This course prepares you for EC-Council Certified Ethical Hacker exam 312-50. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.
This course prepares you for EC-Council Certified Ethical Hacker exam 312-50. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.
This course prepares you for EC-Council Certified Ethical Hacker exam 312-50. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.
Overview Lesson 1: Ethics and Legality Lesson 5: System Hacking Why Security? Administrator Password Guessing This class will immerse the student The Security, functionality and ease of Manual Password Cracking into an interactive environment where use Triangle Algorithm they will be shown how to scan, test, Can Hacking be Ethical? Automated Password Cracking hack and secure their own systems. Essential Terminology. Password Types Elements of Security. Types of Password Attacks The lab intensive environment gives What does a Malicious Hacker do? Performing Automated Password each student in-depth knowledge and Difference between Penetration Guessing practical experience with the current Testing and Ethical Hacking. Password Sniffing Hacker Classes. Password Cracking essential security systems. Students What do Ethical Hackers do? Countermeasures will begin by understanding how Skill Profile of an Ethical Hacker. Syskey Utility perimeter defenses work and then be Modes of Ethical Hacking. Cracking NT/2000 Passwords lead into scanning and attacking their Security Testing. SMBRelay Man-in-the-Middle Deliverables. Scenario own networks, no real network is Computer Crimes and Implications. SMBRelay Weaknesses and harmed. Students then learn how Legal Perspective (US Federal Laws). Countermeasures intruders escalate privileges and what Keystroke Loggers Lesson 2: Footprinting Hiding Files steps can be taken to secure a Defining Footprinting. Creating Alternate Data Streams system. Students will also learn about Information Gathering Methodology. ADS creation and detection Intrusion Detection, Policy Creation, Locate the Network Range. LADS (List Alternate Data Hacking Tools Streams) Social Engineering, DDoS Attacks, NTFS Streams Countermeasures Buffer Overflows and Virus Creation. Stealing Files Using Word When a student leaves this intensive 5 Lesson 3: Scanning Documents Definition of Scanning. day class they will have hands on Field Code Countermeasures Types of scanning Steganography understanding and experience in Objectives of Scanning Steganography Detection Ethical Hacking. This course prepares Scanning Methodology Covering Tracks Classification of Scanning you for EC-Council Certified Ethical Hacking Tools Disabling Auditing and clearing Hacker exam 312-50. Event Logs IPsec Scan Dump Event Log NetScan Tools pro 2003 RootKit OS Fingerprinting Planting the NT/2000 RootKit At Course Completion Active Stack fingerprinting Rootkit Countermeasures Passive Fingerprinting Upon successful completion of this Proxy Servers Lesson 6: Trojans and Backdoors course, students will have an Countermeasures Effect on Business understanding of the following topics: What is a Trojan? • Hacking ethics and legality. Lesson 4: Enumeration Overt and Covert Channels Working of Trojans • Footprinting. What is Enumeration? Different Types of Trojans • Scanning. NetBios Null Sessions What Trojan Creators look for? Null Session Countermeasures • Enumeration. NetBIOS Enumeration Different ways a Trojan can get into a system • System hacking. Simple Network Management Protocol Indications of a Trojan Attack • Trojans and backdoors. (SNMP) Enumeration SNMP Enumeration Countermeasures Some famous Trojans and ports • Sniffers. Management Information Base (MIB) used by them How to determine which ports are • Denial of Service. Windows 2000 DNS Zone Transfer “Listening”? Blocking Win 2k DNS Zone Transfer • Social engineering. Enumerating User Accounts Different Trojans found in the Wild • Session hijacking. DumpReg Wrappers Packaging Tool : Wordpad • Hacking web servers. Active Directory Enumeration and ICMP Tunneling Countermeasures • Web application vulnerabilities. Loki Countermeasures Reverse WWW Shell – Covert • Web-based password cracking Channels using HTTP techniques. Process Viewer • SQL injection. System File Verification Anti-Trojan • Hacking wireless networks. Reverse Engineering Trojans • Viruses and worms. Backdoor Countermeasures • Physical security. • Linux hacking. • Evading firewalls, IDS and honeypots. • Buffer overflows. • Cryptography. • Penetration Testing. Page 1 of 5 CEH
New Horizons of Syracuse, NY
Glacier Creek Office Park For more information, please contact: 6711 Towpath Road 315-449-3290 Suite 100 Email: info.syracuse@newhorizons.com East Syracuse, NY 13057 Website: www.nhsyracuse.com Certified Ethical Hacker Course Outlines
Certified Ethical Hacker (Continued) Days of Training: 5
Overview Lesson 7: Sniffers Lesson 11: Hacking Web Servers Definition of sniffing How Web Servers Work? This class will immerse the student How a Sniffer works? How are Web Servers into an interactive environment where Passive Sniffing Compromised? they will be shown how to scan, test, Active Sniffing Popular Web Servers and hack and secure their own systems. Man-in-the-Midle Attacks Common Security Threats Spoofing and Sniffing Attacks Apache Vulnerability The lab intensive environment gives ARP Poisoning and countermeasures Attack against IIS each student in-depth knowledge and Network Probe IIS Components practical experience with the current Sniffing Countermeasures Sample Buffer Overflow Vulnerabilities essential security systems. Students ISAPI.DLL Exploit will begin by understanding how Lesson 8: Denial of Service Code Red and ISAPI.DLL Exploit perimeter defenses work and then be What is Denial of Service? Unicode Goal of DoS(Denial of Service) Unicode Directory Traversal lead into scanning and attacking their Impact and Modes of Attack Vulnerability own networks, no real network is DoS Attack Classification Msw 3prt IPP Vulnerability harmed. Students then learn how Buffer Overflow Attacks IPP Buffer Overflow Distributed DOS Attacks and Countermeasures intruders escalate privileges and what Characteristics Unspecified Executed Path steps can be taken to secure a Agent Handler Model Vulnerability system. Students will also learn about IRC-Based DDoS Attack Model File System Traversal Intrusion Detection, Policy Creation, DDoS Attack taxonomy Countermeasures DDoS Tools WebDAV/ ntdll.dll Vulnerability Social Engineering, DDoS Attacks, Reflected DOS Attacks RPCDCOM Vulnerability Buffer Overflows and Virus Creation. Reflection of the Exploit ASN Exploits When a student leaves this intensive 5 Countermeasures for Reflected DoS IIS Logs DDoS Countermeasures Network Tool: Log Analyzer day class they will have hands on Defensive Tool: Zombie Zapper Hacking Tool: Clean IISLog understanding and experience in Worms: Slammer and MyDoom.B Escalating Privileges on IIS Ethical Hacking. This course prepares Microsoft IIS 5.0 - 5.1 remote you for EC-Council Certified Ethical Lesson 9: Social Engineering denial of service Exploit Tool Hacker exam 312-50. Microsoft Frontpage Server What is Social Engineering? Extensions fp30reg.dll Exploit Tool Art of Manipulation GDI+ JPEG Remote Exploit Tool Human Weakness Windows Task Scheduler Exploit At Course Completion Common Types of Social Engineering Tool Human Based Impersonation Upon successful completion of this Example of social engineering Microsoft Windows POSIX course, students will have an Subsystem Local Privilege Computer Based Social Engineering Escalation Exploit Tool understanding of the following topics: Reverse Social Engineering Hot Fixes and Patches • Hacking ethics and legality. Policies and procedures Security Policies-checklist Vulnerability Scanners • Footprinting. Network Tools Countermeasures • Scanning. Lesson 10: Session Hijacking Increasing Web Server Security • Enumeration. Understanding Session Hijacking • System hacking. Spoofing vs Hijacking • Trojans and backdoors. Steps in Session Hijacking Types of Session Hijacking • Sniffers. TCP Concepts 3 Way Handshake • Denial of Service. Sequence numbers Remote TCP Session Reset Utility • Social engineering. Dangers Posed by Session Hijacking • Session hijacking. Protection against Session Hijacking • Hacking web servers. Countermeasures: IP Security • Web application vulnerabilities. • Web-based password cracking techniques. • SQL injection. • Hacking wireless networks. • Viruses and worms. • Physical security. • Linux hacking. • Evading firewalls, IDS and honeypots. • Buffer overflows. • Cryptography. • Penetration Testing. Page 2 of 5 CEH
New Horizons of Syracuse, NY
Glacier Creek Office Park For more information, please contact: 6711 Towpath Road 315-449-3290 Suite 100 Email: info.syracuse@newhorizons.com East Syracuse, NY 13057 Website: www.nhsyracuse.com Certified Ethical Hacker Course Outlines
Certified Ethical Hacker (Continued) Days of Training: 5
Overview Lesson 12: Web Application Lesson 13: Web Based Password This class will immerse the student Vulnerabilities Cracking Techniquesq Web Application Set-up Authentication- Definition into an interactive environment where Web Application Hacking Authentication Mechanisms they will be shown how to scan, test, Anatomy of an Attack HTTP Authentication hack and secure their own systems. Web Application Threats Basic Authentication The lab intensive environment gives Cross Site Scripting/XSS Flaws Digest Authentication Countermeasures Integrated Windows (NTLM) each student in-depth knowledge and SQL Injection Authentication practical experience with the current Command Injection Flaws Negotiate Authentication essential security systems. Students Countermeasures Certificate-based Authentication Cookie/Session Poisoning Forms-based Authentication will begin by understanding how Countermeasures Microsoft Passport Authentication perimeter defenses work and then be Parameter/Form Tampering What is a Password Cracker? lead into scanning and attacking their Buffer Overflow Modus Operandi of an Attacker own networks, no real network is Countermeasures using Password Cracker Directory Traversal/Forceful Browsing How does a Password Cracker harmed. Students then learn how Countermeasures work? intruders escalate privileges and what Cryptographic Interception Attacks- Classification steps can be taken to secure a Authentication Hijacking Password Guessing Countermeasures Query String system. Students will also learn about Log Tampering Cookies Intrusion Detection, Policy Creation, Error Message Interception Dictionary Maker Social Engineering, DDoS Attacks, Attack Obfuscation Platform Exploits Lesson 14: SQL Injection Buffer Overflows and Virus Creation. Attacking SQL Servers Internet Explorer Exploits When a student leaves this intensive 5 DMZ Protocol Attacks SQL Server Resolution Service day class they will have hands on DMZ (SSRS) Countermeasures Osql-L Probing understanding and experience in Port Scanning Security Management Exploits Ethical Hacking. This course prepares Web Services Attacks Sniffing, Brute Forcing and finding you for EC-Council Certified Ethical Zero Day Attacks Application Configuration Files Hacker exam 312-50. Network Access Attacks Database Scanner TCP Fragmentation Input Validation Attack Hacking Tools: Login Guessing & Insertion Burp: Positioning Payloads Shutting Down SQL Server At Course Completion Burp: Configuring Payloads and Extended Stored Procedures Upon successful completion of this Content Enumeration SQL Server Talks course, students will have an Burp Preventive Measures understanding of the following topics: Burp Proxy: Intercepting HTTP/S Traffic • Hacking ethics and legality. Burp Proxy: Hex-editing of Intercepted • Footprinting. Traffic • Scanning. Burp Proxy: Browser Access to Request History • Enumeration. Carnivore • System hacking. Google Hacking • Trojans and backdoors. • Sniffers. • Denial of Service. • Social engineering. • Session hijacking. • Hacking web servers. • Web application vulnerabilities. • Web-based password cracking techniques. • SQL injection. • Hacking wireless networks. • Viruses and worms. • Physical security. • Linux hacking. • Evading firewalls, IDS and honeypots. • Buffer overflows. • Cryptography. • Penetration Testing.
Page 3 of 5 CEH
New Horizons of Syracuse, NY
Glacier Creek Office Park For more information, please contact: 6711 Towpath Road 315-449-3290 Suite 100 Email: info.syracuse@newhorizons.com East Syracuse, NY 13057 Website: www.nhsyracuse.com Certified Ethical Hacker Course Outlines
Certified Ethical Hacker (Continued) Days of Training: 5
Overview Lesson 15: Hacking Wireless Networks Lesson 17: Physical Security Introduction to Wireless Networking Security statistics This class will immerse the student Business and Wireless Attacks Physical Security breach incidents into an interactive environment where Wireless Basics Understanding Physical Security they will be shown how to scan, test, Components of Wireless Network What is the need of Physical hack and secure their own systems. Types of Wireless Network Security? Setting up WLAN Who is Accountable for Physical The lab intensive environment gives Detecting a Wireless Network Security? each student in-depth knowledge and How to access a WLAN Factors affecting Physical Security practical experience with the current Advantages and Disadvantages of Physical Security checklist Wireless Network Company surroundings essential security systems. Students Antennas Premises will begin by understanding how SSIDs Reception perimeter defenses work and then be Access Point Positioning Server lead into scanning and attacking their Rogue Access Points Workstation Area What is Wireless Equivalent Privacy Wireless Access Points own networks, no real network is (WEP)? Other Equipments such as fax, harmed. Students then learn how WEP Tool: removable media etc intruders escalate privileges and what Related Technology and Carrier Access Control Networks Computer Equipment Maintenance steps can be taken to secure a MAC Sniffing and AP Spoofing Wiretapping system. Students will also learn about Terminology Remote access Intrusion Detection, Policy Creation, Denial of Service Attacks Lock Picking Techniques Social Engineering, DDoS Attacks, Man-in-the-Middle Attack (MITM) Spying Technologies Multi Use Tool: THC-RUT Buffer Overflows and Virus Creation. Tool: WinPcap Lesson 18: Linux Hacking When a student leaves this intensive 5 Auditing Tool: bsd-airtools Why Linux? WIDZ- Wireless Detection Intrusion Linux basics day class they will have hands on Chrooting System understanding and experience in Securing Wireless Networks Why is Linux Hacked? Ethical Hacking. This course prepares Out of the box Security Linux Vulnerabilities in 2003 you for EC-Council Certified Ethical Radius: Used as Additional layer in How to apply patches to vulnerable security programs Hacker exam 312-50. Scanning Networks Maximum Security: Add VPN to Wireless LAN Password cracking in Linux. ipchains vs. ipfwadm At Course Completion Lesson 16: Virus and Worms How to Organize Firewall Rules Upon successful completion of this Virus Characteristics Security Auditor’s Research Symptoms of ‘virus-like’ attack Assistant (SARA) course, students will have an What is a Virus Hoax? TCP Wrappers understanding of the following topics: Terminologies Linux Loadable Kernel Modules • Hacking ethics and legality. How is a worm different from virus? Rootkit countermeasures: Indications of a Virus Attack Advanced Intrusion Detection • Footprinting. Virus History System (AIDE) • Scanning. Virus damage Linux Security testing tools • Enumeration. Effect of Virus on Business NMap Access Methods of a Virus LSOF • System hacking. Mode of Virus Infection Netcat • Trojans and backdoors. Life Cycle of a virus Nemesis • Sniffers. What Virus Infect? Linux tools: Log and traffic How virus infect? monitors: • Denial of Service. Writing a simple virus program. Linux Security Auditing Tool • Social engineering. Writing DDOS Zombie Virus (LSAT) • Session hijacking. Virus Construction Kits Virus Creation Scripts Linux Security countermeasures
• Hacking web servers. Virus Detection Methods
• Web application vulnerabilities. Virus Incident Response What is Sheep Dip? • Web-based password cracking Prevention is better than Cure techniques. Anti-Virus Software • SQL injection. Popular Anti-Virus packages Virus Analyzers • Hacking wireless networks. • Viruses and worms. • Physical security. • Linux hacking. • Evading firewalls, IDS and honeypots. • Buffer overflows. • Cryptography. • Penetration Testing. Page 4 of 5 CEH
New Horizons of Syracuse, NY
Glacier Creek Office Park For more information, please contact: 6711 Towpath Road 315-449-3290 Suite 100 Email: info.syracuse@newhorizons.com East Syracuse, NY 13057 Website: www.nhsyracuse.com Certified Ethical Hacker Course Outlines
Certified Ethical Hacker (Continued) Days of Training: 5
Overview Lesson 19: Evading Firewalls, IDS and Lesson 21: Cryptography Honeypots Public-key Cryptography This class will immerse the student Working of Encryption Intrusion Detection Systems into an interactive environment where Ways to Detect Intrusion Digital Signature they will be shown how to scan, test, Types of Intrusion Detection System Digital Certificate hack and secure their own systems. Intrusion Detection Tools RSA (Rivest Shamir Adleman) Steps to perform after an IDS detects RSA Attacks The lab intensive environment gives Brute forcing RSA factoring an intrusion each student in-depth knowledge and Evading IDS systems Esoteric attack practical experience with the current Tools to Evade IDS Chosen cipher text attack Introduction to Firewalls Low encryption exponent attack essential security systems. Students Error analysis Firewall Identification will begin by understanding how Firewalking Other attacks perimeter defenses work and then be Banner Grabbing MD5 lead into scanning and attacking their Breaching Firewalls SHA (Secure Hash Algorithm) Placing Backdoors through Firewalls SSL (Secure Socket Layer) own networks, no real network is RC5 Hiding Behind Covert Channel: Loki harmed. Students then learn how ACK tunneling What is SSH? intruders escalate privileges and what Tools for testing IDS and Firewalls Government Access to Keys Introduction to Honeypots (GAK) steps can be taken to secure a RSA Challenge Honeypot Project system. Students will also learn about Types of Honeypots distributed.net Intrusion Detection, Policy Creation, Honeypot: Specter PGP (Pretty Good Privacy) Social Engineering, DDoS Attacks, Honeypot: Honeyd Code Breaking Methodologies Honeypot: KFSensor Using Brute Force Buffer Overflows and Virus Creation. Frequency Analysis Hacking Tool: Sebek When a student leaves this intensive 5 Tools to Detect Honeypot Trickery and Deceit day class they will have hands on Send-Safe Honeypot Hunter One-Time Pad Nessus Security Scanner Cryptography Attacks understanding and experience in Disk Encryption Ethical Hacking. This course prepares Lesson 20: Buffer Overflows Cracking S/MIME Encryption using you for EC-Council Certified Ethical Significance of Buffer Overflow idle CPU Time Hacker exam 312-50. Vulnerability Command Line Scriptor Why are Programs/Applications Vulnerable? Buffer Overflows At Course Completion Reasons for Buffer Overflow Attacks Upon successful completion of this Knowledge required writing Buffer course, students will have an Overflow Exploits How a Buffer Overflow occurs? understanding of the following topics: Understanding Stacks • Hacking ethics and legality. Stack Implementation • Footprinting. Stack based buffer overflow Shellcode • Scanning. Heap Based buffer overflow • Enumeration. How to detect Buffer Overflows in a • System hacking. Program? Attacking a real program • Trojans and backdoors. NOPS • Sniffers. How to mutate a Buffer Overflow • Denial of Service. Exploit? featuring ADMutate Countermeasures • Social engineering. Return Address Defender (RAD) • Session hijacking. StackGuard Immunix System • Hacking web servers. Vulnerability Search - ICAT • Web application vulnerabilities. • Web-based password cracking techniques. • SQL injection. • Hacking wireless networks. • Viruses and worms. • Physical security. • Linux hacking. • Evading firewalls, IDS and honeypots. • Buffer overflows. • Cryptography. • Penetration Testing. Page 5 of 5 CEH
New Horizons of Syracuse, NY
Glacier Creek Office Park For more information, please contact: 6711 Towpath Road 315-449-3290 Suite 100 Email: info.syracuse@newhorizons.com East Syracuse, NY 13057 Website: www.nhsyracuse.com
Hacking With Kali Linux - A Step by Step Guide To Ethical Hacking, Tools For Computer, and Protect Your Family and Business From Cyber Attacks Using The Basics of Cybersecurity by Jeremy Hack