Transforming people and organisations around the globe
Transforming people and organisations around the globe
Job Ready Hands-on Training Course – 3 Months (100+ Hours)
Duration: 3 Months, Weekly 4 days (Mon, Tue, Wed, Thu)
Total Learning Hours: 100+ hours (60% Theory, 40% Hands-on Labs)
Target Roles: GRC Analyst, SOC Analyst, Compliance Analyst, Security Analyst, Ethical Hacking, PEN Testing
Bestseller
Cybersecurity Course – Become a Hands-On Security Pro!
Master Cybersecurity with Essential Tools and Certifications offers a hands-on dive into core concepts, tools, and frameworks. Learn fundamentals like the CIA Triad, threat modeling, and encryption, while exploring real-world tactics in recon, pentesting, and incident response. Ideal for those preparing for certs like CEH or OSCP.
Threat landscape, security domains, compliance basics
MITRE ATT&CK, TTPs, attacker lifecycle
Firewalls, EDR, layered security
OSINT, Google Dorks, Shodan, DNS recon
Tools like Sublist3r, Amass, crt.sh, assetfinder, subfinder, domain hijacking
Wireless security basics
Threat modeling, risk treatment, impact analysis
XSS, SQLi, malware types, insider threats
Phishing, USB drops, SEToolkit tactics
Encryption, hashing, TLS/SSL
IR lifecycle, SIEM intro, response strategies
Scanning, exploitation, post-exploitation
NIST, ISO 27001, CIS, GDPR
Certifications, interview prep
| Week | Theory Topics | Hands-On Labs |
|---|---|---|
| Module 1: Cybersecurity Foundations | ||
| Week 1 | Introduction to Cybersecurity - Threat Landscape & Attack Types - NIST Cybersecurity Framework: Identify, Protect, Detect, Respond, Recover - ISO/IEC 27001 Basics | Breach Analysis Case Study - Mapping NIST Functions to Real-World Scenarios |
| Week 2 | CGDPR Overview - HIPAA Compliance - PCI DSS & Government Regulations - Governance, Risk & Compliance (GRC) Foundations | GDPR vs HIPAA vs PCI DSS Mapping Exercise - GRC Policy Drafting Activity |
| Module 2: Reconnaissance & Weaponization | ||
| Tools Focus: whois, nslookup, theHarvester, Google Dorks, dnsrecon, Sublist3r, Shodan, Maltego | ||
| Week 3 | AI in Governance (NIST AI RMF, EU AI Act, Responsible AI) - Risk & Risk Management Fundamentals - Risk Management in GRC Context - Case Studies & Risk Scenarios | Risk Assessment Case Study - Risk Register Creation Exercise |
| Week 4 | Networking Basics (LAN, WAN, OSI) - TCP/IP Fundamentals - 3-Way Handshake (Theory + Demo) - Wireshark Introduction | Packet Capture with Wireshark - Analyze TCP 3-Way Handshake |
| Module 3: Delivery, Exploitation & Installation | ||
| Tools Focus: SEToolkit, msfvenom, Metasploit, phishing, USB HID payloads | ||
| Week 4 | Wireshark Deep Analysis (Protocols & Filters) - Batch Data Analysis in Wireshark - SOC Concepts & SIEM Introduction - SIEM Use Cases | Wireshark Filtering & Protocol Analysis - SOC Alert Simulation in SIEM |
| Week 5 | Incident Response Plan, Detection & Containment SIEM Concepts | Basic Manual IR Flow Recovery Simulation Lab, Splunk Practicals |
| Module 4: Post Exploitation & Privilege Escalation | ||
| Tools Focus: Metasploit, enum4linux, linpeas, netcat, mimikatz | ||
| Week 6 | Cyber Kill Chain Model (Recon to Exploit) MITRE ATT&CK Framework Introduction TTPs: Real-World Mapping | Cyber Kill Chain Mapping Exercise MITRE ATT&CK Simulation Lab (Manual TTPs) |
| Week 7 | Passive Recon: OSINT, Domain Foot printing, DNS Enumeration Subdomain Discovery, Shodan, Leaked Cameras | Recon Tools: spiderfoot, theHarvester, dnsenum, Sublist3r, Subfinder, amass , theHarvester Google Dorking for Sensitive Info |
| Module 5: Targeted Environments | ||
| Week 8 | Active Recon: Live Host Discovery, Banner Grabbing Fingerprinting (OS, Ports, Services) | nmap, netdiscover, fping, whatweb Banner grabbing with nc & nmap -sV |
| Week 9 | Social Engineering: Phishing, Pretexting, USB Drops SEToolkit & Payload Crafting | Email Phishing & Web Cloning with SET msfvenom for Payload Generation |
| Week 10 | Malware Delivery: Executables, Macros, USB Drives Reverse Shells & RATs | Reverse Shell Delivery via Social Engineering Backdoor Injection & Listener Setup Metasploit Sessions & Token Stealing Local Privilege Escalation with linpeas |
| Week 10 | Server-Side Pentesting (Linux/Windows) Service Exploits, SMB, RDP, SSH | Exploit Services (e.g., Samba, vsFTP) exploitdb, searchsploit, msfconsole |
| Module 6: Hardening & Incident Response | ||
| Week 11 | Web App Pentesting (OWASP Top 10) XSS, SQLi, LFI/RFI, Auth Bypass | DVWA/bWAPP: SQLi, XSS, Command Injection Burp Suite Manual Testing |
| Week 12 | Mobile Security & IoT (Intro only) Common Vulnerabilities (Rooting, exposed APIs, default creds) | Recon IoT on Local Network Android APK Analysis (Basic via MobSF if feasible offline) |
| CV, Linkedin support | ||
| Phase | Tools |
|---|---|
| Reconnaissance | whois, nslookup, theHarvester, Sublist3r, Google Dorks |
| Weaponization | msfvenom, Python scripts |
| Delivery | SEToolkit, USB payloads, Email phishing |
| Exploitation | Metasploit, browser exploits, SQLi |
| Installation | Reverse shell, RATs, backdoors |
| Command & Control | netcat, Meterpreter, ncat |
| Actions on Objectives | Privilege escalation (linpeas, mimikatz), data exfiltration |
Take the next step as a Scrum Master, building on your learnings from...
