SkillBridge

Transform your career with CyberForge SkillBridge 6-month Online Internship Program, learning crucial Skills & Tools, preparing for top cybersecurity certifications with expert/AI-driven guidance while working on real-world Cybersecurity Operation, Threat Hunting and Development projects.

This online internship program consists of

  • 60+ hours Recorded Lectures
  • Optional 30 days in-office/person work.
  • Access to MCQs, Assignments and CTFs
  • Learn to create Practice Setups and Labs
  • Work on real world Cybersecurity Projects
  • Support for submissions in Conferences
  • Discounts on Certification Exam vouchers
  • AI/Human interviews
  • Resume Building and Review
  • 1:1 doubt solving calls
  • Discord support
SkillBridge
View Syllabus SkillBridge CTF

How it helps?

Problems for freshers to secure entry level Cybersecurity jobs and how SkillBridge helps to solve them.

Hurdles

How SkillBridge Helps

Lack of Certifications

Prepares for Key Certifications

Prepares for CompTIA Security+, EC-Council CEH, Cisco Cyber Ops, AWS Certified Security, Splunk Core Certified User. 85% of Fresher Cybersecurity roles require at least one of these certifications.

Little Usable Skills and Knowledge of Tools/Technologies

Comprehensive Skills Coverage

Covers SIEM, Docker, PowerShell, AWS, Web/Network/Web Pentesting, Splunk, Wireshark, Nmap, Burp Suite, Linux, and more. These skills are required in 80% of Fresher Cybersecurity roles.

Generic Resume and No Cybersecurity Projects

Guidance on Real-World Projects

Guides on real-world, relevant Cybersecurity projects, tools, and research.

No Interview Experience

Interview Preparation

Helps in preparation with regular interviews with AI and Experts.

Scoring Interview Off-Campus

Placement Assistance

We will work with our industry partners to get students shortlisted for Off-Campus interview for Cybersecurity jobs. While we are confident in getting you shortlisted, we can't promise placement.

Limited Seats - Enroll Now !

Program Syllabus

The SkillBridge program provides a comprehensive training in cybersecurity, divided into 4 self-paced modules covering Pentesting, Digital Forensics, Security Operation Center Operations, and Active Directory Red Teaming.

Module I: Pentesting

  • Fundamentals
    • Virtualization types: Type 1 (bare-metal) and Type 2 (hosted)
    • Managing Virtual Machines in VirtualBox
    • Understand the basics of Docker and Docker Compose
    • Create Docker images and run containers
    • Run Docker-Compose setup
    • Components of Operating Systems
    • Hands-on with Linux commands
    • Learn Linux filesystem and permissions
    • Types of Computer Networks
    • Computer Networking Basics (IP, Subnet, Netmask)
    • Visualize layers of TCP/IP with Wireshark
    • Understand important network protocols (HTTP, HTTPS, FTP, SSH, SFTP) with Wireshark
    • Exploit vulnerabilities and misconfigurations in FTP and SSH servers
    • CTF: Exploit vulnerable/misconfigured services and analyze packet captures to find flags
  • Cybersecurity Fundamentals
    • CIA (Confidentiality, Integrity, Availability)
    • AAA (Authentication, Authorization, Accounting)
    • Generate hashes with Linux commands and online tools
    • Learn symmetric and asymmetric encryption and digital signatures
    • Break hashes with Hashcat
    • Crack passwords with John the Ripper
    • Case Study: WannaCry Ransomware
    • CTF: Break hashes and crack passwords of protected files
  • Host Pentesting
    • Stages of Penetration Testing
    • Scan networks to discover hosts
    • Service enumeration with Nmap
    • Exploit the vsftpd backdoor vulnerability manually
    • Use Metasploit for exploitation and gain meterpreter
    • Generate post-exploitation payloads using msfvenom for Linux and Windows
    • Perform privilege escalation in Linux systems
    • CTF: Exploit vulnerable hosts
  • Web Application Pentesting
    • Understand OWASP Top 10 vulnerabilities
    • Deploy vulnerable web apps: DVWA, OWASP Juice Shop, and OWASP WebGoat
    • Exploit weak session ID vulnerability on OWASP Juice Shop using Burp Proxy and Burp Repeater
    • Perform SQL Injection attacks on DVWA (locally hosted) using SQLMap
    • Exploit Cross-Site Scripting vulnerability manually and using XSS Strike
    • Perform automated and manual scans on DVWA using ZAP
    • Conduct network scans using Nessus
    • Perform dictionary attacks on vulnerable web apps using Burp Intruder
    • CTF: Identify and Exploit Web Application Vulnerabilities
  • Network Security
    • Wireless adapter operation modes: Monitor and Managed
    • Capture Wi-Fi traffic with Wireshark and wireless adapter
    • Change adapter's mode using airmon-ng
    • View devices in a WiFi network using Wireshark
    • Crack a WPA WiFi access point's password using aircrack-ng
    • Decrypt encrypted WiFi traffic captured on Wireshark
  • Tools and Python scripting
    • Shodan to find live vulnerable servers
    • Refine search results using Google Dorks
    • Whois lookup and urlscan.io for recon
    • Phishing campaigns using Gophish
    • Hack into web browsers using The BeEF
    • WordPress vulnerabilities scan
    • Websites scan for vulnerabilities using Nikto and Nuclei
    • Python scripts for traffic sniffing with the Scapy
    • Dictionary attacks using Python scripts with pexpect and paramiko

Recommended Certifications: CompTIA Security+ Cisco CyberOps

Tools:

VirtualBox Kali Linux Docker Wireshark Nmap Hashcat John the Ripper Hydra Metasploit DVWA Burp Suite OWASP OWASP Juice Shop OWASP WebGoat Scout Suite Aircrack-ng Shodan Wayback Machine AnyRun Maltego Gophish The BeEF Python Nikto Nuclei WPScan Nessus ZAP

Module II: Digital Forensics

  • Introduction and Disk Forensics
    • Digital Forensics Process
    • Chain of Custody
    • Evidence Acquisition: Live and Dead
    • Create digital image of a disk
    • Processing disk image for artifacts
    • Recovering deleted files from Disk
    • Collecting Forensics artifacts: Browser activity, Recently opened files, Installed programs, Executed programs, User details
    • CTF: Process a real-world image to investigate the case
  • Windows Forensics
    • Windows Event Logs
    • Event Log extraction to reconstruct Timeline
    • Log Analysis with Event Log Viewer
    • Advanced analysis: Log Parser and Log Parser Lizard
    • Threat Hunting in Logs with Hayabusa
    • Sigma rules for detection
    • CTF: Analyze provided Event Logs to investigate the case
  • Memory Forensics
    • Dumping RAM for Linux and Windows machines
    • RAM Dump Analysis with Volatility
    • Working with Volatility Workbench
    • Recovering Forensics Artifacts from Memory: Process memory, Process Binary, Open File Descriptors, Network Connections, Process Hierarchy
    • Case Study: Cridex Malware Investigation
    • Redline for Live Acquisition and quick analysis
    • CTF: Analyze provided RAM Dump to investigate the case
  • Network Forensics
    • Networking Traffic capture and Analysis using Wireshark
    • HTTP Traffic analysis and object extraction
    • TCP/UDP Stream reconstruction to uncover complete exchange
    • Case Studies: Redline Infostealer Malware Traffic Analysis, Phishing Attack Traffic Analysis
    • Network Forensics to recover artifacts with Network Miner
    • Macroanalysis to locate traffic trends and outliers: CapAnalysis, Xplico
    • CTF: Analyze provided PCAP to investigate the case
  • Malware Containment and Analysis
    • Threat hunting with Master Parser and DeepBlue CLI
    • Log Enrichment with Sysmon
    • Sandboxes and their usage: Containment Sandboxes (Sandboxie, Firejail), Malware Analysis Sandboxes (Any.run, Cuckoo, Joe Sandbox)
    • CTF: Analyze provided Malware Sample to investigate the case

Tools:

FTK Imager Autopsy Volatility Wireshark Hayabusa LiME Guymager DumpIt Redline Network Miner Event Viewer Sandboxie+ Log Parser Lizard Firejail Any Run Cuckoo Sandbox Joe Sandbox

Module III: Security Operation Center Operations

  • Introduction to SOC
    • Cyber Security Framework (Identify, Protect, Detect, Recover, Govern)
    • What an SOC is, its importance, and SOC Roles
    • Career Path and required Skills
    • Cyber Security Threats (Malware, Phishing, Insider Threats, Advanced Persistent Threats (APTs))
  • Splunk SIEM
    • How SIEM Works (Collect Data and Aggregation from Endpoints)
    • Key Terms in SIEM (Events, Logs, Parsing, Normalization)
    • Splunk SIEM Components (Forwarder, Indexer, Search Head)
    • Setting up Splunk SIEM Server
    • Configuring Splunk SIEM agents
    • Splunk Query Language (SPL) queries
    • Uploading logs (Windows and Linux) for threat hunting
    • Create dashboards for threat hunting
    • CTF: Use Splunk SIEM to locate issues
  • Splunk SOAR
    • Security Orchestration Automation and Response (SOAR) elements: Threat Intelligence, Automation, Response, Orchestration
    • Key terms in Splunk SOAR (App, Asset, IOCs, Playbook)
    • Understanding Threat Intelligence Feeds (Open-Source, Free, and Commercial)
    • Integrating Splunk SOAR to Splunk SIEM
    • CTF: Create Custom dashboard for real-world threat hunting on Windows Event Logs
  • Wazuh XDR
    • Endpoint Detection & Response (EDR) vs Extended Detection & Response (XDR)
    • Host Based Intrusion Detection System (HIDS): Open Source Security Event Correlator (OSSEC)
    • Wazuh: Open Source XDR solution
    • Wazuh core components (Agent, Server, Indexer)
    • Building custom Threat Hunting dashboards with Wazuh
    • Monitor compliance using the Compliance Dashboard
    • Detect known Tactics, Techniques, and Procedures (TTPs)
    • Adversary emulation using Atomic Red Team
    • CTF: Detect and respond to threats using Wazuh

Recommended Certifications: Splunk Core Certified User CompTIA CySA+

Tools: Splunk Wazuh Atomic Red Team OSSEC

Module IV: Active Directory Red Teaming

  • Understanding Active Directory (AD): Components and Functions
  • AD Hierarchy: Forests, Domains, Organizational Units, and Trusts
  • Common AD Services: LDAP, Kerberos, DNS, and GPOs
  • Setting up lab AD environment
  • Enumerating Users, Groups, and Computers using PowerView and BloodHound
  • Gathering Domain Information with LDAP Queries and AD Explorer
  • Identifying Misconfigurations and Privilege Escalation Paths with BloodHound
  • Exploiting Weak Passwords and Kerberos Pre-Authentication
  • Phishing and Credential Harvesting Techniques
  • Extracting NTDS.dit and Registry Hives for Credentials
  • Dumping Credentials with Mimikatz: Kerberos Tickets, Plaintext Passwords, and Hashes
  • Techniques for Creating Backdoors: Golden and Silver Tickets, Skeleton Keys
  • Pass-the-Hash and Pass-the-Ticket Attacks
  • Lateral Movement with PsExec, WMI, and SMB Shares
  • CTF: Start with assumed breach and pwn Domain Admin

Tools: BloodHound Mimikatz Kerberos Active Directory

Limited Seats - Enroll Now !

Benefits of SkillBridge

Expand Employability

Invest a few hours weekly to enhance your career prospects.

Advanced Skills Preparation

Prepare for cybersecurity certifications with targeted learning.

Polished Resume

Showcase real-world cybersecurity projects on your resume.

Improved Interview Skills

Boost your performance in job interviews.

Exclusive Discounts

Access discounts on advanced cybersecurity bootcamps.

Frequently Asked Questions (FAQ)

The program is a 6-month internship designed for flexible, self-paced learning.
No prior experience is required. The program is designed to accommodate beginners as well as those looking to enhance their cybersecurity skills.
Internship is online, self paced with optional 30-day (1-month) working in-person at our Mohali office.
The program includes 60+ hours of recorded lectures, allowing participants to learn at their own pace.
Participants get 1:1 doubt-solving calls, resume reviews, Discord support, and mentorship from experts.

Application Process

Submit your application
Application review and shortlisting
Interview Round
Selected candidate pay fee
Early Bird: ₹ 24,999 (Actual: ₹ 34,999)
Embark on cybersecurity journey!
Login to Apply
* Program fees is applicable for the entire 6-month program.