Phone: (+91) 92890-95402

Post Graduate Program in Cybersecurity & Ethical Hacking

Duration: 6 Months / 24 Weeks / 110 hrs

Industry Acceptance

The Post Graduate Certificate Program in Cyber Security & Ethical Hacking by NIRA is a comprehensive, practice-driven training program designed to equip learners with the technical expertise required to protect modern digital ecosystems. Covering essential domains such as ethical hacking, vulnerability assessment, network and web penetration testing, wireless security, mobile application security, and social engineering, the program blends foundational concepts with advanced hands-on learning. Through real-world case studies, live simulations, and guided lab exercises, learners gain practical experience in identifying, exploiting, and mitigating security weaknesses. The curriculum emphasizes industry-aligned tools, responsible hacking practices, and structured report development to prepare participants for high-demand cybersecurity roles. Upon completion, learners are equipped with job-ready skills to safeguard systems, conduct professional penetration tests, and support organizational cyber resilience.

Accredited by

Request an Inquiry for Admission

Registration Fees

₹ 1500

non-refundable

Course Fees

₹ 85,000

Flexible EMI options available.

Batch Start

Nov, 2025

Duration

6 Months / 24 Weeks / 110 hrs

Program Structure

Eligibility: Graduate/Diploma in any discipline

Duration: 6 Months / 24 Weeks / 110 hrs

Batch Start Date: Nov, 2025

Batch Size: 15-20

Courses and Certification Conduct Policy:

CASE STUDIES:

Reconnaissance on a FinTech Startup (OSINT + Footprinting): Collect publicly available information (domains, emails, tech stack, exposures) for a fictional FinTech firm to demonstrate how attackers profile targets.
Network Discovery in a Corporate LAN (Scanning & Enumeration): Using Nmap, students map subnets, detect open ports, OS versions, and identify potential entry points for a simulated enterprise network.
Exploiting a Vulnerable Web Server (Vulnerability Assessment): Perform a vulnerability scan using OpenVAS and use a known CVE exploit (e.g., Apache Struts) in a safe virtual environment.
Brute Force Attack on a Linux System (Password Attacks): Use Hydra/Medusa to demonstrate password security risks and mitigation techniques.
Wireless Access Point Attack Simulation (WPA2 Cracking): Capture WPA handshake packets from a lab Wi-Fi router and perform a dictionary attack using Aircrack-ng.
Rogue Access Point & Evil Twin Attack (Wireless Hacking): Create a fake Wi-Fi network using hostapd and conduct credential harvesting to demonstrate MITM exploitation.
SQL Injection on a Vulnerable Web App (Web Security): Using DVWA / WebGoat, students perform SQL Injection to extract data and demonstrate prevention techniques.
Cross-Site Scripting (XSS) Exploit Chain: Exploit stored and reflected XSS vulnerabilities and escalate to cookie theft using a controlled environment.
Social Engineering Email Campaign (Phishing Simulation):Design and deploy a phishing campaign through GoPhish targeting a fictional employee group, measuring open and click-through rates.
Malware Analysis Basics (Static & Dynamic): Students analyze a harmless malware sample (educational malware) to understand signatures, behavior, and indicators of compromise.
Intercepting Mobile App API Calls (Mobile Security): Students use Burp Suite to intercept and analyze insecure API communications of a vulnerable Android app.
Penetration Test of an IoT Device (IoT Security): Using Raspberry Pi, students exploit default credentials, open ports, and outdated firmware on simulated IoT setups.
Ransomware Attack Scenario (Network Penetration Testing): Students simulate a ransomware infection in a virtual lab and practice mitigation and recovery procedures.
Man-in-the-Middle Attack via ARP Spoofing: Using Ettercap, students execute ARP poisoning on a LAN environment to capture credentials and demonstrate network security gaps.
Cloud Account Compromise Simulation (AWS/Azure): Students identify misconfigurations in IAM roles, S3 storage buckets, and insecure API keys in a simulated cloud environment.
Exploiting a Mobile APK Vulnerability: Students reverse-engineer an intentionally vulnerable APK to exploit insecure storage, insecure authentication, or hardcoded keys.
Incident Response: Breach on E-commerce Platform: Students analyze logs, detect indicators of compromise, reconstruct the attack chain, and prepare an incident response report.
Secure Coding Remediation Assignment: Students review vulnerable code snippets and rewrite them following secure coding practices (input validation, sanitization, encryption).
Building and Attacking a Honeypot Server: Students configure a low-interaction honeypot and analyze attacker behavior, logs, and attack patterns.
Final Penetration Testing Project (End-to-End Engagement): Students perform a full pentest on a simulated corporate network including: Reconnaissance, Scanning, Exploitation, Privilege escalation, Post-exploitation, Reporting & presentation

Program Structure:

Module 1:Introduction to Ethical Hacking (4 hours)

Understanding the role of ethical hackers
Legal and ethical considerations
Setting up a lab environment for practice

Module 2:Footprinting and Reconnaissance (4 hours)

Passive and active information gathering
OSINT (Open Source Intelligence) techniques
Tools like Nmap, Shodan, and theHarvester

Module 3:Scanning and Enumeration (4 hours)

Port scanning and service enumeration
Identifying vulnerabilities using tools like Nessus and Nikto
Enumerating users and shares

Module 4:Vulnerability Assessment and Exploitation (3 hours)

Vulnerability scanning and assessment
Exploiting common vulnerabilities (e.g., SQL injection, XSS)
Metasploit framework basics

Module 5:Wireless Network Hacking (3 hours)

Cracking WEP/WPA/WPA2 keys
Rogue access points
Securing wireless networks

Module 6:Web Application Security (4 hours)

OWASP Top Ten vulnerabilities
Manual and automated web app testing
Secure coding practices

Module 7:Social Engineering and Phishing (3 hours)

Psychological manipulation techniques
Crafting effective phishing emails
Protecting against social engineering attacks

Module 8:Network Penetration Testing (4 hours)

Active directory attacks
Privilege escalation
Post-exploitation techniques

Module 9:Mobile Application Security (3 hours)

Assessing Android and iOS apps
Reverse engineering mobile apps
Mitigating mobile security risks

Module 10:Report Development and Remediation (5 hours)

Writing effective penetration test reports
Prioritizing vulnerabilities
Collaborating with stakeholders for remediation

By the end of this course, participants will have practical skills in ethical hacking, penetration testing, and securing systems. They’ll be well-prepared to take on real-world challenges in the cybersecurity field.

Copyrights © 2025 NIRA. All rights reserved.