Objective: Equip students with foundational skills in ethical hacking and penetration testing to secure web applications, focusing on open-source tools and DVWA (Damn Vulnerable Web Application). (Capstone Project: Website Penetration Testing Report) Throughout the weeks, students will work on a capstone project where they will perform a comprehensive penetration test on a simulated website using DVWA. They will document their findings, create detailed reports, and suggest mitigation strategies. This project will be their portfolio piece to showcase their skills. 1. Week 1: Introduction to Information Security - Topics covered: Cybersecurity Fundamentals, Introduction to Ethical Hacking, Basic Network Security, Introduction to Cryptography, Practical Cybersecurity Tips 2. Week 2: Introduction to Ethical Hacking - Topics covered: Orientation and Course Overview, Setting Up a Virtual Lab, Key Tools and Software, Network Security Basics, Identifying Common Vulnerabilities, Exploring common network vulnerabilities, Hands-on practice with vulnerability scanning using OpenVAS. 3. Week 3: Website Penetration Testing Fundamentals with DVWA - Topics covered: Website Architecture, Overview of how websites function, Introduction to client-server model and HTTP/HTTPS, Setting Up DVWA, Installing and configuring DVWA, Understanding the purpose and use of DVWA in penetration testing, SQL Injection with DVWA, Understanding SQL injection attacks, Practicing SQL injection techniques and defences using DVWA, Cross-Site Scripting (XSS) with DVWA, Understanding XSS attacks, Practising XSS techniques and defences using DVWA, Hands-on OWASP Top 10 with DVWA, Detailed exploration of the OWASP Top 10 vulnerabilities, Practical exercises to identify and exploit vulnerabilities using DVWA 4. Week 4: Advanced Penetration Testing Techniques - Topics covered: Advanced Exploitation Techniques, Techniques for privilege escalation, Using Metasploit for advanced exploitation, Social Engineering Attack, Understanding social engineering, Practical examples of phishing and other attacks, Reporting and Documenting Findings, Importance of documentation in penetration testing, How to create detailed and professional reports, Ethical Considerations and Legal Aspects, Understanding the ethics of hacking, Legal implications and compliance, Project Presentation and Feedback, Students present their penetration testing report, Personalized feedback and improvement tips. --- At the end of the 4 weeks, • Students will have beginner-to-advanced knowledge about ethical hacking and penetration testing using open-source tools and DVWA. • Students will have enhanced professional writing skills, and technical documentation skills along with research skills. • Students will have a capstone project which will serve as a significant portfolio piece, demonstrating their practical skills and readiness for the cybersecurity job market

This lesson is the fifth lesson of the Web Penetration Testing Series. This lesson consist of the following topics: - Cryptography Overview - Modern Cryptography - Steganography v/s Cryptography - Encoding and Decoding - Symmetric v/s Asymmetric Cryptography - Message Authentication and Hashing This lesson is followed by a two hours practical lab session.