NSD Certified Penetration Tester (NCPT)

Start Date : January 14, 2021
Course Duration : 45 Hours
Course Type : Self paced
Course Validity : 1 year

25000
Description

Penetration testing domain from NSD is a recognized empanelment program for information security professionals with hands-on proven experience in vulnerability analysis and penetration testing. The domains test a candidate’s skill, approach and knowledge that can provide an organization with a reliable workforce for detection and mitigation of cyber security threats in a timely manner.

The program is a foundation for many other job roles including Security Information and Event Management (SIEM), Computer Forensics, Web Application Security, ISO 27001 Compliance, PCI-DSS, Internal IT Security Audit etc.


100% ONLINE

Take online training from ISAC and get certified in the most prestigious cyber security program.

VIRTUAL LABS

Get 30 days of access to unlimited virtual labs. Learn cyber security practically online with 300+ challenges.

LAB EXAM

The highest level of NSD Certification requires passing a stringent 8 hour lab exam. Are you up for it?

PLACEMENT SUPPORT

With requirement of over 100,000 plus jobs and growing every year, your skills will always be in demand. Get certified today.


Course Objectives

  • Learn how to gather information
  • Understanding Social Engineering
  • Understanding System Security
  • Learn about password security
  • Gain understanding of malwares
  • Gain skills in vulnerability Analysis
  • Conduct web security audits
  • Conduct network audits
  • Learn about exploitation
  • Creating Professional Reports

Top Benefits when you join this course


Get the below top benefits on joining the National Security Database Program!

  • Access to E-learning Platform
    • Get up to 12 months Access to the E-learning platform
    • Includes all new updates such as lessons, theory and latest lab videos
    • Updated regularly!
  • Unlimited Video Plays
    • No restriction on number of video plays
    • Learn at your own pace and schedule
  • Cyberange Virtual Labs
    • Get access to all the labs in Penetration Testing course online
    • All the labs are fully accessible over a web-browser
    • Your own private cloud of labs, exclusively for you to practice
    • 30 Days Unlimited Access
    • Upgrade to additional time if you need more practice time
    • New Labs added frequently!
  • NSD Cadet Certification Included
    • Includes one attempt for NSD Cadet Certification Exam
    • Take the theory certification exam online
    • Earns your NSD Cadet Level

Announcements
Preassessment Quiz
1.1 Video Ethics and Culture – Moral Debate (Ethics) (4:01)
1.2 Video Ethics and Culture- Defining a system (5:48)
1.3 Ethics and Culture (6:41)
1.1 Ethics and Culture
1.2 Overview of hacking history - Understand the evolution of hacking
1.3 Hacker Culture - Understand how hacker culture has evolved over time
Quiz 1
2.1 Video - Enterprise Security Challenges Part 1 (5:10)
2.2 Video - Enterprise Security Challenges Part 2 (5:01)
2.3 Video - Enterprise Security Challenges- Adaptation (3:48)
2.4 Video - Enterprise Security Challenges- Evolution (6:14)
2.5 Video - Enterprise Security Challenges- Management Challenges (7:57)
2.6 Video - Enterprise Security Challenges- Security Concerns (6:01)
Quiz 2
3.1 Video - Information Gathering Part 1(3:50)
3.2 Video - Information Gathering Part 2 (4:57)
3.1 Information Gathering: Introduction
3.2 What is Information Gathering?
3.3 Reconnaissance
3.4 Objective of Information Gathering
3.5 Information Gathering: Classification
3.6 Footprinting
3.7 Network-based Footprinting
3.8 Tools Used
3.9 DNS Enumeration
3.10 Scanning
Lab 1 - Version Detection using Nmap (2:22)
3.11 Scanning techniques
Lab 2 - User Enumeration (2:37)
3.12 Identifying Vulnerabilities
3.13 Countermeasures
Quiz 3
4.1 Video - Social Engineering- Reality Hacking (4:40)
4.2 Video - Social Engineering- Into the Mind Inflicting Damage (7:42)
4.3 Video - Social Media Politics and Hacking (5:23)
4.4 Extra - Social Engineering- Exploiting Religion and Occult Science (6:52)
4.5 Extra - Social Engineering (4:31)
4.1 Introduction to Social Engineering
4.2 Understanding your targets - Basic approach in understanding your targets
4.3 Character Analysis - various approaches of character analysis
4.4 Body language - basic body language techniques
4.5 'Blink’ factor - Discussion on Instinct and Judgement on your targets
4.6 How SMS and Facebook has taken over our lives - Discussion on the impact of
4.7 Finding the right words
4.8 Chat addiction - Making a person attached to you on chat
4.9 Exploiting targets - Using the art effectively for gaining information
4.10 Possible Psychological damage - Discussion on possible psychological damag
4.11 Scripting in daily life: Games people play - Suggested reading of the book
4.12 Transactional Analysis - How can it help in networking and information gath
4.13 Introduction to Reality Hacking - Concept of reality hacking
4.14 Understanding reality hacking - Introduction and larger concept application
4.15 Weakest link in security - exploiting people
4.16 Application in real life - how "everything" around you can be used for hacking
4.17 Exploiting Religion and Occult Science: People and belief - Discussion on what is god, belief and religion
4.18 How religion plays a big role - Importance of religion in peoples lives
4.19 Understanding occult science - Brief introduction to occult science and what people believe
4.20 Astrology and daily life - How astrology impacts daily lives of people and their decisions
4.21 Faith - How to exploit faith for hacking
4.22 How to get personal information - Getting personal information in the name of god
4.23 Bluff master: How to be a palmist - effectively and instantly getting the secrets of people in your first meeting
4.24 Playing with the mind - How to induce self-fulfilling prophecies
4.25 Respecting the science - How not to cross the line
4.26 Into the Mind: Inflicting damage: Introducing hope - exploiting greed and success and fun and profit
4.27 Attachment in Adults - exploiting relationships for fun and profit
4.28 Turning people against each other - exploiting the weakest link
4.29 Phishing god - Using phishing and spam based on information gathered
4.30 Knowing your target - Crafting mails and messages to lure people
4.31 Social Media, Politics and Hacking
4.32 Importance of Social Media in opinion formation
4.33 Case Study: Politics and use of social media
4.34 Misleading people using Social Media
Lab 1 - Phishing using Shellphish (2:29)
Quiz 4
5.1 Video - System Security (5:13)
5.2 Video - System Security- Offensive Attacks (5:33)
5.3 Video - System Security - Wireless Security (4:37)
5.4 Video - Breaking WEP (3:48)
5.5 Video - Breaking WPA (4:59)
5.1 Systems Security
5.2 Group Discussion
5.3 Active directory fundamentals
5.4 Hiding Data - NTFS streaming
5.5 Wireless Security
5.6 Wireless security standards
5.7 WEP and inherent vulnerabilities
5.8 Sniffing Wireless networks
5.9 Breaking WEP
5.10 Breaking WPA
5.11 Wireless security – Best practices
5.12 Offensive attacks
5.13 Linux Privilege Escalation
5.14 Man in the Middle Attack
5.15 Finding Vulnerabilities
Lab 1 - Authentication Bypass Vulnerability (1:52)
Lab 2 - Gitshell Sandbox Bypass (2:14)
Lab 3 - Logic Vulnerability in libssh (2:00)
Lab 4 - Sandbox Bypass & Code Execution Vulnerability (2:33)
Lab 5 - Shellshock (1:55)
Lab 6 - Sudoexploit (1:54)
Lab 7 - WEP Cracking (1:41)
Lab 8 - WPA2 PSK Cracking (2:39)
Quiz 5
6.1 Video - Password Hacking 1 (5:37)
6.2 Video - Password Hacking 2 (4:23)
6.1 Password Hacking
6.2 Secret of passwords
6.3 Group Discussion: Do you use the same passwords everywhere?
6.4 Case study: The Most common passwords used
6.5 Team activity: Using online hash crackers
6.6 Attacking Windows system password
6.7 Attacking a Windows Server Domain Controller Password
6.8 Attacking Linux system password
6.9 Attacking Application passwords
6.10 Other approaches - Using Brute Force Tools
Lab 1 - Hydra Brute Force (2:10)
6.11 Steganalysis concepts
6.12 Using Rainbow Tables
6.13 Default Passwords of devices
6.14 Using Key loggers
6.15 Case Study: Impact of Default Passwords on Security
6.16 Team activity: Password recovery tools
Lab 2 - Directory listing and MD5 decryption (2:14)
Quiz 6
7.1 Video - Malware- Trojan (5:04)
7.2 Video - Malware- Worm (4:55)
7.3 Video - Malware- Rootkits and Botnets (6:24)
7.1 Team activity: How would you define a Malware
7.2 Introduction to Malwares
7.3 What are Malwares?
7.4 Building a Trojan
7.5 Binding a Trojan to another file
7.6 Approaches for deploying a Trojan
7.7 Using Bit-torrent to spread Trojans
7.8 Anatomy of a Worm
7.9 Worm propagation process in a network
7.10 Defense against Worms
7.11 Worm Propagation possibilities in IPv6!
7.12 Rootkits and Botnets
7.13 Case study: How Botnets work?
7.14 Team activity: Find most popular malwares impacting the mobile platforms.
7.15 Rootkits Infection Techniques
7.16 Task: Analysis of a Malware.
Quiz 7
8.1 Video - Network Security (4:29)
8.2 Video - Network- Honeypots (2:24)
8.3 Video - Network- Sniffing & Session Hijacking (6:20)
8.4 Video - Network-Web Application Security (5:52)
8.5 Video - Network- Advanced Google Search Techniques (3:10)
8.1 Network and Web Application Security
8.2 DDoS Attacks
8.3 Group discussion: DoS attacks impacting organizations
8.4 Targeting Firewalls and Routers
8.5 Defense - Clustering and NLB
8.6 Honeypots
8.7 Deploying Honeypots
8.8 Sniffing Networks
8.9 Encryption - Overview
8.10 Session Hijacking
8.11 Web Security
8.12 Web Application Attacks
8.13 Web Server Security
8.14 Web application security risk
8.15 Basic Authentication Attacks
8.16 Advanced Google Search Techniques
Lab 1 - Stored Xss (2:13)
Lab 2 - SQL injection (2:21)
Lab 3 - Reflected Xss (1:54)
Lab 4 - Remote Security Bypass (2:31)
Lab 5 - Remote code injection (2:20)
Lab 6 - Arbitrary code execution (2:08)
Lab 7 - Remote Code Execution Vulnerability-Drupal (1:55)
Lab 8 - Directory traversal Vulnerability (1:39)
Lab 9 - Remote Code Execution Vulnerability-ProFTPD (2:05)
Lab 10 - Remote Code Execution Vulnerability-ThinkPHP (1:50)
Lab 11 - Arbitrary File Read Vulnerability (1:38)
Lab 12 - Arbitrary Write-file Vulnerability (1:55)
Lab 13 - S2-007 Remote Code Execution Vulnerablity (1:37)
Lab 14 - Arbitrary File Download Vulnerability (1:35)
Lab 15 - RCE In GoAhead (2:08)
Lab 16 - Unauthorized Access Vulnerability (1:41)
Lab 17 - Unauthorized Access in Jupyter Notebook (1:36)
Quiz 8
9.1 Video - Exploiting Approaches (6:47)
9.2 Video - Exploiting Approaches - Advanced Exploitation (5:56)
9.3 Video - Exploiting Approaches- SMB Hacking & Anti Virus Evasion (5:46)
9.1 Exploiting Approaches
9.2 Overview of Shellcodes
9.3 Using exploit-db effectively
9.4 Metasploit - The Big Daddy
9.5 Introduction to msfencode/msfpayload
9.6 Manual Shellcode Writing and Automatic Shellcode Generation
9.7 Client Side Exploitation Techniques
9.8 Concept of Tunneling and Techniques
9.9 Evading Firewalls by hopping through the tunnels using proxy servers
9.10 SMB Fun – Windows and Linux
9.11 Anti Virus Evasion
Lab 1 - Code Injection Vulnerability (2:15)
Lab 2 - Path Traversal Vulnerability (2:08)
Lab 3 - Integer Overflow Vulnerability (1:38)
Lab 4 - Vertical Privilege Bypass Vulnerability (2:10)
Quiz 9
Next Steps
NSD Exam Format
Exam Terms
Quiz 10


About National Security Database

National Security Database (NSD) is a prestigious certification program from Information Sharing and Analysis Center (ISAC), India's leading non-profit cyber security foundation. ISAC is a Public Private Partner (PPP) with National Critical Information Infrastructure Protection Center (NCIIPC), under Prime Minister’s Office, Partner with Computer Emergency Response Team (CERT-IN), under Ministry of Electronics and Information Technology and recognized by All India Council of Technical Education (AICTE), under Ministry of Human Resources and Development, Government of India.

NSD is awarded to credible & trustworthy Information security experts with proven skills to protect the National Critical Infrastructure & economy of the country.



A non-for-profit body, Information Sharing and Analysis Center (ISAC) is India’s leading non-profit foundation committed to securing the cyber space of the nation by providing credible platforms for Information Sharing & capacity development. National Security Database (NSD) is a prestigious certification program from Information Sharing and Analysis Center (ISAC), a Public Private Partner (PPP) with National Critical Information Infrastructure Protection Center (NCIIPC), under Prime Minister’s Office, Government of India.