IT Security & Ethical Hacking Professional

IT Security & Ethical Hacking Professional

A Professional Ethical Hacker is a skilled and trained professional who understands and knows how to look for weaknesses and vulnerabilities in a system. Then they use their knowledge and tools to act as a malicious hacker. But all these happen in a lawful and legitimate manner to assess the security posture of a system(s). The ethical hacking individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. PeopleNTech provides the best Ethical Hacking Training in Dhaka.

Ethical Hacking Training in Dhaka, Bangladesh

The Purpose of the Ethical Hacking Training in Dhaka is to: 

●     Establish and govern minimum standards of a system

●     Inform the authority that credentialed individuals meet or exceed the minimum standards

.●     Establish ethical hacking as a unique and self-regulating profession.

What is an Ethical Hacker

To beat a hacker, you need to think like a hacker too! Ethical Hacking is often referred to as determining if vulnerabilities exist and undertaking preventive, corrective, and protective countermeasures or notifying the authority.

Professional Training Target Audience: 

The Professional Ethical Hacker training program from the course will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure & system.

Course Module: 

Ethical Hacking Training in Dhaka covers all the skills needed to work as a professional or freelance ethical hacker. The working opportunity is immense here. Because most national companies are not even aware of the risk of being hacked, they often lose their website and sometimes pay ransom to recover that. After completing the course, you can work as Professional Ethical Hacker.

●     Introduction to Cyber Security & Ethical Hacking

●     Facebook Security Techniques

●     Gmail Security Techniques

●     Social Engineering Manipulation

●     Google Hacking

●     Introduction to Kali Linux and Hacking Tools

●     Information Gathering, Footprinting, and Reconnaissance

●     Data Hiding and Forensic Techniques

●     Scanning and Enumeration Techniques

●     All Kinds of Malware Threats Analysis

●     Dos & DDoS Attack

●     Web Application Hacking & SQL Injection

●     Wireless, Mobile Device Hacking, and Securit

●     Introduction to Cloud Computing Cloud Security

●     Intrusion Detection & Prevention Systems, Firewall

●     Cryptography

Module 1: Information security basics & Lab preparation

Information security basics

  • Understanding ethical hacking concepts
  • Concept of policy, procedure and awareness

Lab preparation

  • Installing Kali linux as attacker machine
  • Installing metasploitable as victim machine

Module 2: Footprinting, Reconnaissance, Scanning & Enumeration

Footprinting & Reconnaissance

  • Understanding footprinting concept
  • Footprint using advance google hacking techniques
  • Footprinting uisng recon-ng

Scanning & Enumeration

  • Scanning techniques using nmap
  • Enumeration using Nmap Scripting Engine (NSE)

Module 3: Vulnerability Assessment

Vulnerability Assessment

  • Vulnerability Assessment using ZAP
  • Analyzing ZAP Result
  • Vulnerability Assessment using Nikto
  • Analyzing Nikto Result

Module 4: Gaining AccessModule

Gaining Access – Server-Side Attack

  • Basic enumeration and exploitation
  • Hacking remote server using basic Metasploit Exploit
  • Hacking remote server using code execution vulnerabilities
  • VNC/IRCd exploitation to hack into remote server
  • Exploiting Samba Vulenrability to hack remote server

Gaining Access – Client-Side Attack

  • Generating undetectable backdoor using VEIL framework
  • Listening for incoming connections
  • Basic delivery method to test and hack windows

Gaining Access – client-side attack – Social Engineering

  •  Backdooring any file types (images/pdfs etc)
  • Compiling and changing trojan’s icon
  • Spoofing .exe extension to any extension (pdf/jpg etc)

Module 5: Post exploitation

Post exploitation

  • Maintaining access – basic method
  • Maintaining access – using reliable and undetectable method

Exam - 1

  • Putting knowledge all together to Hack a real life like Machine

Module 6: Website Hacking

Website hacking – Reconnaissance

  • Shodan for recon
  • DNS Enumeration
  • CMS Identification
  • Fuzzing – Introduction/Importance
  • Fuzzing – process, for sensitive files
  • Fuzzing – use of Wfuzz, FFUF
  • Github Recon – Manual & Automated way
  • Advance Subdomain Recon (https://www.youtube.com/watch?v=9mSLSC7aUcY)

Website hacking – SQL Injection

  • What is SQL injection
  • UNION based attack
  • Reading database information, login bypass
  • Blind SQL injection attack

Website hacking – XSS

  • Introduction to Burpsuite – configuring with firefox
  • Introduction to Burpsuite – Reaper, Intruder
  • Background concept of XSS
  • Manual building XSS vector
  • Basic XSS on Lab
  • Hunting XSS using Burpsuite
  • Advance method for hunting XSS-1
  • Advance method for hunting XSS-2

Website hacking – Authentication

  • Username enumeration using different responses/processes
  • 2FA simple bypass
  • 2FA brute forcing
  • 2 FA broken logic
  • Password reset poisoning/broken logic
  • Password brute forcing via password change

Website hacking – Server-Side Request Forgery (SSRF)

  • Basic SSRF
  • SSRF with blacklisted/whitelisted input filter
  • SSRF filter bypass

Website hacking - Directory Traversal   

  • File path traversal/absolute path bypass/URL encode/null byte bypass

Website hacking - Information Disclosure

  • Information disclosure in error message/debug page/backup files

Website hacking – Cross Site Request Forgery (CSRF)

Website hacking - Cross Origin Resource Sharing (CORS)

Website hacking – HTTP Host Header Attack

Website hacking – Server-Side template Injection


Module 7: Network hacking

Network hacking – Pre-connection attack - WPA/WPA2 cracking

  • Hacking WPA/WPA2 without wordlist
  • Cracking WPA/WPA2 using wordlist attack

Network hacking – Post connection attack – MITM attack

  • ARP poisoning using Kali
  • Bettercap basics and sniffing
  • Bypassing HTTPS
  • Bypassing HSTS
  • Wireshark basics
  • Stealing password using Wireshark


Module 8: Hack a real life like machine

Exam – 2

  • Hack a real life like machine