Overview
Program Structure
Book Now
FAQs

Course Introduction:-

The Certified Professional Hacker Plus is a revolution in the field of information security training. It goes far beyond the usual courses that talk about the same old port scanning and vulnerability assessments. It goes deep down into the depths of networking, systems, web applications and actual exploitation. Here are top 5 reasons why the CPH Plus is the ideal choice in comparison to other ethical hacking courses.

  • Training executed completely by practitioners and led by our Principal Consultant and well-renowned information security expert – K. K. Mookhey
  • Coverage of the latest trends in information security – Advanced Persistent Threats, SCADA Hacking (analysis of Stuxnet), and Mobile Hacking
  • Heavy focus on practical aspects and usage of tools and toolkits such as Backtrack, Metasploit, Burp Suite, Kismet, Air-crack Ng.
  • Case studies and real-life examples to explain key concepts
  • The entire training program is designed by our Principal Consultant Mr. K K Mookhey, and we can assure you that it is aimed specifically to make you an expert in ethical hacking and a much sought-after security analyst.

Intended Audience:

Anyone looking to build a career in information security, or if you're someone who's already in this field, but want to learn the professional concepts of hacking, then this is the course for you. It simply will not get more practical and more hands-on than this. Instead of burdening you with a huge amount of courseware, and hundreds of tools, the CPH course focuses on the real-world practical tools and techniques of hacking.

Course Content

  • Session 1:
    • What is Information Security?
    • CIA Triad
    • AAA
    • Hacking Phases
    • Ethical Hacking Concepts
    • Understanding common terms in hacking
    • Vulnerability Assessment
    • Penetration Testing
    • Concept of Red Teaming/Blue Teaming
    • Information Security Controls
    • Information Security Policies
    • Information Security Laws & Standards
    • Network Fundamentals
    • OS basics
    • Kali Linux
  • Session 2:
    • Social Engineering
      • Techniques in Social Engineering
      • Social Engineering Tools
    • Reconnaissance
      • What is Reconnaissance?
        • Ways to Footprint
        • Various Footprinting Tools
  • Session 3:
    • Network Scanning
    • Scanning Tools
    • Countermeasures

Day 2:

  • Session 1:
    • Banner Grabbing and its Techniques
    • Enumeration and its Tools

 

  • Session 2:
    • Understanding concept of Networking, Firewall, IDS/IPS, Switches, Port Mirroring etc.
    • Hacking Networks
    • VPN Hacking
    • Telnet & Rlogin Insecurities
    • DNS Spoofing
    • ARP poisoning
    • NETBIOS Insecurity
    • Testing & Evading Firewall
    • Cracking Passwords
    • Keylogger
    • Spyware
    • Router Hacking
    • Hacking WebServers
    • Hacking Linux
    • Hacking Windows
    • Risk Based Pentesting

 

Day 3:

  • Session 1:
    • Exploitation & Post-Exploitation Concepts
    • Privilege Escalation
    • Back Dooring a HOST - Trojans, Virus and Malware
    • VA Tools
    • Vulnerability Analysis using Nessus

 

Day 4:

  • Session 1:
    • Global Standards/Frameworks
    • What is OWASP
    • Significant OWASP Projects
    • OWASP Top 10
    • The ‘OWASP Top 10’ for WebAppSec
    • Countermeasures of OWASP Top 10 2017 RC2

 

  • Session 2:
    • CSRF
    • SSRF
    • Clickjacking

 

  • Session 3:
    • Web Application Scanners
    • Profiling the Scans
    • Interpreting Scanner Reports
    • Open source Tools and Testing Methodologies

 

  • Session 4:
    • Common Mistakes in Development
    • Security Best Practices for Web Application
    • Secure SDLC
    • Threat Modelling
    • DevSecOps

Day 5:

  • Session 1:
    • Wireless Security Overview
    • Introduction 802.11 Standard
    • Aircrack-ng Kungfu
      • EvilTwin Attack
    • Wireless Security Tools
    • Best Practices for Wireless & Wireless Enterprise Security
  • Session 2:
    • Cryptography
    • Steganography
    • Malware Threats
    • Malware Analysis

Day 6:

  • Session 1:
    • Mobile Security Basics
      • OWASP Top 10 Mobile Risks - 2016
    • Android Security Basics
    • iOS Security Basics
    • Guidelines for Securing iOS Devices
    • Mobile Device Management (MDM)
    • Mobile Security Guidelines and Tools
    • General Guidelines for Mobile Platform Security
    • Mobile Device Security Guidelines for Administrator
    • SMS Phishing Countermeasures
    • Mobile Protection Tools
    • Mobile Anti-Spyware

 

  • Session 2:
    • Introduction to Cloud Computing
    • Cloud Computing Threats
    • Cloud Computing Attacks
    • Cloud Security
    • Cloud Security Tools
    • Cloud Penetration Testing
  • Session 3:
    • Introduction to IoT
    • IoT Attacks in Different Sectors
    • IoT Security Problems
      • OWASP Top 10 IoT Vulnerabilities and Obstacles
    • Hacking IoT Devices: General Scenario
    • IoT Hacking Methodology
    • IoT Pentesting Methodology
    • Countermeasures

Q: When are the courses held?
A: The courses are scheduled monthly throughout the year.

Q: What do I take away from the course?
A: As well as the skills to use the product, you also receive a comprehensive workbook and a certificate of attendance.

Q: Do I get a course manual to keep?
A: Yes, you receive a comprehensive workbook.

Q: Where are the classroom training courses held?
A: The courses are all held in Parramatta, Sydney.

Q: Is the training practical or theory based?
A: Both. All of our course combine practical demonstrations and theory. You will have a sole use of a laptop throughout the course and can practice what you have learnt at the end of each chapter.

Q: Do I need to bring a laptop?
A: Yes, it is required to help you start from scratch on your own machine.

Q: Is there an exam?
A: You do not sit an exam at the end of the course.

Q: What qualification will I get?
A: You will receive a certificate of attendance.

Q: Do I need any previous practical experience?
A: This depends on the course you choose to take. All of our Introductory and Complete courses require no prior knowledge. If you are considering attending an Advanced course, but have not sat the basic course, then you will be expected to have relevant practical experience in the tool.

Q: Do you offer on-site training?
A: Yes, all of our courses can be delivered as on-site courses. We provide all laptops, projector, workbooks and certificates. We can also deliver on-line training just for your company with a schedule to suit you.

Q: Do you offer post course support?
A: Yes, in two ways; firstly, all our trainers can help with initial queries you may have when using the tools post-course via email. Secondly we also provide short-term on-site internship.