Cyber Security Course دورة الأمن السيبراني الشاملة
- Description
- Curriculum
- FAQ
- Reviews
####################################################################
## ####
####################################################################
تغطي هذه الدورة أغلب المواضيع التي تغطيها الدورات العالمية التالية : (CCNA CYBER OPS , CEH, OSCP PEN-200, CHFI)
هذه الدورة تقدم بشرح باللغة العربية ومحتوى المادة باللغة الانجليزية , تتكون من 80% عملي و 20% نظري , ويتخلل الجزء العملي شرح تفصيلي يغطي الجزء النظري المتعلق بالعملي وتتكون من اكثر من 100 لاب عملي وكذلك المادة قابلة للتنزيل هي وجميع البرمجيات التي تحتاجها حيث تحتوي المادة على كثير من نسخ أنظمة التشغيل التي تحتوي على ثغرات امنية ليتم التطبيق مباشرة عليها.
تتعلم في هذه الدورة الأساسيات التي تحتاجها لتدخل الأمن السيبراني , ثم تتقدم الدورة تدريجيا الى أن تصبح محترفا في مجال الأمن السيبراني
تتعلم فيها المواضيع التالية :
– شبكات الحاسوب وأمن شبكات الحاسوب (Computer Networks and Computer Networks Security)
– أنظمة الحماية والجدار الناري (Firewall)
– الأمن السيبراني ومركز عمليات الأمن السيبراني (SoC and SIEM) (Cyber security and the Security Operations Center)
– نظام تشغيل لينوكس (Linux Operating System)
– التشفير (Cryptography and the Public Key Infrastructure)
– اختبار الاختراق باستخدام Kali Linux و Parrot و Python
(Penetration test using Kali Linux and Parrot , Python scripting for penetration testing)
– تحقيقات الأدلة الرقمية (Digital forensics)
– القرصنة الأخلاقية (Ethical hacking)
– Ethical hacking (Email Security, VPN, Firewall, Brute Force Attack in Web Application, Command Injection, Cross Site Request Forgery, SQL Injection, XSS)
– Ethical hacking ( Information Gathering , Sniffing, ARP Cache Poisoning , MITM, Brute Force, DoS ,DDoS, Spoofing, Steganography, Phishing, create malware)
-Bug hunting ( JMP ESP, fuzzing), Reverse shell and bind tcp , Msfvenom, Metasploit framework, PE how to create crack and inject malware inside it.
– Capture The Flag ( CTF)
-
2
Linux Operating System part1o Perform basic operations in the Linux shell.
o Explain why Linux skills are essential for network security monitoring and investigation.
o Use the Linux shell to manipulate text files.
o Explain how client-server networks function.
o Perform basic Linux administration tasks.
o Explain how a Linux administrator locates and manipulates security log files.
o Manage the Linux file system and permissions.
o Perform basic security-related tasks on a Linux host.
o Explain the basic components of the Linux GUI.
o Use tools to detect malware on a Linux host.
-
3
Linux Operating System part2
o Perform basic operations in the Linux shell.
o Explain why Linux skills are essential for network security monitoring and investigation.
o Use the Linux shell to manipulate text files.
o Explain how client-server networks function.
o Perform basic Linux administration tasks.
o Explain how a Linux administrator locates and manipulates security log files.
o Manage the Linux file system and permissions.
o Perform basic security-related tasks on a Linux host.
o Explain the basic components of the Linux GUI.
o Use tools to detect malware on a Linux host.
-
4
Network Protocols , Ethernet and Internet Protocol
Explain the basic operation of data networked communications.
Explain how protocols enable network operations.
Explain how data encapsulation allows data to be transported across the network.
Explain how Ethernet supports network communication.
Explain how the IPv4 protocol supports network communications.
Explain how IP addresses enable network communication.
Explain the types of IPv4 addresses that enable network communication.
Explain how the default gateway enables network communication.
Explain how the IPv6 protocol supports network communications.
-
5
Connectivity Verification, Address Resolution Protocol and The Transport Layer
Explain how ICMP is used to test network connectivity.
Use Windows tools, ping, and traceroute to verify network connectivity.
Compare the roles of the MAC address and the IP address.
Analyze ARP by examining Ethernet frames.
Explain how ARP requests impact network and host performance as well as potential security risks.
Explain how transport layer protocols support network communication.
Explain how the transport layer establishes communication sessions.
Explain how the transport layer establishes reliable communications.
-
6
Network Services Part 1
Explain how DHCP services enable network functionality.
Explain how DNS services enable network functionality.
Explain how NAT services enable network functionality.
Explain how file transfer services enable network functionality.
Explain how email services enable network functionality.
Explain how HTTP services enable network functionality.
-
7
Network Services Part 2
Explain how DHCP services enable network functionality.
Explain how DNS services enable network functionality.
Explain how NAT services enable network functionality.
Explain how file transfer services enable network functionality.
Explain how email services enable network functionality.
Explain how HTTP services enable network functionality.
-
8
Network Communication Devices
Explain how network devices enable network communication.
Explain how wireless devices enable network communication.
-
9
Attackers and Their Tools
Explain how network threats have evolved.
Describe the various types of attack tools used by Threat Actors.
Introduction to Hacking the Box
-
10
Common Threats and Attacks
Describe types of malware Virus, Worm, and Trojan horse.
Other malware : Ransomware ,Scareware, Phishing, Rootkits, Spyware, and Adware.
Explain reconnaissance, access, and social engineering network attacks.
Password Attacks , Spoofing Attacks , Man-in-the-Middle Attack , Buffer Overflow Attack, and Social Engineering.
Explain Denial of Service (DoS and DDoS Attacks), buffer overflow, and evasion attacks.
-
11
Attacking the Foundation
Explain the IPv4 and IPv6 header structure.
Explain how IP vulnerabilities enable network attacks.
Explain how TCP and UDP vulnerabilities enable network attacks.
-
12
Attacking What We Do
Explain IP service vulnerabilities
Explain how network application vulnerabilities enable network attacks
-
14
Deploying Portable Virtual Lab
Deploying Portable Virtual Lab using Virtual Box
-
15
Information Gathering & Countermeasures
Objective of this Lab is to Understanding Information Gathering, Network Discovery, Scanning, Detecting Scanning & Implementing Countermeasures
Foot printing / Network Discovery
Scanning
Enumeration
Shodan , whois , netcraft
NMAP
Dmitry
-
16
Sniffing, ARP Cache Poisoning & MITM Attack with Countermeasure
Objective of this Lab is to understand Sniffing, Man in the Middle Attack (MITM),ARP Cache Poisoning Suggesting & Implementing Countermeasures.
Zenmap (for Scanning purpose)
Ettercap (for ARP Cache Poisoning and Sniffing)
-
17
Brute Force Attack & Countermeasures
Objective of this Lab is to understand about types of Password Attacks, Hash Function, Password Hashes, Brute Force Attack ,Suggesting & Implementing Countermeasures .
John the Ripper
-
18
Denial of Service Attack& Countermeasures
Objective of this Lab is to understand about IP Spoofing, Denial of Service (DoS),Suggesting & Implementing Countermeasures.
Performance Monitor
Hping3
-
19
Distributed Denial-of-Service (DDoS) using Botnet
DDos
Botnet -
20
MAC Spoofing
Objective of this Lab is to understand about MAC Spoofing, Process to change the MAC address by generating random MAC address and by giving specific MAC address.
Macchanger
-
21
Steganography using image file
Objective of this Lab is to understand about Steganography, Steghide tool and how to send text message embedded with image file.
Steghide
-
22
E-Mail Spoofing & Phishing
Objective of this Lab is to understand aboutE-mail Spoofing,Phishing,Phishing techniques and suggested countermeasures.
-
23
Steganography using ICMP Payload
Objective of this Lab is to understand about steganography using ICMP Payload, Scapy tool used for steganography using ICMP payload
-
24
Trojan, Backdoor &Virus & Countermeasures
Objective of this Lab is to understand about Trojan, Backdoor and Viruses, Suggesting & Implementing Countermeasures
Prorat
-
25
Email Security
Objective of this Module is to understand about common E-mail Protocols, E-mail Encryption, Digital Signature.
-
26
Configuring Host Based Firewall (Linux)
Objective of this Module is to understand about ,basic concepts of Firewall, basic techniques for Configuring Firewall, host-based firewall & their configuration.
-
27
Configuring Network Based Firewall (NGFW) FortiGate UTM
Configuring Network Based Firewall (NGFW) as an Example FortiGate UTM
Fortinet is the pioneer of secure networking, delivering flawless convergence that can scale to any location: remote office, branch, campus, data center and cloud. FortiGate is the heart of FortiOS Everywhere, providing deep visibility and security in a variety of form factors, including container firewalls, virtual firewalls, and appliances. -
28
Brute Force Attack in Web Application
In this lab, security of a web application would be analyzed. The burp Suite tool would be used to get the login credentials by using brute force attacks.
Burp Suite
Password cracking
Brute Force Attacks
-
29
Command Injection in Web Application
In this lab, security of a web application would be analyzed by using command injection attacks. The unsecure web application would be secure coded to mitigate the command injection attacks.
-
30
Cross Site Request Forgery in Web Application
In this lab, security of a web application would be analyzed by using CSRF attack. The unsecure web application would be secure coded to mitigate the CSRF attacks.
-
31
XSS Reflected in Web Application
In this lab, security of a web application would be analyzed by using XSS (Reflected) attack. An 'attacker' can inject their own scripts into the web application and change the password using curl string in Kali Linux.
-
32
XSS Store in Web Application
In this lab, security of a web application would be analyzed by using XSS (Store) attack. Allow an 'attacker' to inject malicious scripts into the database.
-
33
SQL Injection in Web Application
In this lab, security of a web application would be analyzed by using SQL injection. SQL injection allows unauthorized people to use SQL syntax to query the web server database backend; it is called injection because the SQL syntax is inserted into web application variables.
-
34
vulnerability scanning and penetration testing
Vulnerability scanning
Penetration testing
Nessus
OpenVas GVM
ZAP
Metasploit framework
Msfconsole
-
35
SOC , SIEM , Isolate Compromised Host Using 5-Tuple Lab
In this lab, you will review logs that were gathered during the exploitation of a documented vulnerability to determine the compromised hosts and file.
Security Onion virtual machine
SIEM
SOC
-
36
Advanced Network Scanning Part1
Tools to be used : NMAP and SCAPY
Diving into Important Network Protocols (TCP, UDP, ICMP, ARP, etc)
Nmap –advanced.
Host Discovery
Tracing the Route
Port Scanning
Idle scan
OS and Service Fingerprinting
Learning Python essentials
Packet Crafting with scapy
-
37
Advanced Network Scanning Part2
Tools to be used : NMAP and SCAPY
Diving into Important Network Protocols (TCP, UDP, ICMP, ARP, etc)
Nmap –advanced.
Host Discovery
Tracing the Route
Port Scanning
Idle scan
OS and Service Fingerprinting
Learning Python essentials
Packet Crafting with scapy
-
38
Advanced Network Scanning Part3
Tools to be used : NMAP and SCAPY
Diving into Important Network Protocols (TCP, UDP, ICMP, ARP, etc)
Nmap –advanced.
Host Discovery
Tracing the Route
Port Scanning
Idle scan
OS and Service Fingerprinting
Learning Python essentials
Packet Crafting with scapy
-
39
Software Exploitation Part1
CPU Instructions & Registers
Functions, High Level View
Stacks and Stack Frames
Memory Addressing
Managing Stack Frames
Functions, Low Level View
– Understanding the Process
– Call Types
– Assembly Language
– General Trace
– Code Optimizations
– Stack Reliability
Memory Corruption
-
40
Software Exploitation Part2
CPU Instructions & Registers
Functions, High Level View
Stacks and Stack Frames
Memory Addressing
Managing Stack Frames
Functions, Low Level View
– Understanding the Process
– Call Types
– Assembly Language
– General Trace
– Code Optimizations
– Stack Reliability
Memory Corruption
-
41
Debugging Fundamentals for Pentesters
Immunity Debugger
Debuggers , Popular Debuggers, Which to use?
Shellcode
Shellcode Basics
Shellcode Types ( bind TCP, Reverse TCP)
Useful Shellcode Tools
-
42
Memory Corruption part 1
Memory Corruption Classes
Memory Corruption Exploits
Vulnerability Analysis
Stack Buffer Overflows
Identify Usable Characters
Identify Offsets
Fill in Memory Addresses
Identify Usable Space
Drop in Payload
-
43
Memory Corruption part 2
Memory Corruption Classes
Memory Corruption Exploits
Vulnerability Analysis
Stack Buffer Overflows
Identify Usable Characters
Identify Offsets
Fill in Memory Addresses
Identify Usable Space
Drop in Payload
-
44
Vulnerability Identification and Fuzzing
a quick road to bug hunting
Taking Advantages of Bugs
Exploits Language
Bug Hunting Formal Process
Common Techniques
Fuzzing
Fuzzing History
Fuzzing Methods
What data can be Fuzzed?
What does Fuzzed data consist of?
When to Fuzz?
Two Approaches
Determine Exploitability
Types of Fuzzers
Common Fuzzers
The Fuzzing Process
Protocol Fuzzing
SPIKE
-
45
Jumping Strategies and SEH Exploitation
JMP (or CALL)
POP RET
PUSH RET
JMP ret + offset
Blind Return
SEH
POPAD
Short Jumps
Conditional Jumps
Backward Jumps
Weird Relative Backward Jump
-
46
Exploit Mitigation and Structured Exception Handling part1
Visual Studio /GS Flag
Structured Exception Handling
SEH Frame Overwrite Attack
Visual Studio SafeSEH
SEH Case Study
SEH Based Exploitation
-
47
Structured Exception Handling part2
SEH Case Study
SEH Based Exploitation
-
48
Egg Hunter
Egg Hunting Conditions
How it works?
Egg Hunting Disassembly
Exploit Mitigation
-
49
How to create crack in portable executable file (PE)
-
50
Data Execution Prevention DEP and Return Oriented Programming ROP
Data Execution Prevention DEP
Return Oriented Programming ROP
Bypassing DEP
Return to lib ret2lib
Return Chaining
ASLR Address space layout randomization
Bypassing ASLR
-
51
Capture The Flag
Target #1 - Windows 7 (Exploitation)
1. Exploit the vulnerable service on this target.
2. Create as many tunnels (pivoting points) needed to reach and attack the Windows 2008 Server target.
Target #2 - Windows 2008 Server (This must be attacked using a TUNNEL created from Target #1)
3. Find a SQL Injection vulnerability, exploit it and change administrator’s password and dump the whole database. Also, find what is the MySQL root password? Tasks must be done using SQL injection ONLY,!
4. Show proof of a Cross Site Scripting (XSS) vulnerability and how could an attacker (tester) benefit from it (e.g. gain the cookies of a user).
5. Find a Remote Code Execution (RCE) vulnerability and use it to add user to the system.
NOTE: Do not use the user added to complete all tasks. Each goal must be achieved using the mentioned vulnerability.6. Find any open shares on the system, and show proof how it could be used for exploitation (hint: psexec hint :need user).
7. Find any network service and try to figure out their users and passwords (Brute force). You can use the predefined list of usernames and passwords given.
8. Find a file upload vulnerability and use it to upload a PHP Shell. Show proof of what could be done using the phpshell (note: could be a meterpreter or a c99 shell as the one given).
9. Present a final report and a proper presentation of your achievements.
