Learning Resources


  • Ethical Hacking evolution and hacktivism
  • Need and technical terms
  • Skills needed and stages of hacking
  • Moral direction and hacker ethics principles
  • Security grey areas
  • Cyberlaws (IT Act, etc.)
  • Maintain anonymity
  • Goal setting and target system identification
  • Structuring, executing and reporting penetration test
  • Evolution and data encryption methods
  • Symmetric and Asymmetric key Cryptography
  • Private and public key exchange
  • Secret key cryptography
  • Message Authentication and Hash functions
  • Digital Signatures and public key infrastructure
  • Information gathering
  • DNS, whois and ARIN records
  • Using traceroute, e-mail and web spider tracing
Social Engineering
  • Concepts
  • Attack types (phishing, identity theft, URL obfuscation)
  • Social network and call center social engineering
Physical Security
  • Basics and need
  • Techniques employed (dumpster driving, smoking doors, etc.)
Network Scanning and Enumeration
  • Scanning techniques (TCP scanning, ping sweep, OS fingerprinting, etc.)
  • Scanners and analyzers like Nmap, backtrack Linux, metasploit, etc.
  • HTTP tunneling and IP spoofing
  • Enumerating null sessions and SNMP enumeration
Network Attacks
  • TCP/IP packet formats and ports
  • Router, switch and firewall vulnerability and security
  • DoS, DDoS, session hijacking
Wireless Networks
  • WEP, WPA authentication and WLAN discovery
  • Attack techniques like MAC spoofing, DoS, etc.
  • WLAN countermeasures
System Hacking
  • Password relevance, types and vulnerabilities
  • Spyware, root kit and steganography
  • Trojans, worms, backdoors and sniffers
Windows Hacking
  • Windows vulnerabilities
  • Null sessions, sharing, patches and NetBIOS
  • Windows memory protection, SEH and OllyDbg
Linux Hacking
  • Services and rhosts files
  • NFS and buffer overflow
  • Kernel patching
Web Hacking
  • SSH, FTP, telnet and E-mail attacks, and cache poisoning
  • Web server misconfiguration and password cracking
  • XSS, CSRF, SQL injection and man in middle attack
  • VoIP attacks like eavesdropping, DoS, etc.
Emerging Trends
  • Cloud security
  • Mobile security

Apply for Certification