SkillBridge Summer Camp

Lay foundation for your Professional journey with 2-months in-person/Hybrid SkillBridge Summer Camp Internship Program. Learn crucial Skills/Tools and work on real-world projects in our office Mohali.

Program Outline:

First 30 Days: Learn

  • In-person Classes at Mohali

Next 30 Days: Work Experience

  • In-person/Online work on Real-World projects

Program Syllabus

First Choose from our specialized tracks :

This Summer Camp Training program in cybersecurity provides a comprehensive 60-day (training + internship) experience in cybersecurity, divided into three specialized tracks covering cybersecurity fundamentals, penetration testing, digital forensics, and SOC operations.

Module I: Pentesting

  • Fundamentals
    • Virtualization types: Type 1 (bare-metal) and Type 2 (hosted)
    • Managing Virtual Machines in VirtualBox
    • Understand the basics of Docker and Docker Compose
    • Create Docker images and run containers
    • Run Docker-Compose setup
    • Components of Operating Systems
    • Hands-on with Linux commands
    • Learn Linux filesystem and permissions
    • Types of Computer Networks
    • Computer Networking Basics (IP, Subnet, Netmask)
    • Visualize layers of TCP/IP with Wireshark
    • Understand important network protocols (HTTP, HTTPS, FTP, SSH, SFTP) with Wireshark
    • Exploit vulnerabilities and misconfigurations in FTP and SSH servers
    • CTF: Exploit vulnerable/misconfigured services and analyze packet captures to find flags
  • Cybersecurity Fundamentals
    • CIA (Confidentiality, Integrity, Availability)
    • AAA (Authentication, Authorization, Accounting)
    • Generate hashes with Linux commands and online tools
    • Learn symmetric and asymmetric encryption and digital signatures
    • Break hashes with Hashcat
    • Crack passwords with John the Ripper
    • Case Study: WannaCry Ransomware
    • CTF: Break hashes and crack passwords of protected files
  • Host Pentesting
    • Stages of Penetration Testing
    • Scan networks to discover hosts
    • Service enumeration with Nmap
    • Exploit the vsftpd backdoor vulnerability manually
    • Use Metasploit for exploitation and gain meterpreter
    • Generate post-exploitation payloads using msfvenom for Linux and Windows
    • Perform privilege escalation in Linux systems
    • CTF: Exploit vulnerable hosts
  • Web Application Pentesting
    • Understand OWASP Top 10 vulnerabilities
    • Deploy vulnerable web apps: DVWA, OWASP Juice Shop, and OWASP WebGoat
    • Exploit weak session ID vulnerability on OWASP Juice Shop using Burp Proxy and Burp Repeater
    • Perform SQL Injection attacks on DVWA (locally hosted) using SQLMap
    • Exploit Cross-Site Scripting vulnerability manually and using XSS Strike
    • Perform automated and manual scans on DVWA using ZAP
    • Conduct network scans using Nessus
    • Perform dictionary attacks on vulnerable web apps using Burp Intruder
    • CTF: Identify and Exploit Web Application Vulnerabilities
  • Network Security
    • Wireless adapter operation modes: Monitor and Managed
    • Capture Wi-Fi traffic with Wireshark and wireless adapter
    • Change adapter's mode using airmon-ng
    • View devices in a WiFi network using Wireshark
    • Crack a WPA WiFi access point's password using aircrack-ng
    • Decrypt encrypted WiFi traffic captured on Wireshark
  • Tools and Python scripting
    • Shodan to find live vulnerable servers
    • Refine search results using Google Dorks
    • Whois lookup and urlscan.io for recon
    • Phishing campaigns using Gophish
    • Hack into web browsers using The BeEF
    • WordPress vulnerabilities scan
    • Websites scan for vulnerabilities using Nikto and Nuclei
    • Python scripts for traffic sniffing with the Scapy
    • Dictionary attacks using Python scripts with pexpect and paramiko

Recommended Certifications: CompTIA Security+ Cisco CyberOps

Tools:

VirtualBox Kali Linux Docker Wireshark Nmap Hashcat John the Ripper Hydra Metasploit DVWA Burp Suite OWASP OWASP Juice Shop OWASP WebGoat Scout Suite Aircrack-ng Shodan Wayback Machine AnyRun Maltego Gophish The BeEF Python Nikto Nuclei WPScan Nessus ZAP

Module II: Digital Forensics

  • Introduction and Disk Forensics
    • Digital Forensics Process
    • Chain of Custody
    • Evidence Acquisition: Live and Dead
    • Create digital image of a disk
    • Processing disk image for artifacts
    • Recovering deleted files from Disk
    • Collecting Forensics artifacts: Browser activity, Recently opened files, Installed programs, Executed programs, User details
    • CTF: Process a real-world image to investigate the case
  • Windows Forensics
    • Windows Event Logs
    • Event Log extraction to reconstruct Timeline
    • Log Analysis with Event Log Viewer
    • Advanced analysis: Log Parser and Log Parser Lizard
    • Threat Hunting in Logs with Hayabusa
    • Sigma rules for detection
    • CTF: Analyze provided Event Logs to investigate the case
  • Memory Forensics
    • Dumping RAM for Linux and Windows machines
    • RAM Dump Analysis with Volatility
    • Working with Volatility Workbench
    • Recovering Forensics Artifacts from Memory: Process memory, Process Binary, Open File Descriptors, Network Connections, Process Hierarchy
    • Case Study: Cridex Malware Investigation
    • Redline for Live Acquisition and quick analysis
    • CTF: Analyze provided RAM Dump to investigate the case
  • Network Forensics
    • Networking Traffic capture and Analysis using Wireshark
    • HTTP Traffic analysis and object extraction
    • TCP/UDP Stream reconstruction to uncover complete exchange
    • Case Studies: Redline Infostealer Malware Traffic Analysis, Phishing Attack Traffic Analysis
    • Network Forensics to recover artifacts with Network Miner
    • Macroanalysis to locate traffic trends and outliers: CapAnalysis, Xplico
    • CTF: Analyze provided PCAP to investigate the case
  • Malware Containment and Analysis
    • Threat hunting with Master Parser and DeepBlue CLI
    • Log Enrichment with Sysmon
    • Sandboxes and their usage: Containment Sandboxes (Sandboxie, Firejail), Malware Analysis Sandboxes (Any.run, Cuckoo, Joe Sandbox)
    • CTF: Analyze provided Malware Sample to investigate the case

Tools:

FTK Imager Autopsy Volatility Wireshark Hayabusa LiME Guymager DumpIt Redline Network Miner Event Viewer Sandboxie+ Log Parser Lizard Firejail Any Run Cuckoo Sandbox Joe Sandbox

Module III: Security Operation Center Operations

  • Introduction to SOC
    • Cyber Security Framework (Identify, Protect, Detect, Recover, Govern)
    • What an SOC is, its importance, and SOC Roles
    • Career Path and required Skills
    • Cyber Security Threats (Malware, Phishing, Insider Threats, Advanced Persistent Threats (APTs))
  • Splunk SIEM
    • How SIEM Works (Collect Data and Aggregation from Endpoints)
    • Key Terms in SIEM (Events, Logs, Parsing, Normalization)
    • Splunk SIEM Components (Forwarder, Indexer, Search Head)
    • Setting up Splunk SIEM Server
    • Configuring Splunk SIEM agents
    • Splunk Query Language (SPL) queries
    • Uploading logs (Windows and Linux) for threat hunting
    • Create dashboards for threat hunting
    • CTF: Use Splunk SIEM to locate issues
  • Splunk SOAR
    • Security Orchestration Automation and Response (SOAR) elements: Threat Intelligence, Automation, Response, Orchestration
    • Key terms in Splunk SOAR (App, Asset, IOCs, Playbook)
    • Understanding Threat Intelligence Feeds (Open-Source, Free, and Commercial)
    • Integrating Splunk SOAR to Splunk SIEM
    • CTF: Create Custom dashboard for real-world threat hunting on Windows Event Logs
  • Wazuh XDR
    • Endpoint Detection & Response (EDR) vs Extended Detection & Response (XDR)
    • Host Based Intrusion Detection System (HIDS): Open Source Security Event Correlator (OSSEC)
    • Wazuh: Open Source XDR solution
    • Wazuh core components (Agent, Server, Indexer)
    • Building custom Threat Hunting dashboards with Wazuh
    • Monitor compliance using the Compliance Dashboard
    • Detect known Tactics, Techniques, and Procedures (TTPs)
    • Adversary emulation using Atomic Red Team
    • CTF: Detect and respond to threats using Wazuh

Recommended Certifications: Splunk Core Certified User CompTIA CySA+

Tools: Splunk Wazuh Atomic Red Team OSSEC

This Summer Camp Training program provides a comprehensive 60-day (training + internship) experience in web3 and blockchain.

  • Fundamentals
    • Evolution of the Web and Blockchain Introduction
    • Understanding Bitcoin and Exploring the Bitcoin Blockchain
    • What is Mining and Its Process
    • Ethereum Blockchain and Its Key Features
    • Consensus mechanisms: PoW (Proof-of-Work) vs PoS (Proof-of-Stake)
  • Deploying Smart Contracts
    • Solidity Programming Introduction
    • Deploying "Hello World" Smart Contract with Remix
    • Local Blockchain Setup with MetaMask Integration
    • Understanding ERC-20 Tokens: Types of Tokens, EIPs, EIP-100, and ERC Standards
    • Creating a Smart Contract for a Custom ERC-20 Token
    • Understanding ERC-721 (NFTs): NFT Metadata, NFT Marketplace, Methods, and Events
    • Differences Between FTs (Fungible Tokens) and NFTs (Non-Fungible Tokens)
    • Create and Deploy a Smart Contract for an NFT Marketplace on Remix
    • Explore ERC-721 with OpenZeppelin
    • Interacting with Smart Contract using web3.js
  • Building Decentralized Applications (DApps)
    • Understanding DApps
    • Using ethers.js to Interact with Smart Contracts
    • Building a Simple Frontend Using HTML and Bootstrap for Interaction
    • Developing DApps Using React.js: Counter DApp, ERC-20 Token Sender DApp, and Banking System DApp
    • Building an NFT Marketplace DApp Using React.js
  • Testnet and Mainnet Deployment
    • Introduction to Testnet and Mainnet Environments
    • Testnet vs. Mainnet
    • Faucets, Blockchain explorers and obtain Testnet Ethers
    • Learn Infura API and how to use it
    • Deploy Smart Contract on Sepolia Testnet
    • Integrate DApp Frontend running on Vercel to Smart Contract
  • IPFS and ENS
    • Understanding InterPlanetary File Service (IPFS)
    • HTTP vs IPFS
    • Uploading and Pinning Image Files on IPFS Desktop
    • Building Static WebApp on IPFS
    • Deploy DApp on IPFS using Fleek
    • Introduction to Filecoin
    • Basic of Ethereum Name Service (ENS)
    • Register a domain on ENS Testnet and configuring it with Fleek Deployment
  • Decentralized Database and Cloud Computing
    • Understanding Ceramic Network
    • Running GraphQL Queries
    • Implementing ComposeDB Example DApp
    • Introduction to Decentralized Cloud Computing
    • Exploring Akash Network and Cosmos Network
    • Setting Up an Account on Keplr
    • Deploying a "Hello World" DApp on the Akash Network
    • Deploying an NFT Marketplace DApp on the Akash Network

Tools:

Mempool Bitcoin Ethereum Etherscan Remix Solidity MetaMask Ganache Postman VS Code Hardhat Web3.js OpenZeppelin Ethers.js Bootstrap HTML React.js Sepolia Infura Vercel IPFS ENS Fleek Filecoin Ceramic Network GraphQL Akash Network Cosmos Network Keplr ATOMScan Explorer
Limited Seats - Enroll Now !

Frequently Asked Questions (FAQ)

The SkillBridge Summer Camp Training program spans over 60 days, including 30 days of training and 30 days of hands-on internship.
No prior experience is required. The program is designed to accommodate beginners as well as those looking to enhance their skills in cybersecurity or web3.
Yes, upon successful completion of the program, you will receive a Certificate of Completion and Proficiency.
Successful completion of the training phase is required to proceed to the internship phase.

Reserve your spot!

Early Bird Offer!

/-

Actual Price:

/-

Venue:

Sec 82, Mohali

Program:

Mode:

From: To:

Login to Enroll