Message from the Ghanimah Founder in urdu

Dashboard Unlocking

How to enable 2 factor Authentication

VA Class 00

VA Class 01 the CODS connection

VA Class 02 What you will learn

VA Class 03 common risks to organizations

7 key cyber security threats for businesses – and how to tackle them

VA Class 04 common risks to organizations continued

10 Common IT Security Risks in the Workplace

VA Class 05 How do we see you vs you see yourself vs the industry

VA Class 06 Key things to know within CODS Industry

VA Class 07 Disconnect with the Security Industry and Community

VA Class 08 What makes this course Unique and what you will learn

VA Class 09 be purple

VA Class 10 The world needs more super heroes

VA Class 11 The start of your journey and the VA Flow

VA Class 12 which one is you

The Difference Between Red, Blue, and Purple Teams _ Daniel Miessler

VA Class 13 VA at an Enterprise Level

VA Class 14 IT vs OT

Operational technology (OT) - definitions and differences with IT

VA Class 15 why VA is necessary

17 Best Vulnerability Assessment Scanning Tools

VA Class 16 Satan and Adam and security by design the sunnah way

What is Security by Design

Security by design research paper

VA Class 17 VA Case studies

Vulnerability Assessment Case Study for Hospital

cyprus-shipping-chamber-vulnerability-management-case-study

Read this case study even if you struggle its Ok. As down the line you will learn all these things. An empirical study on vulnerability assessment and penetration detection for highly sensitive networks

Cybersecurity Vulnerability Assessment (CVA)

Vulnerability Assessment

Vulnerability Management Process: Scanning, Prioritizing, and Remediating

VA Class 18 VA through the lens of various standards part 1

VA Class 18 VA through the lens of various standards part 2

VA Class 19 VA Framework part 1

VA Class 19 VA Framework part 2

VA Class 19 VA Framework part 3

VA Class 19 VA Framework part 4

VA Class 19 VA Framework part 5

VA Class 19 VA Framework part 6

VA Class 19 VA Framework part 7 8 and 9

VA Class 20 Know your scope Dont commit a 2 trillion dollars mistake

VA Class 21 The connection between risk assessment and threat modelling

Threat Modelling (Reading excercise)

Threat Modelling Process (reading excercise)

Threat Modeling: 12 Available Methods (Further reading)

Microsoft Threat Modeling tool.

VA Class 22 Know the physical and logical assets part a

Advantages and Disadvantages of Active vs. Passive Scanning in IT and OT Environments (Reading material)

OSI Model Explained: The OSI 7 Layers (Reading Material)

The OSI model explained and how to easily remember its 7 layers (Reading Material)

ARP VS RARP – Difference between ARP and RARP (Reading material)

Massscan Lab part 1

Massscan Lab part 2

Massscan Lab part 3

Mass scan Lab part 4

Mass scan Lab part 5

Masscan How to operate

Masscan Github link for review

Something to ponder a good read to know history

Turkish president speech a food for thought as to what is on the horizon in the cyber space think social-injustice-ware.

Senator Bernie Sanders speaking in the US House.

Masscan Assignment and submit the .txt file accordingly.

Difference between VA and patching

Difference between vulnerability scanning and patch management (Please read this in your native language)

Patch management vs vulnerability management (Read this in your native language)

The 15 biggest data breaches of the 21st century so far (read this in your native language)

Please take note.

Everything is Vulenrable just like us humans

Articles to read

Network Data and why it matters in the context of VA

Articles for reading as they relate to Network Data.

Open Source Recon tools to test out

Tools to test out on the Ghanimah labs infrastructure

Scanning the cloud what you need to know as a VA analyst

Read this article in your native language using google translate

Global Cloud Providers

Read this article in your native language using google translate

Inspector Gadget Connection to Cloud assessments part 1

Introducing Amazon Inspector

Amazon Inspector

Inspector Gadget Connection to CLoud assessments part 2

Inspector Gadget Connection to CLoud assessments part 3

Security Talks Improve your security GCP

Reading articles only. We will cover hands on activities later on in the clod labs.

The connection between army doctrine vs vulenrbaility assessment

Read this article by translating it into your native language using google translator

Which vulnerbaility scanners can you use

Read this article and translate this into your own native language using google translator

Understanding Cyber Security Risk is important

Watch this video if you can and understand the context as it will help you prepare for interviews later

Risk management Methodologies

Octave. Read these documents by translating them in your own native language using google translator

OCTAVE. Download and read this document in your native language

Information Operations Conditions (INFOCON). Read this document in your own native language

OWASP Risk Rating Methodology. Read this in your own native language to understand better

CVSS Risk Rating System. Read this in your own Native language

file

The risk-based approach to cybersecurity. Read this document by translating it into your native language.

Types of VA Scanners in the Market and what you should learn and will lean on Ghanimah labs

Vulnerability Scanning Tools/ Translate this in your native language and read the article.

Best Vulnerability Scanner Tools for 2021. read this in your native language to under better.

Types of Scans at our disposal

Types of VA Scans. Read this article by translating this in your native language.

Open Source vs Commercial VA scanners

Open-Source Vs. Commercial VA tools. Read this in your native language.

Internal VS External Vulnerability Scans: What’s The Main Difference?. Translate this into your local language and read.

Difference between web and network scanning

Web Application Security or Network Security. Translate this in your native language and read.

The 4 Big Differences Between Network Security and Web Application Security. Translate this in your native language and ready.

Attention, please take note.

web application types and tools to attack them

Ultimate Guide to Top 10 Types of Web Applications Development. Translate this into your native language and read please.

Web Applications with a Content Management System. Read this in your native language please.

Top 10 Open Source Security Testing Tools for Web Applications. please read this in your native language.

SSL vs non SSL what to use part 1

Read these articles in your local language and read them please.

Please read this article in your local language by translating it through google.

Please Read this article in your local language by translating it through google translator.

SSL vs non SSL what to use part 2

Test out your server, your browser and SSL pulse

SSL vs non SSL what to use part 3

SSL/TLS Deployment Best Practices. Translate this in your native language.

SSL Server Rating Guide. Please translate and read this in your native language.

Recommendation to buy a book.

Tell me about this VOIP

Translate this article in your native language and read please.

Translate this article in your native language and read please.

Translate this article in your native language by read please.

Map the network

Hunting down the user profiles

VA using ZAP

How to install Burp suite

Manipulating Requests using Burpsuite Intruder

Intercepting Proxies via Burpsuite

DNS Recon

dig into the DNS

Introducing DNSdumpster

Recon using Recon-ng

Nmap scripting engine

Detecting Firewalls

Firewall and intrusion detection system evasion

flan_scan

Certs Using Open SSL

VA using ZAP

Vulnerability scanning using burpsuite

Authenticated scan using Burpsuite

Nafi Linux and other Linux distros

Hydra and dictionary attacks

Hashcat, decoding passwords offline

Managing and report projects using Dradis CE. Please attempt this lab on Ghanimah portal.

Scanning where it really hurts part 1

Scanning where it really hurts part 2

Please translate in your local language to help you better understand the context.

Read some of these validated designs. Translate in your native language if you MUST to understand better.

Scanning where it really hurts part 3

Scanning where it really hurts part 4

Autonomous Ground Vehicles Security Guide (Read in your native language by using a google translator)

Cloud Computing different models

Read the documents on the CISA website in your native language by using google translator.

Key documents to read.

Wi-Fi Vulnerbaility and IoT Connection

Please read this in your native language by using google translator

Please read this in your native language by using google translator

Please read this in your native language by using google translator

What to do next