Upload
lekhue
View
221
Download
0
Embed Size (px)
Citation preview
http://www.firewalllearning.com
#305 Ashoka Capitol Building, Opp: KBR Park, Banjara Hills , Road number 2, Hyderabad, Telangana –
500034, Mob: +91 8686348800 Pho: 040 66446695 email: [email protected]
Ethical Hacking Ethical Hacking is the process of evaluating the security of a computer system by
simulating an attack by a malicious hacker. The course is designed to teach
students how to think like a hacker, providing them with a deep understanding of
security issues and concerns. We encourage lively debates about pertinent ethical
and security issues. Students develop the hacker mindset, determined to ‘do their
bit’ to improve security in the world of Computing. These professionals will be
proficient in identifying, isolating and responding appropriately to threats as fast as
possible in order to effectively minimize damage.
Today software companies whether government or private is dealing with hardcore
security problems. Crackers and intruders enter databases and web servers for
stealing, damaging and spreading of irrelevant programs. This brings in the need of
ethical hackers and courses on ethical hacking. Ethical hacking in India is grabbing
the market fast and is doing a brisk business. It is the job of ethical hackers to
protect the networking infrastructure and corporate websites. These moral hackers
have the legal consent to penetrate into a computer or software system by using
similar tools and techniques of that of a cracker. But they do not intend to steal
information or damage the software system.
Prerequisite:
Strong knowledge of TCP/IP
Familiar with windows/Linux operating system
Who should attend this course?
Anybody who want to secure their confidential data from attackers.
Students who are willing to become ethical hackers
System/Network administrators who are responsible for protecting
organizations data.
Duration:
5 Days
Course Outline:
Module-1: Introduction to Information Security
Introduction to Hacking
Building a Pentest Lab
http://www.firewalllearning.com
#305 Ashoka Capitol Building, Opp: KBR Park, Banjara Hills , Road number 2, Hyderabad, Telangana –
500034, Mob: +91 8686348800 Pho: 040 66446695 email: [email protected]
Module-2: Pentest methodologies
Description of different pen Testing Methodologies
Open Source Security Testing Methodology Manual (OSSTMM)
Information Systems Security Assessment Framework (ISSAF)
Open Web Application Security Project (OWASP) Top Ten
Web Application Security Consortium Threat Classification (WASC-TC)
Module-3: Information Gathering
What is Information Gathering
Active & Passive Information Gathering
Google as a Information Gathering Agent
Web based Footprinting
Addons and Tool Based Footprinting
Site For Footprinting
Module-4:iding Identity(Proxy & vpn)
Online Proxy
Proxy Tools
CGI Proxy
Tab, Browser, System, Network Based Proxy
VPNs
Bypass Restrictions Using Proxy and VPNs
Module-5: Scanning & Enumeration
Overview of TCP/IP 3 way Handshake
Stealth scans
Nmap scanning methods
Nmap Realworld scans
Nmap Script Engine
Evading firewall/ IDS
Firewall scanning using HPING3
Online Scanning
Some useful scanners
Autoscan, Superscan, Unicornscan
http://www.firewalllearning.com
#305 Ashoka Capitol Building, Opp: KBR Park, Banjara Hills , Road number 2, Hyderabad, Telangana –
500034, Mob: +91 8686348800 Pho: 040 66446695 email: [email protected]
Introduction to Enumeration
SNMP Enumeration
Banner grabbing
Using Netcat
Using Hping3
Module-6: Advance Google Hacking
Google and Its Working
Dork For Google Hacking
Tools For Google Hacking
Web Crawling Tools
Google as Vulnerability Scanner
Module-7: System Hacking(Windows XP, Windows 7 & 8)
Password Cracking
Password Resetting
Login Without Entering Password
Password In Plain Text
Backdoor Installation
Guest to Admin Login
Securing System
Module-8: Application Password Cracking
Rar password cracking
Ms Office Document Password Cracking
FTP Password Cracking
SSH Password Cracking
Router & Switch Password Cracking
Module-10: Steganography & Cryptography
Introduction to Stenography
Introduction to Cryptography
Data Hiding Behind Images, Videos Files Etc
http://www.firewalllearning.com
#305 Ashoka Capitol Building, Opp: KBR Park, Banjara Hills , Road number 2, Hyderabad, Telangana –
500034, Mob: +91 8686348800 Pho: 040 66446695 email: [email protected]
Data Hiding Tools
Cryptography
Use of cryptography in Data Hiding
Module-11: Social Engineering Attacks
What is Social Engineering
Types of Social Engineering
How to Perform Social Engineering Attack
Prevention Against Social Engineering
Module-12: Network Attacks & Security
DOS & DDOS Attack
DNS & ARP Poisoning
Sniffing
SSL Striping ( MITM )
Countermeasures
Module-13: IDS, IPS & Honeypots
IDS & IPS
Installation, Configuration & Maintenance
Honeypots
Types Of Honeypots
Implementation of Honeypots
Module-14: Wireless Password Cracking
WEP Cracking
WPA/WPA2 Password Cracking
WI-FI Router Password Cracking
Wireless Security Measures
Module-15: Vulnerability Assessment & Penetration Testing
Introduction to VA-PT
http://www.firewalllearning.com
#305 Ashoka Capitol Building, Opp: KBR Park, Banjara Hills , Road number 2, Hyderabad, Telangana –
500034, Mob: +91 8686348800 Pho: 040 66446695 email: [email protected]
Key Benefits & Difference
Opensource VA-PT
Tool Based VA-PT
Module-16: Miscellaneous
Nexpose
Core Impact
Veil Framework
Firewall Pentest
VOIP Hacking
EAST Framework
Module-17: Reporting
Sample Pentest Agreement
Executive Report
Technical Report
Developer Report