Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

Hacking Revealed 2008

VIEWS: 9 PAGES: 2

									                                                     Hacking Revealed 2008
                                         Session 1                    Session 2                    Session 3

                                         Section A: Introduction to   Section A: Mastering         Section A: ARP, MAC,
                                         Ethical Hacking              Scanning Tools               and DNS
                                         · Prerequisites              · Ping Command               · ARP Defined
                                         · Benefits                   · Angry IP Scanner           · ARP Spoofing
                                         · CEH Certification          · Nmap Switches              · ARP Poisoning Tools
                                         · Security Triangle          · Using Nmap                 · MAC Flooding
                                         · Security Terminology       · IP Spoofing                · Flooding Tools
                                                                      · MBSA                       · DNS Poisoning
                                         Section B: Ethics and the                                 · Intranet Poisoning
                                         Hacker                       Section B: Enumeration       · Internet Poisoning
                                         · Hacker Classes             · Enumeration Defined        · Proxy Server Poisoning
Certified Ethical Hacker                 · Charitable Hacking         · Enumeration Types          · DNS Cache Poisoning
Training                                 · Hacker Categories          · Basic NET Comands
                                         · Types of Hacks             · Using DumpSec              Section B: DoS Attacks
6 Sessions –                             · Security Exploits          · Performing SuperScans      · Denial of Service
                                         · Researching                                             · DoS Methods
12 Hours of Interactive                  Vulnerabilities                                           · DoS Types
                                                                      Section C: Passwords
Training                                 · Cracking                   · Authentication             · Smurf Attacks
                                         · Ethical Hacking Stages     · Predictable Passwords      · Smurfs Visualized
                                                                      · Cracking Methods           · SYN Attacks
LearnKey’s Certified Ethical             Section C: Hacking           · Secure Passwords
Hacker course teaches                    Legalities                   · Authentication Systems     Section C: Social
                                         · Getting Permission         · Storage Options            Engineering
individuals in the specific              · Hack Phases                · Cracking Prevention        · Introduction to Social
network security discipline of           · Hack Reports                                            Engineering
Ethical Hacking from a                   · Understanding Federal      Section D: Password          · Example Attacks
vendor-neutral perspective.              Law                          Cracking Tools               · Dumpster Diving
You will understand and know             · 1029 and 1030 Fraud        · Historic/Modern Tools      · Shoulder Surfing
                                         Laws                         · SMB Redirection            · Eavesdropping
how to look for weaknesses               · Ethical Hacking                                         · Inside/Outside Attacks
                                                                      · LAN Manager Hashes
and vulnerabilities in systems.          Approaches                   · NTLM Hash Example          · Reverse Social
Learn how to prevent DoS                 · Common Hacking Sites       · L0phtCrack Times           Engineering
attacks, methods to prevent                                           · Using L0phtCrack
password hacking, and sniffer            Section D: Footprinting      · L0phtCrack Reports         Section D: Advanced
intrusions. Use the same                 Concepts                                                  Social Engineering
                                         · Reconnaissance             Section E: Ownership         · Phishing Attacks
knowledge and tools as a                 · Informational Gathering                                 · Identity Theft
                                                                      Privileges
malicious hacker. If you are             · Pre-Attack Phases          · Privilege Escalation       · URL Obfuscation
responsible or concerned about           · Footprinting               · Methods of Escalation      · Hexadecimal Conversion
the integrity of your network            Methodology                  · Escalation Batch File      · Converting Hex to
infrastructure this is the course        · Information Sources        · Executing the Batch File   Decimal
                                         · Defining the Network       · Rootkits                   · Message Tricks
for you. This course will                Range                                                     · Programmatic Access
                                                                      · Rootkit Limitations
prepare you for EC-Council                                            · Hiding Files
exam 312-50.                             Section E: Web               · Alternate Data Streams     Section E: Session
Benefits                                 Footprinting Tools                                        Hijacking
• Learn preemptive measures              · Company Web Sites          Section F: Trojan Horses     · Hijacking Steps
against malicious attacks by             · Additional Web Sites       · Trojan Horses Defined      · Active vs. Inactive
                                         · Using Google               · Common Programs            · Hijacking vs. Spoofing
understanding how the                    · Archive.org                                             · Sequence Numbers
                                                                      · Trojan Horse Types
attackers think.                         · People Searches            · Overt and Covert           · Hijacking Programs
• Tom takes you through both             · DNS Enumeration            Communication                · Dangers
sides of the hacking scenario;           · Robots.txt                 · Reverse-Connecting
first as the “Bad-guy” and                                            Trojans                      Section F: Web Servers
                                         Section F: Local             · Netcat                     · Basic Functionality
second as the “Good-guy".
                                         Footprinting Tools           · Setting up Netcat Server   · Web Communications
• This course will give you              · Site Enumeration Using     · Connecting Netcat Server   · Common Attacks
everything you need to plan              Wikto                        · Entry Points               · Managing Patches
and implement a successful               · E-mail Tracking            · Attack Indicators          · Windows Server Update
security policy.                         · Web Data Extractor         · Port Redirection           Services
                                         · SmartWhois                                              · WSUS Process
                                         · Traceroute                 Section G: Sniffers          · WSUS Requirements
                                                                      · Sniffer Applications       · WSUS Group Policies
About The Author                         Section G: Scanning for      · Vulnerable Protocols
Tom Carpenter has delivered              Gold                         · Capture Windows            Section G: Hacking Web
training programs to more than           · Scanning Defined           Sharing                      Servers
29,000 IT professionals since 1997.      · Scanning Types             · FTP Logon Packets          · Server Vulnerabilities
He has developed and delivered           · Scanning Methodology       · E-mail Authentication      · IIS Unicode Attack
courses on Windows operating             · Finding Live Systems       Packets                      · Metasploit
systems and services as well as          · Understanding TCP Flags                                 · Web Application
wireless networking and security.        · Three-Way Handshake                                     Scanners
With experience as a systems             · Locating Open Ports                                     · Basic Countermeasures
administrator and security officer in    · Identifying Services                                    · Specific Countermeasures
an organization of more than 25,000      · Banner Grabbing                                         · Server Hardening
client systems, Carpenter brings a       · Scanning for
wealth of real world experience and      Vulnerabilities                                           Section H: Web
knowledge to his courses. Tom is a       · Diagramming the                                         Applications
CWNA, CWSP, Wireless# and MCP            Network                                                   · Web Applications
and is one of the founding managers      · Preparing Proxies                                       Introduction
of the Certified Technology Services
                                                                                                   · Web Application
Professional certification. He teaches
                                                                                                   Hacking Objectives
technical and self-development
                                                                                                   · Attack Anatomy
topics to IT professionals throughout
                                                                                                   · Web Application Threats
the US.
                                                                                                   · Cross-Site Scripting
                                                                                                   · Attack Prevention
                                                                                                   · Google Hacking
                                                                                                   · Google Hacking
                                                                                                   Database

                                                                                                   Section I: Cracking Web
                                                                                                   Passwords
                                                                                                   · HTTP Authentication
                                                                                                   · Integrated Authentication
                                                                                                   · Negotiate Authentication
                                                                                                   · Certificate-Based
                                                                                                   · Forms-Based
                                                                                                   · RSA Secure Tokens
                                                                                                   · Biometrics
                                                                                                   · Password Misconceptions
Certified Ethical Hacker continued
Session 4                               Session 5                          Session 6

Section A: SQL Injections               Section A: Implementing Physical   Section A: Cryptography
· Understanding SQL                     Security                           · Understanding Cryptography
· SQL Versions                          · Locks                            · Steganography
· SELECT Statements                     · Lock Picking Tools               · Simple Encryption
· SELECT in Applications                · Authentication                   · Cryptography Concepts
· Injection Attacks                     · Security Personnel               · Cryptography Uses
· Injecting Code                        · Physical Deterrents              · Encryption Types
· How Common is It?                     · Video Monitoring                 · Encryption Applications
· Injection Attack Objectives           · Alarms
· Countermeasures                       · Fasteners                        Section B: Symmetric Cryptography
                                        · Tracking Tools                   · Symmetric Encryption
Section B: SQL Attacks                  · Portable Security                · Symmetric Algorithms
· Embedded SQL                                                             · Encryption Solutions
· Retrieve All Records                  Section B: Linux                   · Blowfish
· Dumping HTML                          · Introduction to Linux            · DES
· Injecting Commands                    · Live Distros                     · AES
· Installing WebGoat                    · Targeting Linux                  · RC4
· Opening WebGoat                       · OS Vulnerabilities Comparison    · Asymmetric Encryption
· Basic SQL Injection                   · Potential Vulnerabilities        · Public Key Cryptography
· Using WebScarab                       · Scanning                         · Certificates
· Intercepting Requests                 · Password Cracking                · Public Key Infrastructure
· Advanced SQL Injections               · Using BackTrack                  · PKI Usage
                                        · Creating Users                   · IPSec
Section C: Wireless Vulnerabilities     · Cracking Passwords
· Eavesdropping                                                            Section C: Multi-Hat Hacking
· Rogue Access Points                   Section C: Compiling Linux         · Bluetooth Hacking
· Encryption Cracking                   · Installation Process             · Locating Bluetooth Devices
· Wireless Denial of Service            · Installing a Kernel Patch        · Attacking Bluetooth
· Hijacking                             · Hardening Linux                  · iPhone Hacking
· Legacy Security                       · Services                         · RFID Hacking
                                        · Bastille                         · Hacking Online Games
Section D: WEP Attacks                  · Lockdown Networking
· WEP Defined                           · Network Analysis                 Section D: Computer Forensics
· 802.11-1997 Authentication            · Firewall Settings                · Introduction to Computer Forensics
· Understanding WEP                                                        · Information Collection
· WEP Problems                          Section D: Intrusion Monitoring    · Preserving State
· Cracking Tools                        Systems                            · BackTrack and Forensics
· Wireless Cracking Process             · Network Firewalls                · Evasion
                                        · Packet Filtering Firewalls
Section E: WPA and EAP                  · Stateful Inspection Firewalls    Section E: Hack Prevention
· WPA and WPA2                          · Proxy Firewalls                  · Disabling Services
· Wi-Fi Protected Setup                 · Dynamic Firewalls                · Configuring Services
· TKIP and CCMP                         · Kernel Firewalls                 · Password Policies
· 802.1X EAP                            · Personal Firewalls               · User Rights Policies
· EAP Framework                         · Intrusion Monitoring/Detection   · Using CACLS
· Secure Management                     · IDS Intrusion Detection          · Setting Permissions Using GUI
· Role-Based Access Control             · Intrusion Prevention Systems     · Enabling EFS
· WPA Attacks                           · IDS States
· EAP Attacks                           · Intrusion Indicators             Section F: Security Policies
· Security Analysis                                                        · Importance of Policies
                                        Section E: Evading IMS             · General Policies
Section F: Viruses and Worms            · Avoid Detection Symptoms         · Functional Policies
· Virus and Worm Summary                · Network Symptoms                 · SANS.org
· Infection Indications                 · IDS Tools                        · Customizing Policy Templates
· Virus Phases                          · Honeypots
· Infection Process                     · Configuring Honeypots
· Types of Viruses                      · HoneyBOT Options
· Detection Avoidance                   · Connecting to Honeypots
· Detection Methods
· Incident Response                     Section F: Buffer Overflows
                                        · Buffer Overflows Defined
Section G: Physical Security Policies   · Dependencies
· Understanding Physical Security       · Attacker Knowledge
· Statistics                            · Stack-Based
· Physical Security Defined             · Heap-Based
· Applications                          · Locating Buffer Overflows
· Accountability                        · Mutation Techniques
· Factors Affecting Security            · After the Attack
· Security Checklist                    · Countermeasures

								
To top