CEH v6: EC Council Certified Ethical Hacker v6 Training Course & Kit

This Official EC Council Certified Hacker (CEH) v6 Approved Training Course will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin their EC Council: Certified Ethical Hacker (CEH) v6 training tutorial by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. In this training course, students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day training class, they will have hands on understanding and experience in Ethical Hacking. This training course prepares you for EC-Council Certified Ethical Hacker exam 312-50.

The CEH v6 training course features live instructor-led classroom sessions with full audio, video and demonstration components. Accompanying the CEH course is the Official EC-Council CEH Curriculum Kit which includes the CEH v6 Manuals (Volumes 1, 2, 3 & 4), the official CEH Lab Manual and 4 training DVDs containing over 300 of the latest hacking tools and exploits. Upon completion of this extensive training package, a student is fully prepared for the EC-Council Certified Ethical Hacker exam 312-50.

This EC Council: Certified Ethical Hacker (CEH) v6 training course is available on 6 DVDs or online.

Career Academy is an EC-Council endorsed training provider. We have invited the best security trainers in the industry to help us develop the ultimate training and certification program which includes everything you will need to fully prepare for and pass your certification exams.

This officially endorsed product gives our students access to the exam by providing you with a Voucher Number. The EC-Council Voucher Number can be used at any Prometric center, this voucher number is required and mandatory for you to schedule and pay for your exam. Without this voucher number Prometric will not entertain any of your requests to schedule and take the exam.

Package Includes:

It is recommended that students view the Linux+ 2009 course prior to beginning their CEH training.

• 6 DVDs featuring live instructor-led classroom sessions with full audio, video & demonstration components
• Official EC-Council CEH Courseware Kit
  • 4 training DVDs containing over 300 of the latest Hacking Tools and Exploits
  • Intensive hacking and counter-hacking hands-on demonstration components
  • Official EC-Council CEH Curriculum Courseware Volumes 1, 2, 3 & 4
• Over 250 CEH Exam Review Questions
• Exclusive LearningZone Live Mentor Click for Details
  • Help whenever you need it! - Why wait for email support?
  • Chat Live with our Certified Instructors anytime around the clock (24x7) 
• Proven technique - Actual Exam Secrets Review
• Free 1 Year Upgrade Policy
• Certificate of Completion

NOTE: Your Official Authorisation Code to schedule the exam appears in the first few pages of the CEH Courseware Manual Level 1.

Course Outline:

Penetration Testing 101

• Penetration Testing 101
• To Know more about Penetration Testing, Attend EC-Council's LPT Program
• Introduction to PT
• Categories of Security Assessments
• Vulnerability Assessment
• Limitations of Vulnerability Assessment
• Penetration Testing
• Types of Penetration Testing
• Risk Management
• Do-it-Yourself Testing
• Outsourcing Penetration Testing Services
• Terms of Engagement
• Project Scope
• Pentest Service Level Agreements
• Testing Points
• Testing Locations
• Automated Testing
• Manual Testing
• Using DNS Domain Name and IP Address Information
• Enumerating Information about Hosts on Publicly-Available Networks
• Testing Network-Filtering Devices
• Enumerating Devices
• Denial of Service Emulation
• Penetration Testing Tools
• Evaluating Different Types of Pentest Tools
• Asset Audit
• Fault Trees and Attack Trees
• GAP Analysis
• Threats
• Threat
• Business Impact of Threat
• Internal Metrics Threat
• External Metrics Threat
• Calculating Relative Criticality
• Test Dependencies
• Other Tools Useful in Pen-Test
• Phases of Penetration Testing
• Pre-Attack Phase
• Best Practices
• Results that can be Expected
• Passive Reconnaissance
• Active Reconnaissance
• Attack Phase
• Activity: Perimeter Testing
• Activity: Web Application Testing - I
• Activity: Web Application Testing - II
• Activity: Web Application Testing - III
• Activity: Wireless Testing
• Activity: Acquiring Target
• Activity: Escalating Privileges
• Activity: Execute, Implant, and Retract
• Post-Attack Phase and Activities
• Penetration Testing Deliverables Templates
• Module 1 Review

Introduction to Ethical Hacking

• Introduction to Ethical Hacking
• Module Objective
• Module Flow
• Problem Definition - Why Security?
• Essential Terminologies
• Elements of Security
• The Security, Functionality, and Ease of Use Triangle
• Case Study
• What Does a Malicious Hacker Do
• Effect on Business
• Phase 1 - Reconnaissance
• Reconnaissance Types
• Phase 2 - Scanning
• Phase 3 - Gaining Access
• Phase 4 - Maintaining Access
• Phase 5 - Covering Tracks
• Types of Hacker Attacks
• 1. Operating System Attacks
• Security News: Default Installation
• 2. Application Level Attacks
• 3. Shrink Wrap Code Attacks
• 4. Misconfiguration Attacks
• Remember This Rule!
• Hacktivism
• Hacker Classes
• Ethical Hacker Classes
• What Do Ethical Hackers Do
• Can Hacking be Ethical
• How to Become an Ethical Hacker
• Skill Profile of an Ethical Hacker
• What is Vulnerability Research
• Why Hackers Need Vulnerability Research
• Vulnerability Research Tools
• How to Conduct Ethical Hacking
• How Do They Go About It
• Approaches to Ethical Hacking
• Ethical Hacking Testing
• Ethical Hacking Deliverables
• Computer Crimes and Implications
• What Happened Next
• Module 2 Review

Footprinting

• Footprinting
• Module Objective
• Module Flow
• Revisiting Reconnaissance
• Defining Footprinting
• Why is Footprinting Necessary
• Areas and Information which Attackers Seek
• Information Gathering
• Information Gathering Methodology
• Unearthing Initial Information
• Finding a Company's URL
• Internal URL
• Extracting Archive of a Website
• Google Search for Company's Info.
• People Search
• Satellite Picture of a Residence
• Footprinting Through Job Sites
• Passive Information Gathering
• Competitive Intelligence Gathering
• Why Do You Need Competitive Intelligence
• Competitive Intelligence Resource
• Competitive Intelligence Tool: Web Investigator
• Reputica Dashboard
• MyReputation
• Public and Private Websites
• Footprinting Tools
• Whois Tools
• DNS Information Extraction Tools
• Tool: DNS Enumerator
• Locating Network Range
• Arin
• Traceroute
• Trace Route Analysis
• Tool: Maltego
• Layer Four Traceroute
• E-mail Spiders
• Tool: 1st E-mail Address Spider
• Locating Network Activity
• Tool: GEOSpider
• Tool: Geowhere
• Search Engines
• Kartoo Search Engine
• Dogpile (Meta Search Engine)
• robots.txt
• How to Fake Websites
• Faking Websites using Man-in-the-Middle Phishing Kit
• Steps to Perform Footprinting
• What Happened Next
• Module 3 Review

Google Hacking

• Google Hacking
• Module Flow
• What is Google Hacking
• What a Hacker Can do With Vulnerable Site
• Anonymity with Caches
• Using Google as a Proxy Server
• Directory Listings
• Locating Directory Listings
• Server Versioning
• Going Out on a Limb: Traversal Techniques
• Directory Traversal
• Incremental Substitution
• Extension Walking
• Google Advanced Operators
• Pre-Assessment
• intranet , help.desk
• Locating Exploits and Finding Targets
• Locating Public Exploit Sites
• Locating Vulnerable Targets
• "Powered by" Tags Are Common Query Fodder for Finding Web Applications
• Vulnerable Web Application Examples
• Locating Targets via CGI Scanning
• Web Server Software Error Messages
• Google Hacking Tools
• Google Hacking Database (GHDB)
• SiteDigger Tool
• Gooscan
• Goolink Scanner
• Google Hack Honeypot
• Module 4 Review

Scanning

• Scanning
• Module Objective
• Scanning - Definition
• Types of Scanning
• Objectives of Scanning
• CEH Scanning Methodology
• Checking for Live Systems
• Checking for Live Systems - ICMP Scanning
• Firewalk Tool
• Checking for Open Ports
• Three Way Handshake
• TCP Communication Flags
• Nmap
• Nmap: Scan Methods
• NMAP Output Format
• HPING2
• ICMP Echo Scanning/List Scan
• TCP Connect / Full Open Scan
• SYN/FIN Scanning Using IP Fragments
• UDP Scanning
• IPSecScan
• FloppyScan
• ike-scan
• LANView
• Colasoft MAC Scanner
• War Dialer Technique
• Why War Dialing?
• War Dialing Countermeasures SandTrap Tool
• Banner Grabbing
• OS Fingerprinting
• Active Stack Fingerprinting
• Passive Fingerprinting
• Active Banner Grabbing Using Telnet
• Tools for Active Stack Fingerprinting
• Disabling or Changing Banner
• IIS Lockdown Tool
• Vulnerability Scanning
• Qualys Web-based Scanner
• SAINT
• Nessus
• Draw Network Diagrams of Vulnerable Hosts
• FriendlyPinger
• LANsurveyor
• Preparing Proxies
• Proxy Servers
• Use of Proxies for Attack
• SocksChain
• How Does MultiProxy Work
• TOR Proxy Chaining Software
• Anonymizers
• Surfing Anonymously
• Psiphon
• Bloggers Write Text Backwards to Bypass Web Filters in China
• Google Cookies
• Spoofing IP Address
• Detecting IP Spoofing
• Despoof Tool
• Scanning Countermeasures
• What Happened Next?
• Scanning Review
• Module 5 Review

Enumeration

• Enumeration
• Module Flow
• Overview of System Hacking Cycle
• What is Enumeration
• Techniques for Enumeration
• Netbios Null Sessions
• So What's the Big Deal
• Tool: DumpSec
• NetBIOS Enumeration Using Netview
• Null Session Countermeasures
• PS Tools
• SNMP Enumeration
• Management Information Base
• SNMPutil Example
• Tool: Solarwinds
• UNIX Enumeration
• SNMP UNIX Enumeration
• SNMP Enumeration Countermeasures
• LDAP Enumeration
• Jxplorer
• NTP Enumeration
• SMTP Enumeration
• Web Enumeration
• Asnumber
• Lynx
• Windows Active Directory Attack Tool
• How To Enumerate Web Application Directories in IIS Using Directory Services
• Enumerate Systems Using Default Passwords
• Terminal Service Agent
• Tool: TXDNS
• What Happened Next
• Enumeration Review
• Module 6 Review

System Hacking

• System Hacking
• Module Flow
• CEH Hacking Cycle 01
• Password Types
• Types of Password Attacks
• Passive Online Attack: Wire Sniffing
• Passive Online Attack: Man-in-the-Middle and Replay Attacks
• Active Online Attack: Password Guessing
• Offline Attacks
• Offline Attack: Brute-force Attack
• Offline Attack: Pre-Computed Hashes
• Syllable Attack/Rule-based Attack/Hybrid Attack
• Distributed Network Attack
• Non-Technical Attacks
• PDF Password Cracker
• Password Mitigation
• Permanent Account Lockout - Employee Privilege Abuse
• Administrator Password Guessing
• Manual Password Cracking Algorithm
• Automatic Password Cracking Algorithm
• Microsoft Authentication
• LM, NTLMv1, and NTLMv2
• NTLM and LM Authentication on the Wire
• Kerberos Authentication
• What is LAN Manager Hash
• Salting
• Password Cracking Countermeasures
• Do Not Store LAN Manager Hash in SAM Database
• LM Hash Backward Compatibility
• Escalating Privileges
• Privilege Escalation
• Executing Applications
• Actual Spy
• Wiretap Professional
• Keylogger Countermeasures
• Anti-Keylogger
• Hiding Files 01
• CEH Hacking Cycle 02
• Hiding Files 02
• Rootkits
• Why Rootkits
• Rootkits in Linux
• Detecting Rootkits
• Steps for Detecting Rootkits
• Sony Rootkit Case Study
• Rootkit Countermeasures
• Creating Alternate Data Streams
• NTFS Streams Countermeasures
• Hacking Tool: USB Dumper
• Steganography
• Least Significant Bit Insertion in Image Files
• Steganography Tools
• Steganography Detection
• Steganalysis
• Steganalysis Methods/Attacks on Steganography
• Steganalysis Tools
• Stegdetect
• Covering Tracks
• Disabling Auditing
• Clearing the Event Log
• What Happened Next
• Module 7 Review

Trojans and Backdoors

• Trojans and Backdoors
• Introduction
• What is a Trojan
• Overt and Covert Channels
• Working of Trojans
• Different Types of Trojans
• What Do Trojan Creators Look For
• Different Ways a Trojan Can Get into a System
• Indications of a Trojan Attack
• Ports Used by Trojans
• How to Determine which Ports are "Listening"
• Wrappers
• RemoteByMail
• HTTP Trojans
• ICMP Tunneling
• Trojan: Netcat
• Hacking Tools
• Trojan Detecting Tools
• How to Detect Trojans
• Delete Suspicious Device Drivers
• Check for Running Processes: What's on My Computer
• Super System Helper Tool
• Tool: MSConfig
• Anti-Trojan Software
• TrojanHunter
• Backdoor Countermeasures
• Tool: Tripwire
• System File Verification
• How to Avoid a Trojan Infection
• What happened next
• Module 8 Review

Viruses and Worms

• Viruses and Worms
• Introduction to Virus
• Virus History
• Characteristics of a Virus
• Working of Virus
• Why People Create Computer Viruses
• Symptoms of Virus-Like Attack
• Virus Hoaxes
• Worms
• How is a Worm different from a Virus
• Indications of a Virus Attack
• Hardware Threats
• Software Threats
• Stages of Virus Life
• Types of Viruses
• Virus Classification
• How does a Virus Infect
• Storage Patterns of a Virus
• System Sector Viruses
• Stealth Virus
• Bootable CD-ROM Virus
• Self-Modification
• Encryption with a Variable Key
• Polymorphic Code
• Metamorphic Virus
• Cavity Virus
• Sparse Infector Virus
• Companion Virus
• File Extension Virus
• Famous Viruses and Worms
• Famous Viruses/Worms: I Love You Virus
• Zombies and DoS
• Spread of Slammer Worm - 30 min
• Latest Viruses
• Disk Killer
• Writing Virus Programs
• Writing a Simple Virus Program
• Virus Construction Kits
• Examples of Virus Construction Kits
• Virus Detection Methods
• Virus Incident Response
• What is Sheep Dip
• Virus Analysis - IDA Pro Tool
• Prevention is Better than Cure
• Anti-Virus Software
• Module 9 Review

Sniffers

• Sniffers
• Definition: Sniffing
• Protocols Vulnerable to Sniffing
• Types of Sniffing
• Passive Sniffing
• Active Sniffing
• What is Address Resolution Protocol (ARP)
• Tool: Network View - Scans the Network for Devices
• Wiretap
• RF Transmitter Wiretaps
• Infinity Transmitter
• Slave Parallel Wiretaps
• Switched Port Analyzer (SPAN)
• Lawful Intercept
• Benefits of Lawful Intercept
• Network Components Used for Lawful Intercept
• ARP Spoofing Attack
• How Does ARP Spoofing Work
• Mac Duplicating
• Mac Duplicating Attack
• ARP Spoofing Tools
• MAC Flooding Tools
• Threats of ARP Poisoning
• IP-based Sniffing
• Linux Sniffing Tools
• DNS Poisoning Techniques
• 1. Intranet DNS Spoofing (Local Network)
• 2. Internet DNS Spoofing (Remote Network)
• 3. Proxy Server DNS Poisoning
• 4. DNS Cache Poisoning
• Interactive TCP Relay
• Raw Sniffing Tools
• Features of Raw Sniffing Tools
• Detecting Sniffing
• How to Detect Sniffing
• Countermeasures
• Module 10 Review

Social Engineering

• Social Engineering
• There is No Patch to Human Stupidity
• What is Social Engineering
• Human Weakness
• "Rebecca" and "Jessica"
• Office Workers
• Types of Social Engineering
• Human-Based Social Engineering
• Human-Based Social Engineering: Eavesdropping
• Human-Based Social Engineering: Shoulder Surfing
• Human-Based Social Engineering: Dumpster Diving
• Dumpster Diving Example
• Human-Based Social Engineering (cont'd)
• Movies to Watch for Reverse Engineering Examples: The Italian Job and Catch Me If You Can
• Computer-Based Social Engineering
• Insider Attack
• Disgruntled Employee
• Preventing Insider Threat
• Common Targets of Social Engineering
• Social Engineering Threats and Defenses
• Online Threats
• Telephone-Based Threats
• Personal Approaches
• Defenses Against Social Engineering Threats
• Factors that make Companies Vulnerable to Attacks
• Why is Social Engineering Effective
• Warning Signs of an Attack
• Tool: Netcraft Anti-Phishing Toolbar
• Phases in a Social Engineering Attack
• Behavoirs Vulnerable to Attacks
• Impact on the Organization
• Countermeasures
• Policies and Procedures
• Impersonating on Facebook
• Identity Theft
• Module 11 Review

Phishing

• Phishing
• Introduction
• Reasons for Successful Phishing
• Phishing Methods
• Process of Phishing
• Types of Phishing Attacks
• Man-in-the-Middle Attacks
• URL Obfuscation Attacks
• Cross-site Scripting Attacks
• Hidden Attacks
• Client-side Vulnerabilities
• Deceptive Phishing
• Malware-Based Phishing
• DNS-Based Phishing
• Content-Injection Phishing
• Search Engine Phishing
• Anti-Phishing
• Module 12 Review

Hacking Email Accounts

• Hacking Email Accounts
• Introduction
• Ways for Getting Email Account Information
• Stealing Cookies
• Social Engineering
• Password Phishing
• Fraudulent e-mail Messages
• Vulnerabilities
• Vulnerabilities: Web Email
• Email Hacking Tools
• Securing Email Accounts
• Creating Strong Passwords
• Sign-in Seal
• Alternate Email Address
• Keep Me Signed In/Remember Me
• Module 13 Review

Denial of Service

• Denial of Service
• Terminologies
• Goal of DoS
• Impact and the Modes of Attack
• Types of Attacks
• DoS Attack Classification
• Smurf Attack
• Buffer Overflow Attack
• Ping of Death Attack
• Teardrop Attack
• SYN Attack
• SYN Flooding
• DoS Attack Tools
• Bot (Derived from the Word RoBOT)
• Botnets
• Uses of Botnets
• Types of Bots
• How Do They Infect? Analysis Of Agabot
• DDOS Unstoppable
• DDoS Attack Taxonomy
• Reflective DNS Attacks
• DDoS Tools
• How to Conduct a DDoS Attack
• Reflection of the Exploit
• Countermeasures for Reflected DoS
• Taxonomy of DDoS Countermeasures
• Preventing Secondary Victims
• Detect and Neutralize Handlers
• Mitigate or Stop the Effects of DDoS Attacks
• Post-attack Forensics
• Module 14 Review

Session Hijacking

• Session Hijacking
• What is Session Hijacking
• Understanding Session Hijacking
• Spoofing vs. Hijacking
• Steps in Session Hijacking
• Types of Session Hijacking
• Session Hijacking Levels
• Network Level Hijacking
• The 3-Way Handshake
• Sequence Numbers
• Sequence Number Prediction
• TCP/IP Hijacking
• IP Spoofing: Source Routed Packets
• RST Hijacking
• Blind Hijacking
• Man in the Middle: Packet Sniffer
• UDP Hijacking
• Application Level Hijacking
• Session Hijacking Tools
• Programs that Perform Session Hijacking
• Dangers Posed by Hijacking
• Countermeasures
• Protecting against Session Hijacking
• Countermeasure: IP Security
• What Happened Next
• Module 15 Review

Hacking Web Servers

• Hacking Web Servers
• How are Web Servers Compromised
• Web Server Defacement
• How are Web Servers Defaced
• Attacks Against IIS
• IIS 7 Components
• IIS Directory Traversal (Unicode) Attack
• ServerMask ip100
• Unicode
• Core Impact Professional 101
• Core Impact Professional
• Networking Attack Vector
• Client Side Application Testing
• Web Application Testing
• Core Impact Professional 101 Review
• Patch Management
• Hotfixes and Patches
• What is Patch Management
• Vulnerability Scanners
• Countermeasures
• File System Traversal Countermeasures
• Increasing Web Server Security
• Module 16 Review

Web Application Vulnerabilities

• Web Application Vulnerabilities
• Web Application Setup
• Web Application Hacking
• Anatomy of an Attack
• Web Application Threats
• Cross-Site Scripting/XSS Flaws
• Countermeasures 01
• SQL Injection
• Command Injection Flaws
• Countermeasures 02
• Cookie/Session Poisoning
• Countermeasures 03
• Parameter/Form Tampering
• Buffer Overflow
• Countermeasures 04
• Directory Traversal/Forceful Browsing
• Countermeasures 05
• Cryptographic Interception
• Cookie Snooping
• Authentication Hijacking
• Countermeasures 06
• Log Tampering
• Error Message Interception
• Attack Obfuscation
• Platform Exploits
• DMZ Protocol Attacks
• Countermeasures 07
• Security Management Exploits
• Web Services Attacks
• Zero-Day Attacks
• Network Access Attacks
• Module 17 Review

Web-Based Password Cracking Techniques

• Web-Based Password Cracking Techniques
• Authentication
• Authentication - Definition
• Authentication Mechanisms
• HTTP Authentication
• Basic Authentication
• Digest Authentication
• Integrated Windows (NTLM) Authentication
• Negotiate Authentication
• Certificate-based Authentication
• Forms-based Authentication
• RSA SecurID Token
• Biometrics Authentication
• Types of Biometrics Authentication
• Fingerprint-based Identification
• Hand Geometry-based Identification
• Retina Scanning
• Afghan Woman Recognized After 17 Years
• Face Recognition
• Face Code: WebCam Based Biometrics Authentication System
• Password Cracking
• How to Select a Good Password
• Things to Avoid in Passwords
• Changing Your Password
• Windows XP: Remove Saved Passwords
• What is a Password Cracker
• Modus Operandi of an Attacker Using Password Cracker
• How does a Password Cracker Work
• Attacks - Classification
• Password Guessing
• Query String
• Cookies
• Dictionary Maker
• Password Cracking Tools
• Security Tools
• Password Administrator
• Countermeasures
• Module 18 Review

SQL Injection

• SQL Injection
• What is SQL Injection
• Exploiting Web Applications
• SQL Injection Steps
• What Should You Look For
• What If It Doesn't Take Input
• OLE DB Errors
• SQL Injection Techniques
• How to Test for SQL Injection Vulnerability
• How Does it Work
• BadLogin.aspx.cs
• Executing Operating System Commands
• Getting Output of SQL Query
• Getting Data from the Database Using ODBC Error Message
• SQL Injection in Oracle
• SQL Injection in MySql Database
• Attack Against SQL Servers
• SQL Server Resolution Service (SSRS)
• Osql L-Probing
• SQL Injection Tools
• SQL Injection Automated Tools
• Blind SQL Injection
• Blind SQL Injection: Countermeasures
• SQL Injection Countermeasures
• Preventing SQL Injection Attacks
• Module 19 Review

Hacking Wireless Networks

• Hacking Wireless Networks
• Introduction to Wireless Networking
• Wired Network vs. Wireless Network
• Effects of Wireless Attacks on Business
• Types of Wireless Network
• Advantages and Disadvantages of a Wireless Network
• Wireless Standards
• Wireless Standard: 802.11a
• Wireless Standard: 802.11b - "WiFi"
• Wireless Standard: 802.11g
• Wireless Standard: 802.11i
• Wireless Standard: 802.11n
• Related Technology and Carrier Networks
• Antennas
• Cantenna
• Wireless Access Points
• SSID
• Beacon Frames
• Is the SSID a Secret
• Setting up a WLAN
• Authentication and Association
• Authentication Modes
• The 802.1X Authentication Process
• Wired Equivalent Privacy (WEP)
• WEP Issues
• What is WPA
• WPA
• WPA Vulnerabilities
• WEP, WPA, and WPA2
• WPA2 Wi-Fi Protected Access 2
• Attacks and Hacking Tools
• Terminologies
• Authentication and (Dis)Association Attacks
• WEP Attack
• Cracking WEP
• Weak Keys (a.k.a. Weak IVs)
• Problems with WEP's Key Stream and Reuse
• Automated WEP Crackers
• Attacking WPA Encrypted Networks
• Evil Twin: Attack
• Rogue Access Points
• Cloaked Access Point
• Temporal Key Integrity Protocol (TKIP)
• Phone Jammers
• Phone Jammer: Mobile Blocker
• 2.4Ghz Wi-Fi & Wireless Camera Jammer
• 3 Watt Digital Cell Phone Jammer
• 3 Watt Quad Band Digital Cellular Mobile Phone Jammer
• Detecting a Wireless Network
• Scanning Tools
• Sniffing Tools
• Hacking Wireless Networks 02
• Step 1: Find Networks to Attack
• Step 2: Choose the Networks to Attack
• Step 3: Analyzing the Network
• Step 4: Cracking the WEP Key
• Step 5: Sniffing the Network
• Wireless Security
• Radius: Used as Additional Layer in Security
• Securing Wireless Networks
• WLAN Security: Passphrase
• Don'ts in Wireless Security
• Wireless Security Tools
• Google Secure Access
• Module 20 Review

Physical Security

• Physical Security
• Security Facts
• Understanding Physical Security
• Physical Security 02
• What Is the Need for Physical Security
• Who Is Accountable for Physical Security
• Factors Affecting Physical Security
• Physical Security Checklist 01
• Physical Security Checklist: Company Surroundings
• Gates
• Security Guards
• Physical Security Checklist: Premises
• CCTV Cameras
• Physical Security Checklist: Reception
• Physical Security Checklist: Server
• Physical Security Checklist: Workstation Area
• Physical Security Checklist: Wireless Access Points
• Physical Security Checklist: Other Equipment
• Physical Security Checklist: Access Control
• Physical Security Checklist: Biometric Devices
• Biometric Identification Techniques
• Authentication Mechanisms
• Authentication Mechanisms Challenges: Biometrics
• Faking Fingerprints
• Physical Security Checklist 02
• Smart Cards
• Security Token
• Computer Equipment Maintenance
• Wiretapping
• Remote Access
• Locks
• Lock Picking
• Lock Picking Tools
• Information Security
• EPS (Electronic Physical Security)
• Wireless Security
• Laptop Theft Statistics for 2007
• Statistics for Stolen and Recovered Laptops
• Laptop Theft
• Laptop Security Tools
• Laptop Tracker - Xtool Computer Tracker
• Laptop Security Countermeasures
• Mantrap
• TEMPEST
• Challenges in Ensuring Physical Security
• Spyware Technologies
• Physical Security: Lock Down USB Ports
• Module 21 Review

• Linux Hacking

• Linux Hacking
• Why Linux
• Linux - Basics
• Linux Live CD-ROMs
• Basic Commands of Linux: Files & Directories
• Linux Networking Commands
• Directories in Linux
• Installing, Configuring, and Compiling Linux Kernel
• How to Install a Kernel Patch
• Compiling Programs in Linux
• Make Files
• Make Install Command
• Linux Vulnerabilities
• Chrooting
• Why is Linux Hacked
• How to Apply Patches to Vulnerable Programs
• Port Scan Detection Tools
• Password Cracking in Linux: Xcrack
• Firewall in Linux: IPTables
• Basic Linux Operating System Defense
• Linux Loadable Kernel Modules
• Hacking Tool: Linux Rootkits
• Rootkit: Countermeasures
• Linux Tools: Application Security
• Advanced Intrusion Detection Environment (AIDE)
• Linux Tools: Encryption
• Steps for Hardening Linux
• Module 22 Review

Evading IDS, Firewalls and Honeypots

• Evading IDS, Firewalls and Honeypots
• Introduction to Intrusion Detection Systems
• Terminologies
• Intrusion Detection System
• Intrusion Detection System (IDS)
• IDS Placement
• Ways to Detect an Intrusion
• Types of Intrusion Detection Systems
• System Integrity Verifiers (SIV)
• Tripwire (www.tripwire.com)
• Cisco Security Agent (CSA)
• True/False, Positive/Negative
• Signature Analysis
• General Indications of Intrusion System Indications
• General Indications of Intrusion File System Indications
• General Indications of Intrusion Network Indications
• Intrusion Detection Tools
• Snort
• Running Snort on Windows 2003
• Snort Rules
• SnortSam
• Steps to Perform After an IDS Detects an Attack
• Evading IDS Systems
• Ways to Evade IDS
• Tools to Evade IDS
• Firewall
• What is a Firewall
• What does a Firewall do
• Packet Filtering
• What can't a Firewall do
• How does a Firewall Work
• Hardware Firewall
• Types of Firewalls
• Packet Filtering Firewall
• Circuit-Level Gateway
• Application-Level Firewall
• Stateful Multilayer Inspection Firewall
• Firewall Identification
• Firewalking
• Banner Grabbing
• Breaching Firewalls
• Placing Backdoors Through Firewalls
• Honeypot
• What is a Honeypot
• The Honeynet Project
• Types of Honeypots
• Advantages and Disadvantages of a Honeypot
• Where to Place a Honeypot
• Physical and Virtual Honeypots
• Tools to Detect Honeypots
• What to do When Hacked
• Module 23 Review

Buffer Overflows

• Buffer Overflows
• Why are Programs/Applications Vulnerable
• Buffer Overflows 02
• Reasons for Buffer Overflow Attacks
• Knowledge Required to Program Buffer Overflow Exploits
• Understanding Stacks
• Understanding Heaps
• Types of Buffer Overflows: Stack-Based Buffer Overflow
• Stack Based Buffer Overflows
• Types of Buffer Overflows: Heap-Based Buffer Overflow
• Heap-Based Buffer Overflow
• Understanding Assembly Language
• Shellcode
• How to Detect Buffer Overflows in a Program
• Attacking a Real Program
• NOPS
• How to Mutate a Buffer Overflow Exploit
• Once the Stack is Smashed?
• Defense Against Buffer Overflows
• Tool to Defend Buffer Overflow: Return Address Defender (RAD)
• Tool to Defend Buffer Overflow: StackGuard
• Valgrind
• Insure++
• Module 24 Review

Cryptography

• Cryptography
• Cryptography 02
• Classical Cryptographic Techniques
• Encryption
• Decryption
• Cryptographic Algorithms
• RSA (Rivest Shamir Adleman)
• RSA Attacks
• RSA Challenge
• Data Encryption Standard (DES)
• DES Overview
• RC4, RC5, RC6, Blowfish
• RC5
• Message Digest Functions
• One-way Bash Functions
• MD5
• SHA (Secure Hash Algorithm)
• SSL (Secure Sockets Layer)
• What is SSH
• Algorithms and Security
• Disk Encryption
• Government Access to Keys (GAK)
• Digital Signature
• Components of a Digital Signature
• Method of Digital Signature Technology
• Digital Signature Applications
• Digital Signature Standard
• Digital Signature Algorithms: ECDSA, ElGamal Signature Scheme
• Challenges and Opportunities
• Digital Certificates
• Encryption Engine
• Code Breaking: Methodologies
• Cryptanalysis
• Cryptography Attacks
• Brute-Force Attack
• Module 25 Review
• Course Closure