« Предыдущая  |  Следующая »

[ Добавить в закладки ]

[ Добавить в избранное ]

Ethical Hacking and Countermeasures v6 (CEH) Coverage

Module 1 - Penetration Testing 101
Penetration Testing 101
To Know more about Penetration Testing, Attend EC-Council's LPT Program
Introduction to PT
Categories of Security Assessments
Vulnerability Assessment
Limitations of Vulnerability Assessment
Penetration Testing
Types of Penetration Testing
Risk Management
Do-it-Yourself Testing
Outsourcing Penetration Testing Services
Terms of Engagement
Project Scope
Pentest Service Level Agreements
Testing Points
Testing Locations
Automated Testing
Manual Testing
Using DNS Domain Name and IP Address Information
Enumerating Information about Hosts on Publicly-Available Networks
Testing Network-Filtering Devices
Enumerating Devices
Denial of Service Emulation
Penetration Testing Tools
Evaluating Different Types of Pentest Tools
Asset Audit
Fault Trees and Attack Trees
GAP Analysis
Threats
Threat
Business Impact of Threat
Internal Metrics Threat
External Metrics Threat
Calculating Relative Criticality
Test Dependencies
Other Tools Useful in Pen-Test
Phases of Penetration Testing
Pre-Attack Phase
Best Practices
Results that can be Expected
Passive Reconnaissance
Active Reconnaissance
Attack Phase
Activity: Perimeter Testing
Activity: Web Application Testing - I
Activity: Web Application Testing - II
Activity: Web Application Testing - III
Activity: Wireless Testing
Activity: Acquiring Target
Activity: Escalating Privileges
Activity: Execute, Implant, and Retract
Post-Attack Phase and Activities
Penetration Testing Deliverables Templates
Module 1 Review


Module 2 - Introduction to Ethical Hacking
Introduction to Ethical Hacking
Module Objective
Module Flow
Problem Definition - Why Security?
Essential Terminologies
Elements of Security
The Security, Functionality, and Ease of Use Triangle
Case Study
What Does a Malicious Hacker Do
Effect on Business
Phase 1 - Reconnaissance
Reconnaissance Types
Phase 2 - Scanning
Phase 3 - Gaining Access
Phase 4 - Maintaining Access
Phase 5 - Covering Tracks
Types of Hacker Attacks
1. Operating System Attacks
Security News: Default Installation
2. Application Level Attacks
3. Shrink Wrap Code Attacks
4. Misconfiguration Attacks
Remember This Rule!
Hacktivism
Hacker Classes
Ethical Hacker Classes
What Do Ethical Hackers Do
Can Hacking be Ethical
How to Become an Ethical Hacker
Skill Profile of an Ethical Hacker
What is Vulnerability Research
Why Hackers Need Vulnerability Research
Vulnerability Research Tools
How to Conduct Ethical Hacking
How Do They Go About It
Approaches to Ethical Hacking
Ethical Hacking Testing
Ethical Hacking Deliverables
Computer Crimes and Implications
What Happened Next
Module 2 Review


Module 3 - Footprinting
Footprinting
Module Objective
Module Flow
Revisiting Reconnaissance
Defining Footprinting
Why is Footprinting Necessary
Areas and Information which Attackers Seek
Information Gathering
Information Gathering Methodology
Unearthing Initial Information
Finding a Company's URL
Internal URL
Extracting Archive of a Website
Google Search for Company's Info.
People Search
Satellite Picture of a Residence
Footprinting Through Job Sites
Passive Information Gathering
Competitive Intelligence Gathering
Why Do You Need Competitive Intelligence
Competitive Intelligence Resource
Competitive Intelligence Tool: Web Investigator
Reputica Dashboard
MyReputation
Public and Private Websites
Footprinting Tools
Whois Tools
DNS Information Extraction Tools
Tool: DNS Enumerator
Locating Network Range
Arin
Traceroute
Trace Route Analysis
Tool: Maltego
Layer Four Traceroute
E-mail Spiders
Tool: 1st E-mail Address Spider
Locating Network Activity
Tool: GEOSpider
Tool: Geowhere
Search Engines
Kartoo Search Engine
Dogpile (Meta Search Engine)
robots.txt
How to Fake Websites
Faking Websites using Man-in-the-Middle Phishing Kit
Steps to Perform Footprinting
What Happened Next
Module 3 Review


Module 4 - Google Hacking
Google Hacking
Module Flow
What is Google Hacking
What a Hacker Can do With Vulnerable Site
Anonymity with Caches
Using Google as a Proxy Server
Directory Listings
Locating Directory Listings
Server Versioning
Going Out on a Limb: Traversal Techniques
Directory Traversal
Incremental Substitution
Extension Walking
Google Advanced Operators
Pre-Assessment
intranet | help.desk
Locating Exploits and Finding Targets
Locating Public Exploit Sites
Locating Vulnerable Targets
"Powered by" Tags Are Common Query Fodder for Finding Web Applications
Vulnerable Web Application Examples
Locating Targets via CGI Scanning
Web Server Software Error Messages
Google Hacking Tools
Google Hacking Database (GHDB)
SiteDigger Tool
Gooscan
Goolink Scanner
Google Hack Honeypot
Module 4 Review


Module 5 - Scanning
Scanning
Module Objective
Scanning - Definition
Types of Scanning
Objectives of Scanning
CEH Scanning Methodology
Checking for Live Systems
Checking for Live Systems - ICMP Scanning
Firewalk Tool
Checking for Open Ports
Three Way Handshake
TCP Communication Flags
Nmap
Nmap: Scan Methods
NMAP Output Format
HPING2
ICMP Echo Scanning/List Scan
TCP Connect / Full Open Scan
SYN/FIN Scanning Using IP Fragments
UDP Scanning
IPSecScan
FloppyScan
ike-scan
LANView
Colasoft MAC Scanner
War Dialer Technique
Why War Dialing?
War Dialing Countermeasures SandTrap Tool
Banner Grabbing
OS Fingerprinting
Active Stack Fingerprinting
Passive Fingerprinting
Active Banner Grabbing Using Telnet
Tools for Active Stack Fingerprinting
Disabling or Changing Banner
IIS Lockdown Tool
Vulnerability Scanning
Qualys Web-based Scanner
SAINT
Nessus
Draw Network Diagrams of Vulnerable Hosts
FriendlyPinger
LANsurveyor
Preparing Proxies
Proxy Servers
Use of Proxies for Attack
SocksChain
How Does MultiProxy Work
TOR Proxy Chaining Software
Anonymizers
Surfing Anonymously
Psiphon
Bloggers Write Text Backwards to Bypass Web Filters in China
Google Cookies
Spoofing IP Address
Detecting IP Spoofing
Despoof Tool
Scanning Countermeasures
What Happened Next?
Scanning Review
Module 5 Review


Module 6 - Enumeration
Enumeration
Module Flow
Overview of System Hacking Cycle
What is Enumeration
Techniques for Enumeration
Netbios Null Sessions
So What's the Big Deal
Tool: DumpSec
NetBIOS Enumeration Using Netview
Null Session Countermeasures
PS Tools
SNMP Enumeration
Management Information Base
SNMPutil Example
Tool: Solarwinds
UNIX Enumeration
SNMP UNIX Enumeration
SNMP Enumeration Countermeasures
LDAP Enumeration
Jxplorer
NTP Enumeration
SMTP Enumeration
Web Enumeration
Asnumber
Lynx
Windows Active Directory Attack Tool
How To Enumerate Web Application Directories in IIS Using Directory Services
Enumerate Systems Using Default Passwords
Terminal Service Agent
Tool: TXDNS
What Happened Next
Enumeration Review
Module 6 Review


Module 7 - System Hacking
System Hacking
Module Flow
CEH Hacking Cycle 01
Password Types
Types of Password Attacks
Passive Online Attack: Wire Sniffing
Passive Online Attack: Man-in-the-Middle and Replay Attacks
Active Online Attack: Password Guessing
Offline Attacks
Offline Attack: Brute-force Attack
Offline Attack: Pre-Computed Hashes
Syllable Attack/Rule-based Attack/Hybrid Attack
Distributed Network Attack
Non-Technical Attacks
PDF Password Cracker
Password Mitigation
Permanent Account Lockout - Employee Privilege Abuse
Administrator Password Guessing
Manual Password Cracking Algorithm
Automatic Password Cracking Algorithm
Microsoft Authentication
LM, NTLMv1, and NTLMv2
NTLM and LM Authentication on the Wire
Kerberos Authentication
What is LAN Manager Hash
Salting
Password Cracking Countermeasures
Do Not Store LAN Manager Hash in SAM Database
LM Hash Backward Compatibility
Escalating Privileges
Privilege Escalation
Executing Applications
Actual Spy
Wiretap Professional
Keylogger Countermeasures
Anti-Keylogger
Hiding Files 01
CEH Hacking Cycle 02
Hiding Files 02
Rootkits
Why Rootkits
Rootkits in Linux
Detecting Rootkits
Steps for Detecting Rootkits
Sony Rootkit Case Study
Rootkit Countermeasures
Creating Alternate Data Streams
NTFS Streams Countermeasures
Hacking Tool: USB Dumper
Steganography
Least Significant Bit Insertion in Image Files
Steganography Tools
Steganography Detection
Steganalysis
Steganalysis Methods/Attacks on Steganography
Steganalysis Tools
Stegdetect
Covering Tracks
Disabling Auditing
Clearing the Event Log
What Happened Next
Module 7 Review


Module 8 - Trojans and Backdoors
Trojans and Backdoors
Introduction
What is a Trojan
Overt and Covert Channels
Working of Trojans
Different Types of Trojans
What Do Trojan Creators Look For
Different Ways a Trojan Can Get into a System
Indications of a Trojan Attack
Ports Used by Trojans
How to Determine which Ports are "Listening"
Wrappers
RemoteByMail
HTTP Trojans
ICMP Tunneling
Trojan: Netcat
Hacking Tools
Trojan Detecting Tools
How to Detect Trojans
Delete Suspicious Device Drivers
Check for Running Processes: What's on My Computer
Super System Helper Tool
Tool: MSConfig
Anti-Trojan Software
TrojanHunter
Backdoor Countermeasures
Tool: Tripwire
System File Verification
How to Avoid a Trojan Infection
What happened next
Module 8 Review


Module 9 - Viruses and Worms
Viruses and Worms
Introduction to Virus
Virus History
Characteristics of a Virus
Working of Virus
Why People Create Computer Viruses
Symptoms of Virus-Like Attack
Virus Hoaxes
Worms
How is a Worm different from a Virus
Indications of a Virus Attack
Hardware Threats
Software Threats
Stages of Virus Life
Types of Viruses
Virus Classification
How does a Virus Infect
Storage Patterns of a Virus
System Sector Viruses
Stealth Virus
Bootable CD-ROM Virus
Self-Modification
Encryption with a Variable Key
Polymorphic Code
Metamorphic Virus
Cavity Virus
Sparse Infector Virus
Companion Virus
File Extension Virus
Famous Viruses and Worms
Famous Viruses/Worms: I Love You Virus
Zombies and DoS
Spread of Slammer Worm - 30 min
Latest Viruses
Disk Killer
Writing Virus Programs
Writing a Simple Virus Program
Virus Construction Kits
Examples of Virus Construction Kits
Virus Detection Methods
Virus Incident Response
What is Sheep Dip
Virus Analysis - IDA Pro Tool
Prevention is Better than Cure
Anti-Virus Software
Module 9 Review


Module 10 - Sniffers
Sniffers
Definition: Sniffing
Protocols Vulnerable to Sniffing
Types of Sniffing
Passive Sniffing
Active Sniffing
What is Address Resolution Protocol (ARP)
Tool: Network View - Scans the Network for Devices
Wiretap
RF Transmitter Wiretaps
Infinity Transmitter
Slave Parallel Wiretaps
Switched Port Analyzer (SPAN)
Lawful Intercept
Benefits of Lawful Intercept
Network Components Used for Lawful Intercept
ARP Spoofing Attack
How Does ARP Spoofing Work
Mac Duplicating
Mac Duplicating Attack
ARP Spoofing Tools
MAC Flooding Tools
Threats of ARP Poisoning
IP-based Sniffing
Linux Sniffing Tools
DNS Poisoning Techniques
1. Intranet DNS Spoofing (Local Network)
2. Internet DNS Spoofing (Remote Network)
3. Proxy Server DNS Poisoning
4. DNS Cache Poisoning
Interactive TCP Relay
Raw Sniffing Tools
Features of Raw Sniffing Tools
Detecting Sniffing
How to Detect Sniffing
Countermeasures
Module 10 Review


Module 11 - Social Engineering
Social Engineering
There is No Patch to Human Stupidity
What is Social Engineering
Human Weakness
"Rebecca" and "Jessica"
Office Workers
Types of Social Engineering
Human-Based Social Engineering
Human-Based Social Engineering: Eavesdropping
Human-Based Social Engineering: Shoulder Surfing
Human-Based Social Engineering: Dumpster Diving
Dumpster Diving Example
Human-Based Social Engineering (cont'd)
Movies to Watch for Reverse Engineering Examples: The Italian Job and Catch Me If You Can
Computer-Based Social Engineering
Insider Attack
Disgruntled Employee
Preventing Insider Threat
Common Targets of Social Engineering
Social Engineering Threats and Defenses
Online Threats
Telephone-Based Threats
Personal Approaches
Defenses Against Social Engineering Threats
Factors that make Companies Vulnerable to Attacks
Why is Social Engineering Effective
Warning Signs of an Attack
Tool: Netcraft Anti-Phishing Toolbar
Phases in a Social Engineering Attack
Behavoirs Vulnerable to Attacks
Impact on the Organization
Countermeasures
Policies and Procedures
Impersonating on Facebook
Identity Theft
Module 11 Review


Module 12 - Phishing
Phishing
Introduction
Reasons for Successful Phishing
Phishing Methods
Process of Phishing
Types of Phishing Attacks
Man-in-the-Middle Attacks
URL Obfuscation Attacks
Cross-site Scripting Attacks
Hidden Attacks
Client-side Vulnerabilities
Deceptive Phishing
Malware-Based Phishing
DNS-Based Phishing
Content-Injection Phishing
Search Engine Phishing
Anti-Phishing
Module 12 Review
Module 13 - Hacking Email Accounts
Hacking Email Accounts
Introduction
Ways for Getting Email Account Information
Stealing Cookies
Social Engineering
Password Phishing
Fraudulent e-mail Messages
Vulnerabilities
Vulnerabilities: Web Email
Email Hacking Tools
Securing Email Accounts
Creating Strong Passwords
Sign-in Seal
Alternate Email Address
Keep Me Signed In/Remember Me
Module 13 Review


Module 14 - Denial of Service
Denial of Service
Terminologies
Goal of DoS
Impact and the Modes of Attack
Types of Attacks
DoS Attack Classification
Smurf Attack
Buffer Overflow Attack
Ping of Death Attack
Teardrop Attack
SYN Attack
SYN Flooding
DoS Attack Tools
Bot (Derived from the Word RoBOT)
Botnets
Uses of Botnets
Types of Bots
How Do They Infect? Analysis Of Agabot
DDOS Unstoppable
DDoS Attack Taxonomy
Reflective DNS Attacks
DDoS Tools
How to Conduct a DDoS Attack
Reflection of the Exploit
Countermeasures for Reflected DoS
Taxonomy of DDoS Countermeasures
Preventing Secondary Victims
Detect and Neutralize Handlers
Mitigate or Stop the Effects of DDoS Attacks
Post-attack Forensics
Module 14 Review
Module 15 - Session Hijacking
Session Hijacking
What is Session Hijacking
Understanding Session Hijacking
Spoofing vs. Hijacking
Steps in Session Hijacking
Types of Session Hijacking
Session Hijacking Levels
Network Level Hijacking
The 3-Way Handshake
Sequence Numbers
Sequence Number Prediction
TCP/IP Hijacking
IP Spoofing: Source Routed Packets
RST Hijacking
Blind Hijacking
Man in the Middle: Packet Sniffer
UDP Hijacking
Application Level Hijacking
Session Hijacking Tools
Programs that Perform Session Hijacking
Dangers Posed by Hijacking
Countermeasures
Protecting against Session Hijacking
Countermeasure: IP Security
What Happened Next
Module 15 Review
Module 16 - Hacking Web Servers
Hacking Web Servers
How are Web Servers Compromised
Web Server Defacement
How are Web Servers Defaced
Attacks Against IIS
IIS 7 Components
IIS Directory Traversal (Unicode) Attack
ServerMask ip100
Unicode
Core Impact Professional 101
Core Impact Professional
Networking Attack Vector
Client Side Application Testing
Web Application Testing
Core Impact Professional 101 Review
Patch Management
Hotfixes and Patches
What is Patch Management
Vulnerability Scanners
Countermeasures
File System Traversal Countermeasures
Increasing Web Server Security
Module 16 Review


Module 17 - Web Application Vulnerabilities
Web Application Vulnerabilities
Web Application Setup
Web Application Hacking
Anatomy of an Attack
Web Application Threats
Cross-Site Scripting/XSS Flaws
Countermeasures 01
SQL Injection
Command Injection Flaws
Countermeasures 02
Cookie/Session Poisoning
Countermeasures 03
Parameter/Form Tampering
Buffer Overflow
Countermeasures 04
Directory Traversal/Forceful Browsing
Countermeasures 05
Cryptographic Interception
Cookie Snooping
Authentication Hijacking
Countermeasures 06
Log Tampering
Error Message Interception
Attack Obfuscation
Platform Exploits
DMZ Protocol Attacks
Countermeasures 07
Security Management Exploits
Web Services Attacks
Zero-Day Attacks
Network Access Attacks
Module 17 Review

Ссылки: (для качалок)

Еще Видео: (похожие ссылки)