Workshop Introduction
With the rapid advancement of technology and the expansion of digital infrastructure, the need for expertise in cybersecurity is felt more than ever. Zagros, with the aim of creating awareness and training specialized forces in identifying and countering cyber threats, has organized a specialized workshop on cybersecurity concepts and penetration testing.
What you will learn in this workshop
This workshop helps participants get acquainted with the basic principles of information security, prerequisites and methods of penetration testing, identifying vulnerabilities, defense solutions, and the learning path ahead after this workshop. During the course, learners will become familiar with real-world techniques and practical examples of common vulnerabilities in the real world and experience the challenges and methods of discovering and covering these vulnerabilities. Finally, participants will be introduced to the skills needed to enter the cybersecurity job market.
Workshop Audience
- ● Students and graduates of computer science, IT, and cybersecurity fields
- ● IT professionals, network specialists, frontend and backend developers, etc., who intend to upgrade their security knowledge
- ● Enthusiasts and individuals who intend to start their learning path in this field
Organizer:
Zagros Cybersecurity Team
Time:
13:30 to 19:30
Level:
Beginner to Advanced
Course Syllabus:
This course includes the following topics:
1. Introduction to Information Security
Introduction to basic principles and key concepts of information security, goals, and the CIA triad.
2. Security Testing Mindset
Understanding the attitude and mindset required for security testing, creative and methodical thinking for identifying vulnerabilities.
3. Networking Fundamentals
Computer networking basics, common protocols, OSI/TCP-IP model, and basic concepts like IP, DNS, and ports.
4. Linux Fundamentals for Security
Familiarity with Linux command line, essential commands, and security-related tools in Linux-based environments.
5. Database Fundamentals
Basic database concepts, SQL language, types of relational and non-relational databases, and related security issues.
6. Web Fundamentals
Web technology principles, client-server architecture, HTTP/HTTPS protocol, and web page structure.
7. Cryptography Fundamentals
Cryptography basics, encryption algorithms, digital signatures, and security applications of cryptography.
8. OWASP Top 10
Review of the top ten web security risks according to the OWASP list, including injection, broken authentication, and insecure configurations.
9. File Upload Vulnerabilities
Vulnerabilities related to file uploads, exploitation methods, and defense solutions against related attacks.
10. Real-World Pentester Workflow
Real-world penetration testing process from start to finish, including reconnaissance, analysis, exploitation, and reporting.
11. Learning Path After OWASP
Learning path ahead after getting familiar with OWASP, including resources, certifications, and complementary skills.
Course Outcome:
"After completing this course, you will gain a complete understanding of web security prerequisites, learn web penetration testing concepts and common web vulnerabilities fundamentally, and have a clear and targeted path for continuing learning in the field of hacking and cybersecurity."