4.8/5
Rated Online Education
Active Students
Classes Completed
Ongoing Completed
This course is a deep dive into the world of advanced pen testing, and there are no life jackets - only binaries. Real-world unethical hackers are becoming increasingly more devious and cunning when it comes to technology.
Job Ready
PROGRAMS
Expert
TRAINIERS
Immersive
LEARNING
Live Project
EXPERTISE
Placement
ASSISTANT
Expert
TRAINERS
Mobile Penetration Testing (OWASP Top 10, Burp Suite, Tools…)
Lab Setup using Android Emulator
Vulnerable apps and VM download
Android Application Pentesting basics
Using Apk-tool,dex2jar,JD-GUI to decompile apps and review the source code
Intercepting HTTP and HTTPS traffic
Insecure Data Storage vulnerabilities
Server side and client side vulnerabilities
Insecure logging
Exported Application components
Client side injection
Android application testing advanced
Introduction to frida
Root detection bypass using Objection
Insecure local data storage
Traffic analysis
Introduction to frida CLI
Introduction to SSL pinning
Bypassing SSL pinning using Frida
Introduction of SOC
What is Enterprise network
what is Defense in Depth
What is Log Parsing
Deep Dive into SOC Environment
What are SIEM deployment options
SIEM Architecture
Splunk Introduction
How to upload data to splunk
what is Splunk Field
Understanding web logs
How to Create Splunk Reports and Dashboard
How to install Splunk Forwarder in windows
Which are impotent Windows Event Codes
Scenarios for SMTP Profiling
DNS Profiling
HTTP traffic profiling
Roles and Responsibilities as a SOC analyst
XXE (XML External Entities)
Exploiting XXE using external entities to retrieve files
Exploiting XXE to perform SSRF attacks
Blind XXE with out-of-band interaction
Blind XXE with out-of-band interaction via XML parameter entities
Exploiting blind XXE to exfiltrate data using a malicious external DTD
Exploiting blind XXE to retrieve data via error messages
Exploiting XInclude to retrieve files
Exploiting XXE via image file upload
Exploiting XXE to retrieve data by repurposing a local DTD
Basic server-side template injection
Basic server-side template injection (code context)
Server-side template injection using documentation
Server-side template injection in an unknown language with a documented exploit
Server-side template injection with information disclosure via user-supplied objects
Server-side template injection in a sandboxed environment
Server-side template injection with a custom exploit
Manipulating Web Socket messages to exploit vulnerabilities
Manipulating the Web Socket handshake to exploit vulnerabilities
Cross-site Web Socket hijacking
Web cache poisoning with an unkeyed header
Web cache poisoning with an unkeyed cookie
Web cache poisoning with multiple headers
Targeted web cache poisoning using an unknown header
Web cache poisoning via an unkeyed query parameter
Parameter cloaking
Web cache poisoning via a fat GET request
URL normalization
Combining web cache poisoning vulnerabilities
Cache key injection
Internal cache poisoning
Modifying serialized objects
Modifying serialized data types
Using application functionality to exploit insecure deserialization
Arbitrary object injection in PHP
Exploiting Java deserialization with Apache Commons
Exploiting PHP deserialization with a pre-built gadget chain
Exploiting Ruby deserialization using a documented gadget chain
Developing a custom gadget chain for Java deserialization
Developing a custom gadget chain for PHP deserialization
Using PHAR deserialization to deploy a custom gadget chain
JWT authentication bypass via unverified signature
JWT authentication bypass via flawed signature verification
JWT authentication bypass via weak signing key
JWT authentication bypass via jwk header injection
JWT authentication bypass via jku header injection
JWT authentication bypass via kid header path traversal
JWT authentication bypass via algorithm confusion
JWT authentication bypass via algorithm confusion with no exposed key
Introduction to red team concepts and methodologies
Cyber kill chain
Initial vectors of compromise(Mitre ATT&CK framework)
C2 framework(Covenant and empire)
Cobalt Strike
Relevant Red team tools(Bloodhound,Mimikatz,Impacket,Powersploit)
Intermediate windows and linux commands
Process Injection
Lateral Movement
Port Forwarding
Adversary Emulation(APT3)
How web API works
Threat Modeling an API Test
THE ANATOMY OF WEB APIS
REST API Specifications
API Authentication
Information Disclosure
Broken Object Level Authorization
Broken User AuthenticationBroken User Authentication
Excessive Data Exposure
Lack of Resources and Rate Limiting
Broken Function Level Authorization
Mass Assignment
Security Misconfigurations
Injections
Improper Assets Management
Business Logic Vulnerabilities
Passive Recon
Active Recon
Endpoint Analysis
FUZZING
Automating Mass Assignment Attacks with Arjun and Burp Suite Intruder
Attacking GraphQL
Architecture, Discovery, and Recon at Scale
Attacking Identity Systems
Attacking and Abusing Cloud Services
Vulnerabilities in Cloud-Native Applications
Infrastructure Attacks and Red Teaming
Get one on one demo class with our industry expert trainers.
Metaspolit
Nitko
Hashcat
NMAP
Wifi Hacking
System Pentesting
Android Hacking
Network Pentesting
Incident Responder, Cloud Security Engineer, Desktop Security Analyst, Security Consultant Security Auditor Firewall Engineer, Ethical Hacker, Storage Security Engineer, Security Test Engineer, Cyber Security Engineer, Cloud Security Engineer.
.png)
Soumya Jas is a Web Application Penetration Tester, Bug Bounty Hunter, Blockchain and Python Enthusiast. Additionally, he has an experience in playing CTF games on platforms like Portswigger and HackTheBox. While auditing and securing websites like eBluesoft (https://ebluesoft.com/) he discovered critical vulnerabilities and mitigated those vulnerabilities.
868 Students Taught
IT expert Soumya Maity has more than 2.5+ years of experience in the field of Hardware & Network troubleshooting. Also he has experienced in AWS.
2986 Students Taught
CEH Certified, Qualys Guard VM Certification 2019, DevSecOps Trained, DAST & SAST Handling client end to end from taking requirements till providing end report post-false-positive analysis of over 200 applications. Advance Knowledge of professional tools for Network, Source Code Analysis and Web Application Testing. Providing remediations to the clients for the vulnerable issues found during the auditing of the website & Coordinating with the development team for issues closure
209 Students Taught
DataSpace Academy’s courses are the best deal that you can find in the market. Our Course Fees are structured keeping in mind all kinds of feasibilities for students and professionals.
+18% GST
Training & Mentorship
Flexible Schedule
Online Live Interactive Session
Recorded Session After the class
World Recognised Certificate
3 Months Internship Program after the course
*No cost EMI options are available.
Enroll your desired course and join DataSpace Academy in just few clicks!
Select your desired course
from
our website
Enter your details and
complete
the payment process
Select a batch for your first class
I am pleased to share that I have enrolled in the certification in cybersecurity course which is proving to be a great learning experience. The instructors are experts in their field, and the course is well-structured to provide us with the skills they need to combat cybersecurity threats. The practical exercises and simulations are particularly helpful in applying the concepts learned in class, and the peer community is a valuable resource for exchanging ideas and feedback.
Hello, My name is Somnath, I have recently completed the Certification in Cyber Forensics course from DataSpace Academy, and I must say that the course has exceeded my expectations. The instructors are engaging and knowledgeable, and the course content is relevant and up-to-date. The practical exercises and simulations have been invaluable in applying the concepts learned, and the community of peers has been supportive and helpful throughout the course. Also, since I have always been inquisitive in nature, I got all-around support as and when possible which has been extremely helpful.
I am enrolled in a Cyber Forensics course, and I am impressed with the quality of the content and the level of engagement from the instructors. The course is designed to provide students with the practical skills and knowledge necessary to tackle cybersecurity threats, and the practical exercises and simulations have been particularly useful in applying the concepts learned. The peer community is also a great resource for sharing ideas and feedback.
I am currently enrolled in a certification course for Cyber Forensics, and I am thoroughly impressed with the depth and breadth of the content covered. The instructors are experienced and knowledgeable, and the course is designed to provide students with the practical skills and knowledge necessary to tackle cybersecurity threats. The hands-on approach has been particularly useful, and the peer community has been supportive and engaging throughout the course. Overall, I would highly recommend this course to anyone interested in cybersecurity.
I highly recommend the DataSpace Academy to anyone looking to pursue a career in digital forensics. The quality of the courses and instructors is exceptional, with comprehensive and up-to-date content that covers a wide range of topics related to cyber forensics. The hands-on approach to learning provides students with practical experience using the latest tools and techniques in the industry. The instructors are experienced professionals who are passionate about their work and always willing to provide guidance and support to students
DataSpace Academy provides a flexible learning environment that allows professionals like us to study at their own pace and on their own schedule, especially because I am a working professional and it has helped me a lot. The online platform is user-friendly and easy to navigate, with a wealth of resources and support available to students at all times. Overall, I am extremely satisfied with my experience with the DataSpace Academy and would highly recommend it to anyone looking to enhance their skills and knowledge in the field of cyber forensics and digital forensics.
Candidate should have a minimum Educational qualification of (10+2) and a basic understanding of computer Applications.
Because India is Asia's IT hub, networking is in high demand. In India, the scope of networking is enormous. Companies such as TCS, Infosys, Wipro, HCL, Tech Mahindra, and others.
In India, the average starting salary for a Cyber Security analyst is roughly around 1.8 lakhs to 2.20 Lakhs per year (15.0k - 18.0k per month).
DataSpace Academy provides an Internship programme for students who have successfully completed the certification and diploma courses. For pre-qualified candidates who are freshers, there will be a course-related test that needs to be qualified to be a part of the internship programme.
