Outstanding Cyber Security Training/Awareness Initiative

NPCC National Cybercrime Programme

The NPCC Cybercrime Training Programme provides police forces in England and Wales with the skills needed to be able to respond to a report of cybercrime and fully investigate any criminal activity, prosecute offenders where necessary but also divert individuals on the cusp of criminal activity on to productive paths. The Programme gives staff the technical skill to advise and protect individuals and organisations in cyber security to help better protect themselves against cybercrime.

Course overview

The Prevent training is designed to give the learner a hands-on experience in hacking helping them to relate and understand what young people who are engaged in cybercrime are telling them.

This National Cyber Security Center (NCSC) accredited course is based on ‘The Art of Hacking’ syllabus and is run over five-days. It will show delegates the fundamentals of hacking and how tools such as Kali and Metasploit can be used to hack apparently secure networks.

The course is suitable for officers and staff who:

  • Have successfully completed the NPCC Cybercrime Computing and Networking Foundation Course
  • Have a basic familiarity with Windows and Linux systems e.g. how to view a system’s IP address, installing software, file management
  • Have a basic understanding of Network fundamentals e.g. IP addressing, knowledge of protocols such as ICMP, HTTP and DNS
  • Have a basic understanding of HTTP fundamentals e.g. Structure of an HTTP request, HTTP method verbs, HTTP response codes

Learning outcomes

This class combines a formal hacking methodology with a variety of tools to teach the core principles of ethical hacking:

  • Approaches attackers take when targeting organisations
  • Conducting penetration testing engagements step by step and leveraging open source and publicly available tools to gain access to vulnerable systems
  • Understanding how to exploit your own network before attackers do
  • Discover and fingerprint systems and services available within their infrastructure
  • Discover and exploit Windows and Linux operating systems through a variety of well-known vulnerabilities
  • Conduct password brute force attacks to compromise services and gain access to a host
  • Discover the techniques for hacking application servers and content management systems to gain access to customer data
  • Conduct client-side attacks and execute code on a victim’s machine
  • Identify common web application vulnerabilities and introduce security within their software development lifecycle in a practical manner

Course modules

Day 1

  • TCP/IP Basics
  • The Art of Port Scanning
  • Target Enumeration
    • Exercise - ARP Scan (Enumeration)
    • Exercise - Port Scanning (Service Enumeration)
  • Brute-Forcing
    • Exercise - SNMP (Brute Force Attack)
    • Exercise - SSH
    • Exercise - Postgres
  • Metasploit Basics
    • Exercise - Metasploit Basics

Day 2

  • Password Cracking
    • Exercise - Password Cracking
  • Hacking Unix systems
    • Exercise – Heartbleed
    • Exercise – Linux Privilege Escalation
  • Hacking Application Servers on Unix
    • Exercise - Hacking Application Servers (Tomcat)
    • Exercise - Hacking Application Servers (Jenkins Metaprogramming)
  • Hacking Third Party CMS Software
    • Exercise - PHP Serialization Exploit
    • Exercise - Wordpress Exploit
    • Exercise - Drupa Exploit
    • Exercise - File Explorer Exploit

Day 3

  • Windows Enumeration
    • Exercise - Windows Host Enumeration
    • Demo - Responder Multi-Relay
    • Exercise - Domain Enumeration
  • Client-Side Attacks
    • Exercise - Hacking Third Party Software
  • Hacking Application Servers on Windows
    • Exercise - Hacking Application Servers on Windows
  • Windows Exploitation
    • Exercise - Windows Hacking - Password Extraction
    • Exercise - Windows 10 Privilege Escalation
  • Hacking Windows Domains
    • Exercise - Hacking Windows Domains

Day 4


  • Understanding the HTTP protocol
    • Exercise - Burp Demo
    • Exercise - Manipulating Headers
  • Information gathering
    • Exercise - Information Gathering
  • Username Enumeration & Faulty Password Reset
    • Exercise - Username Enumeration
    • Exercise - Password Brute-force Attack
    • Exercise - Forgotten Password Functionality
  • SSL/TLS related vulnerabilities
    • Exercise - TLS
  • Authorisation Bypasses
    • Exercise - Authorization Bypass via Parameter Manipulation
    • Exercise - Authorization Bypass
    • Exercise - Arbitrary File Download

Day 5

  • Cross Site Scripting (XSS)
    • Exercise - XSS (reflective)
    • Exercise - XSS Session Hijacking
    • Exercise - Stored XSS
  • Cross Site Request Forgery (CSRF)
    • Exercise - CSRF (Demo)
  • SQL Injection
    • Exercise - SQLi (Manual and sqlmap based exploitation)
  • XML External Entity (XXE) Attacks
    • Exercise - XXE
    • Insecure File Uploads
    • Exercise - Insecure File Upload

Exam details

End of Course Exam

National Cyber Security Center (NCSC) Certified Training Exam:

  • Online proctored exam taken post course
  • Duration - 70 minutes
  • Questions 50, multiple choice (4 multiple choice answers only 1 of which is correct)
  • Pass Mark 50%
  • Digital badge

NPCC Cybercrime Prevent Course

How to book