Duration
05 MonthsPlacement Support
100%Course Fee
Rs. 35,000/-Easy EMI
AvailableClass Mode
Online + Offline*Extra Benefits
FREE DataSpace Lab AccessThe Certification course introduces learners to the fundamentals of penetration testing, covering all the key aspects like Network Penetration Testing, Cloud Penetration Testing, Web Application Penetration Testing, and Android Penetration Testing. Learners will learn how to deploy the different tools like Nikto, NMap, Metasploit, Burp Suite for finding network vulnerabilities to secure the network.
We are proud to express our support for the cybersecurity initiative by the Indian Government, with the help of Cyber Swachhta Kendra, Indian CERT, and Cyber Security Awareness programs. These initiatives emphasize on raising awareness and promoting safe internet practices. It pledges to promote and adhere to these practices as a responsible member of the digital community.
#IndianCERT # CyberSwachhtaKendra #DigitalIndia #CyberSecurityAwareness
Web Application Basics (Structure, Components)
OWASP Top 10 Vulnerability & Testing Methodology
Burp Suite Advance Usages by installing Plugins
Information Gathering/Recon
Information Gathering/ReconTools Covered- Gobuster, FFUF, WFUZZ, Feroxbuster, gau, Linkfinder, waybackurls, Assetfinder , Subfinder, Amass, httpx,httprobe
Manual Recon : Shodan, whois Lookup, Censys, Nuclei, Arjun Framework
SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
SQL injection vulnerability allowing login bypas
SQL injection UNION attack, determining the number of columns returned by the query
SQL injection UNION attack, finding a column containing text
SQL injection UNION attack, retrieving data from other tables
SQL injection attack, querying the database type and version on Oracle
SQL injection attack, listing the database contents on Oracle
Blind SQL injection with time delays and information retrieval
Blind SQL injection with out-of-band interaction
Reflected XSS into HTML context with nothing encoded
Stored XSS into HTML context with nothing encoded
Reflected XSS into attribute with angle brackets HTML-encoded
Reflected XSS into a JavaScript string with angle brackets HTML encoded
Reflected XSS with some SVG markup allowed
Exploiting XSS to perform CSRF
Reflected DOM XSS
Stored DOM XSS
Basic SSRF against the local server
Basic SSRF against another back-end system
Basic SSRF against the local server
Basic SSRF against another back-end system
SSRF with blacklist-based input filter
SSRF with filter bypass via open redirection vulnerability
Blind SSRF with out-of-band detection
SSRF with whitelist-based input filter
Blind SSRF with Shellshock exploitation
OS command injection, simple case.
Blind OS command injection with time delays
Blind OS command injection with output redirection
Blind OS command injection with out-of-band interaction
Blind OS command injection with out-of-band data exfiltration
File path traversal, traversal sequences blocked with absolute path bypass
File path traversal, traversal sequences stripped non-recursively
File path traversal, traversal sequences stripped with superfluous URL-decode
File path traversal, validation of start of path
File path traversal, validation of file extension with null byte bypass
Username enumeration via different responses
2FA simple bypass
Password reset broken logic
2FA broken logic
Username enumeration via subtly different responses
Username enumeration via response timing
Broken brute-force protection, IP block
Remote code execution via web shell upload.
Web shell upload via Content-Type restriction bypass
Web shell upload via path traversal
Web shell upload via race condition
CORS vulnerability with basic origin reflection
CORS vulnerability with trusted null origin
CSRF where token validation depends on request method
CSRF where token validation depends on token being present
CSRF where token is not tied to user session
CSRF where token is duplicated in cookie
No-Rate Limiting
IDOR
Introduction
Mobile Application Testing set up
OWASP Top 10 of Mobile Application Penetration Testing
Apk File Structure
OSINT Framework
Port Exploitation
Privilege Escalation (Windows & Linux)
Persistence
Process Migrations
Latest CVEs Exploitation
Router Exploitation
Firewall Exploitation
AV Evasion
CTF : Kioptrix level 1-3, Magic
Cloud Penetration Testing Lab set up
OWASP Top 10 Vulnerability for Cloud Securityn
IAM structure
S3 Bucket Structure
Acces Key Token
Secret Key Tokensn
API Pentesting Lab Set up (vAPI & CrAPI)
OWASP Top 10 vulnerability for API
Basic Structure & Functionality of API
REST & SOAP based API
Get one on one demo class with our industry expert trainers.
Book A Demo ClassDataSpace Academy courses are available at extremely competitive prices. Our Course Fees are structured keeping in mind the convenience and budget of students and beginners.
+18% GST
Training & Mentorship
Flexible Schedule
Online Live Interactive Session
Recorded Session After the class
World Recognised Certificate
3 Months Internship Program after the course
* No cost EMI options available.
Enroll your desired course and join DataSpace Academy in just few clicks!
Select your
desired course
from
our website
Enter your
details and
complete
the payment process
Select a batch for your first class
Soumya Jas is a Web Application Penetration Tester, Bug Bounty Hunter, Blockchain and Python Enthusiast. Additionally, he has an experience in playing CTF games on platforms like Portswigger and HackTheBox. While auditing and securing websites like eBluesoft (https://ebluesoft.com/) he discovered critical vulnerabilities and mitigated those vulnerabilities.
868 Students Taught
CEH Certified, Qualys Guard VM Certification 2019, DevSecOps Trained, DAST & SAST Handling client end to end from taking requirements till providing end report post-false-positive analysis of over 200 applications. Advance Knowledge of professional tools for Network, Source Code Analysis and Web Application Testing. Providing remediations to the clients for the vulnerable issues found during the auditing of the website & Coordinating with the development team for issues closure
209 Students Taught
CEH certified, CCNA essentials, having knowledge in various areas of cybersecurity including Web application penetration testing and network penetration testing. Bug bounty hunter having reported several vulnerabilities in platforms such as Bugcrowd, HackerOne, Integriti and recognized by several organizations. Passionate about information security and cybersecurity in general and looking forward to learn and experience new security aspects in this field.
2986 Students Taught
Vishal is a highly experienced Cybersecurity Professional and Ethical Hacking trainer who has experience in delivering lectures at the Telangana State Police Academy and other Government Universities. Vishal has secured a position among the top 10 finalists at Karnataka State Police Hackathon 2023, Which was a project on OSINT Project. He is also a Bug bounty hunter with skillsets in web penetration, and programming knowledge of C and Python.
2986 Students Taught
Learn from Industry Experts with Years of Expertise in the related field.
Practice on Real Time Projects which can be showcased to future recruiters
Placement Support for successful completion of courses and certification
100% practical and lab-based classes (available online & offline)
Specially tailored Certification Course equipped with in-demand industry skills
The course comes with round-the-clock support for doubt-clearing session
The Advanced Pentesting Course at Dataspace Academy is a game-changer! It takes you deep into the world of unethical hacking and gives you hands-on experience with real-world scenarios
I was blown away by the depth and complexity of the advanced pentesting course at Dataspace Academy. The instructors are experts in their field and the course content is top-notch. I learned so much and feel confident in my ability to tackle even the toughest security challenges
The Advanced Pentesting course at Dataspace Academy is not for the faint of heart. It's a rigorous and challenging program that will push you to your limits. But if you're up for the challenge, you'll come out the other side with a whole new set of skills and a newfound respect for the world of cybersecurity
Have a 5-minute call with our experts to get your questions answered.
Everyone aspiring to build a career in cybersecurity is welcome to join the course. However, learners with a strong knowledge of Ethical Hacking will have an added advantage. We recommend the Cybersecurity Essentials program for the basics.
It is good to have the basic computer knowledge to enroll on this course. However, people from non-technical backgrounds can also join this course.
Yes, the program includes live project practice for hands-on training.
For details on seasonal discounts and special offers, please consult with our academic counselling team.
DataSpace Academy provides Internship opportunities and placement assistance based on the merit of the student on successful completion of the course.