Select Page
77 / 100

certcube Associate pentester v2.0

Certcube Associate pentester is a real-world training program for beginners Who wants to join the Cybersecurity domain. Cybersecurity is a multi-layered domain, For beginners, it’s very much difficult to choose the right area of cybersecurity as per their interest. To solve this issue we have focused on every single state of this domain which is required to start learning about a field.

Many of the high-profile businesses need Infosec professionals to scale up the business and defending information technology. Some of the top fortune 500 Companies like Apple, Google, and others are hiring certified ethical hackers to pentest their security measures to help them find loopholes and to make their products more trustworthy. They often offer many funds to anyone who can find a weakness.

The candidate will start learning with the layer blended approach like the Starting from the basics of networking, Cybersecurity standards, and global frameworks to understand the working flaw of the cybersecurity team. Also, we have focused on different areas Like Internal Network & External Network Security, Web application security threats, Mobile Application Security, IoT Devices exploitation & defense, Cloud Risk  & AUDIT, overall protection mechanism of websites, and data hosted over Cloud, SOC to understand the different areas.

We will start by building up your basics and take your skills to an intermediate level with this real-world focused approach. Many Case Studies and use- cases will be coverup as per the specific domain in the curriculum.

certcube Associate Pentester v2.0 1

REAL LIFE CASE STUDIES

INSTRUCTOR-LED SESSIONS

INDUSTRY DRIVEN CERTIFICATION

DAILY ASSIGNMENTS

STUDENT LEARNING KIT

syllabus

syllabus

certcube Associate Pentester v2.0 2
module 1 : Fundamentals of cyber securtity
  • What is Information Security?
  • Role of Information Security in Today’s Era
  • The ‘AIC’ Triad
  • The ‘AAA’
  • The DIKW model
  • What is Hacking?
  • Types of cybersecurity teams
  • Assessment Phases
    • Reconnaissance
    • Scanning
    • Gaining Access
    • Maintaining Access
    • Clearing Tracks
  • RoE and Scope of the project Concepts
    • Scope and Limitations of Pentester
    • Skills measurement of certified professionals
  • Understanding
    • RISK
    • THREAT
    • Vulnerability
    • Exploit
    • Zero-Day
  • Vulnerability Assessment
    • What is VA?
    • Types of VA
    • Vulnerability Scoring Systems
      • Common Vulnerability Scoring System (CVSS)
      • Common Vulnerabilities and Exposures (CVE)
      • National Vulnerability Database (NVD)
    • VA Reports & Analysis of Reports
  • Penetration Testing
    • Why Penetration Testing
    • Types of Penetration Testing
    • Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
  • Concept of Red Teaming/Blue Teaming
    • Identity and Access Management (IAM)
    • Data Leakage
    • Data Backup
    • Data Recovery
    • Role of AI/ML in Cyber Security
  • Information Security Policies
  • Information Security Laws & Standards
  • Subnetting and NAT networks
  • TCP/IP based stack models
  • Hands-on lab – Windows OS basics and CLI usage
  • Hands-on lab – Pentesting box customization and command kung-fu
certcube Associate Pentester v2.0 3
module 2 : Social Engineering and Attack Mapping
  • Social Engineering
    • Techniques in Social Engineering
      • Eavesdropping
      • Shoulder Surfing
      • Dumpster Diving
      • Reverse Social Engineering
      • Piggybacking
      • Tailgating
      • Vishing
      • Phishing
      • Smishing
      • Whaling
    • Hands-on lab – Social Engineering Toolkit and Gophish customizations
    • Hands-on lab – Phishing User Credentials using Kingphisher Framework
    • Hans on lab – Spear phishing assessment scenarios
  • Reconnaissance
    • What is Reconnaissance?
      • Concept of Footprinting
      • Footprinting Goal
      • Ways to Footprint
        • Google Dorks
        • Google Hacking Database
        • SHODAN
        • Gathering Information via People Services
        • Gathering Information via Job Sites
        • Gathering Information via Financial Services, e.g. Google Finances
        • Gathering Information via Alerts, e.g., Google Alerts
        • Gathering Information via blogs & other public websites
        • Gathering Information via Social Media Platforms
        • Website Footprinting
        • Email Footprinting
        • Competitive Intelligence
        • WHOIS Footprinting
        • DNS Footprinting
        • Network Footprinting
      • Hands-on Lab – OSINT Framework
      • Hands-on Lab – Recon-ng
certcube Associate Pentester v2.0 4
module 3 : eNUMRATION AND sCANNING METHODS
  • Enumerating various enterprise TCP and UDP services
  • Network packet sniffing & customization with Scapy
  • Wireshark
  • NMAP
  • Different Scanning Techniques in NMAP
  • Advance NMAP
  • Port Scanning Countermeasures
  • Hands on lab – Enumeration and Scanning of various services

 

certcube Associate Pentester v2.0 5
module 4 : METASPLOIT & VA TOOLS
  • Hands on lab – VA Tools
    • Qualys Vulnerability Management
    • Nessus Professional
    • Nikto
    • OpenVAS
    • Retina CS
    • Microsoft Baseline Security Analyzer (MBSA)
    • AVDS – Automated Vulnerability Detection System
  • Exploitation & Post-Exploitation Concepts
    • Metasploit Exploit Framework
    • Shellcode generation
  • Hands on labs – Assessments of various Lab machines

 

certcube Associate Pentester v2.0 6
module 5 : Wireless Security
  • Attacking 802.11 based Networks
  • Attacking Open Wireless Network
  • De-authenticating users
  • Module SSID – Security through Obscurity
  • Defeating MAC Filtering
  • Hands on lab – Wi-Fi phishing
  • Concept of IVs
  • Hands-on lab – WPA/WPA2 Cracking
  • Understanding PSK, TKIP, EAP, PEAP
  • Hands-on lab – EvilTwin Attack

 

Stars review
module 6 : WEB APPLICATION & WEB SERVER SECURITY.
  • Global Standards/Frameworks
    • CWE
    • WASC
    • NIST
    • OWASP
  • Hands-on Lab – Command & code injection
  • Hands-on Lab – LFI and RFI attacks
  • Hands-on Lab – SQL Injection attacks
  • Hands-on lab – Web Application Scanners
    • Netsparker
    • Nessus
    • Acunetix
    • Qualsguard
  • Open source Tools and Testing Methodologies
    • Sqlmap
    • OWASP OWTF
    • OWASP ZAP
    • Dirbuster
Mobile Cable Attacks
module 7 : MOBILE SECURITY
  • Introduction to android
    • Android Architecture
    • Command Loopholes in Apps
    • Challenges of Android Security
    • Threat vs Opportunity
  • Mobile Top 10 Attacks
  • Hands-on lab – Exercises with custom android pentesting OS
  • Countermeasures
    • How to Defend Against Android Hacking
    • Guidelines for Secure Android App development
certcube Associate Pentester v2.0 7
module 8 :CRYPTOGRAPHY, STEGANOGRAPHY & MALWARE
  • Cryptography
    • Types of Cryptography
    • Encryption Algorithms
      • AES
      • RSA
    • Hashing Algorithms
      • MD5
      • SHA
    • Cryptography Tools
      • MD5 Hash Calculators
      • Advanced Encryption Package 2017
      • BCTextEncoder
    • Disk Encryption
      • Disk Encryption Tools
        • VeraCrypt
        • Symantec Drive Encryption
      • Steganography
        • What is Steganography?
          • Classification of Steganography
            • Whitespace Steganography
            • Image Steganography
            • Document Steganography
            • Video Steganography
            • Audio Steganography
            • Folder Steganography
            • Spam/Email Steganography
          • Steganalysis
            • Steganalysis Methods/Attacks on Steganography
            • Detecting Steganography (Text, Image, Audio, and Video Files
            • Steganography Detection Tools
        • Malware Threats
          • Introduction to Malware
          • Common Techniques Attackers Use to Distribute Malware on the Web
          • Trojan Concepts
            • What is a Trojan?
            • Common Ports used by Trojans
            • How to Infect Systems Using a Trojan
            • Hand on lab – Evading Anti-Virus Techniques
            • Types of Trojans
          • Virus and Worm Concepts
            • Introduction to Viruses
            • How does a Computer Get Infected by Viruses?
            • Virus Hoaxes
            • Fake Antiviruses
            • Types of Viruses
            • Ransomware
        • Malware Analysis
          • Introduction to Malware Analysis
          • Malware Analysis Procedure: Preparing Testbed
          • Hands-on lab – Analyzing malware labs exercises
          • Countermeasures

.

Hardware hack
module 9 : IOT fUNDAMENTALS & SECURITY
  • Introduction to IoT
    • IoT Architecture
    • Industrial IIoT
    • IoT Technologies and Protocols
    • IoT Communication Models
    • Challenges of IoT
    • Threat vs Opportunity
    • IoT Attacks
  • IoT Pen testing Methodology
  • Hands-on lab – IoT Pentesting with custom pentesting OS
  • Countermeasures
    • How to Defend Against IoT Hacking
    • General Guidelines for IoT Device Manufacturing Companie

 

Cloud Hacking
module 10 : CLOUD SECURITY
  • Introduction to Cloud Computing
    • Cloud Deployment Models
    • NIST Cloud Deployment Reference Architecture
    • Cloud Computing Benefits
    • Separation of Responsibilities in Cloud
  • Hands-on lab – Cloud Security Tools
  • Cloud Penetration Testing
    • What is Cloud Pen Testing?
    • Key Considerations for Pen Testing in the Cloud
    • Recommendations for Cloud Testing
certified network security professional
module 11 : SOC & event management
  • Introduction to SOC
    • SIEM basics
    • Logs and correlation
  • Splunk Fundamentals
  • Hands on lab – Splunk Deployment
    • Network Monitoring
    • enterprise event management
  • Final Overall labs Assessment workshop
    • Day 1
    • Day 2
who should attend this training?
  • Freshers

  • Certified Ethical hackers

  • System Administrators

  • Network Administrators

  • Engineers

  • Web admins

  • Auditors

  • Security Professionals

why should i take this training?

The era of the technology is now growing every day but due to dependency on the technology cyber frauds and attacks are also increased so to take defense for yourself and your business this is best suitable training to take entry in this domain.

what is duration of this training

The duration of certcube associate pentester training is 50 hours.

How many days classes with be organized in a week ?

The instructor-led sessions are based on 3 days a week with 2 hours of duration. 

Weekend Sessions are also available for working professionals.

Can i take a demo before the training ??

yes, you can take a free demo and complimentary assistance for your career with our specialist trainers.

Any prerequisite for certcube associate pentester training ?

The person should familiar with basic computer operations 

How to register for this training ?

Please drop your inquiry at [email protected]  or call +919999508202 for more assistance .

Can i take training in fast-track mode ?

Yes, we have 7 days of sessions for fast track mode learners. 

For more info about Certcube

Associate pentester

connect with us 

12 + 6 =

Whats Next ? 

IF you want to upgrade your skills after certified ethical hacker then please Checkout the advanced training modules .

Our clients

Testimonials

Today I’ve completed my one 2 one online training by Mr Naresh sir from Certcube Labs .
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
Satyam Singh

BCA, Delhi University

Best place to learn. It helps to build confidence, professionalism and helped me a lot to learn about corporate. They helped me a lot to clear my fundamentals and each domain and would like to learn and enrolled for more programs now. I took admission in their CCEH Program. Now next target is CISP

Amandeep

Btech, Delhi University

together Let’s Create the future

                                                                  Top 10 certified ethical hacker training institute in Delhi for online & Classroom training .

 

 

9 + 15 =