOSQL Injection

• Error-Based SQL Injection

• Blind SQL Injection

• Union-Based SQL Injection

• Injection Automation

5 Hours

PHP Vulnerabilities

• PHP Programming

• PHP Vulnerabilities

• Input Filtration

5 Hours

LFI/RFI & Directory Traversal

• LFI

• RFI

• Directory Traversal

5 Hours

File Upload

• File Upload

• Null Byte

• PHP Shells

5 Hours

WordPress Hacking

• WPScan

• WordPress Enumeration

5 Hours




Powered by

Vulnerability Scanners & Assessment

• Nessus

• Qualys

• Writing Reports

5 Hours

Android Introduction

• Introduction to Android & Android Studio

• Android Security Architecture

• Android Permissions

5 Hours

Android Structure

• Android Packages

• Debugging with ADB

• Rooting

• Android Recovery

5 Hours

Android Reversing

• Reversing Android Applications

• Analyzing Android Malwares

• Dex & Smali

• Android Backdoors

10 Hours

Insecure Mechanisms

• Bypassing Authentication

• Bypassing Authorization

5 Hours

Web Hacking Challenges

• Web Hacking Challenges5 Hours




10 - Mobile Application PT 50 Hours

Powered by

Android Traffic Analysis

• Analyzing Android Traffic

• SSL Pinning & Ways to Bypass It

• Introduction to Drozer

Android Lab

• Lab Configuration for APK Analysis

• Android Challenge

10 Hours

5 Hours

iOS Introduction

• Introduction to iOS Security

• iOS Emulators

• iOS Permissions

3 Hours

iOS Exploitation

• Exploiting iOS Applications

• iOS Malware & Backdoors

• Jailbreaking iOS

7 Hours

Threat Hunting

• Methodology

• Objectives

• Terminology

• Tools

5 Hours

Windows Externals

• Threat Intelligence

• Windows Internals: Basics

5 Hours

iOS Lab

• Lab Configuration for iOS Analysis

• iOS Challenge

5 Hours



10 - Mobile Application PT 50 Hours

11 - Threat Hunting & Reverse Engineering 85 Hours

Powered by

Basic Static Analysis

• Strings

• PE Structure

• Static Analysis Tools

5 Hours

Basic Dynamic Analysis

• Setting a Reversing Lab

• Recording Activity

• Cuckoo

7 Hours

Understanding Assembly

• 32-bit Assembly

• Registers

• Assembly Arithmetic

• Memory Structure

15 Hours

IDA Static Reversing

• Working with IDA

• Advanced Static Analysis

• Detecting Code Patterns

13 Hours

Dynamic Analysis

• Dynamic Analysis

• OllyDbg

• ImmunityDBG

• Hardware & Software Breakpoint

12 Hours

Combined Reversing

• Combining Static & Dynamic Analysis

• Reversing Techniques

8 Hours




Powered by

Anti-Reversing & Packing

• Red Pill

• Blue Pill

• Packing

10 Hours

IoT Introduction

• Introduction to IoT

• IoT Attack Surface

5 Hours

Hacking IoT

• IoT Cryptography

• Hacking an IoT

5 Hours

Cloud Computing

• Cloud Computing

• Cloud Security

15 Hours

Docker

• Microservices & Dockers

• Working with Docker Containers

• Exploiting a Docker

10 Hours

DevOps

• DevOps Tool

• DevOps Platforms

• DevOps Misconfigurations

15 Hours

Reversing Challenge

• Reversing Challenge5 Hours




12 - IoT & New Technologies 50 Hours

Powered by

OSCP Preparation

• OSCP Training

• OSCP Labs & Cyber Challenges

Career Services

• Build a LinkedIn Profile – You will learn important tips for building

your personal LinkedIn profile. This will include how to best

structure your profile, which photo is best to use, which relevant

keywords should be added, depending on the field you intend to

enter, and other related tips.

• Custom CV Planning - We will work with you one-on-one to

tailor your CV for the position you want. We'll determine the best

format, whether to include a personal photo, and how to properly

emphasize your strengths and skills when you have minimal

professional experience in the field

• Interview Skill Building - We will teach you practical interviewing

strategies and tips to help you land your next job as a Red

Team Specialist. We will help you identify the keywords and

skills interviewers look for in the Cyber field. We will also help

you pinpoint the skills and experience to emphasize and which

portions of your experience to play down.

40 Hours

10 Hours



13 - OSCP Preparation 40 Hours

14 - Career Services 10 Hours

Powered by

Note: We reserve the right to modify the outline due to factors beyond our control.

We will communicate any changes to participants in a timely manner.

Date post:	27-Oct-2019
Category:	Documents
Upload:	others
View:	3 times
Download:	0 times

MASTER CERTIFICATE IN CYBER SECURITY (RED TEAM) · format, whether to include a personal photo, and...

Documents