Back close

Course Detail

Course Name Vulnerability Analysis and Penetration Testing
Course Code 21SN637
Program M. Tech. in Cyber Security Systems & Networks
Credits 3


VAPT Methodology : Cyber-kill chain: Reconnaissance and Information Gathering : OSINT, Breached credentials, Subdomain brute forcing, Directory scanning. Scanning and Enumeration : Scanning and exploiting open ports and services, Scanning for potential exploits in public vulnerability databases. Exploitation Basics : Metasploit, Gaining access to machines using vulnerabilities, Custom exploitation scripts, Password brute forcing, Password spraying. Active Directory : LLMNR poisoning, SMB relays, IPv6 DNS takeovers, pass-the-hash/pass-the- password, token impersonation, kerberoasting, GPP attacks, golden ticket attacks. Maintaining access : Reverse shell, file transfer. Web Application Penetration Testing. Automated Vulnerability scanners: Nessus, NMap, Metasploit, Acunetix. Report Writing : Statements of Work, Rules of Engagement, Non-Disclosure Agreements, and Master Service Agreements


  1. Bugcrowd, “The Ultimate Guide to Penetration Testing”, 2020 edition
  2. HackerOne, “Web hacking 101”

Course Objectives

  • CO4. Familiarization with cyber kill-chain (Reconnaissance, Scanning and Enumeration, Exploitation, Privilege escalation, Maintaining access etc)
  • CO5. Understanding the usage of industry standard tools used as a part of the VAPT process such as Metasploit, nmap, Nessus
  • CO6. Ability to perform pentest a target and generate a report based on the test

DISCLAIMER: The appearance of external links on this web site does not constitute endorsement by the School of Biotechnology/Amrita Vishwa Vidyapeetham or the information, products or services contained therein. For other than authorized activities, the Amrita Vishwa Vidyapeetham does not exercise any editorial control over the information you may find at these locations. These links are provided consistent with the stated purpose of this web site.

Admissions Apply Now