| Section | Weight | Objectives |
|---|
| Topic 1: Session Hijacking | 4% | - Application & Network Level Hijacking
- Countermeasures
- Session Hijacking Concepts
- Hijacking Techniques
|
| Topic 2: Cloud Computing | 5% | - Cloud Security Risks
- Cloud Models & Services
- AWS, Azure, GCP Attacks
- Cloud Security Best Practices
|
| Topic 3: Social Engineering | 6% | - Identity Theft
- Social Engineering Concepts
- Countermeasures & Awareness
- Phishing, Pretexting, Baiting
|
| Topic 4: Cryptography | 5% | - Cryptography in Practice
- Encryption Concepts & Algorithms
- Public Key Infrastructure
- Cryptanalysis & Attacks
|
| Topic 5: Mobile Platforms | 4% | - Mobile Attack Vectors
- Mobile Device Security
- Android & iOS Vulnerabilities
|
| Topic 6: Introduction to Ethical Hacking | 5% | - Cyber Kill Chain & MITRE ATT&CK
- Information Security Concepts
- Legal and Ethical Compliance
- Ethical Hacking Methodology
|
| Topic 7: System Hacking | 8% | - Gaining Access: Password Attacks
- Privilege Escalation
- Clearing Tracks & Logs
- Maintaining Access
|
| Topic 8: Web Server & Application Attacks | 8% | - API Security Risks
- Web Server Vulnerabilities
- Web Security Countermeasures
- Web Application Attacks: XSS, CSRF
- SQL Injection & Command Injection
|
| Topic 9: Footprinting and Reconnaissance | 7% | - OSINT Techniques
- DNS, WHOIS, Network Mapping
- Reconnaissance Countermeasures
- Reconnaissance Concepts
|
| Topic 10: Scanning Networks | 8% | - Scanning Beyond IDS/Firewall
- Scanning Countermeasures
- Network Scanning Basics
- Service & OS Fingerprinting
- AI-Assisted Scanning
- Host & Port Discovery
|
| Topic 11: Denial-of-Service | 4% | - DoS & DDoS Concepts
- Defense Mechanisms
- Attack Techniques & Botnets
- DDoS Tools
|
| Topic 12: Enumeration | 7% | - Enumeration Countermeasures
- NetBIOS, SNMP, LDAP Enumeration
- AI-Driven Enumeration
- DNS, SMTP, NFS Enumeration
- Enumeration Concepts
|
| Topic 13: Vulnerability Analysis | 8% | - Vulnerability Classification & Scoring
- Vulnerability Research & Databases
- Vulnerability Assessment Lifecycle
- Scanning & Analysis Tools
|
| Topic 14: IoT & OT Security | 4% | - IoT/OT Architecture & Risks
- Security Controls
- Attacks on IoT & OT Systems
|
| Topic 15: Malware Threats | 7% | - Malware Analysis & Countermeasures
- Malware Types: Trojans, Viruses, Worms
- APT & Fileless Malware
- AI-Powered Malware
|
| Topic 16: Wireless Networks | 5% | - Wireless Threats & Attacks
- Wireless Hacking Tools
- Wireless Encryption: WEP, WPA2, WPA3
- Security Best Practices
|
| Topic 17: Evading IDS, Firewalls, and Honeypots | 5% | - IDS, IPS, Firewall Technologies
- Evasion Techniques
- Honeypot Concepts & Detection
|
| Topic 18: Sniffing | 5% | - MITM Attacks
- Sniffing Countermeasures
- Sniffing Tools & Techniques
- Packet Sniffing Concepts
|
