8939260766
info@edunavo.com
REGISTER
LOGIN
Category
5G
Advance
Automation
B.Tech Course
Basic+Intermediate
Certification
Financial
NTN
Premium
Testing
Trainer
MENU
Home
Courses
B.Tech Course
Digital Store
Doubt Session
Pricing
Trainers
Contact
Mock Test
Home
Courses
Premium
VAPT
VAPT
Curriculum
13 Sections
56 Lessons
45 Hours
Expand all sections
Collapse all sections
Module 1: Introduction to VAPT
6
1.1
What is Vulnerability Assessment?
1.2
What is Penetration Testing?
1.3
Difference between VA and PT
1.4
Importance of VAPT in cybersecurity
1.5
Legal and ethical considerations (including scope & permission)
1.6
IP addressing, DNS, DHCP
Module 2: Basics of Networking and Security
5
2.1
OSI & TCP/IP models
2.2
IP addressing, DNS, DHCP
2.3
Common ports and protocols
2.4
Firewalls, IDS/IPS
2.5
Basics of Operating Systems (Windows/Linux)
Module 3: Methodologies and Standards
5
3.1
OWASP Testing Guide
3.2
PTES (Penetration Testing Execution Standard)
3.3
NIST Framework
3.4
OSSTMM Overview
3.5
Bug bounty methodology (brief overview)
Module 4: Information Gathering (Reconnaissance)
5
4.1
Passive vs Active Reconnaissance
4.2
Tools: Whois, NSlookup, Maltego, Shodan, Google Dorking
4.3
DNS enumeration
4.4
Subdomain enumeration
4.5
Email harvesting, metadata extraction
Module 5: Scanning and Enumeration
5
5.1
Network Scanning using Nmap
5.2
Banner Grabbing
5.3
Service Enumeration
5.4
Vulnerability Scanning: Nessus, OpenVAS, Nikto
5.5
Identifying live hosts and services
Module 6: Vulnerability Assessment
4
6.1
Understanding CVEs and CVSS scores
6.2
Manual vulnerability analysis
6.3
Automated tools (Nessus, Nexpose, OpenVAS)
6.4
Report analysis and validation
Module 7: Exploitation (Penetration Testing)
4
7.1
System Exploitation (Windows/Linux)
7.2
Web Application Exploitation (OWASP Top 10: XSS, SQLi, LFI, RFI, etc.)
7.3
Exploiting weak services (FTP, SMB, RDP, etc.)
7.4
Tools: Metasploit, SQLMap, Burp Suite
Module 8: Post-Exploitation
5
8.1
Privilege Escalation Techniques
8.2
Persistence mechanisms
8.3
Clearing logs and covering tracks (ethically, for learning only)
8.4
Pivoting and lateral movement
8.5
Data exfiltration techniques
Module 9: Web Application VAPT
4
9.1
Manual Testing of Web Applications
9.2
Web Vulnerabilities (OWASP Top 10 in depth)
9.3
Tools: Burp Suite, OWASP ZAP
9.4
Exploiting authentication, session management flaws
Module 10: Wireless and Network Penetration Testing
3
10.1
Wireless standards (WEP, WPA, WPA2)
10.2
Attacks: Evil Twin, DE authentication
10.3
Tools: Air crack-ng, Wireshark, Better cap
Module 11: Report Writing and Mitigation
4
11.1
VAPT Report Structure
11.2
Risk rating and impact analysis
11.3
Executive summary and technical summary
11.4
Remediation and mitigation suggestions
Module 12: Hands-On Projects and Labs
3
12.1
Capture the Flag (CTF) exercises
12.2
Simulated VAPT on vulnerable machines (DVWA, Metasploitable, TryHackMe, Hack The Box)
12.3
Real-time report creation
Certification Outcome:
3
13.1
Prepare for CEH, OSCP, or company VAPT roles Capable of handling client projects and internal audits
13.2
Become proficient in VAPT tools and methodologies
13.3
Capable of handling client projects and internal audits
This content is protected, please
login
and
enroll
in the course to view this content!
WhatsApp us
Modal title
Main Content
