Ethical Hacking Syllabus
A popular course due to an increased interest in internet security, Ethical hacking courses cover tools and techniques that hackers use to know about intrusions in the defense mechanism.
The syllabus for ethical hacking courses varies across different institutes, as each may have its unique curriculum. However, below is our detailed and comprehensive syllabus designed to provide in-depth knowledge and practical expertise in ethical hacking:
| Topic | Subtopics |
| Networking | Introduction to networking Role of networking ports Networking concepts Networking protocols Types of Networking What is TCP and how does it work? What is ISP? Network Protocols What is IP address? How does internet work? Versions and types of IP address OSI vs TCP/IP model What is MAC address? Domain name and DNS records Request & Responses |
| Linux | What is Linux? Basic Linux commands (Practical) Cool Features of Linux Advance Linux commands (Practical) Basic File System of Linux Getting Familiar with Linux OS |
| Setting Up Ethical Hacking Lab | Setting Up Lab Installing Kali or Parrot OS in VMware or VirtualBox Install VMware or Virtual Box Downloading a good wordlist for Kali Linux |
| Footprinting and Reconnaissance | Introduction to Footprinting & Reconnaissance Types of Footprinting Website footprinting using Netcraft, Wappalyzer, 3rd party sources DNS footprinting using DNSenum, DNS lookup, MX lookup, NS lookup Email footprinting using Email Tracker Pro Entities of information gathering Source of information gathering WHOIS footprinting Performing information gathering using search engines Footprinting through OSINT framework Information gathering using Google Dorking and ASO Footprinting using Kali Linux DNSenum, DNSRecon, Sublister tools for footprinting |
| Network Scanning | What is network scanning? Checking for software with versions Network scanning methodology OS fingerprinting and banner grabbing countermeasures Types of network scans Saving XML report for Metasploit & Conversion Checking for live systems and Buffer size Checking for open ports Checking for services on ports |
| Enumeration | Introduction to enumeration DNS enumeration Types of enumeration How to enumerate all services? Default ports Enumeration countermeasures NetBIOS enumeration SNMP & SMTP enumeration NFS enumeration |
| Vulnerability Assessment | Introduction to vulnerability assessment Installing Acunetix Pro Classification of vulnerability Vulnerability scoring systems Scanning for vulnerabilities in Nmap scan report Vulnerability assessment lifecycle Vulnerability assessment using ZAP Vulnerability assessment solutions Scanning for vulnerability in Nmap scans result (MSF, Exploit DB, Armitage) |
| How to Be an Anonymous Hacker? | Understanding layers of Internet (Deep, Dark, Surface & Hidden Web) Anonymous Configuration in Linux Changing User Agent (Random User Agent Switcher) Accessing Dark Web (Tor Browser) Changing MAC Address (macchanger) Creating Dark Web Website (Tor Server) Auto Run Shell Script (macchanger) VPN & Proxy |
| System Hacking | Introduction to System Hacking System Hacking using URL Cracking Windows Passwords System hacking using open ports Creating Good Password Lists using Google Dork and Crunch URL Masking Windows & Linux privilege escalation System Hacking using NetCat Cracking Windows Password (Pwdump, ophcrack, lophcrack) |
| Malware Threats | Introduction to Malware Static Malware Analysis All About Malware Analysis Dynamic Malware Analysis Example of Malware Malware Analysis Tools Practical What is Trojan? Creating Payloads (MSF) What are Viruses and Worms? Types of Malware Analysis |
| Sniffing | What is Sniffing? MAC Spoofing & Flooding Active Scanning Techniques DHCP Flooding Types of Sniffing Setup DHCP Rouge (MITM Attack) Using Ethercap Protocols Vulnerable to Sniffing Sniffing with Wireshark |
| Social Engineering | Introduction to Social Engineering Computer based Social Engineering Types of Social Engineering Mobile based Social Engineering Human based Social Engineering Social Engineering Tools |
| DoS and DDoS Attacks | What is DoS Attack? Installing Burp Suite Pro What is DDoS Attack? DoS in Websites What is DRDoS Attack? DoS in Networking (hping3, MSF ) DoS attack using programs and commands (CPU and Memory Utilisations) |
| Session Hijacking | Introduction to Session Hijiacking Hijack session using Burp Suite Professional, Ettercap How to Perform Session Hijacking? Types of Session Hijacking |
| Hacking Web Servers & Web Apps | Introduction to web servers and web apps Web Application Concepts Web application hacking methodology Vulnerability Scanning using Acunetix Pro, Burp Suite |
| Hacking Wireless Networks | Introduction to wireless networks Hacking wireless networks Types of wireless encryption Hacking WEP (Wi-Fi) |
| Hacking Mobile Platforms | Mobile Platform Attack Vectors Using Keylogger App OWASP Top 10 Mobile Risks 2016 Android & IOS Security Scan (MVT, iMazing) Mobile Platform Vulnerability and Risks Installing Termux on Android Calls, SMS, Email Bombing on Android Installing Net Hunter Kali on Android |
| Cryptography | What is Cryptography? Types of Cryptography Difference Between Encoding, Hashing & Cryptography Cryptography tools |
| System Security | Introduction to firewall GUI Linux firewall configuration GUI Windows firewall configuration |
| Job Assistance and Career Counseling | How to optimize your LinkedIn profile? How to select a domain in Cyber Security? Preparing for job interviews Useful resources to keep upskilling |