CYBER SECURITY:
➡️ Introduction to Cyber Security
➡️ Types of JOBS
➡️ Types of Hacking or testing
➡️ Ethical Hacking
➡️ Communication Model
➡️ DNS, IP Types and introduction
➡️ PORTS & Usage
➡️ Cryptography
➡️ VAPT Introduction
➡️ VAPT Process we follow
🌐 Basics to WEB VAPT:
➡️ WEB Communication Model
➡️ Request & Response Components
➡️ Burpsuite tool Walkthrough
➡️ Recon of Web application ( Wappalyzer, shodon)
➡️ Vulnerability Severity ( C I A)
➡️ Report Pattern
➡️ CWE
➡️ Zero Day Vulnerability
➡️ HTTP & HTTPS
➡️ Types of Web Applications
💻 WEB APPLICATION VAPT:
➡️ OWASP Top 10 List
➡️ Session Vulnerabilities
➡️ Password Vulnerabilities
➡️ Authentication Vulnerabilities
➡️ Authorization Vulnerabilities
➡️ Security Misconfiguration Vulnerabilities
➡️ XSS Vulnerabilities
➡️ Business Logic Vulnerabilities
➡️ Injections (SQL, LDAP, COMMAND & XML)
➡️ Host Header Vulnerabilities
➡️ Input Vulnerabilities (XSS, HTML, CSS, Iframe)
➡️ CSRF
➡️ SSRF
➡️ Broken Access Control Vulnerabilities
➡️ IDOR
➡️ Sensitive Data Exposure Vulnerabilities
➡️ ASPX, PHP, TOMCAT Vulnerabilities
➡️ Rate Limiting, Brute Force Vulnerabilities
➡️ User Enumeration Vulnerabilities
➡️ Privilege Escalation
➡️ Low Vulnerabilities List
➡️ Remote Code Execution & File Upload Vulnerabilities
➡️ Complete Checklist
➡️ Automation Tools intro & Walkthrough
📡 NETWORK VAPT:
➡️ OST Model
➡️ PROTOCOLS
➡️ TCP
➡️ IP
➡️ Host Discovery, Port scanning & NMAP Tool
➡️ Nessus & Nexpose Tools
➡️ Metasploit
➡️ Firewalls, WIFI
➡️ DNS Spoofing
➡️ SMB Relay Attack
➡️ Password cracking
➡️ Checklist for Network VAPT
📱 MOBILE VAPT (ANDROID):
➡️ OWASP Top 10 List
➡️ Mobsf
➡️ Emulator Setup
➡️ Reverse Engineering
➡️ Static Analysis
➡️ Insecure Data storage
➡️ Dynamic analysis
➡️ Checklist for Mobile VAPT
➡️ Intro to IOS VAPT
🔗 API VAPT:
➡️ Types of API
➡️ Setup of Postman & SOAP
➡️ Session Vulnerabilities
➡️ Auth Vulnerabilities
➡️ Sensitive data exposure Vulnerabilities
➡️ Security Misconfiguration Vulnerabilities
➡️ Rate limiting
➡️ Injections
➡️ Input Vulnerabilities
➡️ JWT Vulnerabilities
➡️ Checklist For API VAPT
📝 SOURCE CODE REVIEW (VAPT):
➡️ SCR Introduction
➡️ Manual & Automated types
➡️ OWASP List
➡️ Language Specific Vulnerabilities
➡️ Encoding Vulnerabilities
➡️ Input validation Vulnerabilities
➡️ Business logic Vulnerabilities
➡️ Authentication & Authorization Vulnerabilities
➡️ Checklist for SCR
💰 Bug Bounty:
➡️ Introduction of Bugbounty
➡️ Profile Setup
➡️ Walkthrough
➡️ Reports & Access
➡️ Few tips Bypass techniques
➡️ Approach Methods
🛠️ Tools List:
➡️ Burpsuite
➡️ Wappalyzer, Shodon, Cookies Editor
➡️ Acunetix, Net Sparker
➡️ Mobsf, Ostra Labs
➡️ JADX
➡️ Mobile emulators: Nox Player & Genemotion
➡️ WordPress Scanner
➡️ NMAP
➡️ Metasploit
➡️ Nexpose & Nessus
➡️ POSTMAN & SOAP
➡️ OWASP ZAP
➡️ SQL MAP
➡️ Wireshark
➡️ Jhon the ripper
➡️ Checkmarx
➡️ Github
➡️ Kalilinux