This course covers about how security works in iOS devices and how vulnerabilities can be found in iOS applications.

The course starts with the basics of how you can set up your hacking environment and then gradually moves on to how security works in iOS Applications.

The course also shows you the different types of Jailbreak and how you can Jailbreak your iOS Device.

The course also covers OWASP Mobile Top 10 and would cover all the categories of OWASP Mobile Top 10 with practical examples.

The course also includes a detailed overview of iOS Security such as Keychain, Device Management, Data Protection etc.

The major section of iOS Pentesting is the Static and the Dynamic Analysis where most of the vulnerabilities would be covered with practical approaches. These approaches can also be used to find vulnerabilities in bug bounty programs.

At the end of the course, you would be exposed to certain Tips and Tricks that will make your upgrade iOS Pentesting skills. These tips will help you to differentiate yourself from others.

This course also includes the Breakdown of some Hackerone Reports which are found and submitted by other hackers for better understanding.

ادامه مطلب

In today’s secured environments, it is almost impossible for Red-Blue Teams to emulate modern adversarial tactics, techniques and procedures using publicly available 3rd party pentesting products. Powerful adversaries typically develop custom code to ensure stealth and undetectability for as long as possible. This course uses a recipe approach to teach Red-Blue teams to do exactly this. In this module, we will specifically look at different techniques to query Process Listing using a variety of Windows APIs. We will also go in-depth into Windows Tokens, different fields and how to get this programmatically. Finally, we will understand how to read-write process memory.

ادامه مطلب

The age of intelligent machines is here! We are now seeing Machine Learning disrupting every technological field including computer security. As more and more security products use Machine Learning, it is important as Pentesters and Security Researchers to understand how to make and break this technology!

ادامه مطلب

A good primer on OSINT, this course explains what Open Source Intelligence is and also covers types of OSINT sources, ethics and grey areas, useful tools available for OSINT information gathering including Google custom searches. The course will also cover cases and scenarios allowing the student to see how intelligence they have gathered can be used/ seen in different contexts. Students will also be exposed to tools like Maltego, FOCA and and work on labs where they will build their own fake/ puppet LinkedIn profile for intelligence gathering purposes, build a Google Custom Search Engine and gather intelligence on a large organization. Students will take away an appreciation for OSINT, why it needs to be a part of their toolbox, an intelligence gathering recipe and exposure to tools and techniques they can start using right away.

ادامه مطلب

We are now living in a Big Data world – billions of devices communicating over millions of networks and generating petabytes of data, both at rest and in transit! Security professionals now encounter Big Data in the form of large log files, network traffic captures, forensics of large images and exports from security tools and products. In this course, we will look at how to analyze, mangle, transform and visualize data to derive interesting insights and intelligence from it.

Pandas is a Python library which is part of SciPy scientific computing ecosystem. In simple terms, Pandas provides powerful data structures to perform data analysis. As dry as this might initially sound, due to the high level of abstraction provided by its powerful API, Pandas allows us to do really complicated analysis with just a few lines of Python code.

In this course, we will go through the basics of Numpy, a deep dive into Pandas Series and Dataframes and how to analyze data with it. The case study used is analysis of Wi-Fi networks using Airodump-NG’s output file for a relatively large network with hundreds of devices.

ادامه مطلب