Cyber Security Lab

The entry-level course covering computer hardware, software, operating systems and internet fundamentals. Builds the digital foundation needed to progress into networking and cyber security domains.

• Computer hardware components: CPU, RAM, storage, input/output devices & their functions
• Operating systems: Windows fundamentals — file management, control panel, task manager & registry basics
• Software types: system software, application software, open-source vs proprietary
• Internet fundamentals: how the internet works, browsers, email, cloud services & digital communication
• Introduction to cybersecurity concepts: threats, vulnerabilities, risk & basic defense strategies
• Digital safety: strong passwords, two-factor authentication, phishing awareness & safe browsing
• Microsoft Office fundamentals: Word, Excel, PowerPoint for professional use
• Introduction to command line: Windows Command Prompt & basic Linux terminal commands

A comprehensive introduction to Linux operating systems with a specific focus on security use cases. Linux is the foundation of almost all cyber security tools, servers and environments — proficiency here is essential for any security career.

• Linux distributions for security: Kali Linux, Ubuntu Server & Parrot OS — installation & setup
• File system hierarchy: /, /home, /etc, /var, /usr, /bin & permissions structure
• Shell scripting: Bash scripting for automation, loops, conditionals & functions
• User management: creating users, groups, sudo privileges & access control
• File permissions: chmod, chown, SUID, SGID & sticky bit in security context
• Process management: ps, top, kill, systemctl, cron jobs & service management
• Network tools: ifconfig, netstat, ss, nmap basics, curl & wget
• Log analysis: /var/log files, journalctl, syslog & identifying suspicious entries

Deep dive into computer networking fundamentals with a security focus. Understanding networks is the backbone of cyber security — you cannot defend what you don't understand. This course bridges networking theory with hands-on security application.

• OSI model & TCP/IP stack: each layer's function in security context
• IP addressing: IPv4, IPv6, subnetting, CIDR notation & network design
• Core protocols: HTTP/S, FTP, SSH, DNS, DHCP, ARP, ICMP — how they work and how they are attacked
• Network devices: router, switch, firewall, IDS/IPS & their security roles
• Packet analysis with Wireshark: capturing, filtering & analysing network traffic
• Network scanning with Nmap: host discovery, port scanning, OS fingerprinting & service detection
• Common network attacks: ARP spoofing, DNS poisoning, Man-in-the-Middle (MitM) & DoS concepts
• VPN technology: how VPNs work, encryption protocols & secure tunnelling

Hands-on ethical hacking and penetration testing training using industry-standard tools in a dedicated Cyber Range environment. Students learn to think like attackers to build stronger defenses — conducted entirely in isolated lab environments with simulated targets.

• Penetration testing methodology: reconnaissance, scanning, enumeration, exploitation & reporting
• OSINT (Open Source Intelligence): passive information gathering using Maltego, Shodan & Google Dorks
• Vulnerability scanning: Nessus, OpenVAS — identifying & prioritising vulnerabilities
• Exploitation with Metasploit Framework: modules, payloads, meterpreter sessions & post-exploitation
• Web application penetration testing: OWASP Top 10, SQL injection, XSS, CSRF, IDOR & broken auth
• Burp Suite: intercepting, modifying requests, active & passive scanning
• Password attacks: hash cracking with Hashcat, John the Ripper & rainbow tables
• Wireless security: WPA2 cracking methodology, evil twin attacks & wireless monitoring
• CTF (Capture the Flag) challenges: hands-on offensive security scenarios
• Penetration testing report writing: professional vulnerability report format

Learn to investigate cyber attacks, gather digital evidence and respond to security incidents. Digital forensics is one of the fastest-growing cyber security specialisations — essential for law enforcement, corporate security teams and incident response roles.

• Digital forensics principles: chain of custody, evidence preservation & forensic imaging
• Disk forensics: forensic imaging with dd / FTK Imager, file system analysis (NTFS, EXT4, FAT)
• Memory forensics: RAM dumps, process analysis & malware detection using Volatility
• File carving: recovering deleted files using Autopsy & Recuva
• Network forensics: capturing & analysing packet captures for attack traces
• Log forensics: Windows Event Logs, Linux syslog, firewall logs & SIEM correlation
• Malware analysis basics: static analysis (strings, hashes) & dynamic analysis in sandbox
• Incident response lifecycle: preparation, identification, containment, eradication, recovery & lessons learnt
• Forensic report writing: legal-grade investigation report format

Advanced course covering security in cloud environments (AWS, Azure) and integrating security into DevOps pipelines (DevSecOps). Addresses the growing demand for cloud security professionals as organisations move to the cloud.

• Cloud security fundamentals: shared responsibility model, IAM, MFA & access control on AWS & Azure
• AWS security services: Security Groups, NACLs, CloudTrail, GuardDuty, Inspector & WAF
• Azure security: Microsoft Defender for Cloud, Azure Sentinel (SIEM) & Entra ID (Azure AD)
• Container security: Docker image scanning, Kubernetes RBAC & namespace isolation
• DevSecOps pipeline: integrating SAST, DAST & SCA tools into CI/CD (Jenkins, GitHub Actions)
• Secrets management: HashiCorp Vault, AWS Secrets Manager — no hardcoded credentials
• Infrastructure as Code (IaC) security: Terraform security scanning with Checkov & tfsec
• SOC operations: SIEM tools (Splunk, ELK Stack), alert triage & threat hunting basics