Welcome to the world of Penetration Testing

 Course Introduction
 Why Web Penetration Testing?
 Types of Hackers
 Disclaimer for this course
 What is Vulnerability?
 What is VAPT?
 What is Owasp top 10
 Scope & Duties of Web Pentester in InfoSec Companies
 Goals for Resume Building in Web Pentesting
 How much and where can I make money from bug bounty?

Setting up an environment
 Things to cover in this section
 Grabbing Required downloadable resources for this section
 Learning Virtualization with Virtual Box
 Setting up & Walkthrough of Vbox modules
 Introduction & History of Linux
 Why Kali Linux?
 Installing Kali Linux
 Tweaks to Run Kali Linux Smoothly Part 1
 Tweaks to Run Kali Linux Smoothly Part 2
 Updating and Upgrading Kali Linux with Debian packages

Linux Fundamentals Crash Course

 Introduction to command prompt
 Accessing system & Network Related commands
 Ip Config & Bridge network
 Linux file system and Structure
 Introduction to root
 Absolute and relative paths
 Directory listing attributes
 Playing with file and directories
 Different file types in Linux
 Wildcard commands
 Understanding files and Directory permissions
 File permission commands
 Help commands, auto completion and arrow keys
 Piping process
 Linux file editors
 Switching user with sudo module
 System utility commands (Date, Uptime, Hostname, Uname etc)
 Installing softwares
 Github clone to run tools
 Compiling python
  Compiling java
Core fundamentals for web pentesting
 What is an Ip address?
 What is protocol? HTTP & HTTPS
 Subdomain & Domain name
 What are ports?
 Path & Query component in URL
 Parameters and Fragment
 Explaining verbs, What is GET method?
 What is Post Method?
 What is Put Method?
 Delete & Head Method
 Connect & Options
 Trace & Patch
 How does an API works?
 HTTPS Status code part 1
 HTTPS Status code part 2

Complete Burpsuite module training

 What is Burp Suite?
 Burp CA Certificate for SSL/TLS
 Burp Project Type : New, Existing & Temp
 Burp Suite Proxy
 Burpsuite Intruder
 Burpsuite Scanner
 Burp suite Repeater
 Burp Suite Sequencer
 Burp Suite Decoder
 Burp Suite Comparer
 What are Payloads? Simple List, Runtime file, Custom iterator
 Payload type : Character Substitution, Case Modification, Recursive grep
 Payload Type : Illegal Unicode, Character Blocks, Numbers
 Payload Types : Dates, Brute Forcer, Null Payloads, Character Frobber
 Payload types : Bit Flipper, Username Generator, ECB Block Shuffler
 Burp Suite Extender
 Burp Suite Extensions
 BApp Store
 Burp Suite APIs
 Burp Suite Options
 Engagement Tools
 Http History Analyser
 Connect Burp to Android for Testing Android Apps

Reconnaissance Methodology
 DNS Records with Virustotal
  HTTP Status Recon
 Subdomain enumeration
 Aquatone
 Shodan Research
 Directory Bruteforcing
 Digging into the past with WayBack Machine
 Certificate Transparency Crt
 Wappalyzer for Technology Identification
 Netcraft Active Cyber Defence
Getting started with Testing environment
 What is DVWA?
 Getting started by Creating Database & User for lab
 Configuring DVWA
 DVWA Error Solving

Brute force & Command Injection

 Brute force technique part 1
 Brute force technique part 2
 What is Command Injection & CI Low level breach
 Command Injection: Breaching Medium Level Security
 Command Injection: Breaching High Level Security
 Command Injection Mitigation & Secure Code writing logic
 Remote Code Execution Incident Report Study

Insecure Session Management & Cookie Manipulating Flaw

 Insecure Session Management & Cookie Manipulating Flaw
 Insecure JSON Parsing

Cross Site Request Forgery

 What is Cross Site Request Forgery? CSRF Part 1
 CSRF: Part 2 (Designing Custom CSRF Form)
 CSRF: Execution of Custom form and Mitigation Technique
 CSRF: Automated form via Burpsuite
 CSRF Incident Report Study

File Upload Vulnerability

 What is File Upload Vulnerability? Breaching Low Level
 Breaching Medium Level
 Breaching High Level & Mitigation
 File Upload Incident Report Study

File Inclusion Vulnerability

 Local & Remote File Inclusion (Low Level)
 LFI & RFI (Medium & High Level)
 LFI & RFI Incident Report Study
SQL Injection
 SQL Injection Master Lab & What is Database?
 SQL Fundamentals
 What is ID, Joining & Breaking the query in SQL
 Selecting Vulnerable Column & Fetching Database Name
 Dumping Database

Boolean Based & SQL Automation

 Boolean Based Queries & Fundamentals
 Boolean Based demonstration
 Automation With SQL Map

Cross Site Scripting

 Reflecting XSS
 Stored XSS
 Dom Bases XSS
 Exploring Innovative method for executing XSS via Case Studies

Increasing Difficulty with WebGoat

 Gathering Pre-Requisites for Webgoat
 Configuring Webgoat in Windows

Token Exploitation
 What is JSON Web Token? (JWT)
 JWT : JSON Web Token Hijacking with SQL Injection
 JWT Payment Gateway Manipulation

Password Reset EndPoint

 Password Reset Endpoint
 Creating and Exploiting Password Reset Link

Path Traversal
 Path Traversal - Bypass File Upload Fix 1
 Path Traversal - Bypass File Upload Fix 2
 Path Traversal - Retrieving Files

SQL String Based

 String SQL Injection Part 1
 String SQL Injection Part 2
 Delete Data & Retrieve Data from Tables
 SQL Login Attack

HTML Tempering & XXE

 HTML Tampering explained with Execution
 XXE : What is XXE Injection?
 XXE Injection Content Type Manipulation
 Blind XXE Injection
Insecure Direct Object Reference
 What is IDOR?
 Data Extraction via IDOR
 Account Hijacking via IDOR

Advance CSRF & SSRF

 Login CSRF
 SSRF Explained
 SSRF - Request Manipulation to display User

Bonus Attacks
 Vulnerable Components - Exploiting CVE
 Meta Data Sanitization
 Client-Side Filtering

Wireshark
 OSI Model Layer
 Split of Concentration
 Application layer
 Presentation Later
 Session layer
 Top Layer vs
 Transport Layer
 Network Layer
 Data link Layer
 Physical Layer
 Host Communication
 Encapsulation
 TCPIP vs OSI Model
 Wireshark Filters & Data Capture

Nmap
 Nmap Basics, Target Specification & Port States
 Nmap Scanning & Ping Scanning
 Nmap Scan Techniques with SYN, Connect, UDP, SCTP, TCP, ACK &
Window
 Nmap Scan Techniques Part 2 : Null, Fin, XMAS, Maimon, IDLE Scan &
IP Protocol
 Nmap Performance, Firewall & IDS Evasion
Exploits
 What is metasploit?
 How port scanning can help us in exploiting machines?
 How to Configure Exploits?
 Executing Eternal Blue exploit on Windows Machine
 Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3
  Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3
Forensics
 Analysis - Registry, Email and Browser Artifacts
 Analysis - PDF Files and Page Files
 Malware File Analysis
 USB Forensics - Detection and Investigation
 Meta Data Analysis - MS Office Files
 Meta Data Analysis - Image Files
 Memory Forensics using FTK Imager and Volatility3 tool overview
 Volatility3 - Memory File Analysis and Infected system file

Final Module
 Pentsting with Automated tools : Owasp Zap
 Httrack & Wpscan
 What is Accunetix?
 Accunetix Practical Scanning
 How to Make POC (Proof of Concept)
 How to make a VAPT (Vulnerability Assessment & Penetration Testing
Report) report : Part 1
 VAPT Part 2
 How to get Job Ready and CV guide
 What to learn next?
 Final Closure

Interview Prep
 Mock Interview: Level 1
 Mock Test Paper (Practical Skill Based): Level 2
 Group Discussion Round: Level 3
 Resume Building