What is CASE.Net Course
The .Net framework has increased in popularity because of its open source nature, interoperability, language independence, library of codes and ease of deployment. It has become the preferred choice of application developers. However, there are not many training programs that address secure application development.
While .Net developers often learn security on the job, primarily because the basic education of programming does not usually cover or emphasize security concerns, the CASE program trains these developers to place importance on security.
Outline for this course
Module 01: Introduction to Ethical Hacking
Key topics covered: Elements of Information Security, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Hacker Classes, Ethical Hacking, Information Assurance (IA), Risk Management, Incident Management, PCI DSS, HIPPA, SOX, GDPR
Module 02: Foot Printing and Reconnaissance
Key topics covered: Perform foot printing on the target network using search engines, web services, and social networking sites
Perform website, email, whois, DNS, and network foot printing on the target network
Module 03: Scanning Networks
Key topics covered: Perform host, port, service, and OS discovery on the target network.
Perform scanning on the target network beyond IDS and firewall
Module 04: Enumeration
Key topics covered: Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration
Module 05: Vulnerability Analysis
Perform vulnerability research using vulnerability scoring systems and databases.
Perform vulnerability assessment using various vulnerability assessment tools
Module 06: System Hacking
Perform Online active online attack to crack the system’s password.
Perform buffer overflow attack to gain access to a remote system.
Escalate privileges using privilege escalation tools
Escalate privileges in linux machine
Hide data using steganography.
Clear Windows and Linux machine logs using various utilities
Hiding artifacts in Windows and Linux machines
Module 07: Malware Threats
Key topics covered: Malware, Components of Malware, APT, Trojan, Types of Trojans, Exploit Kits, Virus, Virus Lifecycle, Types of Viruses, Ransomware, Computer Worms, Fileless Malware, Malware Analysis, Static Malware Analysis, Dynamic Malware Analysis, Virus Detection Methods, Trojan Analysis, Virus Analysis, Fileless Malware Analysis, Anti-Trojan Software, Antivirus Software, Fileless Malware Detection Tools
Module 08: Sniffing
Key topics covered: Network Sniffing, Wiretapping, MAC Flooding, DHCP Starvation Attack, ARP Spoofing Attack, ARP Poisoning, ARP Poisoning Tools, MAC Spoofing, STP Attack, DNS Poisoning, DNS Poisoning Tools, Sniffing Tools, Sniffer Detection Techniques, Promiscuous Detection Tools
Module 09: Social Engineering
Key topics covered: Social Engineering, Types of Social Engineering, Phishing, Phishing Tools, Insider Threats/Insider Attacks, Identity Theft
Module 10: Denial-of-Service
Key topics covered: DoS Attack, DDoS Attack, Botnets, DoS/DDoS Attack Techniques, DoS/DDoS Attack Tools, DoS/DDoS Attack Detection Techniques, DoS/DDoS Protection Tools
Module 11: Session Hijacking
Key topics covered: Session Hijacking, Types of Session Hijacking, Spoofing, Application-Level Session Hijacking, Man-in-the-Browser Attack, Client-side Attacks, Session Replay Attacks, Session Fixation Attack, CRIME Attack, Network Level Session Hijacking, TCP/IP Hijacking, Session Hijacking Tools, Session Hijacking Detection Methods, Session Hijacking Prevention Tools
Module 12: Evading IDS, Firewalls, and Honeypots
Key topics covered: Bypass Windows Firewall,
Bypass firewall rules using tunneling,
Module 13: Hacking Web Servers
Key topics covered: Web Server Operations, Web Server Attacks, DNS Server Hijacking, Website Defacement, Web Cache Poisoning Attack, Web Server Attack Methodology, Web Server Attack Tools, Web Server Security Tools, Patch Management, Patch Management Tools
Module 14: Hacking Web Applications
Key topics covered: Web Application Architecture, Web Application Threats, OWASP Top 10 Application Security Risks – 2021, Web Application Hacking Methodology, Web API, Webhooks, and Web Shell, Web API Hacking Methodology, Web Application Security
Module 15: SQL Injection
Key topics covered: SQL Injection, Types of SQL injection, Blind SQL Injection, SQL Injection Methodology, SQL Injection Tools, Signature Evasion Techniques, SQL Injection Detection Tools
Module 16: Hacking Wireless Networks
Key topics covered: Wireless Terminology, Wireless Networks, Wireless Encryption, Wireless Threats, Wireless Hacking Methodology, Wi-Fi Encryption Cracking, WEP/WPA/WPA2 Cracking Tools, Bluetooth Hacking, Bluetooth Threats, Wi-Fi Security Auditing Tools, Bluetooth Security Tools
Module 17: Hacking Mobile Platforms
Key topics covered:Mobile Platform Attack Vectors, OWASP Top 10 Mobile Risks, App Sandboxing, SMS Phishing Attack (SMiShing), Android Rooting, Hacking Android Devices, Android Security Tools, Jailbreaking iOS, Hacking iOS Devices, iOS Device Security Tools, Mobile Device Management (MDM), OWASP Top 10 Mobile Controls, Mobile Security Tools.
Module 18: IoT and OT Hacking
Key topics covered: IoT Architecture, IoT Communication Models, OWASP Top 10 IoT Threats, IoT Vulnerabilities, IoT Hacking Methodology, IoT Hacking Tools, IoT Security Tools, IT/OT Convergence (IIOT), ICS/SCADA, OT Vulnerabilities, OT Attacks, OT Hacking Methodology, OT Hacking Tools, OT Security Tools
Module 19: Cloud Computing
Key topics covered: Cloud Computing, Types of Cloud Computing Services, Cloud Deployment Models, Fog and Edge Computing, Cloud Service Providers, Container, Docker, Kubernetes, Serverless Computing, OWASP Top 10 Cloud Security Risks, Container and Kubernetes Vulnerabilities, Cloud Attacks, Cloud Hacking, Cloud Network Security, Cloud Security Controls, Cloud Security Tools
Module 20: Cryptography
Key topics covered: Cryptography, Encryption Algorithms, MD5 and MD6 Hash Calculators, Cryptography Tools, Public Key Infrastructure (PKI), Email Encryption, Disk Encryption, Cryptanalysis, Cryptography Attacks, Key Stretching