Truephers Certified Penetration Tester Full Course Certification

This is a 6 months course (3 months training + 3 months of project work if require) in Ethical Hacking and Penetration Testing at Chandigarh, Mohali, Panchkula. It includes syllabus and certifications covered in both the courses with some advanced topics that are also inclusive. The main agenda of this training program is to prepare a student who owns no or some basics knowledge, a Cyber Security Professional, and to make him/her ready to enter into the professional world of Cyber Security and Penetration Testing. We at Truephers Chandigarh focuses more on practicals because this field demands more practical knowledge instead of just having theoretical knowledge. At our labs, students will not only learn theoretical knowledge but will also do practicals on the dedicated virtual labs containing hacking machines, Linux, Windows servers, and client machines. With all these students will get a real-world like learning environment through which he/she can learn and expand his/her ideas. Truephers provide full working day lab access to the dedicated and desired students. Truephers provides hands-on practice with dummy websites and virtual machines at industry standards.


Course Content

120 hours (3 months) of Industrial Training’s Course Content

Each module contains subtopics in it, expand to see.

Basics of Networking

  • Introduction to Internet Protocol
  • IP Addresses
  • IP Address Spoofing (Changing IP Address)
  • Proxies
  • Tor Browser, Web proxies, Manual proxies, VPN
  • Ports (Logical ports)
  • TCP/UDP 
  • 3-way TCP handshake
  • DNS
  • DHCP
  • SMTP, POP3, IMPS
  • HTTP, HTTPS, SSL, TLS
  • MAC Address (Hardware Address)
  • MAC Address Spoofing
  • Hubs and Switches

Digital Forensics

  • Introduction to Data Forensics
  • Data recovering
  • Permanent Data deletion
  • Windows Forensics
  • Events and Logs views
  • USB and Browser Forensics

Cryptography and Steganography

  • Disk Encryption
  • Image Steganography
  • Audio/ Video Steganography

Virtual Machines (VMWare, Virtual Box, KVM)

  • Introduction to Virtual Machines.
  • Installation of Virtual Box, VMWare, KVM’s
  • Configuration of Virtual Machines in details
  • Networking in Virtual Machines
  • Importing/ Exporting Virtual Machines
  • Cloning Virtual Machines

Basics of Linux Administration

  • Introduction to UNIX/ LINUX
  • Downloading and Installing Linux
  • File Structure
  • Basics Commands

Kali Linux

  • Introduction to Kali Linux
  • Installing Kali Linux
  • File Structure
  • Installing and Configuring SSH, FTP, TFTP, Apache, Tomcat, Postgresql, Python, and other important services and daemons in Kali Linux
  • Installing and Configuring Kali Pen testing Tools
  • Bash Scripting
  • Essential Tools – Netcat, Ncat, SOCAT, Wireshark, tcpdump

Viruses, Worms, Trojans, Binder’s and Crypter’s

  • Virus creation
  • Trojan creation
  • NetBus
  • Poison ivy, Cybergate RAT
  • Binder’s
  • Crypter’s

DOS Attacks

  • SMURF DOS
  • Ping of Death DOS
  • ICMP Flood
  • SYN Flood
  • Slow Loris
  • DDOS
  • Case Scenarios

Google Hacking Database

  • Using Google Dorks
  • Finding files, pages for particular Website
  • Finding Open Cameras
  • Finding Routers
  • Exploit-DB GHDB
  • SHODAN (Search Engine for IoT)

Password Attacks

  • Windows/ Linux password hashing
  • Windows SAM Database
  • Linux passwd/ shadow files
  • Windows Password Cracking
  • Linux Password Cracking
  • Brute-forcing
  • Rainbow tables
  • Ophcrack
  • Cain and Able
  • bkhive, samdump2
  • Password Hashing and Encryption
  • Password profiling with CUPP
  • Password generator tools
  • Hydra
  • Hashcat
  • John The Ripper
  • HTTP – FTP – Telnet – RDP – RAR – ZIP – MD5 – SHA – LM/ NTLM password hashes and cracking with different tools and techniques

Active Information Gathering/ Enumeration

  • Active Information Gathering
  • OS Fingerprinting
  • Port Scanning
  • Banner Grabbing.
  • Different Port Scanning tools and types.
  • Port Scanning with Nmap
  • Nmap Scripting Engine
  • Netcat/ Zenmap
  • Domain Name WHOIS lookup
  • Reverse hostname lookup
  • SMB Enumeration
  • SMTP Enumeration
  • SNMP Enumeration

Passive Information Gathering/ Enumeration

  • Passive Information Gathering
  • Google Hacking Database
  • Google Dorks
  • Online Email Finder
  • Online Active ports scanners 
  • Reverse hostname lookup
  • Netcraft
  • DNS Zones
  • Zone transfer
  • Wayback Machine
  • Uptime Monitoring
  • Online Domain tools

Sniffing and Security

  • Wired Sniffing and Wireless Sniffing
  • ARP Poisoning
  • Wireshark
  • Cain and Able
  • SSL-strip

ATM Hacking

  • ATM Hacking and Techniques
  • Card cloning
  • Skimmers
  • Online Frauds

Wireless Hacking and Security

  • Wireless USB adapters
  • Monitor mode and Promiscuous mode
  • WEP Encryption
  • WEP Password Cracking
  • WPA/ WPA2 Password Cracking
  • WPS Cracking
  • Configuring and Finding Hidden SSID’s 
  • Beating Black-list/ White-list MAC filtering
  • Using other tools

Vulnerability Assessment, Scanning

  • Vulnerability Scanners
  • Configuring and Installing Vulnerability Scanners
  • Nessus
  • Nexpose
  • OpenVAS
  • Web Vulnerability Scanners
  • Acunetix Vulnerability Scanner
  • Nikto
  • Dirbuster

Web Application Penetration Testing

  • Configuring Vulnerable Web Application for Learning and Testing
  • Burp-Suite
  • OWASP ZAP
  • Nikto
  • Dirbuster Dirb
  • SQLmap
  • Cross-Site Scripting XSS 
  • SQL Injection
  • RFI/ LFI
  • Insecure Sensitive files (password, backup files)
  • OS Command Injections
  • Insecure File Uploads
  • And their Mitigations

Client-Side Attacks

  • Browser-based client-side attacks
  • Java signed applet attacks
  • SMB based client-side
  • PDF, Excels, Word documents based client-side attacks
  • Responder

Buffer Overflow Exploitation

  • Fuzzing
  • Debugger
  • DEP ASLR
  • Crashing
  • Registers
  • Controlling EIP
  • Bad Characters
  • Space for Shellcodes
  • Finding Return address
  • Generating a shellcode with msfvenom
  • Getting Shell on the box

Metasploit Framework

  • Installing or updating
  • User Interfaces
  • Exploring Auxiliary module
  • Exploring Exploit module
  • Metasploit Payload module
  • Searchsploit Exploit-DB
  • Staged vs. Non-staged payloads
  • Meterpreter 

Web Shells | MsfVenom | Malware frameworks

  • Web Shells
  • Uploading and Executing different types of web shells
  • ASP, PHP, Java, Cold-fusion, Perl Web Shells
  • Payload Generators
  • MSFVenom

Port Redirection and Tunneling

  • Port forwarding and redirections
  • SSH tunneling
  • Local port, Remote Port and Dynamic port forwarding
  • HTTP Tunneling benefits
  • Proxychains (Chaining multiple proxies)
  • Metasploit port forwarding
  • Plink
  • Other proxy tools

Privilege Escalation

  • Linux and Windows Privilege Escalation
  • Vertical Privilege Escalation
  • Horizontal Privilege Escalation
  • Misconfigured File permissions
  • Kernel Exploits
  • Automated scripts to privilege escalation

System Hardening

  • Securing Windows 
  • Windows Password profiling
  • Updating and Patching Windows
  • Files Permissions
  • User Access Control
  • Linux Server Hardening
  • Securing sensitive and configuration files
  • Updating and Patching system and services
  • Configuring Secure CMS

IDS | IPS

  • Intrusion Detection Systems
  • Firewalls
  • Intrusion Prevention System
  • WIPS, WIDS
  • Snort

Android Hacking

  • Understanding Android OS
  • Rooting Android
  • Installing the Xposed Framework
  • Installing Hacking tools
  • Creating malicious APK with msfvenom
  • APK binding and signing.
  • Hacking Android with Metasploit
  • Hacking Android with other tools

Report Generation

  • Sample Reports
  • Report generation tools
  • Maintaining Important links and texts in report generation

Miscellanies

  • Making Bootable Pen-drive
  • GNS3
  • USB Password Sniffing APK


STEP 1

LEARN

Learn from the tiny bits of Ethical Hacking to the advanced level of Penetration Testing from our certified trainer’s instructor-led training program.

STEP 2

TAKE PRACTICAL EXAM

We will evaluate your hacking skills with an online practical exam. Fix a date for your online practical exam. Take 12 hours online practical exam.

STEP 3

GET CERTIFIED

After completing the online practical exam you will be rewarded with a TRUEPHERS Certified Penetration Tester certificate.


Why Truephers’ Training

Government Registered Organization
Trainers are Certified Ethical Hackers
Online Practical Exam for Certification
Best Ethical Hacking Institute in Chandigarh, Mohali
Core Ethical Hacking, Nothing else
100% Job Assistance and Interview Scheduling
Lowest Fees but Unlimited Learning
Guaranteed Lowest Fees than others

Five Star Rating on Google
ISO 9001:2015 Certified Training Center
Full Satisfaction of Students Guaranteed
Any Time Online Doubt Clearance
Tailored made InfoSec Courses provided
Free Personality Development Training Session
No time limit for Practicing | Full-day Lab Access
Group Discounts | Learn with your Friends and Colleges

Trainers are Certified Ethical Hackers

All our trainers are experts in their niche. Learn from the Certified Ethical Hackers have vast Industry and teaching experience.

Highly Rated on Google

As we focus on quality and not the quantity of work and training that we provide. Our customers and students have been rated as a 5 Star Cyber Security Company on the most trusted platform of Google.


Goodies Takeaway

Certificate

Students who clear the Exam with at least 70% marks get the certification + Goodies. If fails, he gets 3 chances to retake the Exam.

Tool-kit

Students who enroll for this course get the latest version of free, trial, and community editions of tools, used during the training.

E-Books

Students who enroll for this course get the latest version of Truephers E-book + other free e-books used during the training.

Full Job Assistance

Every Student Who clears the Exam gets full Job Assistance till he gets his first job.


Our Students’ Reviews

[grw id=”2534″]


Frequently asked Questions

Who should join this course?

This course is not for everyone, this course requires a very high understanding of how computers work and their logic, a burning desire to be a hacker and to learn continuously. In Cyber Security, you should possess these things, a burning desire to be a hacker of all times, passions while learning and doing, reading habit, problem-solving rather than leaving, and always learning nature. If you possess these qualities then you are ready to go.

What this course teaches me?

This course does require some prerequisites, like a basic understanding of computers, you should be familiar with computers and its operating systems like Windows. In this course, you will learn all the basics things that are required to make a strong base to start to learn actual penetration testing and the advanced things to actually perform penetration tests. In this course, you will learn the basics of networking, Linux operating systems, virtualization, information gathering, vulnerability assessment, and exploitation. We will learn web app penetration testing, network & WiFi penetration testing, and basic stack/buffer overflow.

Can only this course get me a job?

The answer to this question is big no, just kidding. But many young aspirants enter into this field and they think, there are some techniques and tools that they should use to hack into any available machine on this planet, but this is wrong. Penetration Testing requires a very deep understanding, a lot of learning and research work with computers to reap the fruit of pawning systems and applications. The course we are providing is very much sufficient to provide you a job if only you dedicate yourself to it. We are guaranteed you to get a job in Cyber Security, but it all depends on your hard work, learning ability, and a burning desire.

Does learning Ethical Hacking or Penetration Testing requires coding skills?

The short answer is YES, you should require to learn at least one coding language like C, C++, or Python. It does not require to be an expert in coding, but at least an understanding of how to code basically is a must. There is a big reason behind it, that implements in all worldly work, it is if you don’t know how the thing works at the back then you don’t even know how to make, repair or HACK it. For example, if you know how to code basic PHP pages, then only you understand some web application bugs like RFI, LFI, PHP object injections, and SQL injections.

Does Cyber Security have a scope as a carrier?

Post COVID-19 would be a Cyber Security era. Everyone during COVID-19 is making their business to run online, this must require them to make their businesses and clients make and feel safe online. There is a huge scope in Cyber Security as we can see that online hacking, online frauds, and online security awareness demands a lot of manpower. The more and new cyber risks are evolving daily, a lot of new attack vectors and malware or ransomware attacks are increasing daily. The more business went online, the more manpower it will require to comply with cyberattacks also 80% of cyber attacks happened on small and medium-sized businesses.

I want to join, what would be the whole procedure?

Your complete journey with us would be like this. Simply register online with us by filling the online Google form and submitting the required documents at info [AT] truephers.com email id and submit the INR 1000/- as a registration amount through our online payment page. We will contact you by email or telephonically to announce the batch starting date and timings. The classes can be online or offline at the student’s choice. The classes will be led by certified ethical hackers only. The classes can be from Monday to Friday of up to 2 hours or from Saturday & Sunday of up to 5 hours each day. You will be provided with a highly detailed and specially crafted book for your full course to make you more comfortable during learning. There would be an online quiz after completing each module. After completing the full course you will be asked for an online exam date. The online practical examination is the real way to find your ability to hack. You can email for further questions on the online practical exam at info [AT] truephers.com. After the completion of the online exam, you will be rewarded with the Truephers Certified Penetration Tester exam certificate. Our relation with the student does not end here, we will provide full job assistance through our online portal and our online social media pages. The learning penetration testing and cybersecurity would be great fun for you as the teaching is for us.