Cyber Security Training

Cyber Security Training

Get Information

Cybersecurity encompasses many different concepts, from information security to operational security to the security of computer systems. Cyber security is the practice of protecting computers, servers, mobile devices, electronic systems, networks and data from malicious attacks.
This course introduces the basic concepts and aspects of the discipline of cyber security and presents in detail the current and future perspectives of hackers and the cyber attacks they cause. In addition to these fundamentals, this course also explains more clearly and comprehensively how attackers conduct cyber attacks and build defenses against them through the defense-in-depth approach and the Cyber Kill Chain™ pattern.
Cybersecurity Training is a basic security course, but it still requires participants to have certain knowledge such as TCP/IP, networking, and sufficient Linux knowledge before attending the course.

About Education

Education Objectives:

  • Cyberspace phenomenon and cybersecurity evolving from information security
    to introduce the discipline,
  • To reveal the types and basic motives of the counterparty in cyber security – the “hackers” referred to as “hackers”/”hacktivists”,
  • Demonstrate the key points of being an effective cybersecurity expert,
  • Classify and explain cyber threats/attacks,
  • Demonstrate known, current and future threats and attacks,
  • One of the most fundamental approaches to cybersecurity
    defense” approach and to present cyber attackers and the path they follow in a step-by-step manner through the Cyber Kill Chain™.


Training Content:

  • Introduction to Cyber Security

What is a Hacker? Who is it called?

Hacker Types & Concepts

Underground Hacking World

General Penetration Testing Concepts

Penetration Test Types

White-box, Black-box, Gray-box

Penetration Testing Steps and Methodologies

Commercial and Free Software Used in Penetration Testing

What Should a Penetration Test Report Look Like?

  • Password/Passphrase Cracking Attacks

Password and Passcode concept

Preparation of Wordlist Suitable for the Institution

Hacking Windows LM/NTLM Passwords

Finding HASH Results from Search Engines

Hacking Linux User Passwords

Password Cracking Using the Cain & Abel Tool

Password Cracking Using John the Ripper Tool

Password Attack on SMB Service

Password Attack on RDP Service

Password Attack on SSH Service

Password Attack against MySQL Service

Password Attack against MSSQL Service

Password Attack on FTP Service

Password Attack on HTTP Service

Password Attack on Telnet Service

  • Gathering Information about Target Systems

What is Active / Passive Information Collection?

Information Collection Techniques

Whois, Subdomain Discovery etc.

Shodan Usage

Pipl Usage

Use of Leaked Source

Discovery of Other Sites Hosted on the Server

Using Pastebin

Using Cyberthint

Use of Internet Archive (, etc.)

Web Application Firewall (WAF) Detection

Determination of Mail Addresses of the Employees of the Institution

Gathering Information from Underground Hacking Forums

Local IP Block Detection via Mail

Using Nmap

    • Open, Closed, Filterd, Unfiltered, Open | Filtered, etc. Concepts
    • FIN Screening
    • TCP Port Scan
    • UDP Port Scan
    • Version Detection
    • OS Detection
    • Port Scanning with Fake IP Addresses
    • Port Range Determination
    • Using Scripts
  • Local Network Poisoning Attacks

Interception and Session Intervention in TCP/IP Networks

Various Session Intervention Methods

ARP Spoofing

IP Spoofing

DNS Spoofing

MAC Flooding

Cain & Abel

HTTP Session Interception

  • Vulnerability Scanning

Vulnerability Definition and Types

What is Vulnerability Scanning?

Vulnerability Scanning Tools

Network and Web Vulnerability Scanning Tools

Paid Vulnerability Scanning Tools

    • Netsparker
    • Acunetix
    • Nexpose
    • Nessus
    • CoreImpact
    • Etc. o Free Vulnerability Scanning Tools
    • OpenVas
    • Nikto
    • Uniscan
    • Etc.

Risk Assessment

Validation of Vulnerabilities

CVE, EDB, etc. Explanations & Usage of Abbreviations

  • DoS/DDoS Attacks

What is Denial Of Service?

Objectives o DDoS/DoS Attack Types

DNS Amflication, GET/POST Flood, SYN Flood, UDPFlood

DDOS Attacks

DDOS Types and Tools

Ircbot, zombie, BotNet Concepts

  • Exploitation Attempts and Processes to Infiltrate Target Systems

What is an Exploit?

Exploit Types

    • Zeroday Exploits
    • Local Exploits
    • Remote Exploits

Manual Exploit Usage

What is Metasploit?

  • Metasploit Modules
  • Web Application Security & Attacks

Web Applications and HTTP

Http Protocol Details

Hacking, Defacement, Rooting, Shell etc.

What Does Web Application/Site Security Depend on?

Information Collection for Hacking in Web Applications

Web Server, Application Version Discovery

Gathering Information from Error Messages

Collecting Information Using Google

Subdirectory and File Discovery

Admin Panel Discovery

XSS, CSRF Vulnerabilities

SQL Injection Vulnerabilities

Google’s Automatic SQLi Vulnerability Search

File Inclusion Vulnerabilities

Shell Types and Purposes of Use

Shell Concept and Usage

PHP, ASP and JSP Shell Types

Commonly Used Shell Software

Web Application Security Test Software

  • Auxilary, Encoder, Scanner, Nops, Payload, etc.

What is a Payload?

    • Payload Types
    • Reverse_Shell & Bind_Shell Differences
    • Encryption of Payloads

Exploitation Using Metasploit

  • Introduction to Malware

Basic concepts

Malware, Virus, Worm, Trojan, Spyware, Ransomware

Creating Different Types of Malware

Shellter, Msfvenom Usage

Creating Malware Suitable for Android Phones

File Merger (Binder)

  • Post Exploitation Attacks on Target Systems

Escalation Attacks

Interfering with Another Application

Password Review with Memory Dump

Starting a Remote Desktop Connection

Transition to Target’s Live Session

Trace Cleaning

Traffic Sniffing (Packet Sniffing)

Screenshot Capture

Keylogger Usage

Microphone Recording

File Upload / Download Activities

  • Social Engineering Attacks

What is Social Engineering?

How Social Engineering Attacks Are Conducted

Social Engineering Attack Examples

Scenario Building in Social Engineering Attacks

GoPhish Usage

  • Local Network Attacks

CAM table attack

CDP Protocol attack

DHCP protocol attack

ARP protocol attack

Spoofing attack

VTP protocol attack

VLAN attack

HSRP attack

SNMP attack

  • Wireless Network Attacks

Introduction to Wireless Networks


Wireless Network Types

Hazards in Wireless Networks

Fake Access Points and Their Damages

WLAN discovery methods

Exploration Techniques

Hidden SSID Detection

WEP/WPA/WPA2 Attacks

Hazards in Public Wireless Networks

Using Intrusion Detection System in Wireless Networks

Who Should Receive the Training?

  • Recognize the discipline of cyber security and comprehend its basic aspects/facts
    anyone who wants to,
  • Introduction to cybersecurity or cybersecurity certification
    students or employees who wish to take part in the program,
  • Individuals or managers working in any technical/administrative field related to Information Security / Cyber Security,
  • More in a specific area of information security or cybersecurity
    specialists who are already working but feel deficient in general topics and concepts,
  • Those who want to have knowledge about cyber security,
  • Experts/employees who plan a career in penetration testing and want to enter this sector,
  • Those who want to have knowledge about information security,
  • Those who want to protect themselves from attacks by hackers,
  • Those who want to learn the latest hacking methods and software,
  • Network administrators and security professionals.

Plan this training institutionally!

This training can be planned in different durations and content specific to your organization. Please contact us for detailed rich content and planning to realize your training objectives.

Get in touch

Additional information






Academy Club