This certification provides hands-on knowledge of ethical hacking tools, techniques, and methodologies, enabling learners to identify, exploit, and defend against cybersecurity threats ethically and legally.
Ethical hacking process, scope, and differences from malicious hacking.
Information gathering using search engines, social engineering, and network scanning.
Port scanning, vulnerability scanning, and enumeration techniques.
Extracting user, service, and resource details through active and passive methods.
Identifying, evaluating, and mitigating system and network vulnerabilities.
Unauthorized access, privilege escalation, and exploitation methods.
Types of malware and tools for malware detection and analysis.
Packet capture, analysis, and countermeasures against sniffing attacks.
Psychological exploitation techniques, phishing, and preventive controls.
DoS/DDoS attack mechanisms and defense strategies.
Techniques for session takeover and security countermeasures.
Exploiting common server vulnerabilities and securing configurations.
Testing web apps for XSS, SQL injection, and other flaws.
Exploiting databases via SQL injection and prevention methods.
Wireless threats, Wi-Fi cracking, rogue access points, and secure protocols.
Bypassing detection systems and defensive counter-strategies.
Encryption basics, algorithms, and cryptanalysis techniques.
Planning, execution, reporting, and ethical/legal considerations.