For direct assistance contact us! +91-9999508202 [email protected]

certcube Associate pentester v2.0

Certcube Associate pentester is a real-world training program for beginners Who wants to join the Cybersecurity domain. Cybersecurity is a multi-layered domain, For beginners, it’s very much difficult to choose the right area of cybersecurity as per their interest. To solve this issue we have focused on every single state of this domain which is required to start learning about a field.

Many of the high-profile businesses need Infosec professionals to scale up the business and defending information technology. Some of the top fortune 500 Companies like Apple, Google, and others are hiring certified ethical hackers to pentest their security measures to help them find loopholes and to make their products more trustworthy. They often offer many funds to anyone who can find a weakness.

The candidate will start learning with the layer blended approach like the Starting from the basics of networking, Cybersecurity standards, and global frameworks to understand the working flaw of the cybersecurity team. Also, we have focused on different areas Like Internal Network & External Network Security, Web application critical threats, Mobile Application Security, Cloud Risk  & AUDIT and SOC to detect the anomalies the infrastructure.

We will start by building up your basics and take your skills to an intermediate level with this real-world focused approach. Many Case Studies and use- cases will be coverup as per the specific domain in the curriculum.

certcube Associate Pentester v2.0 1

REAL LIFE CASE STUDIES

INSTRUCTOR-LED SESSIONS

INDUSTRY DRIVEN CERTIFICATION

DAILY ASSIGNMENTS

STUDENT LEARNING KIT

syllabus

syllabus

certcube Associate Pentester v2.0 2
module 1 : Fundamentals of cyber securtity
  • What is Information Security?
  • Role of Information Security in Today’s Era
  • The ‘AIC’ Triad
  • The ‘AAA’
  • The DIKW model
  • What is Hacking?
  • Types of cybersecurity teams
  • Assessment Phases
    • Reconnaissance
    • Scanning
    • Gaining Access
    • Maintaining Access
    • Clearing Tracks
  • RoE and Scope of the project Concepts
    • Scope and Limitations of Pentester
    • Skills measurement of certified professionals
  • Understanding
    • RISK
    • THREAT
    • Vulnerability
    • Exploit
    • Zero-Day
  • Vulnerability Assessment
    • What is VA?
    • Types of VA
    • Vulnerability Scoring Systems
      • Common Vulnerability Scoring System (CVSS)
      • Common Vulnerabilities and Exposures (CVE)
      • National Vulnerability Database (NVD)
    • VA Reports & Analysis of Reports
  • Penetration Testing
    • Why Penetration Testing
    • Types of Penetration Testing
    • Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
  • Concept of Red Teaming/Blue Teaming
    • Identity and Access Management (IAM)
    • Data Leakage
    • Data Backup
    • Data Recovery
    • Role of AI/ML in Cyber Security
  • Information Security Policies
  • Information Security Laws & Standards
  • Subnetting and NAT networks
  • TCP/IP based stack models
  • Hands-on lab – Windows OS basics and CLI usage
  • Hands-on lab – Pentesting box customization and command kung-fu
certcube Associate Pentester v2.0 3
module 2 : Social Engineering and Attack Mapping
  • Social Engineering
    • Techniques in Social Engineering
      • Eavesdropping
      • Shoulder Surfing
      • Dumpster Diving
      • Reverse Social Engineering
      • Piggybacking
      • Tailgating
      • Vishing
      • Phishing
      • Smishing
      • Whaling
    • Hands-on lab – Social Engineering Toolkit and Gophish customizations
    • Hands-on lab – Phishing User Credentials using Kingphisher Framework
    • Hans on lab – Spear phishing assessment scenarios
  • Reconnaissance
    • What is Reconnaissance?
      • Concept of Footprinting
      • Footprinting Goal
      • Ways to Footprint
        • Google Dorks
        • Google Hacking Database
        • SHODAN
        • Gathering Information via People Services
        • Gathering Information via Job Sites
        • Gathering Information via Financial Services, e.g. Google Finances
        • Gathering Information via Alerts, e.g., Google Alerts
        • Gathering Information via blogs & other public websites
        • Gathering Information via Social Media Platforms
        • Website Footprinting
        • Email Footprinting
        • Competitive Intelligence
        • WHOIS Footprinting
        • DNS Footprinting
        • Network Footprinting
      • Hands-on Lab – OSINT Framework
      • Hands-on Lab – Recon-ng
certcube Associate Pentester v2.0 4
module 3 : eNUMRATION AND sCANNING METHODS
  • Enumerating various enterprise TCP and UDP services
  • Network packet sniffing & customization with Scapy
  • Wireshark
  • NMAP
  • Different Scanning Techniques in NMAP
  • Advance NMAP
  • Port Scanning Countermeasures
  • Hands on lab – Enumeration and Scanning of various services

 

certcube Associate Pentester v2.0 5
module 4 : METASPLOIT & VA TOOLS
  • Hands on lab – VA Tools
    • Qualys Vulnerability Management
    • Nessus Professional
    • Nikto
    • OpenVAS
    • Retina CS
    • Microsoft Baseline Security Analyzer (MBSA)
    • AVDS – Automated Vulnerability Detection System
  • Exploitation & Post-Exploitation Concepts
    • Metasploit Exploit Framework
    • Shellcode generation
  • Hands on labs – Assessments of various Lab machines

 

certcube Associate Pentester v2.0 6
module 5 : Wireless Security
  • Attacking 802.11 based Networks
  • Attacking Open Wireless Network
  • De-authenticating users
  • Module SSID – Security through Obscurity
  • Defeating MAC Filtering
  • Hands on lab – Wi-Fi phishing
  • Concept of IVs
  • Hands-on lab – WPA/WPA2 Cracking
  • Understanding PSK, TKIP, EAP, PEAP
  • Hands-on lab – EvilTwin Attack

 

Stars review
module 6 : WEB APPLICATION & WEB SERVER SECURITY.
  • Global Standards/Frameworks
    • CWE
    • WASC
    • NIST
    • OWASP
  • Hands-on Lab – Command & code injection
  • Hands-on Lab – LFI and RFI attacks
  • Hands-on Lab – SQL Injection attacks
  • Hands-on lab – Web Application Scanners
    • Netsparker
    • Nessus
    • Acunetix
    • Qualsguard
  • Open source Tools and Testing Methodologies
    • Sqlmap
    • OWASP OWTF
    • OWASP ZAP
    • Dirbuster
Mobile Cable Attacks
module 7 : MOBILE SECURITY
  • Introduction to android
    • Android Architecture
    • Command Loopholes in Apps
    • Challenges of Android Security
    • Threat vs Opportunity
  • Mobile Top 10 Attacks
  • Hands-on lab – Exercises with custom android pentesting OS
  • Countermeasures
    • How to Defend Against Android Hacking
    • Guidelines for Secure Android App development
Cloud Hacking
module 8 : CLOUD SECURITY
  • Introduction to Cloud Computing
    • Cloud Deployment Models
    • NIST Cloud Deployment Reference Architecture
    • Cloud Computing Benefits
    • Separation of Responsibilities in Cloud
  • Hands-on lab – Cloud Security Tools
  • Cloud Penetration Testing
    • What is Cloud Pen Testing?
    • Key Considerations for Pen Testing in the Cloud
    • Recommendations for Cloud Testing
certified network security professional
module 9 : SOC & event management
  • Introduction to SOC
    • SIEM basics
    • Logs and correlation
  • Splunk Fundamentals
  • Hands on lab – Splunk Deployment
    • Network Monitoring
    • enterprise event management
  • Final Overall labs Assessment workshop
    • Day 1
    • Day 2
who should attend this training?
  • Certified Ethical hackers
  • System Administrators
  • Network Administrators
  • Web admins
  • System Auditors
  • Security Professionals
what is duration of this training

The duration of windows security and administration is 50 hours.

How many days classes with be organized in a week ?

The instructor-led sessions are based on 3 days a week with 2 hours of duration. 

Weekend Sessions are also available for working professionals.

Can i take a demo before the training ??

yes, you can take a free demo and complimentary assistance for your career with our specialist trainers.

Any prerequisite for Windows security and active automation training ?

The person should familiar with basic windows administration and implmenetation  

How to register for this training ?

Please drop your inquiry at [email protected]  or call +919999508202 for more assistance .

Can i take training in fast-track mode ?

Yes, we have 7 days of sessions for fast track mode learners. 

For more info about Certcube

Associate pentester

connect with us 

2 + 6 =

Whats Next ? 

IF you want to upgrade your skills after certified ethical hacker then please Checkout the advanced training modules .

Our clients

Testimonials

Today I’ve completed my one 2 one online training by Mr Naresh sir from Certcube Labs .
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
Satyam Singh

BCA, Delhi University

Best place to learn. It helps to build confidence, professionalism and helped me a lot to learn about corporate. They helped me a lot to clear my fundamentals and each domain and would like to learn and enrolled for more programs now. I took admission in their CCEH Program. Now next target is CISP

Amandeep

Btech, Delhi University

together Let’s Create the future

                                                                  Top 10 certified ethical hacker training institute in Delhi for online & Classroom training .

 

 

9 + 5 =