GIAC Penetration Tester (GPEN)

The GPEN certification is for security personnel whose job duties involve assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.

Module 1 : Advanced Password Attacks

Module 2 : Attacking Password Hashes

Module 3 : Enumerating Users

Module 4 : Exploitation Fundamentals

Module 5 : Initial Target Scanning

Module 6 : Metasploit

Module 7 : Moving Files with Exploits

Module 8 : Password Attacks

Module 9 : Pen-testing Foundations

Module 10 : Pen-testing Process

Module 11 : Penetration Testing using Power Shell

Module 12 : Penetration Testing using the Windows Command Line

Module 13 : Reconnaissance

Module 14 : Scanning for Targets

Module 15 : Vulnerability Scanning

Module 16 : Web Application Attacks

Module 17 : Web Application Reconnaissance

4 Days

ISACA CISM Boot Camp

CISM certification Boot Camp from OSI Technology, aligned to ISACA, ensures you are re-equipped on the best practices in the industry and enables you to ace the exam in the first attempt. The certification helps you develop the expertise to manage, design, oversee and/or assess an enterprise’s information security.

Domain 1 : Information Security Governance & Strategy

Domain 2 : Information Risk Management & Compliance

Domain 3 : Information Security Program Development and Management

Domain 4 : Information Security Incident Management

4 Days

OSCP – Penetration Testing with Kali

Module 1 : Getting Comfortable with Kali Linux

Module 2 : The Essential Tools

Module 3 : Passive Information Gathering

Module 4 : Active Information Gathering

Module 5 : Vulnerability Scanning

Module 6 : Buffer Overflows

Module 7 : Win32 Buffer Overflow Exploitation

Module 8 : Linux Buffer Overflow Exploitation

Module 9 : Working with Exploits

Module 10 : File Transfer

Module 11 : Privilege Escalation

Module 12 : Client Side Attacks

Module 13 : Web Application Attacks

Module 14 : Password Attacks

Module 15 : Port Redirection and Tunneling

Module 16 : The Metasploit Framework

Module 17 : Bypassing Antivirus Software

Module 18 : Assembling the Pieces : Penetration Test Breakdown

4 Days

Mile2 – Certified Professional Ethical Hacking (CPEH)

Module 1 : Security Fundamentals

Module 2 : Access Controls

Module 3 : Protocols

Module 4 : Cryptography

Module 5 : Why Vulnerability Assessments

Module 6 : Vulnerability Tools of the Trade Overview

Module 7 : Output Analysis and Reports

Module 8 : Reconnaissance, Enumeration and Scanning

Module 9 : Gaining Access

Module 10 : Maintaining Access

Module 11 : Covering Tracks

Module 12 : Malware

Module 13 : Buffer Overflows

Module 14 : Password Cracking

4 Days

Mile2 – Certified Digital Forensic Examiner (CDFE)

Module 1 : Introduction

Module 2 : Computer Forensic Incidents

Module 3 : Investigation Process

Module 4 : OS Disk Storage Concepts

Module 5 : Digital Acquisition and Analysis

Module 6 : Forensic Examination Protocols

Module 7 : Digital Evidence Protocols

Module 8 : CFI Theory

Module 9 : Digital Evidence Presentation

Module 10 : Computer Forensics Lab Protocols

Module 11 : CF Processing Techniques

Module 12 : Digital Forensics Reporting

Module 13 : Specialized Artifact Recovery

Module 14 : eDiscovery and ESI

Module 15 : Cell Phone Forensics

Module 16 : USB Forensics

Module 17 : Incident Handling

4 Days

Mile2 – Certified Penetration Testing Consultant ( CPTC)

Module 1 : Pen Testing Team Formation 

Module 2 : NMAP Automation 

Module 3 : Exploitation Process 

Module 4 : Fuzzing with Spike 

Module 5 : Simple Buffer Overflow 

Module 6 : Stack Based Windows Buffer Overflow 

Module 7 : Web Application Security and Exploitation 

Module 8 : Linux Stack Smashing

Module 9 : Linux Address Space Layout Randomization

Module 10 : Windows Exploit Protection

Module 11 : Getting Around SEH and ASLR 

Module 12 : Penetration Testing Report Writing 

4 Days

Mile2 – Certified Penetration Testing Engineer 2018 ( CPTE)

Module 1 : Business and Technical Logistics of Penetration Testing

Module 2 : Linux Fundamentals

Module 3 : Information Gathering

Module 4 : Detecting Live System

Module 5 : Enumeration

Module 6 : Vulnerability Assessments

Module 7 : Malware Goes Undercover

Module 8 : Windows Hacking

Module 9 : Hacking UNIX/Linux

Module 10 : Advanced Exploitation Techniques

Module 11 : Pen Testing Wireless Networks

Module 12 : Networks, Sniffing, IDS

Module 13 : Injecting the Database

Module 14 : Attacking Web Technologies

Module 15 : Project Documentation

4 Days

IT Security Non- Certification 

Security Posture Assessment (SPA) Penetration Testing (High-Level)

Security Posture Assessment (SPA)will certify the successful candidate has the knowledge and skills required to:

  • Plan and scope an assessment
  • Understand legal and compliance requirements
  • Perform vulnerability scanning and penetration testing using appropriate tools and techniques
  • Analyze the results
  • Produce a written report containing proposed remediation techniques
  • Effectively communicate results to management
  • Provide practical recommendations

Module 1 : Planning and Scoping

Module 2 : Information Gathering and Vulnerability Identification

Module 3 : Attacks and Exploits

Module 4 : Penetration Testing Tools

Module 5 : Reporting and Communication

3 Days

Certified Information Security Awareness Manager (CISAM)

Certified Information Security Awareness Manager (CISAM) is a 2 days hands-on training and certification programme that provides the essential know-how, enabling information security professionals to develop and manage an effective security awareness programme for their organization.

Module 1 : Introduction

Module 2 : Designing an Awareness and Competence Programme

Module 3 : Developing Awareness and Competence Material

Module 4 : Implementing the Awareness and Competence Programme

Module 5 : Post-Implementation

Module 6 : Overcome Obstacles to Success

2 Days

Cybersecurity for Beginner- Silver Edition

Data breaches. Ransomware. State-of-the-art attacks, advanced persistent threat (APT) targeting big organization and small businesses alike. Rarely a day goes by without another reminder in the headlines that improving security should be a top priority.

Of course, there’s a big difference between knowing you should improve security and knowing how to get started.

Take your basic knowledge of cyber security to a whole new level with this exciting course that promises to be educational, informative and fun filled.

Module 1 : know Yourself – The Threat and Vulnerability Landscape

Module 2 : Know Your Enemy – The Current Threat and Vulnerability Landscape

Module 3 : Encryption Crash Course

Module 4 : Setting up a Testing Environment Using Virtual Machines (Lab)

Module 5 : Operating System Security & Privacy (Windows vs Mac OS X vs Linux)

Module 6 : Security Bugs and Vulnerabilities

Module 7 : Social Engineering and Social Media Offence and Defence

Module 8 : Security Through Isolation and Compartmentalization

2 Days

Cyber Defense for Network Administrator

Module 1: Network Security Threats, Vulnerabilities, and Attacks

Module 2: Network Security Controls, Protocols, and Devices

Module 3 : Network Security Policy Design and Implementation

Module 4 : Physical Security

Module 5: Host Security

Module 6 : Secure Firewall Configuration and Management

Module 7 : Secure IDS Configuration and Management

Module 8 : Secure VPN Configuration and Management

Module 9 : Wireless Network Defence

Module 10 : Network Traffic Monitoring and Analysis

Module 11 : Network Risk and Vulnerability Management

Module 12 : Data Backup and Recovery

Module 13 : Network Incident Response and Management

3 Days

Cybersecurity Attack & Countermeasures 2018

Module 1 : Cyber Security Fundamentals

Module 2 : Security Threats

Module  3 : Securing Network Communications

Module 4 : Securing Web Applications

Module 5 : Managing Public Key Infrastructure (PKI)

Module 6 : Managing Certificates

Module 7 : Monitoring & Managing Security Incident in Infrastructure Environment

2 days

Cybersecurity Hacker Exposed

Module 1 : Security Fundamentals

Module 2 : Access Controls

Module 3 : Protocols

Module 4 : Cryptography

Module 5 : Why Vulnerability Assessments?

Module 6 : Vulnerability Tools of the Trade

Module 7 : Output Analysis and Reports

Module 8 : Reconnaissance, Enumeration & Scanning

Module 9 : Gaining Access

Module 10 : Maintaining Access

Module 11 : Covering Tracks

Module 12 : Malware

Module 13 : Buffer Overflows

Module 14 : Password Cracking

3 days

Cyberhacker – Penetration Testing The Right Way

Module 1 : Information Gathering

Module 2 : Detecting Live System

Module 3 : Enumeration

Module 4 : Vulnerability Assessments

Module 5 : Malware Goes Undercover

Module 6 : Windows Hacking

Module 7 : Hacking UNIX/Linux

Module 8 : Pen Testing Wireless Networks

Module 9 : Networks, Sniffing, IDS

Module 10 : Injecting the Database

Module 11 : Attacking Web Technologies

Module 12 : Project Documentation

3 Days

End User Security Awareness Training Management

Module 1 : What Is Cybersecurity?

Module 2 : What is Social Engineering?

Module 3 : Emails and Links

Module 4 : Basics of Online Security

1 Day

Ethical Hacking & Pentest For IT Professional

 This intensive 3 days Technical Session aimed at people who are new to the world of hacking and penetration testing, for those with little or no previous experience, for those who are frustrated by the inability to see the big picture (how the various tools and phases fit together), for a person who wants to quickly get up-to-speed on with the seminal tools and methods for penetration testing, or for anyone looking to expand their knowledge of offensive security. 

 Module 1 : What is Penetration Testing? 

 Module 2 : Reconnaissance 

 Module 3 : Scanning 

 Module 4 : Exploitation 

Module 5 : Social Engineering 

Module 6 : Web-Based Exploitation 

Module 7 : Post Exploitation and Maintaining Access with Backdoors, Rootkits, and Meterpreter 

Module 8 : Wrapping Up the Penetration 

3 Days

Hacking With Kali Linux 2018.2

Module 1 – Penetration Testing Lifecycle

Module 2 – Kali Linux Toolkits

Module 3 – Software, Patches, And Upgrades

Module 4 – Configuring Kali Linux

Module 5 – Building a Penetration Testing Lab

Module 6 – PenTest Lifecycle

2 Days

IoT Security – FREE IoT Device : Raspberry Pi 3

Module 1 : A look at the Raspberry Pi 3 and Kali Linux 2016.2

Module 2 : Step by Step – Combining a Raspberry Pi with Kali Linux

Module 3 : Powering up the Raspberry Pi 3

Module 4 : A look at Kali Linux 2018.2 most popular Penetration Tools (Wireless Tech)

​Module 5 : Advanced Tweaks and Recommended Settings

2 Days

Internet of Things (IoT) Practitioner

IT professionals often have little or no experience working with embedded systems, sensor networks, actuators, realtime systems, and other components that are common to IoT, so this course provides a foundation for understanding how these components work with other systems that IT professionals typically have more experience working with—such as networks, cloud computing, and applications running on servers, desktop computers, and mobile devices.

In this training, students will learn general strategies for planning, designing, developing, implementing, and maintaining an IoT system through various case studies and by assembling and configuring an IoT device to work in a sensor network.

Students will create an IoT device based on an Raspberry Pi 4, implementing various common IoT features, such as analog and digital sensors, a web-based interface, MQTT messaging, and data encryption.

Module 1 : Planning an IoT Implementation

Module 2 : Constructing and Programming an IoT Device

Module 3 : Communicating with an IoT Device

Module 4 : Processing IoT Data

Module 5 : Managing Risks on IoT Projects

​Module 6: Undertaking an IoT Project

5 Days

Log File Analysis

Module 1 : Analysing Cisco and Apache logs using Linux Commands

Module 2 : Using cat and grep to get important information

Module 3 : How to use awk to analyse logs

Module 4 : Using sed, sort and uniq to extract important metrics

Module 5 : Using Python for Log Analysis

Module 6 : Basics of Python

Module 7 : Reading logs using Python

Module 8 : Parsing read logs.

Module 9 : Utilising Powershell for Windows Log Analysis

Module 10 : Basics of Powershell

Module 11 : Dumping Event Logs with Powershell

Module 12 : Log Analysis with Powershell

Module 13 : Intrusion Analysis using Powershell

Module 14 : Looking for suspicious data in logs

Module 15 : Searching for important keywords in event logs

2 Days

Network Penetration Testing & Ethical Hacking

Module 1 : Ethical Hacking & Penetration Testing

Module 2 : Methodology Overview

Module 3 : Reconnaissance (Footprinting)

Module 4 : Scanning

Module 5 : Port & Service Enumeration

Module 6 : Data Enumeration

Module 7 : Vulnerability Assessment

Module 8 : Penetration/Access/Compromise

Module 9 : Evading Defenses & Erasing Tracks

Module 10 : Hacking Techniques

2 Days

Network Security Fundamentals Workshop

Module 1 : Introduction to Security

Module 2 : Malware and Social Engineering Attacks

Module 3 : Application and Network Attacks

Module 4 : Vulnerability Assessment and Mitigating Attacks

Module 5 : Host, Application, and Data Security

Module 6 : Network Security

Module 7 : Administering a Secure Network

Module 8 : Wireless Network Security

​Module 9 : Basic Cryptography

2 Days

Technical Security Audit and Assessment Workshop

Module 1 : Overview of Technical Security Assessments

Module 2 : Identify and Analyze Targets

Module 3 : Validate Target Vulnerabilities

Module 4 : Planning Technical Security Assessments

Module 5 : Executing the Technical Security Assessment

2 Days

Web Application Pentesting 2018

This is a very technical hands-on and somewhat cover basic. Intermediate and advanced course that will require that you set up your own pentesting environment. You’re also expected to have a basic understanding of Linux and be comfortable working with the command line.

In addition, you should have familiarity with virtualized environments such as VMWare or VirtualBox and also understand how to configure a browser’s proxy settings. But don’t let these requirements deter you. Rolling up your sleeves and getting down and dirty with the tools of the trade will make you a better web application pentester!

3 Days

Web Pentest & Network Defense

Module 1: Introduction to Penetration Testing & Setup

Module 2 : Reconnaissance

Module 3 : Server-side-Attacks

Module 4 : Client Side Attacks

Module 5 : Attacking Authentication

Module 6 : Web Attacks

Module 7 : Web Application Firewalls & IDS

​Module 8 : Defensive Countermeasures

2 Days

Cybersecurity Awareness For Non IT

This Cyber Security Awareness Training for end user covers today’s key security best practices that end users should follow so that they can PREVENT, DETECT, and RESPOND to information security threats.  The biggest ASSETS are people and the biggest RISKS are people too. In addition our training is roles based as Executives will need to be aware of different risk to an IT Administrator.

No matter the level of staff it’s proven that a trained end user/staff will be able to make security minded decisions every day. This training can also be used as part of the orientation for new staff.

1 Day

Cybersecurity Fundamentals

 Investigate cybersecurity threats and master techniques needed to protect your network. 

When you consider just a few of the consequences of a security breach – your proprietary information completely accessible, hefty fines for security lapses, news headlines about your company’s security breach, it becomes obvious: An in-depth and thorough understanding of cyber security fundamentals and best practices is absolutely necessary. 

In this cybersecurity course, you will gain a global perspective of the challenges of designing a secure system, touching on all the cyber roles needed to provide a cohesive security solution. 

You will learn about current threat trends across the Internet and their impact on organizational security. You will review standard cybersecurity terminology and compliance requirements, examine sample exploits, and gain hands-on experience mitigating controls. In a contained Workshop environment, you will work with live viruses, including botnets, worms, and Trojans. 

 Workshop 1: Workshop Setup 

 Workshop 2: Understanding TCP/IP 

 Workshop 3: Vulnerability Assessment 

 Workshop 4: Cyber Awareness 

Workshop 5: Cyber Scanning 

Workshop 6: Cyber Attacks and Passwords 

Workshop 7: Cyber Attacks and Backdoors 

Workshop 8: Risk Assessment 

Workshop 9: Security Policies 

Workshop 10: Host Security 

Workshop 11: Covert Communications 

Workshop 12: Authentication and Cryptography 

Workshop 13: Snort IDS 

Workshop 14: Forensic Analysis 

Workshop 15: Business Continuity Plan 

2 Days