Computer engineer with over ten years of experience in industrial automation and IT security. IT consultant and teacher at state secondary school, where he trains future generations of digital professionals. He collaborates with RHC as an outreach speaker, sharing his knowledge on cybersecurity, automation and IoT. ComptiaSec+.
Master in Cybersecurity & Ethical Hacking
Location:
ONLINE
This course focuses on the essential skills required to become a professional penetration tester. The various phases of a penetration test, from information recognition to maintaining access and erasing traces, will be explored, providing both a theoretical basis and practical workshops. The aim is to prepare participants to discover and mitigate vulnerabilities in computer systems in an ethical manner.
TRAINING PROJECT
PREPARATORY PHASE
- 50 hours minimum of self-study for the didactic material provided in the preparatory phase and during the lectures, including the possibility of reviewing the lectures recorded on the platform and any planned exercises
- Preparatory teaching materials
+ 8 hours online of aviation legislation
1
CLASSROOM PHASE
57 hours online in live streaming
2
TRAINING/INTERNSHIP PHASE
3
FINAL STAGE
- career guidance meeting;
- Revision and optimisation of Curriculum Vitae with subsequent dissemination to companies in the sector nationwide.
At the end of the entire training course, Accademia del Lavoro will be in charge of job brokerage, constantly collecting job offers that will be communicated to the students.
4
CERTIFICATES
- Private certificate of attendance issued by our Institute, which enjoys ISO 9001 Quality Certification;
- CompTIA Security+ certification
TEACHING PROGRAMME
INTRODUCTION - CYBERSECURITY (Duration: 8 HOURS)
- What is cybersecurity and why is it important
- The life cycle of a cyber attack
- Introduction to Ethical Hacking
- The concept of Penetration Testing
- Cybersecurity laws and regulations (GDPR, Privacy)
Topic 1 - Reconnaissance (Duration: 10 hours)
- What is reconnaissance and its importance
- Types of reconnaissance: active and passive
- Passive reconnaissance tools
- WHOIS, DNS, social media, and other public sources
- Active reconnaissance tools
- Nmap, Netcat, traceroute, and network analysis
- Information gathering techniques
- Identifying the network infrastructure
- Discovering IP addresses and determining vulnerabilities
- Analysis of collected data
- Interpreting information to determine the entry point
Topic 2 - System Scanning (Duration: 7 hours)
- What is scanning and its application in penetration testing
- Scanning ports and services
- Using tools such as Nmap to scan ports
- Service version scanning and detection of vulnerable services
- Vulnerability scanning
- Vulnerability scanning with tools such as OpenVAS and Nessus
- Identification of operating systems (OS Fingerprinting)
- OS identification techniques through Nmap
- Evasion techniques to avoid detection during scanning
Topic 3 - Gaining Access to Systems (Duration: 12 hours)
- What is Gaining Access and how a vulnerability is exploited
- Exploit techniques
- Exploits of known vulnerabilities in systems
- Using Metasploit Framework
- Password attacks
- Brute force, dictionary and hybrid attacks
- Using tools such as Hydra, John the Ripper, or Hashcat
- Execution of malware to compromise a system
- Backdoors and rootkits
- Privilege escalation techniques
- Exploit local vulnerabilities to obtain elevated privileges (root, admin)
Topic 4 - Maintaining Access (Duration: 10 hours)
- What is access maintenance and its importance
- Backdoors and rootkits
- Creating backdoors for persistent access
- Using rootkits to evade detection
- Remote control techniques
- Use of tools such as Netcat, Reverse Shell, or Cobalt Strike
- Creating a secure communication channel
- Communication encryption to avoid detection
- Log cleaning techniques
- How to avoid hacking activities being tracked
Topic 5 - Clearing Tracks (Duration: 10 hours)
Trace deletion techniques
- Log cleaning:
- Evasion of monitoring technologies:
- Tunneling techniques"
- Use of Rootkits
- Methods of erasing data on hard disks
- Alteration of timestamps
- Evasion of firewalls and intrusion detection systems
- Windows: Specific techniques for removing traces on a Windows system (cleaning event logs, removing PowerShell command history, removing traces in system logs)
- Linux/Unix: Commands such as history -c, changes in system logs and temporary files (/tmp, /var/log)
- MacOS: Deleting navigation tracks and system logs in the Apple environment
- Database: Deleting Query Logs and Access Traces
- 50 hours minimum of self-study for the didactic material provided in the preparatory phase and during the lectures, including the possibility of reviewing the lectures recorded on the platform and any planned exercises
- Preparatory teaching materials
AERONAUTICAL LEGISLATION
The sources of aviation law Legal regulation of incoming, transit and outgoing aircraft Aircraft approval All-inclusive flights Flights for special events Flights for own use Flights for cargo or mail transport Flights for transporting dangerous goods Taxi flights Humanitarian and emergency flights Veterinary regulations for the import and transit of live animals and meat and animal products
The sources of aviation law Legal regulation of incoming, transit and outgoing aircraft Aircraft approval All-inclusive flights Flights for special events Flights for own use Flights for cargo or mail transport Flights for transporting dangerous goods Taxi flights Humanitarian and emergency flights Veterinary regulations for the import and transit of live animals and meat and animal products
EMPLOYMENT OUTLETS
- IT consultancy company
- Corporate IT departments
- Public entities
- Banks and financial institutions
- Telecommunications companies
- Computer security company
- Security software providers
- Freelancers or independent consultants
REQUIREMENTS
- High school diploma with experience in the IT sector
Preferred requirements:
- Bachelor's degree (Computer Science; Computer Engineering or Electronics; Computer Security; and related fields)
-
Knowledge of: Operating systems (Windows, Linux); Programming (Python, C/C++, Java, Bash); Computer security fundamentals (vulnerabilities, encryption, malware)
TEACHERS
