DEFENCE INSTITUTE OF

ADVANCED TECHNOLOGY (DU)

An Autonomous Organization funded by

Department of Defence
Research & Development,
Ministry of Defence, Government of India

SALIENT FEATURES OF DIAT CERTIFIED STRUCTURE OF THE COURSE:

THE COURSE INFORMATION ASSURANCE
10 Modules:
PROFESSIONAL Fundamentals of Cyber Security
200 hours of training materials.
The training sessions are offered by the Forensics and Incident Response
leading academicians, experts from An Online Training & Cryptography
DRDO, industry, and cyber security Think System/ Driver Programming and OS
Certification Course (OTCC) Internals
Tanks.
Live interaction sessions with instructors. on Reverse Engineering
Advanced Topics like Malware Analysis, Malware Analysis
Cyber Security
Vulnerability Discovery, BYOD Security, Vulnerability Discovery Module for
Drone & Anti-Drone technology, etc.
Windows, Linux, and iOS
Practical demo on Kernel programming, 16 weeks online course Vulnerability Analysis & Penetration
UEFI device driver programming, Reverse Testing
Around 200 hours of course Tools and Techniques for Cyber Security
Engineering, Exploit writing, Full-stack
debugging of an android application, content plus demonstration Professionals
Must-know Basics of Emerging Cyber
VAPT, SQL Injection, etc.

Security Domain

CONTACT US AT csdiat@gmail.com REGISTER AT:https://forms.gle/ngYR78hzXjs9yeTp6

PAGE 1 OF 4
GENESIS OF THE COURSE CERTIFICATE CANDIDATES ARE SUPPOSED TO
Information Assurance is the need of the hour. The entrance test ensures the qualification for
HAVE UNDERSTANDING OF
There is a strong demand for the experts in the enrolling in the course. DIAT Certified Fundamentals of OS: memory management,
fields of red teaming, cyber compliance and Information Assurance Professional will be kernel architecture, IPC, process
resilience in the organizations, industry and awarded after successful completion, to claim management, device management, file
business. The programme is launched with a your state-of-the-art skill set. management, practical knowledge of BSD
goal of building the next gen cyber warriors’ based OS, shell programming, Windows
force for the nation, to fulfil the immediate and ADVISORS 32/64 APIs.
growing requirement for the trained Networking: OSI, TCP/IP, socket
Dr. CP Ramanarayanan, VC, DIAT
professionals competent in the state-of-the-art programming, win32 socket APIs, server
Shri Amit Sharma, Director , O/o Advisor
security tools and techniques. messaging block, application and ports,
(Cyber), Ministry of Defence
TLS/SSL including TLS1.3, Firewalls, UTM,
IMPORTANT DATES Dr. Manisha J Nene, Director, SoCE&MS,
routing protocols, core/edge routers, ASN,
DIAT
Last date of Registration : 25 May 2023 IPv4/v6.
Shri Dinesh Bareja, CISA, CISM, ITIL, ISMS
Last date of payment of fees: 05 June 2023 System Software: basic knowledge of
(LA, LI)
Commencement of course: 12 June 2023 assembly, x86 instruction set, addressing
modes, registers, and main memory space.
Data Structures: Knowledge of programming
REGISTRATION LINK language C/C++/Java/any Object-Oriented
https://forms.gle/ngYR78hzXjs9yeTp6 language, any one scripting language –
PHP/python/ruby/Perl.

TARGET AUDIENCE FEES DETAILS

Graduates from any discipline aiming for Fees for the Course: Rs. 35,400/- (including
successful career in information security, IT GST @18%)
professionals who wish to enhance their
information assurance capabilities, Officers CONTACT US:
from Tri-services, R&D professionals, or anyone
who wants to develop the skill set for +91 2024604533 / +91 2024604538
information assurance. Students pursuing
graduation may apply. csdiat@gmail.com
"DREAM IS NOT THAT WHICH YOU
SEE WHILE SLEEPING, IT IS https://www.diat.ac.in/online-
SOMETHING THAT DOES NOT LET certificate-courses/
YOU SLEEP."
CONTACT US AT csdiat@gmail.com REGISTER AT: https://forms.gle/ngYR78hzXjs9yeTp6
PAGE 2 OF 4
FUNDAMENTALS OF CYBER
SECURITY
SYLLABUS DETAILS De-compilation; Anti-reversing techniques:
Breaking protections, Confusing Disassemblers,
Anti-Debugger Techniques, VM- detection
Basics of computer, Evolution in computing SYSTEM/ DRIVER PROGRAMMING techniques
environments; Basic constructs of cyber AND OS INTERNALS
security; Computer networks; Network security:
Firewall config, UTM, Wire-shark dump analysis, Basics of compiler, linker and build processes, MALWARE ANALYSIS
PCAP analysis, IDS/IPS– SNORT, ASL, OSSEC Basics Kernel programming, user-kernel mode Static & Dynamic malware analysis techniques;
(file system); Attacks- snooping, spoofing, DPI communication, Interrupt handling & input Packing, unpacking, Sandboxing executables,
techniques; Traffic reconstruction; Intro to virtual subsystems, ring architecture; Windows OS Runtime analysis in VM; Advanced Static
machines and hypervisors; Intro to cloud Internals- System Architecture; Linux Internals- Analysis- Analyzing malicious Windows
computing; Intro to cyber-crime. Linux Kernel, File Descriptors; SSDT, IDT, IAT Programs; Advanced Dynamic Analysis–
(hands-on hooking); Linux boot process; NDIS Debugging, Kernel Debugging with WinDbg;
FORENSIC & INCIDENT RESPONSE Device driver programming– protocol, miniport; Dynamic data flow tracking (DFT); Process
Windows boot process debugging, UEFI device injection, API hooking, DLL injection; Reflective
Stages of forensics; Memory forensics– driver programming, MBR, programming; File DLL loading, Dynamic API loading, 64- bit
evidence collection acquisition/imaging of system filter driver programming; Secure boot, Malware, File-less Malware; AV obfuscation
onboard memory, Practical– FTK, Encase; measure boot, trust boot ;Introduction to ARMv7 techniques; Covert Malware Launching; Data
Online and Live forensics, File system forensics, & V8 instructions; Introduction to ARM ABI Encoding; Malware Focused Network
Network forensics– intrusion detection form convention, writing simple assembly files, its Signatures; Shellcode Analysis; Reversing
Internet logs, monitoring and analysis, network calling & its functionality; Recovery partitions; firmware; Android, iOS architecture; Android
traffic analysis, Incident response - Using WMI programming & power shell. Reverse Engineering: Android application
Process Explorer, Windows sysinternals to look
architecture understanding; Tools for reversing
for malware, Cloud forensics, Database
forensics – Metadata extraction & analysis.
REVERSE ENGINEERING of application (jadax, apktool, backsmali,
Reversing basics, Execution Environments, dextojar); Obfuscation Techniques of android
applications, Deobfuscation Techniques; Smali
CRYPTOGRAPHY Static & Dynamic reverse engineering; Assembly
language primer; x86 & x86-64 architectures; code understanding, code injection techniques;
Assembly language primer; Executable file iOS Application Security; iOS Security
Data Security & Privacy; Modular Arithmetic,
formats– PE & ELF; Reversing program binaries– Mechanisms & Security Architecture; Secure
Mathematics of Cryptography; Symmetric Key
offline code analysis; Reversing program Boot Chain, Data Encryption & Network Security;
Cryptography, Stream Cipher A5, Asymmetric
binaries; Reversing program binaries– live code iOS File System isolation, Application Sandbox,
Key Cryptography, RSA; Elliptic Curve based
analysis; Kernel Debugging (hands-on Windows iOS device Architecture; Automated Malware
Cryptography; Hash Functions, Digital Signature.
crash dump analysis); Reversing tools: Analysis using Cuckoo, Yara; Malware As A
Disassemblers, Debuggers, System monitoring Service.
tools; Reversing ‘.NET’,

CONTACT US AT csdiat@gmail.com REGISTER AT: https://forms.gle/ngYR78hzXjs9yeTp6

PAGE 3 OF 4
VULNERABILITY DISCOVERY SYLLABUS DETAILS VULNERABILITY ANALYSIS AND
MODULE FOR WINDOWS, LINUX PEN TESTING
AND IOS Passive Information Gathering: OSINT/Search
SQL Injection, Login Bypass using SQL
Writing shell code for Arm and x86_64; Engines, DNS Enumeration,DNS Tools
Injection; Advanced SQL Injection: WAF and
Software vulnerabilities: buffer overflow, (dnsenum, dnsrecon, dnsdumpster); Active
advanced queries; File Inclusion, File Upload
integer overflow, heap overflow, Use after nformation Gathering: Intro to TCP/UDP, Port
Bypass; Cross-Site Scripting and other
free, double free, null pointer dereference, Scanning using NMAP, Nmap Scripting Engine,
OWASP top 10 vulnerabilities; Post-
race condition; Out-of-bounds and pool Service Detection and Banner Grabbing;
Exploitation and Lateral Movement; File
overflow, Vulnerability discovery and Exploit Service Enumeration: NetBIOS, SMTP, SNMP,
Transfer: tftp, ftp, encoded, echo, download
writing, hands on for both windows and Linux Other Services; Sniffing and MITM attacks: ARP
clients; Hydra, NCrack, Medusa, John the
(android); Return oriented programming; SEH Tools, MITM; Exploits: Searching for Exploits,
Ripper; Maintaining access: web shells,
exploit; heap splaying; stack overflow Customizing Exploits; Client Side Attacks: Spear
reverse shells and payloads; Privilege
prevention; ASLR, DEP bypass, canary bits, Phishing, Phishing, Social Engineering;
escalation: password attacks, security
egg hunting; Fuzzing with Metasploit: Simple Anonymity using TOR, VPNs and Proxies;
misconfiguration, exploitable software,
FTP fuzzer; Android Fuzzing (AFL for android, Common Web Services: HTTP, HTTPS, FTP,
escalation exploits; Windows Authentication
SyzKaller for kernel); Full-stack debugging of WebSockets; Web Discovery: Fuzzing using
Weaknesses; Port Redirection, Tunneling,
an android application, with remote gdb, adb wfuzz, dirbuster, dirb and web crawling; Web
Pivoting and Proxies; Escalation and Lateral
and android studio; Advance kernel Exploitation Tools: Burpsuite, Firefox Add-ons.
Movement in AD environments; Exploitation
Exploitation Windows/Linux; KSLR bypass, Frameworks: Metasploit.
SMEP bypass, token stealing shell code; TOOLS AND TECHNIQUES FOR
Privilege escalation techniques; iOS Kernel CYBER SECURITY MUST-KNOW BASICS OF
Debugging: Panic Dumps, Using the KDP
Kernel Debugger (hands on tasks limited to
PROFESSIONALS EMERGING CYBER SECURITY
30 pin devices); Extending the Kernel IEEE standards; Technical report writing; SOC DOMAINS
Debugger (KDP++); Debugging with own maintenance; Overview of fail-safe and fault-
Patches; Kernel Heap tolerant systems; Commercial grid security- Cloud Security, Drone & Anti-Drone
Debugging/Visualization (new software BYOD security; Corporate security technologies, Concept of block-chain, cyber
package); Patch Diffing, One-Day Exploits, implementation overview - threat analysis, risk terrorism, cyber warfare, virtual currency, &
and Return-Oriented Shell-code;Advanced assessment; Indicators of Compromise(IoC), utilization in dark web, TOR, VPN, social media
Persistent Threat (APT) life-cycle; Indicators of attack; Tactics, Techniques, and threats; Cyber Physical Systems (CPS) and
Introduction to VAPT methodology; Procedures (TTP) - method of analyzing an Security in CPS.
Introduction to Red Teaming, Mitre APT operation, analyzing the performance of
Framework; Essential Tools for VAPT; APT; Disaster recovery- tier 1, 2; Business
Continuity Plan (BCP).

CONTACT US AT csdiat@gmail.com REGISTER AT: https://forms.gle/ngYR78hzXjs9yeTp6

PAGE 4 OF 4