Summer Training Program 2013 CCSE V2.0 Certified Cyber Security Expert Version 2.

TechD Facts
Incorporated in November 2009

Established 5 Branch offices in India & 2 International Branches in 2 years

Trained more than 25000 students, conducted 280 Workshops Including all IITs, NITs & Many colleges across India. Trained Professional from many reputed companies like Yahoo!,Google,ISACA,k7 Antivirus, Elitecore , Indian Oil, Temenos, ZOHO, HCL,TCS Infosys.

Trained Investigation agencies of Gujarat, Maharashtra, Rajasthan, Tamilnadu, West Bengal.

TechD Facts
Trained & Certified 2000 Students & Professionals for CCSE ( Certified Cyber Security Expert) Course. Helped Top Investigating Agencies to Solve Ahmedabad & Mumbai blasts Cyber trails.

Associated for an out reach program with the Major Technical festivals of IIT Bombay, Kanpur, NIT Bhopal, NIT Calicut, Jadavpur University Kolkata, and BITS Pilani Goa for giving authorized certification.

Major VAPT Clients includes Sulekha.com, Cyberoam.

Supported by Ministry of Home Affairs, Malaysia & CMO, Gujarat. Developed our own Crypters, Trojans, RATS for demonstrations.

TechD Facts

Sunny Vaghela (Director & CTO) is recipient of Rajiv Gandhi Young Achievers Award. TechDefence has been awarded as Best Ethical Hacking & Information Security Company by NBC on 1st May12 at Trident Hotel , Mumbai.

TechD Facts

TechDefence has also been awarded as Best Ethical Hacking & Information Security Company of Western India by BIG Research & IBN 7. Nominated for World Education Awards into category of Private Sector Initiative for use of innovative Technology for skilled education

CCSE Contents
Module 1 : Cyber Ethics - Hackers & hacking methodologies Types of hackers Communities of Hackers Malicious Hacker Strategies Steps to conduct Ethical Hacking Hiding your identity while performing attacks

Module 2: Basic Network Terminologies TCP / IP protocols IP addresses Classes of IP addresses NAT Proxies and VPNs SSH and putty

CCSE Contents
Module 3: Information Gathering & Footprinting Whois information Active / Passive information gathering Information gathering using Foot printing methodologies Tools that aid in foot printing Savitabhabhi.com case studies

Module 4: Scanning & Enumeration

Why scanning? Types of scanning Tools to aid in scanning Nmap - The Godfather Banner grabbing

CCSE Contents
Module 5: Trojans, Backdoors How to control victims computer using Trojans Binding Trojans with another file Undetection process of Trojans from Antivirus Removal of Trojans from your computer Analysis of Trojans/Virus

Module 6: Virus & Worms Introduction to viruses How they work? Methods use to hide themselves and replicate themselves Introduction to worms Causes of worms Method used to replicate themselves Role of antivirus product and goat file

CCSE Contents
Module 7: Phishing & its Prevention Making phishing pages How to detect phishing pages Detecting Phishing Crimes

Module 8: System Hacking & Security

Password cracking Privilege escalation Tools to aid in system hacking Understanding rootkits Clearing traces Countermeasures

CCSE Contents
Module 9: Social engineering & Honeypots Introduction Laws of social engineering Types of social engineering Honeypots introduction Types of honeypots Setting up windows / Linux honeypot

Module 10: Bot,Bots & DOS(Denial of Service) Introduction to bots Introduction to botnets and zombies Botnet lifecycle IRC bots Customize your own bot

CCSE Contents
Module 11: Cryptography

Public-key Cryptography Working of Encryption Digital Signature RSA & Example of RSA Algorithm RC4, RC5, RC6, Blowfish Algorithms and Security Tools that aid in Cryptography

Module 12: Google Hacking Understanding how Google works Google basic operators Google advanced operators Automated Google tools How to use Google to find the desired website How Google can aid in searching vulnerable website

CCSE Contents
Module 13: SQL Injection 1
Web Application Overview Web Application Attacks OWASP Top 10 Vulnerabilities Putting Trojans on websites SQL injection attacks Executing Operating System Commands Getting Output of SQL Query Getting Data from the Database Using ODBC Error Message How to Mine all Column Names of a Table How to Retrieve any Data How to Update/Insert Data into Database SQL Injection in Oracle SQL Injection in MySql Database, 20 Hands on Demonstrations on real websites

CCSE Contents
Module 14: SQL Injection 2
Attacking Against SQL Servers SQL Server Resolution Service (SSRS) SQL Injection Automated Tools MSSQL Injection Blind SQL Injection Preventing SQL Injection Attacks

Module 15: XSS Cross Site Scripting

Introduction to XSS & Types of XSS XSS worm and XSS shell Cookie grabbing Countermeasures

CCSE Contents
Module 16: Secure Coding Practices
Why secure coding? Secure coding standards Secure coding methods Dissecting the source code

Module 17: Information Disclosure Vulnerabilities

Introduction Setting up the correct chmod Protecting the sensitive server files Preventing the data loss

CCSE Contents
Module 18: Session Hijacking
Introduction Types of session hijacking Tools that aid in session hijacking Countermeasures

Module 19:Hacking Web Servers

Understanding IIS and apache How to use PHP and ASP backdoors What are local root exploits? Implementing web server security Patch management

CCSE Contents
Module 20: Vulnerability Assessment & Penetration Testing
Introduction to VAPT Categories of security assessments Vulnerability Assessment Limitations of Vulnerability Assessment Penetration Testing Types of Penetration Testing Do-It-Yourself Testing Outsourcing Penetration Testing Services Terms of Engagement Project Scope & Pentest Service Level Agreements Testing points & Locations Automated & Manual Testing

CCSE Contents
Module 21: Assembly Language Basics
Difference Assembly Language Vs High-level Language Assembly Language Compilers Understanding Instruction operands, Directive & preprocessor Interrupts , Interrupt handler, External interrupts and Internal interrupts Handlers Assembling the & Compiling the C code Linking the object files & Understanding an assembly listing file Big and Little Endian Representation, Skeleton File Working with Integers, Signed integers & Signed Magnitude Understanding Twos Compliment, If statements, Do while loops Indirect addressing, Subprogram Understanding The Stack, SS segment& ESP The Stack UsageThe CALL and RET Instructions

CCSE Contents
Module 22 & Module 23: Buffer Overflows 1-2
Introduction How BOF works Stack based buffer overflow Heap based buffer overflow Heap spray Understanding the shellcode Mapping the memory Fuzzing Countermeasures

CCSE Contents
Module 24: Exploit Writing
Exploits Overview Prerequisites for Writing Exploits and Shellcodes Purpose of Exploit Writing Types of Exploits Tools that aid in writing Shellcode Issues Involved With Shellcode Writing Addressing problem Null byte problem System call implementation

CCSE Contents
Module 25: Reverse Engineering Introduction to RE Briefing OllyDbg Patching Cracking Keygening Countermeasures

Module 26: Firewalls, IDS, Evading IDS

Introduction How to detect Intrusion Types of Intrusion Configuring IDPS Firewall and its types Evading Firewalls and IDS

CCSE Contents
Module 27: Wireless Hacking & Security Wireless Protocols Wireless Routers-Working Attacks on Wireless Routers Cracking Wireless routers password(WEP) Securing routers from Hackers Countermeasures Module 28: Mobile, VoIP Hacking & Security SMS & SMSC Introduction SMS forging & countermeasures Sending & Tracking fake SMSes VoIP Introduction Installing VoIP Server & Forging Call using VoIP

CCSE Contents
Module 29: Introduction to Cyber Crime Investigation & IT ACT 2000
Types of Cyber Crimes Reporting Cyber Crimes & Incidence response Introduction to IT Act 2000 & its sections Flaws in IT ACT,2000 Investigation Methodologies & Case Studies Different Logging Systems. Investigating Emails ( Email Tracing) Ahmedabad Bomb Blasts Terror Mail case study Investigating Phishing Cases Investigating Data Theft Cases Investigating Orkut Profile Impersonation Cases Investigating SMS & Call Spoofing Cases

CCSE Contents
Module 30: Cyber Forensics
Cyber Forensics Understanding Cyber Forensics Hands on Cyber Forensics on Hard Disks Preparing Cyber Forensics Reports

Module 31:Enterprise Information Security Management

Establishment of ISMS Implementation ,Monitoring ,Review & Maintenance of ISMS Resource Management & Management Responsabilits. Internal Audits Selection of Appropriate Controls Corrective & Preventive Actions

CCSE Contents
Module 32 - 35: Project Work 1 , Project Work 2 & Final Exam.
Training attendees will be getting exposures to live projects like Penetration testing, Creating own vulnerable penetration testing framework , Online Malware Scanners. Semi Final & Final Exam ( Online Hacking Challenge)

Total Hours: 80 hours Training Duration : 30 45 Days. Training Centers: Ahmedabad, Delhi , Hyderabad, Navsari