An ethical hacker (also known as a security tester or pentester), most of the time, takes on the role of cyber criminals. In this way, they show companies where the weak spots are in their system – followed by an advisory report on the best measures the company can take. An ethical hacker can work off the payroll, but also work a lot on a freelance basis.
You can start at any time. You, yourself will be the director of the bootcamp. You can choose your own speed. The average duration of our programs is between 10 to 16 weeks, but it all depends on how many hours you are willing to put in. We, however, will support you where needed. Whether you’ll need help setting up a learning schedule, or mastering a coding skill, we have a team of teachers and tutors available to help you along the way.
Every month we kick off collectively. This way we make sure that everybody starts with the right info, has access to all the systems needed and we can introduce you to the supporting team of NOVI.
After that you’ll work at your own pace towards a final test in which you combine all developed skills in a professional product. The reason we want you to make a web app, or do a pentest, is because this helps you later on, when you’ll be looking for a job in tech. By simulating real life cases, an employer will get a better understanding of your competences as a starting IT junior.
During the bootcamp, we will provide additional workshops, like ‘Working with Git’, Hackatons or a training ‘How to present myself on LinkedIn’. These workshops are, if relevant, all free for you to use.
Web Application & Modern API Security
The internet and internet applications have become an integral part of everyday life. Many of these applications are Web Applications. APIs have become a complex and extensive part of this, but also of mobile applications and IoT devices. It has also become a completely independent Attack Surface. In this course the vulnerabilities of web applications are examined in detail and the student learns to independently find vulnerabilities in web applications. The underlying cause of the vulnerabilities is investigated in depth and possible countermeasures are identified. You will also learn to investigate modern API techniques that are used in applications to exchange data. Exploit Development In the other courses of the Software Security learning line, software is analyzed in different ways and vulnerabilities are exposed. In this course, the vulnerabilities found are exploited by creating a method to use them, making a so-called exploit. From developing a Binary exploit for software systems where memory vulnerabilities are present, to exploiting a SQL Injection. You learn to draw up a Proof of Concept (proof of operation). This allows a cyber security researcher to demonstrate the actual impact of a vulnerability. A PoC also enables the maker of the software to check whether the vulnerability found has actually been remedied.
Reverse Engineering analyzes and examines a software object to visualize the internal workings and design of the object. You learn to systematically and in accordance with applicable guidelines perform analyzes on unknown software and map its operation. As a reverse engineer, you will soon be able to contribute in various fields to the understanding and impact of potentially malicious software and you can support various other cyber security fields with valuable information that is only possible through technical research.
Mobile and IoT
The digital landscape is becoming broader and more mobile. For example, everyone wears a mobile phone and homes and businesses are provided with smart Internet of things (IoT) devices. These devices all run software that is normally not transparent to the end user. In this course the world of mobile applications and IoT software is broken open. Mobile applications play a major role in our daily lives and apps are gaining more and more access to our data. How do these apps process the data and what is collected? Those questions can only be answered by looking at the source code of the applications, which is not readily available. You learn to apply techniques and procedures to convert compiled files into readable code so that you gain insight into how these applications work. The same applies to IoT devices: as a society we place a lot of trust in these devices, but is that justified? By looking at the software that runs on an IoT device, how it communicates with the outside world and what data it shares, we map the reliability of IoT. The reverse engineering techniques are applied to map the operation of the devices and to make any vulnerabilities visible.
Cyber criminals use malicious software, malware, to sabotage, blackmail and rob people and companies. The most well-known form of malware is ransomware, where files on a computer system are held hostage in exchange for a ransom. During this course you will learn to analyze malicious software in a safe way. We are going to work with techniques that are used to avoid analysis and to analyze its functioning in such a way that a "vaccine" can be made.