🕒 3-Hour Ethical Hacking Core Course Outline

📍 0:00 – 0:20 (20 min): Introduction to Ethical Hacking

• What is Ethical Hacking?

• Black Hat vs White Hat vs Gray Hat

• Legal & Ethical Responsibilities

• Scope of Ethical Hacking in India & Worldwide

📍 0:20 – 0:50 (30 min): Reconnaissance (Information Gathering)

• Passive vs Active Recon

• Tools: WHOIS, Google Dorking, Shodan, Maltego (demo overview)

• Social Engineering basics

• OSINT (Open Source Intelligence) techniques

📍 0:50 – 1:10 (20 min): Scanning & Enumeration

• What is scanning? Types: Network, Port, Vulnerability

• Tools: Nmap, Netcat (live demo optional)

• Banner Grabbing basics

📍 1:10 – 1:40 (30 min): Vulnerability Analysis & Exploitation Basics

• Common vulnerabilities (OWASP Top 5 overview)

• What is Metasploit?

• Demo: Simple exploit using Metasploit Framework (e.g., Windows VM)

• How to identify vulnerabilities (basic CVE lookup)

📍 1:40 – 2:10 (30 min): Password Attacks

• Types: Brute-force, Dictionary, Credential Stuffing

• Tools: Hydra, John the Ripper (basic demo or explain workflow)

• Hash cracking concept (MD5, SHA1)

📍 2:10 – 2:30 (20 min): Web Application Hacking (Very Basic)

• What is a Web App Vulnerability?

• Introduction to:

  • SQL Injection (basic example)

  • XSS (Cross-site scripting)

• Tools: DVWA (Damn Vulnerable Web Application)

📍 2:30 – 2:50 (20 min): Defense & Reporting

• What is penetration testing vs ethical hacking?

• How to write a basic vulnerability report

• Introduction to remediation & mitigation

• Importance of patching and updates

📍 2:50 – 3:00 (10 min): Career & Resources

• Certifications (CEH, CompTIA Security+, OSCP)

• Free resources for practice (TryHackMe, HackTheBox)

• Building a home lab

• Final Q&A

🔧 Suggested Setup (Optional but Helpful)

• Kali Linux VM

• DVWA (Damn Vulnerable Web App)

• Windows 10 VM (for Metasploit demo)

• Internet connection for live scanning tools