Ethical Hacking Training, Uyo, Akwa Ibom State

Ethical Hacking Certification Training, Uyo, Akwa Ibom State.

---

Ethical Hacking — Hands-On, Simulation Labs & Project-Based Certification Course Outline

(Disclaimer:- All labs are performed in isolated virtual lab environments or authorized ranges. Ethical and legal rules strictly apply; no real-world targets are allowed.)

This course provides a comprehensive, hands-on journey through the world of ethical hacking, structured as a series of project-based labs. You’ll progress from foundational concepts to advanced techniques, with each module building on the last to simulate real-world scenarios.

---

 

Module 01: Introduction to Information Security & Ethical Hacking Fundamentals

 

• Project: Set up a robust hacking lab environment.
• Concepts:
  • Information Security Principles: Explore the CIA triad (Confidentiality, Integrity, Availability) and non-repudiation.
  • Ethical Hacking vs. Malicious Hacking: Understand the legal and ethical boundaries.
  • Key Security Controls: Learn about administrative, physical, and technical controls.
  • Hacking Methodologies: Introduce the phases of ethical hacking (reconnaissance, scanning, gaining access, maintaining access, covering tracks).
  • Legal Framework: Discuss relevant laws like the Computer Fraud and Abuse Act (CFAA) and data privacy regulations (e.g., GDPR).
• Lab: Install and configure VirtualBox or VMware Workstation. Install Kali Linux as the attacker machine and Metasploitable and OWASP Juice Shop as the vulnerable target machines. Configure the network to be isolated for safe practice.

---

 

Module 02: Footprinting & Reconnaissance: Information Gathering

 

• Project: Create a detailed threat intelligence report on a target organization using passive and active reconnaissance.
• Concepts:
  • Passive Reconnaissance: Techniques for gathering information without direct interaction, including WHOIS lookups, DNS queries, and OSINT (Open-Source Intelligence).
  • Active Reconnaissance: Engaging with the target network to gather data.
  • Tools: Use tools like Maltego for relationship mapping, Recon-ng for automating OSINT, theHarvester for email harvesting, and Shodan to find internet-connected devices.
• Lab: Use the aforementioned tools to collect information about a dummy company. For example, use theHarvester to find employee emails, Maltego to map their social media connections, and Shodan to find public-facing servers. Document findings in a report, including potential attack vectors.

---

 

Module 03: Network Scanning & Discovery

 

• Project: Map and analyze the services running on a target network, creating a visual network topology.
• Concepts:
  • Scanning Techniques: Learn about TCP, UDP, and SYN scanning. Understand the differences between them and when to use each.
  • Port Scanning: Discover open ports and services using Nmap.
  • Banner Grabbing: Extract information about the service and version running on a port.
  • Evasion: Learn how to bypass common firewalls and IDS with fragmented packets and decoy addresses.
• Lab: Use Nmap to perform a comprehensive scan of the Metasploitable machine. Use different scanning flags (-sS, -sV, -A). Use the Zenmap graphical interface to visualize the network and generate a report.

---

 

Module 04: Enumeration & Gaining a Foothold

 

• Project: Enumerate a target machine’s users and shares, identifying potential entry points and weak points in the service configuration.
• Concepts:
  • Service Enumeration: Detailed information gathering on specific services like SMB, FTP, and SMTP.
  • SNMP & BGP: Use SNMP (Simple Network Management Protocol) to map a network and BGP to understand routing infrastructure.
  • NFS Exploits: Understand how misconfigured Network File Sharing can be exploited.
• Tools: Utilize enum4linux to enumerate users on a Samba host, SNMPwalk to map network devices, and Nmap’s built-in enumeration scripts (-sC) to automate the process.
• Lab: Use enum4linux to list usernames on the target. Then, use Nmap’s SMB enumeration scripts to discover shared folders. Access a misconfigured NFS share and find a sensitive file.

---

 

Module 05: Vulnerability Analysis & Assessment

 

• Project: Conduct a full vulnerability scan and create a prioritized remediation plan based on risk.
• Concepts:
  • Vulnerability Management Lifecycle: Understand the steps from discovery to remediation.
  • Vulnerability Scanning Tools: Learn to use automated scanners like Nessus and OpenVAS.
  • False Positives/Negatives: Understand how to interpret scanner output and manually verify findings.
  • Risk Prioritization: Learn to rank vulnerabilities based on their severity (CVSS score) and potential impact.
• Lab: Run a comprehensive vulnerability scan against the Metasploitable machine using OpenVAS. Analyze the results, verify a critical vulnerability (e.g., a known service exploit), and create a detailed report that includes the vulnerability’s description, severity, and a step-by-step remediation plan.

---

 

Module 06: System Hacking & Post-Exploitation

 

• Project: Gain root access on a vulnerable system, establish persistence, and cover your tracks.
• Concepts:
  • Exploitation Frameworks: Use Metasploit to deliver exploits and manage sessions.
  • Password Attacks: Learn about dictionary attacks, brute-force, and rainbow table attacks with Hydra and John the Ripper.
  • Privilege Escalation: Techniques to move from a low-privilege user to a superuser or administrator.
  • Steganography: Hide data within other files and use tools like StegHide and OpenStego.
  • Covering Tracks: Clear logs and modify timestamps to avoid detection.
• Lab: Use Metasploit to exploit a vulnerability on the target and get a reverse shell. Use Linux Privilege Escalation Awesome Script to identify a path to root. After gaining root, use logrotate or other commands to clear the auth.log and history files.

---

 

Module 07: Malware Threats & Analysis

 

• Project: Analyze a sample of malware in a sandboxed environment and write a behavioral analysis report.
• Concepts:
  • Malware Types: Study Trojans, worms, viruses, ransomware, and spyware.
  • Fileless Malware & APTs: Understand sophisticated threats that operate in memory and advanced persistent threats.
  • Static vs. Dynamic Analysis: Learn how to examine malware code with tools like PE-Bear and strings and how to observe its behavior in a safe environment using Cuckoo Sandbox or Any.Run.
• Lab: Use a tool like Cuckoo Sandbox to detonate a benign malware sample (e.g., from a malware repository like VirusShare). Analyze its network traffic with Wireshark, file system changes, and process behavior. Document the findings, including C2 servers and network indicators of compromise.

---

 

Module 08: Packet Sniffing & Network Forensics

 

• Project: Intercept and analyze unencrypted network traffic to capture credentials and sensitive data.
• Concepts:
  • Packet Sniffing: Understand how network interfaces can be put into promiscuous mode to capture all traffic.
  • Man-in-the-Middle (MITM) Attacks: Learn techniques to intercept communication between two parties using ettercap.
  • Protocol Analysis: Use Wireshark to dissect network packets and identify plaintext data.
  • Countermeasures: Learn about encryption, network segmentation, and using secure protocols like HTTPS and SSH.
• Lab: Perform an ARP spoofing attack between two machines on the lab network using ettercap. Use Wireshark to capture unencrypted FTP or Telnet traffic and extract the login credentials.

---

 

Module 09: Social Engineering: The Human Element of Hacking

 

• Project: Design and execute a multi-stage phishing campaign simulation against a dummy target organization.
• Concepts:
  • Social Engineering Principles: Learn about psychological manipulation techniques like pretexting, tailgating, and quid pro quo.
  • Phishing & Spear Phishing: Differentiate between broad attacks and highly targeted ones.
  • Auditing Human Vulnerabilities: Understand how to identify and test for human weaknesses.
• Tools: Use the Social-Engineer Toolkit (SET) to create a convincing phishing page and a malicious payload. Use Gophish for a more realistic phishing campaign management experience.
• Lab: Use SET to clone a legitimate-looking login page (e.g., a dummy bank login). Set up a listener to capture credentials. Craft a compelling email using social engineering principles and send it to a dummy user. Track the user’s interaction and capture their credentials.

---

 

Module 10: Denial-of-Service (DoS) & Distributed DoS (DDoS)

 

• Project: Simulate a DoS attack to audit a server’s resilience and implement countermeasures.
• Concepts:
  • Attack Types: Understand different DoS attack methods, including SYN floods, UDP floods, and HTTP floods.
  • Botnets: Learn how large networks of compromised computers are used for DDoS attacks.
  • Tools: Use tools like hping3 to generate attack traffic and Slowloris for application-layer attacks.
  • Countermeasures: Implement rate-limiting, blacklisting, and use DDoS protection services.
• Lab: Use hping3 to perform a SYN flood attack on a vulnerable server. Monitor the server’s resource usage with top or htop. Then, configure firewall rules using iptables to mitigate the attack by dropping all SYN packets from a specific source IP.

---

 

Module 11: Session Hijacking

 

• Project: Hijack a live user session on a web application to bypass authentication and gain access.
• Concepts:
  • Session Management: Understand how web applications use session tokens to maintain state.
  • Session Hijacking vs. Session Fixation: Differentiate between stealing an existing session and forcing a user to use a predetermined one.
  • Attack Vectors: Learn about cross-site scripting (XSS) and other methods to steal session tokens.
  • Countermeasures: Implement secure cookie flags (HttpOnly, Secure), regenerate session IDs on login, and use strong cryptography.
• Lab: Find an XSS vulnerability on a web application. Exploit it with a malicious script to steal a user’s session cookie. Use a tool like a web browser’s cookie editor or Burp Suite to inject the stolen cookie and take over the user’s session.

---

 

Module 12: Evading IDS, Firewalls, & Honeypots

 

• Project: Configure network traffic to bypass a firewall and an intrusion detection system (IDS).
• Concepts:
  • Defense in Depth: Understand how firewalls, IDS, and honeypots work together.
  • Evasion Techniques: Learn about fragmentation, packet obfuscation, and using covert channels to hide malicious traffic.
  • Honeypots: Understand the purpose of a honeypot and how to identify and avoid them.
  • Tools: Use Nmap’s evasion flags (-f, -D) and fragroute to fragment packets and bypass network defenses.
• Lab: Set up a basic IDS (e.g., Snort) to detect a simple Nmap scan. Then, modify the Nmap scan with evasion techniques (e.g., nmap -sS -f <target_ip>) and observe whether the IDS can still detect the scan.

---

 

Module 13: Hacking Web Servers

 

• Project: Discover and exploit misconfigurations in a web server to gain access and execute commands.
• Concepts:
  • Web Server Architecture: Understand the relationship between the web server (e.g., Apache, Nginx) and the operating system.
  • Attack Methodologies: Learn about common web server vulnerabilities like directory traversal, information disclosure, and misconfigured permissions.
  • Tools: Use Nikto to scan for known vulnerabilities and dirb or Gobuster to brute-force directories and files.
• Lab: Use dirb to discover hidden directories on the target web server. Find a directory that is not configured with proper permissions and contains a sensitive configuration file. Use a directory traversal exploit (../../etc/passwd) to access the file.

---

 

Module 14: Hacking Web Applications

 

• Project: Conduct a full penetration test on a web application and generate a comprehensive report.
• Concepts:
  • OWASP Top 10: Study the most critical web application security risks.
  • Common Vulnerabilities: Learn about XSS, CSRF (Cross-Site Request Forgery), and command injection.
  • Web Proxies: Use a tool like Burp Suite to intercept, analyze, and modify web traffic.
  • Methodology: Follow a structured approach to testing web applications, from mapping the application to finding and exploiting vulnerabilities.
• Lab: Use Burp Suite to test the OWASP Juice Shop application. Find and exploit multiple vulnerabilities, such as reflected XSS, and CSRF. Create a detailed report with screenshots, proof of concept, and remediation steps.

---

 

Module 15: SQL Injection

 

• Project: Exploit a SQL injection vulnerability to extract a database’s entire contents, including user credentials.
• Concepts:
  • SQL Fundamentals: A brief review of SQL syntax.
  • SQL Injection Types: Learn about union-based, error-based, and blind SQL injection.
  • Exploitation Tools: Use automated tools like sqlmap to simplify the process.
  • Countermeasures: Learn about parameterized queries, prepared statements, and input sanitization.
• Lab: Find a login form that is vulnerable to SQL injection. First, use manual techniques to confirm the vulnerability (' OR '1'='1'). Then, use sqlmap to automate the process, discovering the database schema, tables, and columns, and then dumping the users’ table, including password hashes.

---

 

Module 16: Hacking Wireless Networks

 

• Project: Crack a WPA2 password and gain access to a wireless network.
• Concepts:
  • Wireless Protocols: Understand the differences between WEP, WPA, and WPA2.
  • Attack Methodologies: Learn how to de-authenticate clients to capture the WPA2 handshake.
  • Tools: Use Aircrack-ng suite (airmon-ng, airodump-ng, aireplay-ng, aircrack-ng) to capture and crack the handshake file.
  • Defense: Implement strong passphrases, disable WPS, and use enterprise authentication (WPA2-Enterprise).
• Lab: Set up a simulated wireless network. Use an external wireless adapter to capture the WPA2 handshake. Then, use aircrack-ng with a provided dictionary file to crack the password.

---

 

Module 17: Hacking Mobile Platforms

 

• Project: Analyze a mobile application for vulnerabilities and extract sensitive data from its local storage.
• Concepts:
  • Mobile OS Security: Understand the security models of Android and iOS.
  • Common Vulnerabilities: Learn about insecure data storage, weak authentication, and insecure communication.
  • Tools: Use Frida for dynamic analysis, MobSF for static analysis of Android APKs, and adb to interact with the device.
• Lab: Download a vulnerable Android application. Use MobSF to perform a static analysis, identifying hardcoded credentials or insecure API calls. Then, use adb to access the application’s local file storage and retrieve a sensitive file containing user data.

---

 

Module 18: IoT & OT Hacking

 

• Project: Find and exploit a vulnerability in a simulated IoT device.
• Concepts:
  • IoT & OT Security: Understand the unique challenges of securing smart devices and industrial control systems.
  • Attack Vectors: Learn about insecure APIs, default credentials, and unpatched firmware.
  • Shodan: Use Shodan, the “search engine for the Internet of Things,” to find vulnerable devices.
• Tools: Use Nmap’s scripts for IoT and OT protocols, and Metasploit to exploit known vulnerabilities.
• Lab: Use Shodan to find a publicly exposed, vulnerable IoT device simulator. Use Nmap to identify the running services. Try to exploit it using known vulnerabilities and default credentials.

---

 

Module 19: Cloud Computing Security

 

• Project: Exploit a misconfigured cloud resource to gain access and steal data.
• Concepts:
  • Cloud Models: Understand the differences between IaaS, PaaS, and SaaS.
  • Cloud Threats: Study common cloud threats like misconfigured S3 buckets, weak IAM roles, and insecure APIs.
  • Container Security: Learn how to secure Docker and Kubernetes containers.
  • Serverless Computing: Understand the security implications of serverless functions.
• Tools: Use Pacu for exploiting AWS vulnerabilities and CloudGoat for a vulnerable cloud environment.
• Lab: Use CloudGoat to set up a vulnerable AWS environment. Use Pacu to find and exploit a misconfigured IAM role that grants excessive permissions. Use this privilege escalation to access a restricted S3 bucket and exfiltrate the data.

---

 

Module 20: Cryptography & Attacks

 

• Project: Perform a cryptanalysis attack to decrypt an encrypted message and crack a password hash.
• Concepts:
  • Encryption Algorithms: Understand the difference between symmetric and asymmetric encryption (AES, RSA).
  • Public Key Infrastructure (PKI): Learn how digital certificates and trust are managed.
  • Cryptography Attacks: Study common attacks like brute-force, chosen-plaintext, and side-channel attacks.
  • Tools: Use tools like hashcat and John the Ripper to crack password hashes. Use CyberChef for various cryptographic operations and cryptanalysis.
• Lab: Use John the Ripper to crack a provided password hash. Then, use CyberChef to perform a brute-force attack on a simple Vigenère cipher and decrypt the message.

Course Notes & Requirements

– All labs are performed in isolated virtual lab environments or authorized ranges.

– Ethical and legal rules strictly apply; no real-world targets are allowed.

– Tools: Kali Linux, Metasploit, Nmap, Burp Suite, Nessus/OpenVAS, Wireshark, sqlmap, hashcat, John the Ripper, impacket, ScoutSuite, Pacu.

– Deliverables include lab reports, project documentation, and a final capstone report + presentation.

– Assessment combines knowledge quizzes, lab checklists, project grading, and final capstone evaluation.

 

Enroll for.

*Physical (Onsite) Classes at our Hub*:

Uyo Office:

Wedigraf Tech Hub,

Wedigraf Tech Hub, 69 Abak Road, by Udo Abasi Street, Uyo, Akwa Ibom State. (Landmark: Abak Road by Pepperoni).

*OR*

*Virtual (Online) Instructor-led Classes*.