
o Explain why networks and data are attacked.
o Outline features of examples of cyber security incidents.
o Explain the motivations of the threat actors behind specific security incidents.
o Explain the potential impact of network security attacks.
o Explain the mission of the Security Operations Center (SOC)
o Elements of a SOC
o People in the SOC
o Process in the SOC
o Technologies in the SOC: SIEM and SOAR
o Perform basic operations in the Linux shell.
o Explain why Linux skills are essential for network security monitoring and investigation.
o Use the Linux shell to manipulate text files.
o Explain how client-server networks function.
o Perform basic Linux administration tasks.
o Explain how a Linux administrator locates and manipulates security log files.
o Manage the Linux file system and permissions.
o Perform basic security-related tasks on a Linux host.
o Explain the basic components of the Linux GUI.
o Use tools to detect malware on a Linux host.
o Perform basic operations in the Linux shell.
o Explain why Linux skills are essential for network security monitoring and investigation.
o Use the Linux shell to manipulate text files.
o Explain how client-server networks function.
o Perform basic Linux administration tasks.
o Explain how a Linux administrator locates and manipulates security log files.
o Manage the Linux file system and permissions.
o Perform basic security-related tasks on a Linux host.
o Explain the basic components of the Linux GUI.
o Use tools to detect malware on a Linux host.
Explain the basic operation of data networked communications.
Explain how protocols enable network operations.
Explain how data encapsulation allows data to be transported across the network.
Explain how Ethernet supports network communication.
Explain how the IPv4 protocol supports network communications.
Explain how IP addresses enable network communication.
Explain the types of IPv4 addresses that enable network communication.
Explain how the default gateway enables network communication.
Explain how the IPv6 protocol supports network communications.
Explain how ICMP is used to test network connectivity.
Use Windows tools, ping, and traceroute to verify network connectivity.
Compare the roles of the MAC address and the IP address.
Analyze ARP by examining Ethernet frames.
Explain how ARP requests impact network and host performance as well as potential security risks.
Explain how transport layer protocols support network communication.
Explain how the transport layer establishes communication sessions.
Explain how the transport layer establishes reliable communications.
Explain how DHCP services enable network functionality.
Explain how DNS services enable network functionality.
Explain how NAT services enable network functionality.
Explain how file transfer services enable network functionality.
Explain how email services enable network functionality.
Explain how HTTP services enable network functionality.
Explain how DHCP services enable network functionality.
Explain how DNS services enable network functionality.
Explain how NAT services enable network functionality.
Explain how file transfer services enable network functionality.
Explain how email services enable network functionality.
Explain how HTTP services enable network functionality.
Explain how network devices enable network communication.
Explain how wireless devices enable network communication.
Explain how network threats have evolved.
Describe the various types of attack tools used by Threat Actors.
Introduction to Hacking the Box
Describe types of malware Virus, Worm, and Trojan horse.
Other malware : Ransomware ,Scareware, Phishing, Rootkits, Spyware, and Adware.
Explain reconnaissance, access, and social engineering network attacks.
Password Attacks , Spoofing Attacks , Man-in-the-Middle Attack , Buffer Overflow Attack, and Social Engineering.
Explain Denial of Service (DoS and DDoS Attacks), buffer overflow, and evasion attacks.
Explain the IPv4 and IPv6 header structure.
Explain how IP vulnerabilities enable network attacks.
Explain how TCP and UDP vulnerabilities enable network attacks.
Explain IP service vulnerabilities
Explain how network application vulnerabilities enable network attacks
Explain the role of cryptography in ensuring the integrity and authenticity of data.
Explain how cryptographic approaches enhance data confidentiality.
Explain public key cryptography.
Explain how the public key infrastructure functions.
Explain how the use of cryptography affects cybersecurity operations.
Deploying Portable Virtual Lab using Virtual Box
Objective of this Lab is to Understanding Information Gathering, Network Discovery, Scanning, Detecting Scanning & Implementing Countermeasures
Foot printing / Network Discovery
Scanning
Enumeration
Shodan , whois , netcraft
NMAP
Dmitry
Objective of this Lab is to understand Sniffing, Man in the Middle Attack (MITM),ARP Cache Poisoning Suggesting & Implementing Countermeasures.
Zenmap (for Scanning purpose)
Ettercap (for ARP Cache Poisoning and Sniffing)
Objective of this Lab is to understand about types of Password Attacks, Hash Function, Password Hashes, Brute Force Attack ,Suggesting & Implementing Countermeasures .
John the Ripper
Objective of this Lab is to understand about IP Spoofing, Denial of Service (DoS),Suggesting & Implementing Countermeasures.
Performance Monitor
Hping3
DDos
Botnet
Objective of this Lab is to understand about MAC Spoofing, Process to change the MAC address by generating random MAC address and by giving specific MAC address.
Macchanger
Objective of this Lab is to understand about Steganography, Steghide tool and how to send text message embedded with image file.
Steghide
Objective of this Lab is to understand aboutE-mail Spoofing,Phishing,Phishing techniques and suggested countermeasures.
Objective of this Lab is to understand about steganography using ICMP Payload, Scapy tool used for steganography using ICMP payload
Objective of this Lab is to understand about Trojan, Backdoor and Viruses, Suggesting & Implementing Countermeasures
Prorat
Objective of this Module is to understand about common E-mail Protocols, E-mail Encryption, Digital Signature.
Objective of this Module is to understand about ,basic concepts of Firewall, basic techniques for Configuring Firewall, host-based firewall & their configuration.
Configuring Network Based Firewall (NGFW) as an Example FortiGate UTM
Fortinet is the pioneer of secure networking, delivering flawless convergence that can scale to any location: remote office, branch, campus, data center and cloud. FortiGate is the heart of FortiOS Everywhere, providing deep visibility and security in a variety of form factors, including container firewalls, virtual firewalls, and appliances.
In this lab, security of a web application would be analyzed. The burp Suite tool would be used to get the login credentials by using brute force attacks.
Burp Suite
Password cracking
Brute Force Attacks
In this lab, security of a web application would be analyzed by using command injection attacks. The unsecure web application would be secure coded to mitigate the command injection attacks.
In this lab, security of a web application would be analyzed by using CSRF attack. The unsecure web application would be secure coded to mitigate the CSRF attacks.
In this lab, security of a web application would be analyzed by using XSS (Reflected) attack. An 'attacker' can inject their own scripts into the web application and change the password using curl string in Kali Linux.
In this lab, security of a web application would be analyzed by using XSS (Store) attack. Allow an 'attacker' to inject malicious scripts into the database.
In this lab, security of a web application would be analyzed by using SQL injection. SQL injection allows unauthorized people to use SQL syntax to query the web server database backend; it is called injection because the SQL syntax is inserted into web application variables.
Vulnerability scanning
Penetration testing
Nessus
OpenVas GVM
ZAP
Metasploit framework
Msfconsole
In this lab, you will review logs that were gathered during the exploitation of a documented vulnerability to determine the compromised hosts and file.
Security Onion virtual machine
SIEM
SOC
Tools to be used : NMAP and SCAPY
Diving into Important Network Protocols (TCP, UDP, ICMP, ARP, etc)
Nmap –advanced.
Host Discovery
Tracing the Route
Port Scanning
Idle scan
OS and Service Fingerprinting
Learning Python essentials
Packet Crafting with scapy
Tools to be used : NMAP and SCAPY
Diving into Important Network Protocols (TCP, UDP, ICMP, ARP, etc)
Nmap –advanced.
Host Discovery
Tracing the Route
Port Scanning
Idle scan
OS and Service Fingerprinting
Learning Python essentials
Packet Crafting with scapy
Tools to be used : NMAP and SCAPY
Diving into Important Network Protocols (TCP, UDP, ICMP, ARP, etc)
Nmap –advanced.
Host Discovery
Tracing the Route
Port Scanning
Idle scan
OS and Service Fingerprinting
Learning Python essentials
Packet Crafting with scapy
CPU Instructions & Registers
Functions, High Level View
Stacks and Stack Frames
Memory Addressing
Managing Stack Frames
Functions, Low Level View
– Understanding the Process
– Call Types
– Assembly Language
– General Trace
– Code Optimizations
– Stack Reliability
Memory Corruption
CPU Instructions & Registers
Functions, High Level View
Stacks and Stack Frames
Memory Addressing
Managing Stack Frames
Functions, Low Level View
– Understanding the Process
– Call Types
– Assembly Language
– General Trace
– Code Optimizations
– Stack Reliability
Memory Corruption
Immunity Debugger
Debuggers , Popular Debuggers, Which to use?
Shellcode
Shellcode Basics
Shellcode Types ( bind TCP, Reverse TCP)
Useful Shellcode Tools
Memory Corruption Classes
Memory Corruption Exploits
Vulnerability Analysis
Stack Buffer Overflows
Identify Usable Characters
Identify Offsets
Fill in Memory Addresses
Identify Usable Space
Drop in Payload
Memory Corruption Classes
Memory Corruption Exploits
Vulnerability Analysis
Stack Buffer Overflows
Identify Usable Characters
Identify Offsets
Fill in Memory Addresses
Identify Usable Space
Drop in Payload
a quick road to bug hunting
Taking Advantages of Bugs
Exploits Language
Bug Hunting Formal Process
Common Techniques
Fuzzing
Fuzzing History
Fuzzing Methods
What data can be Fuzzed?
What does Fuzzed data consist of?
When to Fuzz?
Two Approaches
Determine Exploitability
Types of Fuzzers
Common Fuzzers
The Fuzzing Process
Protocol Fuzzing
SPIKE
JMP (or CALL)
POP RET
PUSH RET
JMP ret + offset
Blind Return
SEH
POPAD
Short Jumps
Conditional Jumps
Backward Jumps
Weird Relative Backward Jump
Visual Studio /GS Flag
Structured Exception Handling
SEH Frame Overwrite Attack
Visual Studio SafeSEH
SEH Case Study
SEH Based Exploitation
SEH Case Study
SEH Based Exploitation
Egg Hunting Conditions
How it works?
Egg Hunting Disassembly
Exploit Mitigation
Data Execution Prevention DEP
Return Oriented Programming ROP
Bypassing DEP
Return to lib ret2lib
Return Chaining
ASLR Address space layout randomization
Bypassing ASLR
Target #1 - Windows 7 (Exploitation)
1. Exploit the vulnerable service on this target.
2. Create as many tunnels (pivoting points) needed to reach and attack the Windows 2008 Server target.
Target #2 - Windows 2008 Server (This must be attacked using a TUNNEL created from Target #1)
3. Find a SQL Injection vulnerability, exploit it and change administrator’s password and dump the whole database. Also, find what is the MySQL root password? Tasks must be done using SQL injection ONLY,!
4. Show proof of a Cross Site Scripting (XSS) vulnerability and how could an attacker (tester) benefit from it (e.g. gain the cookies of a user).
5. Find a Remote Code Execution (RCE) vulnerability and use it to add user to the system.
NOTE: Do not use the user added to complete all tasks. Each goal must be achieved using the mentioned vulnerability.
6. Find any open shares on the system, and show proof how it could be used for exploitation (hint: psexec hint :need user).
7. Find any network service and try to figure out their users and passwords (Brute force). You can use the predefined list of usernames and passwords given.
8. Find a file upload vulnerability and use it to upload a PHP Shell. Show proof of what could be done using the phpshell (note: could be a meterpreter or a c99 shell as the one given).
9. Present a final report and a proper presentation of your achievements.
####################################################################
## ####
####################################################################
تغطي هذه الدورة أغلب المواضيع التي تغطيها الدورات العالمية التالية : (CCNA CYBER OPS , CEH, OSCP PEN-200, CHFI)
هذه الدورة تقدم بشرح باللغة العربية ومحتوى المادة باللغة الانجليزية , تتكون من 80% عملي و 20% نظري , ويتخلل الجزء العملي شرح تفصيلي يغطي الجزء النظري المتعلق بالعملي وتتكون من اكثر من 100 لاب عملي وكذلك المادة قابلة للتنزيل هي وجميع البرمجيات التي تحتاجها حيث تحتوي المادة على كثير من نسخ أنظمة التشغيل التي تحتوي على ثغرات امنية ليتم التطبيق مباشرة عليها.
تتعلم في هذه الدورة الأساسيات التي تحتاجها لتدخل الأمن السيبراني , ثم تتقدم الدورة تدريجيا الى أن تصبح محترفا في مجال الأمن السيبراني
تتعلم فيها المواضيع التالية :
- شبكات الحاسوب وأمن شبكات الحاسوب (Computer Networks and Computer Networks Security)
- أنظمة الحماية والجدار الناري (Firewall)
- الأمن السيبراني ومركز عمليات الأمن السيبراني (SoC and SIEM) (Cyber security and the Security Operations Center)
- نظام تشغيل لينوكس (Linux Operating System)
- التشفير (Cryptography and the Public Key Infrastructure)
- اختبار الاختراق باستخدام Kali Linux و Parrot و Python
(Penetration test using Kali Linux and Parrot , Python scripting for penetration testing)
- تحقيقات الأدلة الرقمية (Digital forensics)
- القرصنة الأخلاقية (Ethical hacking)
- Ethical hacking (Email Security, VPN, Firewall, Brute Force Attack in Web Application, Command Injection, Cross Site Request Forgery, SQL Injection, XSS)
- Ethical hacking ( Information Gathering , Sniffing, ARP Cache Poisoning , MITM, Brute Force, DoS ,DDoS, Spoofing, Steganography, Phishing, create malware)
-Bug hunting ( JMP ESP, fuzzing), Reverse shell and bind tcp , Msfvenom, Metasploit framework, PE how to create crack and inject malware inside it.
- Capture The Flag ( CTF)