For direct assistance contact us! +91-9999508202 [email protected]

Junior pentester

Masterclass

Certcube Junior pentester training is a real-world certification program for beginners Who wants to understand the Cybersecurity ecosystem. Cybersecurity is a multi-layered domain, For beginners, it’s very much difficult to choose the right domain of cybersecurity as per their interest ,to solve this issue we have designed this Junior Pentester training.

Many of the high-profile businesses need Infosec professionals to scale up the business and defending information technology. Some of the top fortune 500 Companies like Apple, Google, and others are hiring certified ethical hackers to pentest their security measures to help them find loopholes and to make their products more trustworthy. They often offer many funds to anyone who can find a weakness.

The candidate will start learning with the layered approach like the training Starts from the basics of networking, Cybersecurity standards, and global frameworks to understand the working flaw of the cybersecurity teams. We have heavily focused on different areas of Pentesting like Internal Network & External Network Security, Web application critical threats, Cloud Computing & attacks and at the end we have added an special defensive security module to understand the attacks and detecting the attacks in real time.

We will start by building up your basics and take your skills to an intermediate level with this real-world focused approach. Many Case Studies and use- cases will be coverup as per the specific domain in the curriculum. 

The end Goal of this training is make individuals comfortable with tools and techniques to perform the Attacks/Defense with an holistic approach.

 

Junior Pentester Masterclass training

REAL LIFE CASE STUDIES

INSTRUCTOR-LED SESSIONS

INDUSTRY DRIVEN CERTIFICATION

DAILY ASSIGNMENTS

STUDENT LEARNING KIT

syllabus

syllabus

Junior Pentester Masterclass Training 1
module 1 : Fundamentals of cyber securtity
  • What is Information Security?
  • Role of Information Security in Today’s Era
  • The ‘AIC’ Triad
  • The ‘AAA’
  • The DIKW model
  • Types of cybersecurity Teams and Responsibilities
  • Corporate VAPT Phases
  • RoE and Scope of the project Concepts
    • Scope and Limitations of Pentester
    • Skills measurement of certified professionals
  • Understanding basic IT security Terminologies
    • RISK
    • THREAT
    • Vulnerability
    • Exploit
    • Payload
    • Zero-Day
  • Vulnerability Assessment
    • What is VA?
    • Types of VA
    • Vulnerability Scoring Systems
      • Common Vulnerability Scoring System (CVSS)
      • Common Vulnerabilities and Exposures (CVE)
      • National Vulnerability Database (NVD)
      • VA Reports & Analysis of Reports
  • Penetration Testing Terminologies
    • Why Penetration Testing is important ?
    • Types of Penetration Testing in IT security Industry 
    • Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
    • Concept of Red Teaming ,Blue and Purple Teaming
    • Role of AI/ML in Cyber Security
  • Information Security Policies
  • Information Security Laws & Standards
  • Subnetting and NAT networks
  • TCP/IP based stack models
  • Hands-on lab – Windows OS basics and CLI usage
  • Hands-on-lab –  Kali Linux Essentials
  • Hands-on lab – Pentesting Lab Setup
Junior Pentester Masterclass Training 2
module 2 : Social Engineering and OSINT techniques
    • Techniques in Social Engineering
    • Hands-on lab – Social Engineering Toolkit and Gophish customizations
    • Hands on lab – Spear phishing assessment scenarios
  • Reconnaissance and OSINT techniques
    • What is Reconnaissance?
      • Concept of Footprinting
      • Footprinting Goal
      • Ways to Footprint
        • Google Dorks
        • Google Hacking Database
        • SHODAN
        • Gathering Information via People Services
        • Gathering Information via Job Sites
        • Gathering Information via Financial Services, e.g. Google Finances
        • Gathering Information via Alerts, e.g., Google Alerts
        • Gathering Information via blogs & other public websites
        • Gathering Information via Social Media Platforms
        • Website Footprinting
        • Email Footprinting
        • Competitive Intelligence
        • WHOIS Footprinting
        • DNS Footprinting
        • Network Footprinting
      • Hands-on Lab – OSINT Framework
      • Hands-on Lab – Mapping social security of an enterprise.
Junior Pentester Masterclass Training 3
module 3 : eNUMRATION AND sCANNING METHODS
  • Enumerating various enterprise TCP and UDP services
  • Network packet sniffing & customization with Scapy
  • Packet analysis with Wireshark
  • NMAP enumeration basics
  • Different Scanning Techniques in NMAP
  • Advance NMAP Scanning Techniques to evade detections
  • Port Scanning Countermeasures
  • Hands on lab – Enumeration and Scanning of various services in an Lab Environment.

 

Junior Pentester Masterclass Training 4
module 4 : Pentetration Testing
  • Hands-on lab – VA Tools for Network Scanning
    • Qualys Vulnerability Management
    • Nessus Professional
    • GFI-LANGuard
    • OpenVAS
    • Retina CS
  • Exploitation & Post-Exploitation attacks
    • Basics of Command and Control frameworks
    • Metasploit and Covenant for pentesters
    • Shellcode generation for gaining initial access
    • Hands-on lab – Generating the malicious Documents for initial access
    • Hands-on labs – Infrastructure pentesting with Metasploit and Covenant framework

 

Junior Pentester Masterclass Training 5
module 5 : Wireless Security
  • Understanding 802.11 based Networks and Designs
  • Attacking Open Wireless Network
  • Hands on Lab – Wi-Fi phishing
  • Hands-on Lab – WPA/WPA2 Cracking
  • Understanding PSK, TKIP, EAP, PEAP
  • Hands-on Lab – EvilTwin Attack
  • Understating the Bluetooth Low Energy and Protocols
  • Hands-on Lab – BLE attacks

 

Stars review
module 6 : WEB APPLICATION & WEB SERVER SECURITY.
  • Global Standards/Frameworks
    • CWE
    • WASC
    • NIST
    • OWASP
  • Introduction to web fuzzing and fuzzing web technologies
  • Understanding the web proxies and tools 
  • Hands-on Lab – Burpsuite – 101
  • Hands-on lab – Web Application Scanners
    • Netsparker
    • Nessus
    • Acunetix
    • IBM AppSec Scan
  • Open source Tools and Testing Methodologies
    • Sqlmap
    • OWASP OWTF
    • OWASP ZAP
    • Dirbuster
  • Attacking web applications as per OWASP testing guidelines
  • Hands-on Lab – Critical web application attacks 
  • Hands-on Lab – Pentesting CMS frameworks
Cloud Hacking
module 7 : CLOUD Computing and attacks
  • Introduction to Cloud Computing
    • Cloud Deployment Models
    • NIST Cloud Deployment Reference Architecture
    • Cloud Computing Benefits
    • Separation of Responsibilities in Cloud
  • Hands-on Lab – Building Instances and VPC Networks
  • Hands-on lab – Building an cloud pentesting lab
  • Hands-on Lab – Attacking misconfigured storage units
    certified network security professional
    module 8 : Defensive Security Operations
    • Introduction to SOC
      • SIEM basics
      • Logs and correlation
    • Splunk Fundamentals
    • Hands on lab – Splunk Deployment
      • Network Monitoring
      • enterprise event management
    • Final  Attack – Defense workshop
      • Day 1 – Attacking and Investigating Network in Splunk
      • Day 2 – Attacking and Investigating Web in Splunk
    who should attend this training?
    • Absolute Beginners
    • Collage Students
    • Anyone who willing to learn cyber security
    what is duration of this training

    The duration of windows security and administration is 50 hours.

    How many days classes with be organized in a week ?

    The instructor-led sessions are based on 3 days a week with 2 hours of duration. 

    Weekend Sessions are also available for working professionals.

    Can i take a demo before the training ??

    yes, you can take a free demo and complimentary assistance for your career with our specialist trainers.

    Any prerequisite for Windows security and active automation training ?

    The person should familiar with basic windows operations

    How to register for this training ?

    Please drop your inquiry at [email protected]  or call +919999508202 for more assistance .

    Can i take training in fast-track mode ?

    Yes, we have 7 days of sessions for fast track mode learners. 

    Junior pentester 

    masterclass Inquiry  

    4 + 15 =

    Whats Next ? 

    IF you want to upgrade your skills after certified ethical hacker then please Checkout the advanced training modules .

    Our clients

    Testimonials

    Today I’ve completed my one 2 one online training by Mr Naresh sir from Certcube Labs .
    This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
    Satyam Singh

    BCA, Delhi University

    Best place to learn. It helps to build confidence, professionalism and helped me a lot to learn about corporate. They helped me a lot to clear my fundamentals and each domain and would like to learn and enrolled for more programs now. I took admission in their CCEH Program. Now next target is CISP

    Amandeep

    Btech, Delhi University

    together Let’s Create the future 

     

    8 + 13 =