Understanding Information and Information Security, Core Components of Information Security, The CIA Triad (Confidentiality, Integrity, Availability), AAA Mechanisms (Authentication, Authorization, Accounting), Elements Involved in a Cyber Attack, Types and Classifications of Hacking, Hacking Methodologies and Security Frameworks, The Five Phases of Hacking (Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks), Cyber Kill Chain Model, TTPs, Defining Hacking, Who Are Hackers?, Categories of Hackers (White Hat, Black Hat, Grey Hat), Concept of Ethical Hacking, Essential Skills of an Ethical Hacker.

Introduction to Linux, Interface Comparison (Kali Linux vs Windows), Virtualization & Hypervisor Overview, Lab Environment Setup (Kali Linux, Metasploitable2, Beebox, Windows 10), Linux Filesystem Hierarchy & FHS Standard, Basic Linux Utilities (ls, cd, cp, mv, rm, etc.), Absolute vs Relative Paths, Package Management in Debian-Based Systems (apt, dpkg), Using vi/vim Editor & Operation Modes, User Management Fundamentals, Managing File and Directory Permissions (chmod, chown, umask), File Archiving and Compression (tar, gzip, zip), Process Management (ps, top, kill, etc.), Log Files and Log Monitoring (/var/log/, tail, grep), Basic Network Utilities (ping, ip, netstat, ss, traceroute).

Introduction to Linux, Interface Comparison (Kali Linux vs Windows), Virtualization & Hypervisor Overview, Lab Environment Setup (Kali Linux, Metasploitable2, Beebox, Windows 10), Linux Filesystem Hierarchy & FHS Standard, Basic Linux Utilities (ls, cd, cp, mv, rm, etc.), Absolute vs Relative Paths, Package Management in Debian-Based Systems (apt, dpkg), Using vi/vim Editor & Operation Modes, User Management Fundamentals, Managing File and Directory Permissions (chmod, chown, umask), File Archiving and Compression (tar, gzip, zip), Process Management (ps, top, kill, etc.), Log Files and Log Monitoring (/var/log/, tail, grep), Basic Network Utilities (ping, ip, netstat, ss, traceroute).

Introduction to Web Technologies, Understanding the Internet and Its Components, Fundamentals of the World Wide Web (WWW), Key Components of the WWW, How the Web Works, DNS Resolution Process and IP Mapping, Differences Between the Internet and WWW, Understanding HTTP Protocol, Core Components of HTTP, Structure of HTTP Messages (including HTTP Request and Response Analysis), Common HTTP Methods (GET, POST, etc.), HTTP Status Codes and Their Meanings, HTTP Communication Workflow, Cache vs Cookies, Introduction to Secure Sockets Layer (SSL), Fundamentals of HTTPS (HTTP Secure), HTTP vs HTTPS Comparison, Overview of Web Development (Frontend vs Backend), Understanding Websites and Web Applications.

Introduction to reconnaissance and footprinting, objectives and types (passive and active), information collected during pre-attack phases, passive reconnaissance techniques including search engine methods (Google Dorking, Google Image Search, Meta Search Engines, Search Engine Cache), public data sources and domain intelligence (WHOIS Lookup, DNS Enumeration, subdomain discovery using Subfinder and Amass, public data breach search), website intelligence and mirror analysis (Wayback Machine, website mirroring with HTTrack, site mapping tools such as web-check.xyz and Netcraft, technology fingerprinting using WhatWeb and Wappalyzer), content profiling and metadata extraction (company website structure analysis, document metadata extraction, job portal profiling), social and identity reconnaissance (social media profiling, username enumeration with Sherlock Project), OSINT tools and frameworks (OSINTFramework overview, Maltego CE for link analysis, SpiderFoot for automated OSINT collection), active reconnaissance techniques including network enumeration (ping sweep, port scanning with Nmap and Masscan, traceroute), target profiling and service discovery (banner grabbing, operating system fingerprinting, web server fingerprinting), and email enumeration and harvesting through web sources and manual/automated methods.

Understanding network scanning and its key steps, TCP 3-way handshake process explained, TCP flags and their roles (SYN, FIN, ACK, RST, PSH, URG). Overview of popular scanning tools including Nmap and Masscan. Hands-on Nmap scanning techniques covering target specification, host discovery, port scanning, service version detection, TCP connect (full) scan, stealth (half-open) scans such as FIN, NULL, and XMAS, UDP scan, timing and performance tuning, OS fingerprinting, aggressive scan, output formats, and report handling. Hands-on Wireshark analysis for deep packet inspection and understanding scan behaviors. Emphasis on ethical and legal responsibilities in network scanning to ensure compliance and responsible use.

Introduction to network enumeration and its key steps, overview of popular network enumeration tools and techniques, user and group enumeration using tools like Nmap and Netcat, network share enumeration, banner grabbing with Netcat and other tools, SNMP protocol overview and enumeration using SNMPwalk, DNS enumeration techniques, best practices for secure and effective network enumeration, and ethical and legal considerations to ensure responsible conduct.

Introduction to system hacking, key stages (gaining access, privilege escalation, maintaining access, clearing logs), approaches to gaining access (stolen credentials, password cracking, vulnerability exploitation), password cracking techniques (Crunch, Hydra for SSH/FTP/HTTP, John the Ripper, CUPP, SecLists), hash functions and encryption basics, vulnerability exploitation (Metasploit Framework, FTP vsftpd, DistCC exploitation), privilege escalation techniques (udevd, netlink vulnerabilities, Searchsploit, Exploit-DB, exploit code compilation), maintaining access (persistence techniques, backdoor management with Meterpreter), clearing logs and covering tracks, ethical and legal considerations.

Introduction to vulnerabilities, difference between vulnerability assessment and penetration testing, vulnerability assessment lifecycle, manual vulnerability research techniques, understanding CVE, CVSS, and NVD, automated vulnerability assessment using tools like Nmap, Nikto, OpenVAS, and Nessus.

Introduction to malware, types of malware, backdoors, botnets and command and control (C2), networking foundations for malware communication (TCP 3-way handshake, reverse shell vs bind shell, understanding reverse shell communication), understanding vulnerabilities, exploits and payloads, malware generation (Linux reverse shell malware, Windows Trojan with Meterpreter shell, simulating port forwarding with Meterpreter, monitoring infections using netstat, simulated malware deliveries and executions), evasion and obfuscation techniques, malware delivery techniques, malware prevention and detection.

Introduction to session hijacking, session hijacking classification, techniques for network-level session hijacking, techniques for application-level session hijacking, TCP reset attack to disrupt sessions, hijacking Telnet sessions, session ID-based login bypass.

Introduction to network sniffing, common protocols vulnerable to sniffing, passive vs active sniffing, ARP and ARP spoofing, what is MITM, types of MITM attacks including ARP spoofing, DNS spoofing, SSL stripping, MITM vs sniffing, relationship between sniffing and MITM, practical demonstrations of sniffing Telnet, HTTP, FTP credentials, and file transfers (txt, jpg, zip). Understanding and mitigating these attacks is critical for securing sensitive data and maintaining network integrity.

Understanding DoS and DDoS attacks, business and technical impacts, volume-based flooding attacks (UDP flood, ICMP flood), protocol exploitation and amplification attacks (SYN flood, Smurf attack, Fraggle attack), Layer 7 DoS attacks (HTTP flood, Slowloris), botnets and the DDoS-as-a-Service ecosystem, practical demonstrations covering key flooding and protocol attacks, IP spoofing simulation, and packet analysis of DoS/DDoS traffic using Wireshark.