
Devanshu Shukla shares personal journey from engineering to cybersecurity.
Experience with hacking groups, government projects, DRDO, defense labs, and building AI-based solutions.
Insights into real tenders and large-scale cybersecurity implementations
Discussion on cyber threats, risk registers, forensic analysis, incident response, disaster recovery planning.
National-level cybersecurity priorities and skills needed for finance, defense, utilities, and e-governance sectors.
Top skills in demand for cybersecurity analysts based on real job market research
Introduction to Central Bank of India and Union Bank of India tender requirements.
Scope of work: Application audit, OWASP checks, VAPT, Data Center (DC/DRC) audits, ATM security audits.
Explanation of real cyberattacks on banks (phishing, malware injections, fraudulent transactions).
Defining the first hands-on project: AI-enabled fraud detection & threat prevention system for Union Bank of India.
Five-step audit methodology:
Identify digital assets
Map data flow points
Define security zones
Evaluate network security controls
Maintain an information security register.
Homework: Install NMAP or ZenMap before next session
Recap of previous session and project (Union Bank of India Network Audit).
Understanding key stages of a bank network audit:
Identifying digital assets
Mapping data flow points
Defining security zones
Evaluating network security
Maintaining information security register
Real-world objective: Achieve zero blind spots in bank networks, minimize blast radius of attacks
Collecting data from:
Asset management tools
Active directories
Network inventories (routers, firewalls, IoT, ATM devices).
Tools to be used:
Nmap (network scanning)
Nessus (licensed vulnerability scanner)
Traceroute, Wireshark for flow mapping.
Setting up Intern Tracker account for live tasks and demonstrations
Deploying a simulated Union Bank infrastructure on AWS:
Virtual Private Cloud (VPC)
Internet Gateway and NAT Gateway
Public and private routing tables
Security groups and subnet segmentation.
Understanding role of the Bastion server.
Overview of 4 key servers:
Branch Server
Payment Gateway
ATM Controller
Database Server.
Live demonstration:
Using Nmap to scan networks and identify open ports.
Detecting services and their software versions.
Using SSH to access bastion server remotely.
Attempting communication with ports via Ncat.
Introduction to exploit databases for testing vulnerabilities
Creating an Information Security Register:
Asset identification (IP addresses, services).
Risks identified (e.g., plain-text FTP communication, outdated software).
Recommendations (secure FTP, network segmentation).
Packet capturing using TCP dump and Wireshark for analyzing data flows.
Case study: World Bank server breach caused by insider threat and poor security monitoring.
Real-world breach costing hundreds of crores.
Recap of Union Bank network audit.
Today's mission: Build AI-powered firewall.
Firewalls explained (software, hardware, next-gen).
Why traditional firewalls fail against modern attacks.
How AI-powered firewalls detect and stop new threats.
AWS cloud lab setup (5 bank servers + attacker machine).
Nmap scan: Finding open ports.
Hydra brute-force attack simulation.
Logs exposing firewall weaknesses in real-time.
Installing AI-powered defense system (Python, ML libraries).
Writing anomaly detection rules with Isolation Forest.
Auto-blocking malicious IPs in real-time.
Writing brute force & SQL injection threat signatures.
Static vs adaptive AI signatures.
Industry relevance (₹80–100 Cr firewall tenders).
How email fraud works in banking: spoofing, phishing, malware attachments, and social engineering.
Training AI models using real transaction logs, phishing emails, and spam patterns for anomaly detection.
Live demo of setting up a MailHog email server and simulating a fraud attack on Union Bank’s mail system.
Building an AI-powered spam filter in Python to block phishing and malicious emails in real time.
Real-world tender breakdown: ₹6.8 lakh project for cloud email security and how this lesson aligns with it.
Career & business transformation: roles in SOC, DevSecOps, cloud security, and launching email security services.
Step-by-step setup of MailHog to simulate a cloud-based email server in a controlled lab environment.
Launching a live email attack: Using an external attacker to send phishing emails to the bank’s mail server.
Analyzing server behavior with and without AI-based detection: what changes when defense is intelligent.
Bypassing traditional defenses using tools like Hydra and Burp Suite to test login pages and brute-force attacks.
Detecting threats in real-time using an Isolation Forest-based AI model for behavioral anomaly detection.
Blocking malicious IPs automatically using Python scripting – turning raw logs into real-time protection.
Step-by-step SIEM deployment for centralized log collection and security event monitoring.
Designing a SOC dashboard to track live security incidents, threat patterns, and KPIs.
Configuring real-time alerts for brute force attacks, phishing attempts, and policy violations.
Analyzing and correlating security events across multiple data sources for rapid incident detection.
Coordinating with stakeholders to share incident reports, escalation procedures, and compliance updates.
Optimizing SOC performance by tuning alert rules, reducing false positives, and improving response times.
Cross-country hacking demo—attacker in the US, victim in Germany.
Using ncat to gain shell access and run commands like launching apps or browsing data.
Exploiting the victim’s file system to manipulate files and directories.
Evading detection by running exploits in sandboxed environments.
Real-world scenarios of exploiting images or PDFs to gain system access.
Strategies for quick mitigation once a breach is detected.
Exploiting memory stack vulnerabilities via integer overflow in WhatsApp.
Creating a malicious GIF that delivers a reverse shell to the attacker.
Real-time attack demonstration between a US cloud server and an Android phone.
Executing phone commands remotely, including dialing numbers and modifying files.
Understanding the risks to unrooted Android devices through media-based exploits.
Security awareness tips for detecting and mitigating mobile device breaches.
Simulating a cyber breach to replicate real-world attack scenarios in a controlled environment.
Capturing forensic logs from endpoints, servers, and network devices for evidence preservation.
Root Cause Analysis (RCA) to identify the exact entry point and attack vector used by the intruder.
Forensic analysis techniques using Linux tools and log parsing to reconstruct attacker activity.
Correlating data across multiple sources to create a complete incident timeline and evidence chain.
Reporting and mitigation planning to prevent recurrence and strengthen future defenses.
Cyber-Incident SOP Development – Step-by-step creation of branch & data center-specific disaster recovery protocols.
Tactical Security Operations – Coordinating with security teams for rapid containment during incidents.
Network & Infrastructure Recovery – Restoring critical systems while minimizing downtime and data loss.
Role-Based Response Plans – Assigning clear responsibilities for IT, security, and business continuity teams.
Stakeholder Communication Framework – Keeping management, clients, and regulators informed in real-time.
Post-Recovery Analysis – Evaluating response effectiveness and updating SOPs for continuous improvement.
Secure Your Phone Like a Pro – Apply 35+ CIS Benchmark settings trusted by governments & Fortune 500 companies.
Live Android Security Audit – Watch step-by-step as we find & fix hidden vulnerabilities in real time.
Protect Against Hackers & Malware – Detect spyware, harmful apps, and block unauthorized access instantly.
Enable Critical Safety Features – Use Find My Device, theft detection, SIM lock, and remote wipe to safeguard data.
Shut Down Data Leaks – Disable risky defaults, control app permissions, and stop advertisers from tracking you.
Hands-On Practice – Download the CIS checklist & apply settings directly on your own device.
Learn the first principles of audit assistance — Evidence → Validation → Reporting — the foundation of professional IT audits.
Discover how to transform raw, inconsistent logs into structured dashboards that reveal hidden security patterns.
Use Voyant Tools to visualize logs through word maps, term frequency, correlations, and contextual insights.
Apply Python, Pandas, Matplotlib, and WordCloud to automate log structuring and analysis.
Integrate AI & Machine Learning (Neural Networks + Agglomerative Clustering) to detect unresolved bugs with up to 95% accuracy.
Generate developer-ready bug reports (CSV) and hand them over seamlessly via GitHub for real-world resolution.
Understand why Cyber Asset Mapping is the foundation of every security audit and penetration test.
Learn to observe, identify, classify, and link digital assets across complex infrastructures.
Master the 9 essential asset fields: Identity, Location, Function, Data, Exposure, State, Owner, Dependencies, and Controls.
Perform real-world reconnaissance using AWS, Nmap, Curl, Dig, and JQ in a simulated Urban Development & Housing Department environment.
Build and maintain a Cyber Asset Register to systematically capture vulnerabilities and dependencies.
Gain skills in network security and analytical thinking that directly apply to enterprise, government, and cloud security audits.
9-Field Asset Mapping Framework: Learn to classify every digital asset by identity, location, function, data, exposure, state, ownership, dependencies, and controls.
Hands-On AWS Reconnaissance: Use AWS CLI, Nmap, and real-time commands to discover servers, APIs, databases, and IoT devices inside a cloud environment.
Data Sensitivity & Compliance: Check for PII data, encryption status, and compliance with India’s DPDP Act (and global laws like GDPR/HIPAA).
Exposure & Security Gaps: Identify internet-facing assets, open ports, and weak authentication methods that hackers exploit.
Audit Quotation Process: See how asset mapping directly translates into a ₹25+ Lakh enterprise security audit proposal.
IoT Camera Pen Test Demo: Experience a real-world RTSP camera audit where live feeds are accessed and analyzed programmatically.
Understand the #1 cybersecurity skill employers demand and why network security is at the core of every security role.
Break down the TCP/IP model step by step — from physical connections to applications, ports, IPs, and MAC addresses.
Set up your own AWS Kali Linux lab to practice penetration testing safely in a cloud environment.
Use Nmap like a professional to scan, discover open ports, and fingerprint services running on remote systems.
Run a live demo with NCAT and browsers to see how real client-server communication and HTTP requests work.
Think like both attacker and defender — spotting vulnerabilities while also learning how firewalls and AI security tools detect scans.
In this hands-on lesson, you’ll uncover how real-world hackers break into systems and how cybersecurity experts defend against them. Step inside the attacker’s mindset with live demos:
Master Nmap Scanning: Discover how to reveal hidden open ports — and why default scans fail.
Break Through Firewalls: Understand how firewall rules protect (or expose) critical services.
Netcat in Action: See how attackers establish direct client–server communication without apps.
Browser vs Postman vs Raw Packets: Learn how different tools “speak” to servers in unique ways.
Vulnerability Scanners (ZAP, Burp, Nessus): Explore professional-grade tools to uncover weaknesses.
Apache Exploitation Basics: Identify server versions and why version leaks = hacker’s goldmine.
Reverse Shell Secrets: Experience the moment an attacker hijacks a server and gains control.
Website Defacement Demo: Watch how a single vulnerability can transform a live website in seconds.
By the end of this lesson, you’ll:
Think like an attacker, act like a defender.
Understand how real exploits unfold step-by-step.
Gain skills you can directly apply in penetration testing, bug bounty, and system hardening.
This is not “textbook theory.” This is the real workflow ethical hackers use daily — distilled into one powerful, action-packed lesson.
Understand Remote Software & Ports → Learn how applications like Apache (port 80) & SSH (port 22) run, and how attackers detect them using Nmap scanning.
Hands-On Attack Simulation → Watch a live demonstration of scanning, connecting with Netcat, and identifying unknown services running on custom ports.
Build & Run a Network Program → Create a simple login software in C, deploy it on a server, and simulate real-world authentication failures.
Step Into the Hacker’s Mindset → Use OllyDbg debugger to pause execution, set breakpoints, and trace memory instructions to uncover hidden credentials.
Extract Hidden Passwords → See exactly how attackers reveal hardcoded secrets from a compiled EXE file.
Think Like a Defender → Transform your perspective to build secure software, prevent brute force & debugging attacks, and apply ethical hacking skills in real scenarios.
The Cyber Security Course by Hackveda is a focused training program designed to equip students and professionals with in-demand skills in digital risk management and cyber threat defense.
Built on real industry and government sector needs, this course prepares learners to secure networks, configure firewalls, and use SIEM tools for proactive threat monitoring. Participants will develop core competencies in risk register management, root cause analysis, and threat pattern detection to prevent and investigate cybersecurity incidents.
The program also covers security operations, incident response, forensic analysis, disaster recovery planning, and spam/email threat protection. Designed for students, professionals, and public sector employees, the course emphasizes both technical and analytical capabilities required in Security Operations Centers (SOCs), audits, and compliance frameworks.
Delivered by Hackveda, the curriculum aligns with national priorities and is ideal for those aiming to support cybersecurity efforts across finance, defense, utilities, and e-governance sectors.
Firewalls: Monitors and blocks unauthorized access to networks and systems.
Security Assessments: Evaluates infrastructure to identify vulnerabilities and risks.
Security Awareness Training: Educates users on safe online practices and phishing threats.
Root Cause Analysis: Discovers the original source of security incidents.
Risk Analysis: Assesses threats and potential impact on information assets.
Log Reviews: Examines log files to detect anomalies and security breaches.
Forensic Analysis: Investigates digital crimes to collect and preserve evidence.
Stakeholder Coordination: Aligns security efforts with cross-functional teams and management.
Audit Assistance: Prepares and supports internal and external security audits.
Advanced Analytics Tools: Detects threats using behavioral analytics and data science.
Emerging Threat Patterns: Identifies new attack techniques and evolving cyber risks.
Compliance: Ensures that security practices meet industry and legal standards.
Incident Response: Manages and mitigates cybersecurity incidents effectively.
Network Protocols: Understands how data moves securely across networks.
Vulnerability Assessment: Scans and evaluates weaknesses across systems.
Communication Skills: Conveys technical security findings to technical/non-technical audiences.
Problem-Solving Skills: Resolves security challenges under pressure.
Threat Hunting: Proactively searches for undetected threats in systems.
Digital Evidence: Collects and stores data related to security incidents.
Digital Forensics: Applies investigative techniques to recover digital evidence.
SAP HANA Security: Secures enterprise applications running on SAP HANA platform.
Vulnerability Management: Tracks and mitigates security flaws systematically.
Cybersecurity Awareness: Promotes secure behavior and vigilance among employees.
Security Audits: Checks systems against compliance and security standards.
Security Technologies: Includes antivirus, IDS, firewalls, and endpoint protection tools.
CISSP: Certified Information Systems Security Professional credential.
Penetration Testing: Simulates attacks to test system defenses and response.
Risk Management: Prioritizes risks and implements mitigation strategies.
Vulnerability Remediation: Applies fixes and patches to close security gaps.
Security Standards: Follows industry norms like ISO 27001, NIST, OWASP, etc.