Course Outline

1. The Business Aspects of Hacking

• Why Security is Critical to Business
• The Wired World
• Outline the Ethical Hacking Methodology
• Three Major Stages of a Penetration Test
• Pre-assessment, Assessment, Post-assessment
• The Ethical Hacking Report
• Hacking and the Legal Environment

2. Footprinting

• Overview of the Footprinting Phase
• Footprinting and Passive Information Gathering
• Information-Gathering Methodology of Hackers
• Techniques, Tools
• The Implications of Information Leakage
• Countermeasures

3. Linux

• Linux History
• Why Linux is Important to the Hacking Community
• Linux Concepts
• OS, Commands
• Compiling Programs in Linux
• Linux Applications
• Password Cracking
• Hping
• Linux Rootkits
• IP Tables
• Linux Security Countermeasures

4. Technical Foundations of Hacking

• The TCP/IP Stack
• IP, ICMP, ARP
• TCP Details
• UDP Details
• Ports and Services
• TCP Details, TCP Packet Structure, TCP Flags, UDP Details
• Applications
• Application Attack Vectors

5. Scanning

• Detecting "Live" Systems on the Targeted Network
• ICMP Ping
• Services Running/Listening on the Targeted Systems
• Port-Scanning Techniques
• Identifying TCP and UDP Services Running on the Targeted Network
• Operating System
• Active and Passive Fingerprinting
• Automated Discovery Tools

6. Cryptography

• Defining Cryptography and Algorithms
• Symmetric Encryption
• How Symmetric Encryption Works
• Common Algorithms for Symmetric Keys
• Strengths and Weaknesses of Symmetric Encryption
• Hash Functions
• Asymmetric Encryption
• How Asymmetric Encryption Works
• Common Algorithms for Asymmetric Keys
• Strengths and Weaknesses of Asymmetric Encryption
• Digital Signatures
• Public Key Encryption
• Quantum Cryptography, Cryptographic Solutions
• SHA, SSL, PGP, SSH, IPSEC
• Encryption Cracking Techniques

7. Enumeration

• Enumeration Concept
• Banner Grabbing
• The Null Session
• SIDs and RIDs
• SMB Enumeration, SNMP, SNMP Enumeration
• Active Directory Enumeration
• Exploiting DNS, Enumeration Countermeasures

8. System Hacking

• Password Attacks
• Social, Physical, Logical
• Password Guessing
• Privilege Escalation
• Cracking Passwords, Linux Password Cracking, Windows Password Cracking
• Covering Tracks, Covering Tracks Tools, Hiding Tools
• Owning the Box, Rootkits

9. Trojans and Backdoors

• Malware
• Trojans and Backdoors, Trojan Tools
• Netcat - The "Swiss Army Knife" of Hacking Tools
• Backdoors
• Prevention Methods and Countermeasures
• Anti-Trojan Software/Hardware

10. Vulnerability Assessment and Exploit Frameworks

• Vulnerability Assessments
• Open Source Vulnerability Assessments Tools
• Nessus, X-Scan
• Commercial Vulnerability Scanners
• Retina, NewT, LANguard
• Advanced Attack Techniques
• Metasploit, ExploitTree
• Patching
• Updates and CVEs

11. Sniffers, Man-in-the-Middle Attacks, and Denial of Service

• Defining Packet Sniffing
• ARP Vulnerabilities, ARP Spoofing
• Flooding
• DNS Vulnerabilities
• Cache Poisoning
• Session Hijacking, Session Hijacking Tools
• Denial of Service (DoS)
• DoS Tools and Techniques, DDoS
• Attacking Firewalls, Attacking IDS

12. Hacking Wireless

• Wireless Communications, Cell Phones, Bluetooth
• Wireless Networking, Wireless Network Attacks
• Mapping Wireless Networks, Wireless Attack Tools
• Securing Wireless Networks
• Site Surveys
• MAC Sniffing and ARP Spoofing
• Other Wireless Hacking Tools
• WIDZ, RADIUS, Snort

13. Database Attacks and SQL Injection

• Database Concepts and Theory
• Database Types, Database Vulnerabilities, Database Exploits
• Indirect Attacks - SQL Injection
• Direct Attacks - Buffer Overflows
• Securing Databases

14. Hacking Web Servers

• Web Server Basics, Web Server Types
• Footprinting
• Lynx, Black Widow, and Countermeasures
• Attacks Against Web Servers
• Apache, IIS
• Tools Used in Attack Web Servers
• Attack Countermeasures
• Web Applications
• Attacking Web Applications
• Web Application Vulnerabilities
• Input Manipulation
• Authentication and Session Management
• Encryption, Obfuscation, Cookies
• Certificate-Based Authentication
• Attacking Authentication
• Password Guessing, Tools
• Securing Web Servers and Applications

15. Physical Security

• The Role of Physical Security
• Controls,Attacks, Lock Picking
• Checklist, Summary

16. Social Engineering

• Attacks, Techniques
• Dumpster Diving
• Online Social Engineering, Reverse Social Engineering, Preventing Social Engineering
• Policies and Procedures
• Employee Education

17. Appendix

• Additional Self-Study Modules

 

Duration: 5 days
Delivery language: Slovenian
Price: 1.950 EUR
Location: Housing Co. d.o.o., Vodovodna 100, 1000 Ljubljana, Slovenia

For delivery dates, please call us at +386 1 568 40 40 or write us to koraknaprej@housing.si
 

Termini

• 22.08.2011 -> 26.08.2011

Prijava na tečaje je možna samo za registrirane uporabnike.

What You'll Learn

• How to scope a security assessment
• How to footprint an organization
• Master advanced port-scanning techniques
• Perform passive and active OS fingerprinting
• Use exploit frameworks
• Works of ARP attacks
• Exploit database vulnerabilities
• Concept of social engineering
• Common vulnerabilities and exposures
• Analyze DNS servers for proper configuration
• Examine web servers for weaknesses
• Master the hacker's methodology
• Exploit vulnerabilities remotely
• Develop reports and test results used to create countermeasures to thwart malicious hacking

Who Needs to Attend

Intermediate-level students in the following professions: security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. More experienced students should consider the Foundstone courses.

Prerequisites

At least two years of IT security experience, a strong working knowledge of TCP/IP, and a basic familiarity with Linux. Security+ Prep Course is highly recommended.