Course Overview

Cyber Security & Ethical Hacking:

Module 1: Foundational Technologies: Networking & Linux Basics

This module establishes the essential technical groundwork required for ethical hacking. Learners will gain a deep understanding of core Computer Networking concepts, including the TCP/IP model, protocols (ARP, DNS, DHCP), IP addressing (IPv4/IPv6), and network services, as attacks fundamentally target network communication. Simultaneously, proficiency in Linux is developed, focusing on the command-line interface (CLI), file system structure, permissions, package management, and essential bash scripting. The secure setup of a hacking lab using virtualization (e.g., Kali Linux in VirtualBox/VMware) will be covered, ensuring a safe and controlled environment for subsequent offensive security practice.

Module 2: Overview of Cyber Attacks and Threat Landscape

This module provides a comprehensive overview of the current threat landscape, defining the various types of malicious activities encountered by security professionals. Key categories of attacks are examined, including Malware (Viruses, Ransomware, Trojans), Phishing and other Social Engineering tactics, Denial-of-Service (DoS/DDoS) attacks designed to disrupt availability, and Man-in-the-Middle (MITM) attacks that compromise data integrity during transmission. The module uses real-world examples to illustrate the lifecycle of an attack, from reconnaissance to exploitation and post-exploitation objectives, preparing students to think like an adversary.

Module 3: Web Application Security: The OWASP Top 10

This critical module focuses specifically on Web Application Security by deep-diving into the OWASP Top 10 list (Open Web Application Security Project). This list represents the most critical security risks facing web applications globally. Learners will study the nature, impact, and prevention of core categories such as Broken Access Control, various forms of Injection (e.g., SQL Injection, XSS), Cryptographic Failures, and Security Misconfiguration. The goal is not only to identify these vulnerabilities but also to understand the secure coding practices and architectural changes required for their effective remediation.

Module 4: Practical Hacking Tools and Vulnerability Scanning

This hands-on module introduces the professional toolkit of an ethical hacker, centered around the Kali Linux distribution. Students will gain practical expertise with essential open-source tools categorized by the phases of a penetration test. Key tools include Nmap (Network Mapper) for network discovery and port scanning, Metasploit Framework for exploitation, Wireshark for packet analysis, and Burp Suite for intercepting and testing web application traffic. The module concludes with structured Vulnerability Scanning, where automated tools are used to identify and classify known security weaknesses in target systems.

Module 5: Security Reporting and Mitigation Project

The final module shifts focus from technical execution to professional delivery. The learner’s capstone is the creation of a comprehensive Security Report, which is the primary deliverable for penetration testing and vulnerability assessment engagements. This project requires synthesizing the technical findings from the previous module’s scans. The report must include a non-technical Executive Summary, a detailed list of identified vulnerabilities categorized by severity (e.g., using CVSS scoring), concrete Proof-of-Concept steps for reproduction, and, most critically, prioritized, practical Mitigation Recommendations for the client to implement. This module ensures the ability to effectively communicate technical risk and value to stakeholders.