Transcription
Ethical HackingCertification TrainingEthical Hacking Certification Training1 Page
Table of Contents1.About the Program2.About Intellipaat3.Key Features4.Career Support5.Why take up this course?6.Who should take up this course?7.Program Curriculum8.Project Work9.Certification10.Intellipaat Success Stories11.Contact UsEthical Hacking Certification Training2 Page
About the ProgramThis Certified Ethical Hacking course will help you clear the EC Council’s CEH v11certification. It has carefully been designed with help of top Ethical hacker from variousmajor organizations. This CEH certification course will help you master skils sets likesystem penetration testing, building firewalls, network security and more to becomecertified Ethical hacker. This Ethical hacking training will help you master methodologiesused by the hackers to help you prevent and block security attacks at your organization.About IntellipaatIntellipaat is one of the leading online e-learning training providers with more than 600,000learners across 55 countries. We are on a mission to democratize education as webelieve that everyone has the right to quality education.Our courses are delivered by subject matter experts from top MNCs, and our world-classpedagogy enables to quickly learn difficult topics in no time. Our 24/7 technical support andcareer services will help learners jump-start their careers in their dream companies.Key FeaturesEthical Hacking Certification Training3 Page
40 HRS INSTRUCTOR-LEDTRAINING8 HRS SELF-PACED TRAINING6 Months Access to Cloud LabLIFETIME ACCESS24/7 TECHNICAL SUPPORTINDUSTRY-RECOGNIZEDCERTIFICATIONJOB ASSISTANCE THROUGH80 CORPORATE TIE-UPSFLEXIBLE SCHEDULINGEthical Hacking Certification Training4 Page
Career SupportSESSIONS WITH INDUSTRY MENTORSAttend sessions from top industry experts and get guidance on how to boostyour career growthMOCK INTERVIEWSMock interviews to make you prepare for cracking interviews by top employersGUARANTEED INTERVIEWS & JOB SUPPORTGet interviewed by our 400 hiring partnersRESUME PREPARATIONGet assistance in creating a world-class resume from our career services teamEthical Hacking Certification Training5 Page
Why take up this course? The United States offers 4,000 CEH jobs for certified professionals – LinkedIn Major companies, like Citibank, Deloitte, Accenture, IBM, Oracle, etc., are masshiring professionals in Ethical Hacking – Indeed The average salary of Ethical Hackers in India is about 655k per annum –Glassdoor.Who should take up this course? Network Security Officers Site Administrators IT/IS Auditors IT Security Officers Technical Support Engineers IT/IS Analysts and Specialists System Analysts Network Specialists IT Operations Managers Senior System EngineersProgram CurriculumEthical Hacking Training Course ContentEthical Hacking Certification Training6 Page
1. Introduction to Ethical Hacking Information Security Overview1.1 Internet is Integral Part of Business and Personal Life – What Happens Online in60 Seconds1.2 Essential Terminology1.3 Elements of Information Security1.4 The Security, Functionality, and Usability Triangle Information Security Threats and Attack Vectors1.5 Motives, Goals, and Objectives of Information Security Attacks1.6 Top Information Security Attack Vectors1.7 Information Security Threat Categories1.8 Types of Attacks on a System1.9 Information Warfare Hacking Concepts1.10 What is Hacking?1.11Who is a Hacker?1.12 Hacker Classes1.13 Hacking Phaseso Reconnaissanceo Scanningo Gaining Accesso Maintaining Accesso Clearing Tracks Ethical Hacking Concepts1.14 What is Ethical Hacking?1.15 Why Ethical Hacking is Necessary1.16 Scope and Limitations of Ethical Hacking1.17 Skills of an Ethical HackerEthical Hacking Certification Training7 Page
Information Security Controls1.18 Information Assurance (IA)1.19 Information Security Management Program1.20 Enterprise Information Security Architecture (EISA)1.21 Network Security Zoning1.22 Defense-in-Depth1.23 Information Security Policieso Types of Security Policieso Examples of Security Policieso Privacy Policies at Workplaceo Steps to Create and Implement Security Policieso HR/Legal Implications of Security Policy Enforcement1.24 Physical Securityo Types of Physical Security Controlo Physical Security Controls1.25 What is Risk?o Risk Managemento Key Roles and Responsibilities in Risk Management1.26 Threat Modeling1.27 Incident Managemento Incident Management Processo Responsibilities of an Incident Response Team1.28 Security Incident and Event Management (SIEM)o SIEM Architecture1.29 User Behavior Analytics (UBA)1.30 Network Security ControlsEthical Hacking Certification Training8 Page
o Access Controlo Types of Access Controlo User Identification, Authentication, Authorization and Accounting1.31 Identity and Access Management (IAM)1.32 Data Leakageo Data Leakage Threatso What is Data Loss Prevention (DLP)?1.33 Data Backup1.34 Data Recovery1.35 Role of AI/ML in Cyber Security Penetration Testing Concepts1.36 Penetration Testing1.37 Why Penetration Testing1.38 Comparing Security Audit, Vulnerability Assessment, and Penetration Testing1.39 Blue Teaming/Red Teaming1.40 Types of Penetration Testing1.41 Phases of Penetration Testing1.42 Security Testing Methodology Information Security Laws and Standards1.43 Payment Card Industry Data Security Standard (PCI-DSS)1.44 ISO/IEC 27001:20131.45 Health Insurance Portability and Accountability Act (HIPAA)1.46 Sarbanes Oxley Act (SOX)1.47 The Digital Millennium Copyright Act (DMCA)1.48 Federal Information Security Management Act (FISMA)1.49 Cyber Law in Different Countries2. Footprinting and Reconnaissance Footprinting ConceptsEthical Hacking Certification Training9 Page
2.1 What is Footprinting?2.2 Objectives of Footprinting Footprinting through Search Engines2.3 Footprinting through Search Engines2.4 Footprint Using Advanced Google Hacking Techniques2.5 Information Gathering Using Google Advanced Search and Image Search2.6 Google Hacking Database2.7 VoIP and VPN Footprinting through Google Hacking Database Footprinting through Web Services2.8 Finding Company’s Top-level Domains (TLDs) and Sub-domains2.9 Finding the Geographical Location of the Target2.10 People Search on Social Networking Sites and People Search Services2.11 Gathering Information from LinkedIn2.12 Gather Information from Financial Services2.13 Footprinting through Job Sites2.14 Monitoring Target Using Alerts2.15 Information Gathering Using Groups, Forums, and Blogs2.16 Determining the Operating System2.17 VoIP and VPN Footprinting through SHODAN Footprinting through Social Networking Sites2.18 Collecting Information through Social Engineering on Social Networking Sites Website Footprinting2.19 Website Footprinting2.20 Website Footprinting using Web Spiders2.21 Mirroring Entire Website2.22 Extracting Website Information from https://archive.org2.23 Extracting Metadata of Public Documents2.24 Monitoring Web Pages for Updates and Changes Email FootprintingEthical Hacking Certification Training10 P a g e
2.25 Tracking Email Communications2.26 Collecting Information from Email Header2.27 Email Tracking Tools Competitive Intelligence2.28 Competitive Intelligence Gathering2.29 Competitive Intelligence – When Did this Company Begin? How Did it Develop?2.30 Competitive Intelligence – What Are the Company’s Plans?2.31 Competitive Intelligence – What Expert Opinions Say About the Company2.32 Monitoring Website Traffic of Target Company2.33 Tracking Online Reputation of the Target Whois Footprinting2.34 Whois Lookup2.35 Whois Lookup Result Analysis2.36 Whois Lookup Tools2.37 Finding IP Geolocation Information DNS Footprinting2.38 Extracting DNS Information2.39 DNS Interrogation Tools Network Footprinting2.40 Locate the Network Range2.41 Traceroute2.42 Traceroute Analysis2.43 Traceroute Tools Footprinting through Social Engineering2.44 Footprinting through Social Engineering2.45 Collect Information Using Eavesdropping, Shoulder Surfing, and DumpsterDiving Footprinting Tools2.46 Maltego2.47 Recon-ngEthical Hacking Certification Training11 P a g e
2.48 FOCA2.49 Recon-Dog2.50 OSRFramework2.51 Additional Footprinting Tools Countermeasures2.52 Footprinting Countermeasures Footprinting Pen Testing2.53 Footprinting Pen Testing2.54 Footprinting Pen Testing Report Templates3. Scanning Networks Network Scanning Concepts3.1 Overview of Network Scanning3.2 TCP Communication Flags3.3 TCP/IP Communication3.4 Creating Custom Packet Using TCP Flags3.5 Scanning in IPv6 Networks Scanning Tools3.6 Nmap3.7 Hping2 / Hping3o Hping Commands3.8 Scanning Tools3.9 Scanning Tools for Mobile Scanning Techniques3.10 Scanning Techniqueso ICMP Scanning – Checking for Live Systemso Ping Sweep – Checking for Live Systems Ping Sweep ToolsEthical Hacking Certification Training12 P a g e
o ICMP Echo Scanningo TCP Connect / Full Open Scano Stealth Scan (Half-open Scan)o Inverse TCP Flag Scanningo Xmas Scano ACK Flag Probe Scanningo IDLE/IPID Header Scano UDP Scanningo SSDP and List Scanningo Port Scanning Countermeasures Scanning Beyond IDS and Firewall3.11 IDS/Firewall Evasion Techniques Packet Fragmentation Source Routing IP Address Decoy IP Address Spoofing IP Spoofing Detection Techniques: Direct TTL Probes IP Spoofing Detection Techniques: IP Identification Number IP Spoofing Detection Techniques: TCP Flow Control Method IP Spoofing Countermeasures Proxy Servers Proxy Chaining Proxy Tools Proxy Tools for Mobile AnonymizersEthical Hacking Certification Training13 P a g e
Censorship Circumvention Tools: Alkasir and Tails Anonymizers Anonymizers for Mobile Banner Grabbing3.12 Banner Grabbing3.13 How to Identify Target System OS3.14 Banner Grabbing Countermeasures Draw Network Diagrams3.15 Drawing Network Diagrams3.16 Network Discovery and Mapping Tools3.17 Network Discovery Tools for Mobile Scanning Pen Testing3.18 Scanning Pen Testing4. Enumeration Enumeration Concepts4.1 What is Enumeration?4.2 Techniques for Enumeration4.3 Services and Ports to Enumerate NetBIOS Enumeration4.4 NetBIOS Enumeration4.5 NetBIOS Enumeration Tools4.6 Enumerating User Accounts4.7 Enumerating Shared Resources Using Net View SNMP Enumeration4.8 SNMP (Simple Network Management Protocol) Enumeration4.9 Working of SNMP4.10 Management Information Base (MIB)4.11 SNMP Enumeration ToolsEthical Hacking Certification Training14 P a g e
LDAP Enumeration4.12 LDAP Enumeration4.13 LDAP Enumeration Tools NTP Enumeration4.14 NTP Enumeration4.15 NTP Enumeration Commands4.16 NTP Enumeration Tools SMTP and DNS Enumeration4.17 SMTP Enumeration4.18 SMTP Enumeration Tools4.19 DNS Enumeration Using Zone Transfer Other Enumeration Techniques4.20 IPsec Enumeration4.21 VoIP Enumeration4.22 RPC Enumeration4.23 Unix/Linux User Enumeration Enumeration Countermeasures4.24 Enumeration Countermeasures Enumeration Pen Testing4.25 Enumeration Pen Testing5. Vulnerability Analysis Vulnerability Assessment Concepts5.1 Vulnerability Research5.2 Vulnerability Classification5.3 What is Vulnerability Assessment?5.4 Types of Vulnerability Assessment5.5 Vulnerability-Management Life CycleEthical Hacking Certification Training15 P a g e
o Pre-Assessment Phase: Creating a Baselineo Vulnerability Assessment Phaseo Post Assessment Phase Vulnerability Assessment Solutions5.6 Comparing Approaches to Vulnerability Assessment5.7 Working of Vulnerability Scanning Solutions5.8 Types of Vulnerability Assessment Tools5.9 Characteristics of a Good Vulnerability Assessment Solution5.10 Choosing a Vulnerability Assessment Tool5.11 Criteria for Choosing a Vulnerability Assessment Tool5.12 Best Practices for Selecting Vulnerability Assessment Tools Vulnerability Scoring Systems5.13 Common Vulnerability Scoring System (CVSS)5.14 Common Vulnerabilities and Exposures (CVE)5.15 National Vulnerability Database (NVD)5.16 Resources for Vulnerability Research Vulnerability Assessment Tools5.17 Vulnerability Assessment Toolso Qualys Vulnerability Managemento Nessus Professionalo GFI LanGuardo Qualys FreeScano Niktoo OpenVASo Retina CSo SAINTo Microsoft Baseline Security Analyzer (MBSA)o AVDS – Automated Vulnerability Detection SystemEthical Hacking Certification Training16 P a g e
o Vulnerability Assessment Tools5.18 Vulnerability Assessment Tools for Mobile Vulnerability Assessment Reports5.19 Vulnerability Assessment Reports5.20 Analyzing Vulnerability Scanning Report6. System Hacking System Hacking Concepts6.1 CEH Hacking Methodology (CHM)6.2 System Hacking Goals Cracking Passwords6.3 Password Cracking6.4 Types of Password Attackso Non-Electronic Attackso Active Online Attack Dictionary, Brute Forcing and Rule-based Attack Password Guessing Default Passwords Trojan/Spyware/Keylogger Example of Active Online Attack Using USB Drive Hash Injection Attack LLMNR/NBT-NS Poisoningo Passive Online Attack Wire Sniffing Man-in-the-Middle and Replay Attacko Offline Attack Rainbow Table AttackEthical Hacking Certification Training17 P a g e
Tools to Create Rainbow Tables: rtgen and Winrtgen Distributed Network Attack6.5 Password Recovery Tools6.6 Microsoft Authentication6.7 How Hash Passwords Are Stored in Windows SAM?6.8 NTLM Authentication Process6.9 Kerberos Authentication6.10 Password Salting6.11 Tools to Extract the Password Hashes6.12 Password Cracking Tools6.13 How to Defend against Password Cracking6.14 How to Defend against LLMNR/NBT-NS Poisoning Escalating Privileges6.15 Privilege Escalation6.16 Privilege Escalation Using DLL Hijacking6.17 Privilege Escalation by Exploiting Vulnerabilities6.18 Privilege Escalation Using Dylib Hijacking6.19 Privilege Escalation using Spectre and Meltdown Vulnerabilities6.20 Other Privilege Escalation Techniques6.21 How to Defend Against Privilege Escalation Executing Applications6.22 Executing Applicationso Tools for Executing Applications6.23 Keyloggero Types of Keystroke Loggerso Hardware Keyloggerso Keyloggers for Windowso Keyloggers for Mac6.24 SpywareEthical Hacking Certification Training18 P a g e
o Spywareo USB Spywareo Audio Spywareo Video Spywareo Telephone/Cellphone Spywareo GPS Spyware6.25 How to Defend Against Keyloggerso Anti-Keylogger6.26 How to Defend Against Spywareo Anti-Spyware Hiding Files6.27 Rootkitso Types of Rootkitso How Rootkit Workso Rootkits Horse Pill GrayFish Sirefef Necurso Detecting Rootkitso Steps for Detecting Rootkitso How to Defend against Rootkitso Anti-Rootkits6.28 NTFS Data StreamEthical Hacking Certification Training19 P a g e
o How to Create NTFS Streamso NTFS Stream Manipulationo How to Defend against NTFS Streamso NTFS Stream Detectors6.29 What is Steganography?o Classification of Steganographyo Types of Steganography based on Cover Mediumo Whitespace Steganographyo Image Steganography Image Steganography Toolso Document Steganographyo Video Steganographyo Audio Steganographyo Folder Steganographyo Spam/Email Steganography Steganography Tools for Mobile Phones Steganalysis Steganalysis Methods/Attacks on Steganography Detecting Steganography (Text, Image, Audio, and Video Files) Steganography Detection Tools Covering Tracks6.31 Disabling Auditing: Auditpol6.32 Clearing Logs6.33 Manually Clearing Event Logs6.34 Ways to Clear Online Tracks6.35 Covering BASH Shell TracksEthical Hacking Certification Training20 P a g e
6.36 Covering Tracks on Network6.37 Covering Tracks on OS6.38 Covering Tracks Tools Penetration Testing6.39 Password Cracking6.40 Privilege Escalation6.41 Executing Applications6.42 Hiding Files6.43 Covering Tracks7. Malware Threats Malware Concepts7.1 Introduction to Malware7.2 Different Ways a Malware can Get into a System7.3 Common Techniques Attackers Use to Distribute Malware on the Web7.4 Components of Malware Trojan Concepts7.5 What is a Trojan?7.6 How Hackers Use Trojans7.7 Common Ports used by Trojans7.8 How to Infect Systems Using a Trojan7.9 Trojan Horse Construction Kit7.10 Wrappers7.11 Crypters7.12 How Attackers Deploy a Trojan7.13 Exploit Kits7.14 Evading Anti-Virus Techniques7.15 Types of Trojanso Remote Access Trojanso Backdoor Trojanso Botnet TrojansEthical Hacking Certification Training21 P a g e
o Rootkit Trojanso E-banking Trojans Working of E-banking Trojans E-banking Trojan: ZeuSo Proxy Server Trojanso Covert Channel Trojanso Defacement Trojanso Service Protocol Trojanso Mobile Trojanso IoT Trojanso Other Trojans Virus and Worm Concepts7.16 Introduction to Viruses7.17 Stages of Virus Life7.18 Working of Viruses7.19 Indications of Virus Attack7.20 How does a Computer Get Infected by Viruses7.21 Virus Hoaxes7.22 Fake Antiviruses7.23 Ransomware7.24 Types of Viruseso System and File Viruseso Multipartite and Macro Viruseso Cluster and Stealth Viruseso Encryption and Sparse Infector Viruseso Polymorphic VirusesEthical Hacking Certification Training22 P a g e
o Metamorphic Viruseso Overwriting File or Cavity Viruseso Companion/Camouflage and Shell Viruseso File Extension Viruseso FAT and Logic Bomb Viruseso Web Scripting and E-mail Viruseso Other Viruses7.25 Creating Virus7.26 Computer Worms7.27 Worm Makers1. Malware Analysis7.28 What is Sheep Dip Computer?7.29 Anti-Virus Sensor Systems7.30 Introduction to Malware Analysis7.31 Malware Analysis Procedure: Preparing Testbed7.32 Static Malware Analysis1.18.1File Fingerprinting1.18.2Local and Online Malware Scanning1.18.3Performing Strings Search1.18.4Identifying Packing/ Obfuscation Methods1.18.5Finding the Portable Executables (PE) Information1.18.6Identifying File Dependencies1.18.7Malware Disassembly7.33 Dynamic Malware Analysis1.18.8Port Monitoring1.18.9Process MonitoringEthical Hacking Certification Training23 P a g e
1.18.10 Registry Monitoring1.18.11 Windows Services Monitoring1.18.12 Startup Programs Monitoring1.18.13 Event Logs Monitoring/Analysis1.18.14 Installation Monitoring1.18.15 Files and Folder Monitoring1.18.16 Device Drivers Monitoring1.18.17 Network Traffic Monitoring/Analysis1.18.18 DNS Monitoring/ Resolution1.18.19 API Calls Monitoring7.34 Virus Detection Methods7.35 Trojan Analysis: ZeuS/Zbot7.36 Virus Analysis: WannaCry2. Countermeasures7.37 Trojan Countermeasures7.38 Backdoor Countermeasures7.39 Virus and Worms Countermeasures3. Anti-Malware Software7.40 Anti-Trojan Software7.41 Antivirus Software4. Malware Penetration Testing7.42 Malware Penetration Testing8. SniffingSniffing Concepts8.1 Network Sniffing8.2 Types of Sniffing8.3 How an Attacker Hacks the Network Using SniffersEthical Hacking Certification Training24 P a g e
8.4 Protocols Vulnerable to Sniffing8.5 Sniffing in the Data Link Layer of the OSI Model8.6 Hardware Protocol Analyzers8.7 SPAN Port8.8 Wiretapping8.9 Lawful InterceptionSniffing Technique: MAC Attacks8.10 MAC Address/CAM Table8.11 How CAM Works8.12 What Happens When CAM Table Is Full?8.13 MAC Flooding8.14 Switch Port Stealing8.15 How to Defend against MAC AttacksSniffing Technique: DHCP Attacks8.16 How DHCP Works8.17 DHCP Request/Reply Messages8.18 DHCP Starvation Attack8.19 Rogue DHCP Server Attack8.20 How to Defend Against DHCP Starvation and Rogue Server AttackSniffing Technique: ARP Poisoning8.21 What Is Address Resolution Protocol (ARP)?8.22 ARP Spoofing Attack8.23 Threats of ARP Poisoning8.24 ARP Poisoning Tools8.25 How to Defend Against ARP Poisoning8.26 Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches8.27 ARP Spoofing Detection ToolsSniffing Technique: Spoofing Attacks8.28 MAC Spoofing/Duplicating8.29 MAC Spoofing Technique: Windows8.30 MAC Spoofing ToolsEthical Hacking Certification Training25 P a g e
8.31 IRDP Spoofing8.32 How to Defend Against MAC SpoofingSniffing Technique: DNS Poisoning8.33 DNS Poisoning Techniques Intranet DNS Spoofing Internet DNS Spoofing Proxy Server DNS Poisoning DNS Cache Poisoning8.34 How to Defend Against DNS SpoofingSniffing Tools8.35 Sniffing Tool: Wireshark Follow TCP Stream in Wireshark8.36 Display Filters in Wireshark8.37 Additional Wireshark Filters8.38 Sniffing Tools8.39 Packet Sniffing Tools for MobileCountermeasures8.40 How to Defend Against SniffingSniffing Detection Techniques8.41 How to Detect Sniffing8.42 Sniffer Detection Techniques Ping Method DNS Method ARP Method8.43 Promiscuous Detection Tools Sniffing Pen TestingEthical Hacking Certification Training26 P a g e
8.44 Sniffing Penetration Testing9. Social EngineeringSocial Engineering Concepts9.1 What is Social Engineering?9.2 Phases of a Social Engineering AttackSocial Engineering Techniques9.3 Types of Social Engineering9.4 Human-based Social Engineering Impersonation Impersonation (Vishing) Eavesdropping Shoulder Surfing Dumpster Diving Reverse Social Engineering Piggybacking Tailgating9.5 Computer-based Social Engineering Phishing9.6 Mobile-based Social Engineering Publishing Malicious Apps Repackaging Legitimate Apps Fake Security Applications SMiShing (SMS Phishing)Insider Threats9.7 Insider Threat / Insider Attack9.8 Type of Insider ThreatsEthical Hacking Certification Training27 P a g e
Impersonation on Social Networking Sites9.9 Social Engineering Through Impersonation on Social Networking Sites9.10 Impersonation on Facebook9.11 Social Networking Threats to Corporate NetworksIdentity Theft9.12 Identity TheftCountermeasures9.13 Social Engineering Countermeasures9.14 Insider Threats Countermeasures9.15 Identity Theft Countermeasures9.16 How to Detect Phishing Emails?9.17 Anti-Phishing Toolbar9.18 Common Social Engineering Targets and Defense StrategiesSocial Engineering Pen Testing9.19 Social Engineering Pen Testing Using Emails Using Phone In Person9.20 Social Engineering Pen Testing Tools10. Denial-of-ServiceDoS/DDoS Concepts10.1 What is a Denial-of-Service Attack?10.2 What is Distributed Denial-of-Service Attack?DoS/DDoS Attack Techniques10.3 Basic Categories of DoS/DDoS Attack Vectors10.4 UDP Flood Attack10.5 ICMP Flood Attack10.6 Ping of Death and Smurf AttackEthical Hacking Certification Training28 P a g e
10.7 SYN Flood Attack10.8 Fragmentation Attack10.9 HTTP GET/POST and Slowloris Attacks10.10 Multi-Vector Attack10.11 Peer-to-Peer Attacks10.12 Permanent Denial-of-Service Attack10.13 Distributed Reflection Denial-of-Service (DRDoS)Botnets10.14 Organized Cyber Crime: Organizational Chart10.15 Botnet10.16 A Typical Botnet Setup10.17 Botnet Ecosystem10.18 Scanning Methods for Finding Vulnerable Machines10.19 How Malicious Code Propagates?10.20 Botnet TrojansDDoS Case Study10.21 DDoS Attack10.22 Hackers Advertise Links to Download Botnet10.23 Use of Mobile Devices as Botnets for Launching DDoS Attacks10.24 DDoS Case Study: Dyn DDoS AttackDoS/DDoS Attack Tools10.25 DoS/DDoS Attack Tools10.26 DoS and DDoS Attack Tool for MobileCountermeasures10.27 Detection Techniques10.28 DoS/DDoS Countermeasure Strategies10.29 DDoS Attack Countermeasures Protect Secondary Victims Detect and Neutralize Handlers Prevent Potential AttacksEthical Hacking Certification Training29 P a g e
Deflect Attacks Mitigate Attacks Post-Attack Forensics10.30 Techniques to Defend against Botnets10.31 DoS/DDoS Countermeasures10.32 DoS/DDoS Protection at ISP Level10.33 Enabling TCP Intercept on Cisco IOS SoftwareDoS/DDoS Protection Tools10.34 Advanced DDoS Protection Appliances10.35 DoS/DDoS Protection ToolsDoS/DDoS Penetration Testing10.36 Denial-of-Service (DoS) Attack Pen Testing11. Session HijackingSession Hijacking Concepts11.1 What is Session Hijacking?11.2 Why Session Hijacking is Successful?11.3 Session Hijacking Process11.4 Packet Analysis of a Local Session Hijack11.5 Types of Session Hijacking11.6 Session Hijacking in OSI Model11.7 Spoofing vs. HijackingApplication Level Session Hijacking11.8 Application Level Session Hijacking11.9 Compromising Session IDs using Sniffing and by Predicting Session TokenHow to Predict a Session Token11.10 Compromising Session IDs Using Man-in-the-Middle Attack11.11 Compromising Session IDs Using Man-in-the-Browser AttackEthical Hacking Certification Training30 P a g e
Steps to Perform Man-in-the-Browser Attack11.12 Compromising Session IDs Using Client-side Attacks11.13 Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack11.14 Compromising Session IDs Using Client-side Attacks: Cross-site Request ForgeryAttack11.15 Compromising Session IDs Using Session Replay Attack11.16 Compromising Session IDs Using Session Fixation11.17 Session Hijacking Using Proxy Servers11.18 Session Hijacking Using CRIME Attack11.19 Session Hijacking Using Forbidden AttackNetwork Level Session Hijacking11.20 TCP/IP Hijacking11.21 IP Spoofing: Source Routed Packets11.22 RST Hijacking11.23 Blind Hijacking11.24 UDP Hijacking11.25 MiTM Attack Using Forged ICMP and ARP SpoofingSession Hijacking Tools11.26 Session Hijacking Tools11.27 Session Hijacking Tools for MobileCountermeasures11.28 Session Hijacking Detection Methods11.29 Protecting against Session Hijacking11.30 Methods to Prevent Session Hijacking: To be Followed by Web Developers11.31 Methods to Prevent Session Hijacking: To be Followed by Web Users11.32 Session Hijacking Detection Tools11.33 Approaches Vulnerable to Session Hijacking and their Preventative Solutions11.34 Approaches to Prevent Session Hijacking11.35 IPSec Components of IPsec Benefits of IPsecEthical Hacking Certification Training31 P a g e
Modes of IPsec IPsec Architecture IPsec Authentication and Confidentiality11.36 Session Hijacking Prevention ToolsPenetration Testing11.37 Session Hijacking Pen Testing12. Evading IDS, Firewalls, and HoneypotsIDS, Firewall and Honeypot Concepts12.1 Intrusion Detection System (IDS) How IDS Detects an Intrusion General Indications of Intrusions Types of Intrusion Detection Systems Types of IDS Alerts12.2 Firewall Firewall Architecture DeMilitarized Zone (DMZ) Types of Firewalls Firewall Technologies Packet Filtering Firewall Circuit-Level Gateway Firewall Application-Level Firewall Stateful Multilayer Inspection Firewall Application Proxy Network Address Translation (NAT) Virtual Private NetworkEthical Hacking Certification Training32 P a g e
Firewall Limitations12.3 Honeypot Types of Honeypots IDS, Firewall and Honeypot Solutions12.4 Intrusion Detection Tool Snort Snort Rules Snort Rules: Rule Actions and IP Protocols Snort Rules: The Direction Operator and IP Addresses Snort Rules: Port Numbers Intrusion Detection Tools: TippingPoint and AlienVault OSSIM Intrusion Detection Tools Intrusion Detection Tools for Mobile12.5 Firewalls ZoneAlarm Free Firewall 2018 and Firewall Analyzer Firewalls Firewalls for Mobile12.6 Honeypot Tools KFSensor and SPECTER Honeypot Tools Honeypot Tools for Mobile Evading IDS12.7 IDS Evasion Techniques Insertion Attack EvasionEthical Hacking Certification Training33 P a g e
Denial-of-Service Attack (DoS) Obfuscating False Positive Generation Session Splicing Unicode Evasion Fragmentation Attack Overlapping Fragments Time-To-Live Attacks Invalid RST Packets Urgency Flag Polymorphic Shellcode ASCII Shellcode Application-Layer Attacks Desynchronization Other Types of Evasion Evading Firewalls12.8 Firewall Evasion Techniques Firewall Identification IP Address Spoofing Source Routing Tiny Fragments Bypass Blocked Sites Using IP Address in Place of URL Bypass Blocked Sites Using Anonymous Website Surfing Sites Bypass a Firewall Using Proxy Server Bypassing Firewall through ICMP Tunneling MethodEthical Hacking Certification Training34 P a g e
Bypassing Firewall through ACK Tunneling Method Bypassing Firewall through HTTP Tunneling Method Why do I Need HTTP Tunneling HTTP Tunneling Tools Bypassing Firewall through SSH Tunneling Method SSH Tunneling Tool: Bitvise and Secure Pipes Bypassing Firewall through External Systems Bypassing Firewall through MITM Attack Bypassing Firewall through Content Bypassing WAF using XSS Attack IDS/Firewall Evading Tools12.9 IDS/Firewall Evasion Tools12.10 Packet Fragment Generator Tools Detecting Honeypots12.11 Detecting Honeypots12.12 Detecting and Defeating Honeypots12.13 Honeypot Detection Tool: Send-Safe Honeypot Hunter IDS/Firewall Evasion Countermeasures12.14 How to Defend Against IDS Evasion12.15 How to Defend Against Firewall Evasion Penetration Testing12.16 Firewall/IDS Penetration Testing Firewall Penetration Testing IDS Penetration Testing13. Hacking Web ServersWeb Server ConceptsEthical Hacking Certification Training35 P a g e
13.1 Web Server Operations13.2 Open Source Web Server Architecture13.3 IIS Web Server Architecture13.4 Web Server Security Issue13.5 Why Web Servers Are Compromised?13.6 Impact of Web Server AttacksWeb Server Attacks13.7 DoS/DDoS Attacks13.8 DNS Server Hijacking13.9 DNS Amplification Attack13.10 Directory Traversal Attacks13.11 Man-in-the-Middle/Sniffing Attack13.12 Phishing Attacks13.13 Website Defacement13.14 Web Server Misconfiguration13.15 HTTP Response Splitting Attack13.16 Web Cache Poisoning Attack13.17 SSH Brute Force Attack13.18 Web Server Password Cracking13.19 Web Application AttacksWeb Server Attack Methodology13.20 Information Gathering Information Gathering from Robots.txt File13.21 Web Server Footprinting/Banner Grabbing Web Server Footprinting Tools Enumerating Web Server Information Using Nmap13.22 Website Mirroring Finding Default Credentials of Web Server Finding Default Content of Web Server Finding Directory Listings of Web ServerEthical Hacking Certification Training36 P a g e
13.23 Vulnerability Scanning Finding Exploitable Vulnerabilities13.24 Session Hijacking13.25 Web Server Passwords Hacking13.26 Using Application Server as a ProxyWeb Server Attack Tools13.27 Metasploit Metasploit Exploit Module Metasploit Payload and Auxiliary Module Metasploit NOPS Module 13.28 Web Server Attack Tools Countermeasures13.29 Place Web Servers in Separate Secure Serve
Ethical Hacking Certification Training 7 P a g e 1. Introduction to Ethical Hacking Information Security Overview 1.1 Internet is Integral Part of Business and Personal Life – What Happens Online in 60 Seconds 1.2 Essential Terminology 1.3 Elements of Information Securit
