Course Focus

A practical learning path designed to take you from beginner to industry-ready cybersecurity professional.

Complete OSCP Preparation
From fundamentals to advanced exploitation, get fully prepared for the OSCP certification.
01
Advanced Pentesting
Explore advanced penetration testing techniques and real-world attack methodologies.
02
Secure Code Review
Learn to find and fix security vulnerabilities in application code like a pro.
03
Security Engineering
Build secure systems and integrate security best practices into the development lifecycle.
04
Cloud Security
Secure cloud environments and protect infrastructure on leading cloud platforms.
05
DevSecOps
Implement security in CI/CD pipelines and automate security for modern DevOps teams.
06
Complete International Exam
Focusing on CEH, Security+, PNPT, eJPT, PJPT, Pentest+
07
Complete Job Ready
Focusing on remote job, Bugbounty, Freelancing
08

Advanced Ethical Hacking & Security Engineering

কেন রেড টীম বাংলাদেশে ইথিক্যাল হ্যাকিং কোর্সটি করবেন ?

ডিজিটাল পৃথিবী এখন শুধু সংযুক্ত নয়, বরং সম্পূর্ণ নির্ভরশীল প্রযুক্তির ওপর—আর এই নির্ভরশীলতার সাথে পাল্লা দিয়ে বেড়েছে সাইবার হুমকি। ব্যক্তিগত তথ্য থেকে শুরু করে কর্পোরেট ডেটা, প্রতিটি ক্লিকের পেছনেই আজ নিরাপত্তার যুদ্ধ চলছে। সেই বাস্তবতাকেই সামনে রেখে আমরা তৈরি করেছি বাংলাদেশের সবচেয়ে সম্পূর্ণ ও বাস্তবভিত্তিক এথিকাল হ্যাকিং ও রেড টিমিং কোর্স, যেখানে একজন নবীন শিক্ষার্থীও ধীরে ধীরে হয়ে উঠতে পারবে প্রফেশনাল এথিকাল হ্যাকার ও রেড টিম এক্সপার্ট।

এই কোর্সে আপনি হাতে-কলমে শিখবেন কীভাবে বাস্তব হ্যাকিং ঘটে এবং কীভাবে তার কার্যকর প্রতিরোধ গড়ে তোলা যায়—ওয়েব, নেটওয়ার্ক, API, ক্লাউড কিংবা AI/LLM প্ল্যাটফর্ম, সবকিছুই রয়েছে বাস্তব ল্যাব অনুশীলনের মাধ্যমে। আগে থেকে কোনো হ্যাকিং জ্ঞান না থাকলেও সহজ ভাষায় সাজানো এই কোর্স আপনাকে নিয়ে যাবে বেসিক থেকে OSCP-লেভেল অ্যাডভান্স টপিক পর্যন্ত।

অভিজ্ঞ ও আন্তর্জাতিকভাবে সার্টিফায়েড ইন্সট্রাক্টরদের তত্ত্বাবধানে আপনি শিখবেন Complete OSCP Preparation, Freelancing, Bug Bounty, Red Teaming, Ethical Hacking, Complete AppSec Pentesting, API Pentesting, Secure Coding, AI / LLM Hacking, System Hacking, Privilege Escalations, Advanced AD Hacking, Corporate Network Hacking, Red Teaming With C2, Cloud Hacking , Fancy topics like Android Hacking, PC Hacking, Wifi Hacking, Phishing সহ আরও বহু আধুনিক টেকনিক। এছাড়াও থাকছে আন্তর্জাতিক সার্টিফিকেশন OSCP, CRTO, CRTP, PNPT, CompTIA Security+, PT1, eJPTv2, CEH Practical, PJPT প্রস্তুতি, CV বিল্ডিং, ইন্টারভিউ ট্রেনিং এবং গ্লোবাল সাইবার সিকিউরিটি জব গাইডলাইন।

বিশেষ সতর্কতা !!!

“এই কোর্সের সকল হ্যাকিং মেথড ও প্র্যাকটিক্যাল সেশন শুধুমাত্র শিক্ষামূলক ও গবেষণার উদ্দেশ্যে প্রদর্শিত হবে। শেখানো কৌশল বা টুলের অপব্যবহার আইনত দণ্ডনীয়। কোনো শিক্ষার্থী যদি এই জ্ঞান অপব্যবহার করে অন্যের ক্ষতি করে, তবে তার সম্পূর্ণ দায়ভার শিক্ষার্থীর নিজের। Red Team Bangladesh ও সংশ্লিষ্ট মেন্টরগণ কোনো পরিস্থিতিতেই আইনি বা নৈতিকভাবে দায়ী থাকবেন না।”

Curriculum

Topics of this course

Orientation Day - Course Objectives:
  • Introduction to Cyber Security & Domains
  • SOC Overview And Workflow Types
  • Red Team, Blue Team, Purple Team Workflow
  • Cyber Security Career Opportunity
  • Real Time Interview, Exam & Internship
  • Freelancing Sectors of Ethical Hacking
Essential Knowledge Section (Non IT & IT Background):

>>> Best Of Luck Upcoming Hackers!

Episode-01: Computer Fundamentals:
  • What is a computer?
  • Components of a Computer
  • CPU , RAM, Input / Output
  • Motherboard, Storage, Registers
  • Basic Logic Gates (AND, OR, NOT, NAND, NOR, XOR)
Episode-02: Numbering Systems:
  • Binary
  • Octal
  • Decimal
  • Hexadecimal
  • Use cases of Numbering Systems
Episode-03: Computer Networking Essentials:
  • What is Computer Networking?
  • IP addresses & IP Classes
  • MAC address
  • Computer Network Topologies
  • Types of Network ( PAN, LAN, MAN, WAN)
  • The OSI Model
  • TCP, UDP, 3 Way Handshake
  • Important Ports And Protocols
  • Working Diagram of (FTP, SSH, Telnet, HTTP, HTTPS, ARP, DHCP)
  • Subnetting
Episode-04: Cryptography Fundamental Concepts:
  • What is Cryptography?
  • Key Concepts of Plain Text, Cipher Text, Encryption, Decryption
  • Character Encoding- ASCII, ANSI, Unicode
  • Base64 Encoding
  • Some important Ciphers
  • RSA Algorithm
Episode-05: Hacking Lab Setup:
  • What is Virtual Machine & Install VM
  • Basic NAT/Bridge Explain
  • Install Hacker Machine
  • Install Victim Machine
Episode-06: Linux Essentials:
  • Linux File/ Directory Structure
  • Basics Bash Commands
  • Managing File Permissions
  • Special File Permissions- SUID/SGID
  • File Transfering in Linux
  • Basic Bash Scripting
Episode-07: Windows Concepts:
  • Intro to Command Prompt(CMD)
  • Basic System Information Commands
  • Basic Networking Commands
  • Regular File and Disk Management
  • Task & Process Management
Episode-08: Offensive Python:
  • Mathematical Operators
  • Variable & Data Types, Functions, Lists
  • Logical Operators & Boolean Operators
  • Conditional Statements (if, else, elseif)
  • Loops (for, while, do while)
  • Importing libraries
  • Making Simple Subdomain Scanner
  • Making Simple Directory Enumeration Scanner
  • Making Simple Network Scanner
  • Making Simple Hash Cracker
  • Making Simple Keylogger Scanner
Episode-09: Foundational Web Knowledge:
  • What is websites?
  • What is URL?
  • HTTP Request & HTTP Response
  • HTTP Working Flow
  • HTTP Status Codes
  • What is Database?
  • Hands-On MYSQL DB Basics
  • Hands-On NoSQL Database(MongoDB) Basics
Episode-10: Hands-On Cryptography & Steganography:
  • Disk Encryption
  • What is Steganography?
  • Image Steganography
  • Text Steganography
  • Audio Steganography
Fancy Hacker Vibes Section (Recorded) :

>>> Best Of Luck Upcoming Hackers!

Episode-01: Social Engineering & Phishing:
  • Introduction to Phishing & Social Engineering
  • Perform Practical Phishing Against Social Medias
Episode-02: Facebook Hacking & Recovery:
  • Why Facebook Account Hacks
  • Facebook Hacking Method
  • Harresment Facebook ID Removed / Disabled
  • Hacked Facebook ID Recovery
  • Meta Business Account Restricted / Disable Issue Solving
Episode-03: Instagram Hacking & Recovery:
  • Why Instagram Account Hacks
  • Instagram Hacking Method
  • Harresment Instagram ID Removed / Disabled System
  • Hacked Instagram  ID Recovery
Episode-04: Windows Hacking With RAT:
  • Hacking Windows
  • See Live Screen Of Hack Windows
  • Open Terminal to operate Victim
Episode-05: Android Hacking With RAT:
  • Hacking Android Device
  • Managing Files
Episode-06: Man-In-The-Middle Attack:
  • Introduction to Man-In-The-Middle Attack
  • Performing MITM
Recon & Enumeration Section :

>>> Best Of Luck Upcoming Hackers!

Episode-01: Information Gathering:
  • Passive Information Gathering
  • Active Information Gathering 
Episode-02: Enumeration:
  • Enumerate Vulnerable Services
  • FTP, SSH, Telnet, SMB,  MySQL Enumeration
  • Directory Busting & Find Senisitive Data
Web Application Hacking Section :

>>> Best Of Luck Upcoming Hackers!

Episode-01:Broken Access Control Section:
  • Introduction to OWASP Top 10
  • Understand Broken Access Control Flow
  • Access Admin Panel using Broken Access
  • Performing IDOR
  • Password Disclosure Type  Access Control Flow
  • Method Based Access Control Flow
  • Multi Step Process Based Access Control Flow
  • Referer Based Access Control Flow
Episode-02: Authentication Vulnerabilities Section:
  • Username Enumeration Via Different Responses
  • 2FA simple bypass
  • 2FA Broken Logic
  • Password reset broken logic
  • 2FA Bypass using Brute Force
  • Password reset poisoning via middleware
  • Password brute-force via password change
  • 2FA bypass using a brute-force attack
Episode-03: SQL Injection Section:
  • Classic SQL Injection Attack(Login Bypass)
  • Live Union Based SQL Injection Attack
  • Listing Databse of Non-Oracle Database
  • Listing Databse of Oracle Database
  • Blind SQL injection with conditional responses
  • Blind SQL injection with conditional errors
  • Blind SQL injection with time delays
  • Blind SQL injection with time delays and information retrieval
  • SQL injection with filter bypass via XML encoding
Episode-04: JavaScript Injection(XSS) Section:
  • Introduction To XSS
  • Kinds of XSS
  • Basic Reflected, Stored, DOM based XSS
  • Reflected XSS into a JavaScript string
  • DOM XSS using source code Analysis
  • DOM XSS in AngularJS
  • Reflected XSS with some SVG
  • Reflected XSS into a template literal
  • Exploiting cross-site scripting to steal cookies
  • Exploiting cross-site scripting to capture passwords
  • Exploiting XSS to bypass CSRF defenses
  • Reflected XSS with AngularJS sandbox escape without strings
  • Reflected XSS with AngularJS sandbox escape and CSP
  • Reflected XSS protected by CSP, with CSP bypass
Episode-05: Path Traversal Section:
  • What is LFI & RFI
  • Exploring LFI & get Shell via LFI
  • Exploring RFI
  • Simple Path Traversal
  • File path traversal, traversal sequences blocked with absolute path bypass
  • File path traversal, traversal sequences stripped non-recursively
  • File path traversal, traversal sequences stripped with superfluous URL-decode
Episode-06: OS Command Injection Section:
  • Introduction To OS Command Injection
  • OS command injection, simple case
  • Blind OS command injection with time delays
  • Blind OS command injection with output redirection
  • Blind OS command injection with out-of-band interaction
  • Blind OS command injection with out-of-band data exfiltration
Episode-07: File Upload Section:
  • Introduction To File Upload Vulnerabilities
  • Tampering / Extention Bypass
  • Remote code execution via web shell upload
  • Web shell upload via path traversal
  • Web shell upload via extension blacklist bypass
  • Web shell upload via obfuscated file extension
Episode-08: CSRF Section:
  • Introduction To CSRF
  • CSRF vulnerability with no defenses
  • CSRF where token validation depends on request method
  • CSRF with broken Referer validation
Episode-09: SSRF Section:
  • Introduction To SSRF
  • Basic SSRF against the local server
  • Blind SSRF with out-of-band detection
  • SSRF with blacklist-based input filter
  • SSRF with whitelist-based input filter
Episode-10: XXE Section:
  • Introduction To XXE
  • Exploiting XXE to perform SSRF attacks
  • Exploiting XXE to perform SSRF attacks
  • Exploiting XXE via image file upload
Episode-11: NoSQL Injection Section:
  • Detecting NoSQL injection
  • Exploiting NoSQL operator injection to bypass authentication
  • Exploiting NoSQL injection to extract data
Episode-12: Business Logic Vulnerabilities Section:
  • Excessive trust in client-side controls
  • High-level logic vulnerability
  • Inconsistent security controls
  • Flawed enforcement of business rules
  • Low-level logic flaw
  • Inconsistent handling of exceptional input
  • Weak isolation on dual-use endpoint
  • Infinite money logic flaw
  • Bypassing access controls using email address parsing discrepancies
Episode-13: Web Cache Poisoning Section:
  • Web cache poisoning with an unkeyed header
  • Web cache poisoning with an unkeyed cookie
  • Web cache poisoning with multiple headers
  • Targeted web cache poisoning using an unknown header
  • Combining web cache poisoning vulnerabilities
  • Internal cache poisoning 
Episode-14: Insecure Desiralization Section:
  • Modifying serialized objects
  • Modifying serialized data types
  • Using application functionality to exploit insecure deserialization
  • Arbitrary object injection in PHP
  • Exploiting Java deserialization with Apache Commons
  • Exploiting PHP deserialization with a pre-built gadget chain
Episode-15: Prototype pollution Section:
  • Client-side prototype pollution via browser APIs
  • DOM XSS via client-side prototype pollution
  • DOM XSS via an alternative prototype pollution vector
  • Client-side prototype pollution via flawed sanitization
  • Privilege escalation via server-side prototype pollution
API Hacking Section :

>>> Best Of Luck Upcoming Hackers!

Episode-01: Basic API Section:
  • Introduction To API  & API work Flow
  • Exploiting an API endpoint
Episode-02: Authorization Attacks Section:
  • Exploring BOLA attack
  • Exploiting BFLA attack
  •  
Episode-03: Authentication Attacks Section:
  • Exploring Broken User Authentication Attacks
  • JSON Web Toekn Attacks
Episode-04: Injection Attacks Section:
  • SQLi Attacks on API
  • NoSQLi Attcaks on API
Episode-05: Mass Assignment Attacks Section:
  • Exploring Mass Assignment Attacks
Episode-06: Excessive Data Exposure Attacks Section:
  • Exploring Excessive Data Exposure Attacks
Episode-07: SSRF Attacks Section:
  • Exploring SSRF Attacks
Episode-08: API Testing Toolkit Section:
  • Exploring Postman Tool
Secure Coding Section :

>>> Best Of Luck Upcoming Hackers!

Episode-01: Secure Coding Essentials :
  • Essentials of Secure Coding
  • How to Start Secure Coding Career As a Security Engineer
  • OWASP Secure Coding Guidelines
Episode-02: Secure Coding Introduction:
  • Vulnerable Python Code Snippet For SQL Injection Attack
  • Basic Secure Coding Against SQL Injection
Episode-03: Secure Coding Against Path Traversal :
  • Vulnerable Python Code Snippet For Path Traversal Attack
  • Basic Secure Coding Against Path Traversal
Episode-04: Secure Coding Against Command Injection:
  • Vulnerable Python Code Snippet For Command Injection Attack
  • Basic Secure Coding Against Command Injection
Episode-05: Secure Coding Against XSS:
  • Vulnerable Python Code Snippet For XSS Attack
  • Basic Secure Coding Against XSS
Episode-06: Secure Coding Against XXE:
  • Vulnerable Python Code Snippet For XXE Attack
  • Basic Secure Coding Against XXE
CMS Pentesting Section :

>>> Best Of Luck Upcoming Hackers!

Episode-01: Attacking On CMS Section:
  • Exploring WordPress Vulnerability
  • Hacked WP Websites using Themes-Plugins Vulnerability
  • Hacked WP Websites using SQLi
  • Hacked WP Websites using LFI
  • Hacked WP Websites using OS Command Injection
  • Hacked WP Websites using Arbitrary File Upload
  • Drupal Websites Hacking
Bug Hunting Section :

>>> Best Of Luck Upcoming Hackers!

Episode-01: Hunting Process Section:
  • Account Creation ( Hackerone, Bugcrowd, Intrigiti)
  • Choosing A Target
  • Submetting Report
Episode-02: Secret Bug Hunting Class Section:
  • Live Hunting
  • cURL in Depth
  • Fuzzing in Depth
  • Automation Tools
  • More…
Vulnerability Assesment (VA) Section :

>>> Best Of Luck Upcoming Hackers!

Episode-01: VA Tools Section:
  • VA with Acunetix
  • VA with Nessus
Freelancing Section Section(Recorded) :

>>> Best Of Luck Upcoming Hackers!

Episode-01: Most Demanding Freelancing Work Section:
  • Freelancing Marketplace
  • Most Demanding Works Based On Marketplace
  • Penetration Testing Real Time Project Discussion & Reporting
  • Complete Malware Detection & Removal Process
  • Blacklist & False Positives Removal
  • WordPress Security
  • Database Security
Red Teaming Section :

>>> Best Of Luck Upcoming Hackers!

Episode-01: The MSF Section:
  • Introduction to Metasploit Framework
  • Discuss its Essential Modules
  • Staged / Non Staged Payload
  • Reverse / Bind Shells
  • Basic Hacking With Msfvenom 
  • Listener Setup
Episode-02: Windows Exploitation Section:
  • Introduction to Windows Exploitation via CVE’s
  • Exploring MS17-010/CVE-2017-0144 With MSF
  • RDP Vulnerability CVE-2019-0708
Episode-03: Linux Exploitation Section:
  • Introduction to Linux Exploitation via CVE’s
  • Exploiring vsftpd CVE-2011-2523
  • Exploring Shellshock Vulnerability 
Windows Privilege Escalation Section:

>>> Best Of Luck Upcoming Hackers!

Episode-01: Essential Basics Section:
  • Privilege Escalation Strategy
  • Windows User Account, Service Account, Groups. Resources, ACLs & ACEs
  • SeImpersonatePrivilege, SeAssignPrimaryPrivilege, SeRestorePrivilege, SeTakeOwnershipPrivilege
  • Privilege Escalation Tools
Episode-02: Insecure File Permissions Section:
  • Exploring Insecure File Permissions Privilege Escalation
Episode-03: Unquoted Service Path Section:
  • Exploring Unquoted Service Path Privilege Escalation
Episode-04: Weak Registry Permissions Section:
  • Exploring Weak Registry Permissions Privilege Escalation
Episode-05: Insecure Service Executables Section:
  • Exploring Insecure Service Executables Privilege Escalation
Episode-06: DLL Hijacking Section:
  • Exploring DLL Hijacking Privilege Escalation
Episode-07: AutoRuns Section:
  • Exploring AutoRuns Privilege Escalation
Episode-08: AlwaysInstallElevated Section:
  • Exploring AlwaysInstallElevated Privilege Escalation
Episode-09: Registry Password Section:
  • Exploring Registry Password Privilege Escalation
Episode-10: Save Creds Section:
  • Exploring Save Creds Privilege Escalation
Episode-11: Configuration Files Section:
  • Exploring Configuration Files Privilege Escalation
Episode-12: SAM Database Creds Section:
  • Exploring SAM Database Creds Privilege Escalation
Episode-13: Pass The Hash Attack Section:
  • Exploring Pass The Hash Attack Privilege Escalation
Episode-14: Scheduled Tasks Section:
  • Exploring Scheduled Tasks Privilege Escalation
Episode-15: Startup Apps Section:
  • Exploring Startup Apps Privilege Escalation
Episode-16: Token Impersonation Section:
  • Exploring Token Impersonation Potato Attacks Privilege Escalation
  • Exploring Token Impersonation PrintSpoofer
  •  
Linux Privilege Escalation Section:

>>> Best Of Luck Upcoming Hackers!

Episode-01: Esstional Basics Section:
  • Linux Privilege Escalation Strategy
  • Mindmap
  • Linux Privilege Escalation Tools
Episode-02: Kernel Exploits Section:
  • Exploring Kernel Exploits Privilege Escalation
Episode-03: Service Exploits Section:
  • Exploring Service Exploits Privilege Escalation
Episode-04: Weak File Permission Section:
  • Exploring Weak File Permissions Privilege Escalation
Episode-05: Backup SSH Keys Section:
  • Exploring Backup SSH Keys Privilege Escalation
Episode-06: Sudo Misconfiguration Section:
  • Exploring Sudo Misconfiguration-Shell Escape Sequences Privilege Escalation
Episode-07: Abusing Intended Functionality Section:
  • Exploring Abusing Intended Functionality Privilege Escalation
Episode-08: Abusing PATH Environment Variable Section:
  • Exploring PATH Environment Variable( LD_PRELOAD &
    LD_LIBRARY_PATH) Privilege Escalation
Episode-09: Abusing CronJobs File Permissions Section:
  • Exploring CronJobs File Permissions Privilege Escalation
Episode-10: Abusing Wildcards & Filenames Section:
  • Exploring Wildcards & Filenames Privilege Escalation
Episode-11: Abusing SUID & SGID Shell Escape Sequences Section:
  • Exploring SUID & SGID Shell Escape Sequences Privilege Escalation
Episode-12: Abusing SUID & SGID Known Exploits Section:
  • Exploring SUID & SGID Shell Known Exploits Privilege Escalation
Episode-13: Shared Object Injection Section:
  • Exploring Shared Object InjectionPrivilege Escalation
Episode-14: Abusing SUID & SGID PATH Enviroment Variable Section:
  • Exploring SUID & SGID PATH Enviroment VariablePrivilege Escalation
Episode-15: Advantage of History Files / Config Files Section:
  • Exploring Advantage of History Files / Config Files Privilege Escalation
OSCP Focused Port Forwarding, Tunneling & Pivoting(Post Exploitation):

>>> Best Of Luck Upcoming Hackers!

Episode-01: Basic understanding about port forwarding, tunneling & pivoting? :
  • What is port forwarding? its working flow?
  • What is tunneling and pivoting? How they works?
Episode-02: Performing Port Forwarding :
  • Performing Port Forwarding using Metasploit
Episode-03: Performing SSH Tunneling :
  • What is SSH Tunneling?
  • Practical walkthrough of SSH Tunneling.
Episode-04: Performing Advanced Pivoting :
  • Practical walkthrough of advanced pivoting using Ligolo-ng (Best for OSCP)
Red Teaming In Active Directory Section:

>>> Best Of Luck Upcoming Hackers!

Episode-01: Essential Knowledge Of Active Directory Hacking:
  • Introduction To Active Directory
  • Active Diretory Working Flow
  • Active Directory Components
  • Kerberos Authentication Explaination
Episode-02: Active Directory Hacking Lab:
  • Essential AD Lab Files Download
  • DC Installation & Configure
  • Victim Machine Installation & Configure
  • Joining Machines With Domain Controller
Episode-03: Active Directory Initial Attacks:
  • Introduction To Initial Attacks
  • Exploring LLMNR Poisoning Attack
  • Exploring SMB Relay Attack
  • Exploring AS-REP Roasting Attack
  • Exploring Passspraying Attack With Kerbrute
Episode-04: Active Directory Enumeration :
  • Exploring Enumeration With Powershell
  • Exploring Enumeration With PowerView
  • Exploring Enumeration With Bloodhound
Episode-05: Lateral Movement In AD :
  • Introduction To Lateral Movement
  • Exploring Pass-The-Hash Attack
  • Exploring Pass-The-Ticket Attack
  • Exploring OverPass-The-Hash Attack
  • Exploring RDP Hijacking Attack
Episode-06: More Effective Active Directory Attacks :
  • Exploring Kerberoasting Attack
  • Exploring Permission Delegation Attack
  • Exploring Group membership Abuse Attack
  • Exploring Group Policy Objects Abuse Attack
  • Extracting Logged On Admin hashes
  • Exploring Printnightmare Attack
  • Exploring Zerologgon Attack
Episode-07: Persistance In Active Directory:
  • Introduction To Active Diretory Persistance
  • Exploring Golden Ticket Attack
  • Exploring Silver Ticket Attack
  • Exploring Diamond Ticket Attack
  • Exploring DCSync Attack
  • Exploring DSRM Abuse Attack 
  • Exploring GPO Persistance
Red Teaming In Cloud Section:

>>> Best Of Luck Upcoming Hackers!

Episode-01: Essential Knowledge About AWS Cloud Hacking :
  • What is Cloud?
  • Details About Cloud Platforms
  • AWS Pentesting Intro
  • Free AWS Account Creation
Episode-02: Cloud Hacking Lab Setup:
  • Introduction To Cloud Hacking Lab
  • Setup AWS CLI
  • CloudGoat Installation On AWS
  • Pacu Installation 
  • Free Hacking Labs
Episode-03: IAM Enumeration:
  •  Introduction To AWS IAM
  • Enumerating IAM Users, Policies, Groups & Roles
  • Enumeration With Pacu
Episode-04: S3 Buckets Enumeration & Attacking:
  •  Introduction To AWS S3 Buckets
  • Enumerating S3 Buckets
  • identifying, enumerating, and downloading data from publicly accessible S3 buckets
  • identified a misconfigured S3 Bucket & Find Exposed Credit Card Numbers
  • Discover AWS Organization ID via S3 Bucket
  • Discover AWS Account ID via S3 Bucket
  • Path Traversal to AWS credentials to S3
Episode-05: Attacking Lambda Functions:
  •  Introduction To AWS Lambda
  • Lambda Enumeration Through Console
  • Lambda Enumeration Through Pacu
  • Enumerate Lambda Permissions of Leaked Credentials
  • Access Secrets Manager via Lambda Function with LFI
Episode-06: Attacking EC2 Instances:
  •  Introduction To AWS EC2
  • EC2 Enumeration With Console
  • EC2 Enumeration With Pacu
  • Identifying and Abusing the SSRF Vulnerability
  • Discovering Credentials and Invoking the Lambda Function
  • Another SSRF to Pwned
Episode-07: AWS Privilege Escalation:
  •  Introduction To AWS Privilege Escalation
  • Enumerating Policies and Permissions For Privilege Escalation
  • Hunting for Roles and Role Permissions
  • Assuming the Target Role and Privilege Escalation
  • Exploit Weak Bucket Policies for Privileged Access
AI / LLM Pentesting Section :

>>> Best Of Luck Upcoming Hackers!

Episode-01: AI Fundamentals:
  •  Introduction To AI Fundamentals
  • Intro to AI/ML Security Threats
  • Exploring how AI Models & Data Works
  • Intro Prompt Engineering & How it Works
Episode-02: Secure AI Systems:
  • How to Secure AI Systems & Map AI architecture, identify OWASP attack surfaces
  • Understand LLM Security Fundamentals & OWASP LLM Top 10
  • Discover AI infrastructure by scanning ML services, frameworks, and extracting metadata from APIs.
Episode-03: Prompt Security:
  • Exploring Prompt Injections
  • Exploring Jailbreaking
    How to Prompt
  • Defences
    Attacking GPTs
Episode-04: AI Supply Chain Security:
  • Understanding AI Supply Chains
  • Exploring Supply Chain Attack Vectors
  • Security Against the AI Supply Chain
  • Supply Chain Attack Practices
DevSecOps Essentials Section:

>>> Best Of Luck Upcoming Hackers!

Episode-01: Introduction to DevSecOps:
  • An Introduction to the Software Development Lifecycle

  • An Introduction to the Secure Software Development Lifecycle (S-SDLC)

Episode-02: Introduction to Security of The Pipelines:
  • Importance of Source Code Security
  • Importance of CI/CD Pipelines and Build Security
  • Static Application Security Testing(SAST)
  • Dynamic Application Security Testing(DAST)
Episode-03: Container Security Implemention:
  • Introduction to Containerisation
  • Intro to Docker
  • Intro to Kubernetes
  • Breakdown Common Container Vulnerabilities
  • How to Implement Security in Container
Episode-04: Infratructure as Code:
  • Introduction to Infratructure as Code
  • Cloud-based IaC Tools usecase (Terraform, CloudFormation use cases and securing IaC)
  • Guidance For On-Premises IaC
OSCP Preparation Section:

>>> Best Of Luck Upcoming Hackers!

Episode-00: OSCP Preparation Guide:
  •  Introduction To OSCP Certification
  • When We Should Take OSCP
  • OSCP Roadmap & Strategies
  • OSCP Exam Process
  • OSCP Passing Mindmap
  • OSCP Like Machines Solving Guide
Episode-01: OSCP Preparation Guide:
  •  Introduction to Port Forwarding, Tunneling, and Pivoting
  • Importance of Tunneling for OSCP
  • Pivoting Lab Setup
  • SSH Tunneling
  • Tunneling using Ligolo
Episode-02: OSCP Like Machine-1(Windows):
  •  OSCP Like Machine-1 Overview
  • Solving Most Important OSCP Like Machine-1
Episode-03: OSCP Like Machine-2(Windows):
  •  OSCP Like Machine-2 Overview
  • Solving Most Important OSCP Like Machine-2
Episode-04: OSCP Like Machine-3(Windows):
  •  OSCP Like Machine-3 Overview
  • Solving Most Important OSCP Like Machine-3
Episode-05: OSCP Like Machine-4(Windows):
  •  OSCP Like Machine-4 Overview
  • Solving Most Important OSCP Like Machine-4
Episode-06: OSCP Like Machine-5(Windows):
  •  OSCP Like Machine-5 Overview
  • Solving Most Important OSCP Like Machine-5
Episode-07: OSCP Like Machine-1(Linux):
  •  OSCP Like Machine-1 Overview
  • Solving Most Important OSCP Like Machine-1
Episode-08: OSCP Like Machine-2(Linux):
  •  OSCP Like Machine-2 Overview
  • Solving Most Important OSCP Like Machine-2
Episode-10: OSCP Like Machine-4(Linux):
  •  OSCP Like Machine-4 Overview
  • Solving Most Important OSCP Like Machine-4
Episode-11: OSCP Like Machine-5(Linux):
  •  OSCP Like Machine-5 Overview
  • Solving Most Important OSCP Like Machine-5
Episode-12: Compromising Real Time AD Network-1:
  •  Introduction to Corporate Type AD Network & Attacking Plan
  • Compromising The AD Network-1
Episode-13: Compromising Real Time AD Network-2:
  •  Introduction to Corporate Type AD Network & Attacking Plan
  • Compromising The AD Network-2

৳16499

৳8249

কোর্স টি করার জন্য কি কি লাগবে?

About Mentor

শুভ আহমেদ সানিন গত ৪ বছর ধরে এথিক্যাল হ্যাকিং এবং রেড টিমিং নিয়ে কাজ করছেন। তার Offensive Security Certified Professional(OSCP), Certified Red Team Operator(CRTO), Certified Red Team Professional (CRTP), Azure Security Engineer(AZ-500), ComTIA Security+, Certified Ethical Hacker(CEH) Practical, eLearnSecurity Junior Penetration Tester (eJPTv2) সহ বেশকিছু ইন্টারন্যাশনাল রেডটিম সার্টিফিকেশন রয়েছে ৷ বর্তমানে তিনি একটি বেসরকারি কোম্পানিতে Red Team Penetration Tester হিসেবে কর্মরত আছেন এবং তিনি বর্তমানে আপওয়ার্কে ইথিক্যাল হ্যাকিং এর উপর টপ রেটেড ফ্রিল্যান্সার হিসেবে কাজ করছেন।

Teaching Assistant

মেহেদী মাসুদ ComTIA Security+, Certified Ethical Hacker(CEH) Practical, Certified Red Team Analyst(CRTA) certified Security Analyst & OSINT Expert. বর্তমানে তিনি Red Team Bangladesh এ Teaching Assistant, Freelancer Cloud Security Project Management & Private OSINT Investigator হিসেবে কাজ করছেন।

Reviews

"Why We’re the Best: See What Our Student's Say!"

Vabna
Vabna
Student
Red Team Bangladesh is a skilled and passionate cybersecurity community, known for its strong focus on ethical hacking, penetration testing, and digital defense awareness.Highly Recommended for every learner .
Mir Kyum
Mir Kyum
Student
Red Team Bangladesh is the best platform for learning cyber security. From my experiences who passed eJPT recently found the stairs for cyber security journey foundation. And the journey will never stack as the foundation was solid. Shuvo Bhai guidance and the way he taught us was cleared and confident way which help you reach out the actual way of cyber security as the cyber security roadmap is not easy, you need to dive into deeper the topics, but all you need solid foundation with easy way of thinking.
Pritom
Pritom
Student
Red Team Bangladesh একটি অসাধারণ প্ল্যাটফর্ম যা মূলত CRTA,eJPT,CEH প্রস্তুতি নিয়ে কাজ করে এবং এথিক্যাল হ্যাকিং ও সাইবারসিকিউরিটি ট্রেনিং প্রদান করে। এটি প্র্যাকটিক্যাল ল্যাব, রিয়েল-ওয়ার্ল্ড প্রজেক্ট এবং হাতে-কলমে শেখার সুযোগ দেয়, যা একজন শিক্ষার্থীর বাস্তব দক্ষতা অর্জনে সাহায্য করে। বিশেষ করে যারা রেড টিমিং, পেনেট্রেশন টেস্টিং বা এথিক্যাল হ্যাকিং শেখার প্রাথমিক ধাপে আছেন, তাদের জন্য এটি অন্যতম সেরা platform. সার্বিকভাবে Red Team Bangladesh বাংলাদেশের সাইবারসিকিউরিটি লার্নিং কমিউনিটির মধ্যে one of the best platform.❤️
Mehedi
Mehedi
Student
CEH শেখার জন্য অসাধারণ একটি প্ল্যাটফর্ম! আমি Red Team Bangladesh থেকে CEH এর জন্য যেটা শিখেছি, সেটা অনেক কার্যকর ও প্র্যাকটিক্যাল ছিল। সবকিছু বাংলা ভাষায় সুন্দরভাবে ব্যাখ্যা করা হয়, যেটা একজন নতুন শিক্ষার্থীর জন্য অনেক সহায়ক। কমিউনিটি অনেক সাপোর্টিভ, এবং ট্রেইনারদের অভিজ্ঞতা ও গাইডলাইন সত্যিই প্রশংসনীয়। যারা CEH নিয়ে প্রস্তুতি নিচ্ছেন বা সাইবার সিকিউরিটিতে ক্যারিয়ার গড়তে চান, তাদের জন্য এটা একটা পারফেক্ট জায়গা।
Shanto
Shanto
Student
Red Team Bangladesh, guided by the incredible teaching of Shuvo Ahmed Vaiya, completely changed the way I prepared for eJPT. Before finding their content, I didn’t know where to start. His videos gave me direction, clarity, and motivation. Each lesson was practical and focused on real exam skills, which made learning exciting instead of stressful. Because of Sanin Bhai’s guidance, I believed in myself and kept moving forward. If you are serious about cybersecurity, Red Team Bangladesh and Sanin Bhai are the perfect mentors to start your journey with.
Jayedul
Jayedul
Student
Really grateful to shuvo Vai for his constant guidelines and support .Without his support and guidance, it would have been much harder for me to pass the ejpt exam.
Shihabur
Shihabur
Student
One of the best cybersecurity learning platforms in Bangladesh! I’m learning real-world Ethical Hacking, Penetration Testing, and Red Team Operations from here. Their guidance and support are truly amazing.
Taivin
Taivin
Student
One of the best platform to learn Red Teaming and Ethical Hacking in Bangla.
Rumana
Rumana
Student
Red Team Bangladesh, guided by Shuvo Ahmed Vaiya, helped me tremendously during my CRTA journey. Their practical and exam-focused teaching made complex topics simple and engaging. Highly recommended for anyone serious about Red Teaming and cybersecurity!

How To Buy Course

কোর্স কিনতে করতে নিন্মোক্ত পদক্ষেপ গুলো অনুসরণ করুন :
১. কোর্স কিনতে BUY NOW বাটন এ ক্লিক করুন।
২. এরপর Proceed to Checkout এ ক্লিক করুন ।
৩. এরপর Billing Details গিয়ে নিন্মোক্ত ফর্মে সঠিক তথ্য দিয়ে পূরণ করুন এবং Place Order এ ক্লিক করুন।
৪. এরপর বিকাশের মাধ্যমে পেমেন্ট করুন, ধন্যবাদ রেড টীম বাংলাদেশের একজন ওয়ারিয়র হওয়ার জন্য

Installment Policy

💳 সহজ ২ কিস্তিতে ভর্তি সংক্রান্ত শর্তাবলী:

১. ভর্তির সময় মোট কোর্স ফি-এর ৫০% পরিশোধ করে ভর্তি নিশ্চিত করতে হবে।

২. অবশিষ্ট ৫০% ক্লাস শুরুর ১ (এক) মাস পর পরিশোধ করতে হবে।

৩. নির্ধারিত সময়ের মধ্যে বাকি অর্থ পরিশোধ না করলে, সম্পূর্ণ অর্থ পরিশোধ না হওয়া পর্যন্ত কোর্সের সকল অ্যাক্সেস (ভিডিও, ল্যাব, কমিউনিটি ও অন্যান্য সুবিধা) সাময়িকভাবে স্থগিত থাকবে।

৪. বকেয়া অর্থ পরিশোধের পর পুনরায় সকল অ্যাক্সেস চালু করে দেওয়া হবে।

Frequently Asked Questions

Find quick answers to the most common questions about our services. If you don’t see what you’re looking for, our team is just a message away.

Who can join Red Team Bangladesh courses?

Anyone passionate about cybersecurity can join — whether you’re a student, IT professional, or complete beginner.

How can I buy the course?
  • Choose your desired course from our Courses Page
  • Click on BUY NOW
  • Fill Up The Form
  • Complete Payment with Bkash
Tell me about course duration?
  • The course is designed to be completed over 5 months. During the first 2.5 months, classes will be held twice per week. For the remaining 2.5 months, the schedule will increase to three classes per week to ensure comprehensive coverage of the curriculum.
Do you have a refund policy?

No, Red Team Bangladesh does not offer refunds after a course has been purchased.

Are your courses practical or theory-based?

100% practical-first. Every module includes guided labs, step-by-step attack and defense scenarios, and post-lab analysis so you understand both the hacker’s mindset and the defender’s countermeasure.

Can I get class video recordings?

Yes, absolutely! 🔴
All live sessions conducted by Red Team Bangladesh are recorded in high quality and uploaded to Google Drive with view permission. You’ll have lifetime access to these recordings.

How can I contact Red Team Bangladesh?

You can reach our team anytime at:

Call: 01768584002

For admission Or message here : https://m.me/redteambangladesh

Do you have an official group or community?

Yes! Join our official Facebook community here:
👉FB Page: facebook.com/redteambangladesh

👉FB Group: facebook.com/groups/redteambangladesh

👉Youtube: youtube.com/@redteambangladesh