Ethical Hacking Training

Description:

In this ethical hacking online training module, you will learn the basic concepts of Information security and Ethical Hacking.

Chapter 1.1: Information Security Overview

• Important Terminology
• Components of Information Security
• Functionality, Usability, and Security

Chapter 1.2: Information Security Attack and Threats vendors

• Objectives of the Information Security Attacks
• Kinds of Information Security Threat
• Kinds of Attacks on the System
• Best Information Security Attack Vendors
• Information warfare

Chapter 1.3: Hacking

• Define Hacking
• Hacker Classes
• Hacker Phases
  • Reconnaissance
  • Scanning
  • Gaining and Maintaining Access
  • Clearing Tracks

Chapter 1.4: Ethical Hacking Concepts

• Define Ethical Hacking
• Importance of Ethical Hacking
• Extent and Restrictions of Ethical Hacking
• Expertise of an Ethical Hacker

Chapter 1.5: Controls of Information Security

• Information Assurance
• Information Security Management Program
• Enterprise Information Security Architecture
• Network Security Zoning
•  Policies of Information security
  • Kinds of Security Policies
  • Security Policies examples
  • Creating and Implementing Security Policies
  • Private policies at office

Chapter 1.6: Physical Security

• Kinds of Physical Security Control
• Physical Security Control

Chapter 1.7: Risk

• Risk Management
• Important Roles and Functions in Risk Management

Chapter 1.8: Threat Modeling
Chapter 1.9: Incident Management

Description:

This ethical hacking virtual classroom training module discusses the concepts like the intent of footprinting, google hacking database, footprinting through job sites, footprinting through web services, and footprinting tools.

Chapter 2.1:  FootPrinting Concepts

• Define FootPrinting
• Intent of FootPrinting

Chapter 2.2: FootPrinting through the Search Engines

• FootPrinting using search engines and modern Google Hacking Techniques
• Collecting Information through Google Advanced Search and Image Search
• Google Hacking Database
• VPN and VoIP FootPrinting through the Google Hacking Database

Chapter 2.3: FootPrinting using Web Services

• Discovering the Organization's Top-Level Domains and Sub-domains
• Discovering the Geographical location of the Intent
• People Search on People Search Sites and Social Networking Sites
• Collecting Information from LinkedIn and Financial Services
• FootPrinting using Job sites
• Monitoring Target through Alerts
• Collecting Information through Groups, Forms, and Blogs

Chapter 2.4: Website FootPrinting and Email FootPrinting

• Website FootPrinting through Web Spiders
• Mirroring Entire website and Fetching website information from www.archieve.org
• Fetching Metadata of Public Documents and Controlling the web pages for changes and updates.
• Tracing Email Communication
• Gathering Information from the Email Header
• Email Tracking Tools

Chapter 2.5: DNS FootPrinting and Network FootPrinting

• Fetching DNS Information and DNS examination tools
• Finding the Network Range
• Traceroute and Traceroute Tools

Chapter 2.6: FootPrinting Tools

• Maltego and Recon-ng
• FOCA and Recon-Dog
• OSRFramework and Other FootPrinting Tools

Chapter 2.7: FootPrinting Counterattacks and Pen Testing

• FootPrinting Counterattacks
• FootPrinting Report Templates
   

Description:

This module provides you with a detailed look at network scanning overview, network scanning techniques, Nmap, port scanning counterattacks, and scanning IDS, penetration testing, and firewalls.

Chapter 3.1: Network Scanning Basics

• Network Scanning Overview
• TCP communication flags
• TCP/IP communication
• Setup custom packet through TCP flags
• Scanning in IPV6 Networks

Chapter 3.2: Network Scanning Tools

• Nmap
• Hping2/Hping3
• Scanning Tools for Web and Mobile

Chapter 3.3: Network Scanning Techniques

• Scanning Techniques
• Port scanning Counterattacks

Chapter 3.4: Network Diagrams

• Drawing Network Diagrams
• Network Discovery and Mapping Tools
• Network Discovery Tools for Mobile

Chapter 3.5: Scanning IDS, Firewall, and Pen Testing

• IDS or Firewall Evasion Techniques
• Scanning Pen Testing
   

Description:

In this ethical hacking course module, you will learn the Enumeration concepts like enumeration techniques, NETBIOS enumeration tool, SNMP enumeration, IPsec enumeration, and enumeration counterattacks.

Chapter 4.1: Enumeration Basics

• Define Enumeration
• Enumeration Techniques
• Ports and Services to Enumerate

Chapter 4.2: NETBIOS Enumeration

• NETBIOS Enumeration Tool
• Enumerating user Accounts and Shared Resources

Chapter 4.3: SNMP and LDAP Enumeration

• Working of SNMP Enumeration
• Management Information Base
• SNMP Enumeration Tools
• LDAP Enumeration Tools

Chapter 4.4: NTP Enumeration, SMTP Enumeration, and DNS Enumeration

• NTP Enumeration Commands and Tools
• SMTP Enumeration Tools
• DNS Enumeration through Zone Transfer

Chapter 4.5: Additional Enumeration Techniques

• IPsec Enumeration
• VoIP Enumeration
• RPC Enumeration
• Linux/Unix user Enumeration

Chapter 4.6: Enumeration Counterattacks and Pen Testing

• Enumeration Counterattacks
• Enumeration Pen Testing
   

Description:

This vulnerability analysis module discusses concepts like vulnerability categorization, kinds of vulnerability analysis tools, choose a vulnerability assessment tool, common vulnerabilities and exposures, and vulnerability assessment reports.

Chapter 5.1: Vulnerability Assessment Concepts

• Vulnerability Analysis
• Vulnerability Categorization
• Kinds of Vulnerability Assessment
• Vulnerability Management Life cycle

Chapter 5.2: Vulnerability Assessment Solutions

• Contrasting Approaches for Vulnerability Assessment
• Vulnerability Scanning Solutions working
• Kinds of Vulnerability Assessment Tools
• Characteristics of a Good Vulnerability Assessment Solution
• Selecting a Vulnerability Assessment Tool
• Criteria or Standards for selecting a Vulnerability Assessment Tool
• Best methods for Choosing Vulnerability Assessment Tools

Chapter 5.3: Vulnerability Scoring Systems

• Common Vulnerability Scoring System(CVSS)
• Common Vulnerabilities and Exposures(CVE)
• National Vulnerability Database
• Vulnerability Research Resources

Chapter 5.4: Vulnerability Assessment Tools

• Nessus Professional
• GFI LanGuard
• Qualys Vulnerability Management
• Qualys FreeScan
• Nikto
• Retina CS
• OpenVAS
• SAINT
• Microsoft Baseline Security Analyzer
• Automated Vulnerability Detection System
• Vulnerability Assessment Tools for Mobile

Chapter 5.5: Vulnerability Assessment Reports

• Vulnerability Assessment Reports Basics
• Analyzing the Vulnerability Scanning Reports
   

Description:

This ethical hacking online training Module deals with CEH hacking methodology, password cracking, types of password attacks, password recovery tools, Kerberos authentication, password cracking tools, spyware, steganography, and NTFS data stream.

Chapter 6.1: CEH Hacking Methodology(CHM)
Chapter 6.2: System Hacking Objectives
Chapter 6.3: Password Cracking
Chapter 6.4: Kinds of Password Attacks

• Non-Electronic Attack
• Active Online Attack
• Passive Online Attack

Chapter 6.5: Password Recovery Tools
Chapter 6.6: Microsoft Authentication
Chapter 6.7: Storing Hash Passwords in Windows SAM
Chapter 6.8: NTLM Authentication Process
Chapter 6.9: Kerberos Authentication
Chapter 6.10: Password Salting and Cracking Tools
Chapter 6.11: Tools for Extracting the Password Hashes
Chapter 6.12: How to Defend against LLMNR/NBT-NS Poisoning and Password Cracking
Chapter 6.13: Escalating Privileges
Chapter 6.14: Tools to Execute Applications
Chapter 6.15: Keylogger
Chapter 6.16: Spyware
Chapter 6.17: How to Defend against Keylogger and Spyware
Chapter 6.18: RootKits

Kinds of RootKits
RootKits working
Steps to Detect RootKits
Defend Against RootKits
Anti-RootKits

Chapter 6.19: NTFS Data Stream

• Creating NTFS Streams
• Manipulating NTFS Streams
• Defend Against NTFS Streams
•  NTFS Stream Detectors

Chapter 6.20: Steganography

• Categorization of Steganography
• Kinds of Steganography
  • Document Steganography
  • Video and Audio Steganography
  • Email/Spam Steganography
  • Folder Steganography
  • Image Steganography Tools
  • Whitespace Steganography
• Steganography Tools for Mobile Phones
• Steganalysis
• Steganalysis Methods and Attacks on Steganalysis
• Detecting Steganography
• Steganography Detection Tools

Chapter 6.21: Covering Tracks

• Deactivating Auditing: Auditpol
• Clearing Logs
• Covering Tracks
• Covering Tracks tools
• Covering Tracks on OS and Network
• Covering Tracks Tools
   

Description:

This ethical hacking online training module deals with malware components, different types of trojans, stages of the  virus, worms, malware analysis, and anti-virus software.
 
Chapter 7.1: Malware Fundamentals

• Introduction to Malware
• Different methods by which Malware can get into a system
• General Techniques which Attackers use for Distributing the Malware on the web
• Components of Malware

Chapter 7.2: Trojan Basics

• Define Trojans
• How Hackers use Trojans
• General Ports used by the Trojans
• How to Infect systems through a Trojan
• Trojan Horse Construction Kit
• Wrappers and Crypters
• How Attackers Deploy the Trojan
• Avoiding Anti-virus Techniques
• Kinds of Trojans
  • Remote Access Trojans
  • BotNet Trojans
  • Backdoor Trojans
  • RootKit Trojans
  • E-banking Trojans
  • Proxy Trojans
  • Mobile Trojans 
  • IoT Trojans
• Exploit Kits

Chapter 7.3: Worms and Virus Concepts

• Virus Basics
• Stages of Virus life
• Working with Viruses
• Signs of Virus Attack
• How Virus Infects a computer
• Virus Hoaxes
• Fake Antivirus
• Ransomware
• Kinds of Viruses
• Creating Virus
• Computer Worms and Worm Makers

Chapter 7.4: Malware Analysis

• Sheep Dip Computer
• Anti-Virus Senor Systems
• Malware Analysis Basics
• Preparing Testbed
• Static and Dynamic Malware Analysis
• Virus Detection Ways
• Trojan Analysis: ZeuS/Zbot
• Virus Analysis: WannaCry

Chapter 7.5: Counterattacks

• Trojan and Backdoor Counterattacks
• Virus and Worms Counterattacks

Chapter 7.6: Anti-Malware Software

• Anti-Trojan and Antivirus software

Chapter 7.7: Malware Penetration Testing
 

Description:

This ethical hacking course module discusses the important aspects of the sniffing attack.

Chapter 8.1: Sniffing Basics

• Network Sniffing
• Basics of Sniffing
• How an attacker uses Sniffing to Hack the Network
• Protocols exposed to Sniffing
• Sniffing in the Data Link Layer
• Hardware Protocol Analyzers
• SPAN Port
• Wiretapping and Lawful Interception

Chapter 8.2: MAC Attacks

• MAC Address or CAM Table
• CAM Working
• What Happens when the CAM Tables is Full?
• MAC Flooding
• Switch Port Stealing
• Defending MAC Attacks

Chapter 8.3: Sniffing Technique: DHCP Attacks

• DHCP Working
• DHCP Request/Reply Messages
• DHCP Starvation Attack
• Rogue DHCP Server Attack
• Defending DHCP Starvation and Rogue Server Attack

Chapter 8.4: Sniffing Technique: ARP Poisoning

• Address Resolution Protocol
• ARP Spoofing Attack
• ARP Poisoning Threats
• ARP Poisoning Tools
• Defending ARP Poisoning
• Dynamic ARP Inspection and Configuring DHCP Snooping
• ARP Spoofing Detection Tools

Chapter 8.5: Spoofing Attacks

• MAC Duplicating/Spoofing
• Windows
• MAC Spoofing Tools
• IRDP Spoofing
• Defending MAC Spoofing

Chapter 8.6: DNS Poisoning and Sniffing Tools

• DNS Poisoning Techniques
• Defending DNS Poisoning
• Wireshark
• Packet Sniffing Tools for Mobile

Chapter 8.7: CounterAttacks and Sniffing Detection Techniques

• Defending Sniffing
• Detect Sniffing
• Sniffer Detection Techniques
• Promiscuous Detection Tools
• Sniffing Penetration Testing
   

Description: 

In this module, you will master social engineering basics, identity theft and counterattacks, and social engineering penetration testing.

Chapter 9.1: Social Engineering Basics and Techniques

• Define Social Engineering
• Social Engineering Attack Phases
• Types of Social Engineering
• Human-based and Computer-based Social Engineering
• Mobile-based Social Engineering

Chapter 9.2: Impersonation on Social Networking Sites

• Social Engineering using Impersonation on Social Networking
• Impersonation on Facebook 
• Risks of Social Networking Threats for Corporate Networks

Chapter 9.3: Identity Theft and Counterattacks

• Identity Theft concepts
• Social Engineering Counterattacks
• Insider Threats Counterattacks
• Identity Theft Counterattacks
• Detecting Phishing Emails
• Anti-Phishing Toolbar
• General Social Engineering Targets and Defense Strategies

Chapter 9.4: Social Engineering Penetration testing and Insider Threats

• Social Engineering Penetration Testing Tools
• Types of Insider Threats

Description:

This ethical hacking online classroom training module discusses the techniques and tools of DoS and DDoS attacks.

Chapter 10.1: DoS and DDoS Concepts

• Define DoS Attack
• What is Distributed Denial-of-Service Attack

Chapter 10.2: DoS and DDoS Attack Techniques

• Basic Classification of DoS and DDoS Attack vendors
• UDP and ICMP Flood Attack
• Ping of Smurf and Death Attack
• SYN Flood Attack
• Fragmentation Attack
• HTTP GET/POST and Slowloris Attacks
• Multi-Vector Attack
• Peer-to-Peer Attacks
• Permanent DoS
• Distributed Reflection Denial-of-Service(DRDoS)

Chapter 10.4: Botnets and DDoS Case Study

• Botnet
• General Botnet Setup
• Botnet Ecosystem
• Scanning methods to Find Vulnerable Machines
• How Malicious Code Propagates?
• Botnet Trojan
• DDoS Attack
• Hackers Advertise Links for Downloading Botnet
• Use of Mobile Devices as Botnets to Launch DDoS Attacks
• Dyn DDoS Attack

Chapter 10.5: DoS and DDoS Attack Tools and Counterattacks

• DoS and DDoS Attack Tools for Web and Mobile
• Detection Techniques
• DoS/DDoS Counterattack Strategies
• DDoS Attack Counterattacks
• Techniques for Defending Botnets
• DoS and DDoS Counterattacks
• DoS and DDoS Protection at ISP level
• Enabling TCP Internet on Cisco IOS Software

Chapter 10.6: DoS and DDoS protection tools and Penetration Testing

• Modern DDoS Protection Appliances
• DoS and DDoS Protection Tools
• DoS and DDoS Attack Penetration Testing