Embed Size (px)
Citation preview
Tab
le o
f C
on
ten
t1
Introduction to Cyber Security
What is Cyber Security?
Need of Cyber Security
Common Terminologies
Career and GrowthHacking as a Career
Domains of Cyber Security
Job Oppo�unities
Threats to the Cyber WorldNon-IT Threats
IT Threats
Hacking PhasesReconnaissence
Scanning
Gaining Access
Maintaining Access
Clearing Tracks
2Cyber Laws and Compliances
Cyber CrimesCrimes against People, Prope�y,Government and society
Statistics of Cyber CrimeIndia and World
Cyber LawsPenalties, Compensation andAdjudication sections
O�enses sections
Case StudiesCyber cases listed in IT Act 2000
Recent Cyber Crimes around the worldCyber Crime against Finances
Cyber Crime against Individuals and Organizations
Ransomware in Hospitals
Credit Card Frauds
Cyber Terrorism
How to Repo� Cyber Crimes
Recent Initiatives in India
Security CompliancesTypes of Compliances
ISO 27001
ISO 27002
PCI DSS
COBIT 5
NCIIPC
Search Engines
2Hrs
2Hrs
Information Security Certified Professional
3Introduction
Computer Networking Overview
Basics of Networking
How computer Network WorksOSI Model
TCP-IP Model
Networking ComponentsNIC Card
RJ-45 Card
Types of Networks
Communication Medium
Cables
Naming, Addressing & ForwardingMAC Address
IP Address
Subnet Mask
Gateway
Classi�cation of IP Addresses
Network Address Translation
Domain Name Server
Subne�ing
Networking DevicesHubs
Bridges
Switches
Routers
Firewalls
WAPs
Application LayerDHCP, FTP/SFTP
HTTP/HTTPS, IMAP, LDAP
POP, SMTP, SNMP, SSH
Telnet, TLS/SSL
Transpo� LayerTCP/ UDP, RSVP
Internet LayerICMP, IP
Link LayerMAC, PPP, DSL, ISDN
Other ProtocolsFinger, MIME / SMIME
RTP, TOR, Whois, X.500
4Introduction and De�nition of terms
Encryption
Hashing
Encoding
Obfuscation
Cryptography
Objectives of CryptographyCon�dentiality
Integrity
Authenticity
Non-repudiation
Accountability
4Hrs
3Hrs
Types of A�acksPassive A�acks
Active A�acks
Introduction to Cryptosystems
EncryptionTerminologies
Model of Encryption
Conventions
Modern Ciphers
Cost Bene�t Approach
Introduction to Symmetric key cryptography
Types of Symmetric Key CryptographyDES
AES
Asymmetric Key CryptographyRSA
Public Key InfrastructureComponents of PKI
Methods of Ce�i�cation
Applications of PKI
Issues with PKI
HashingIntroduction
Terminologies
Hash vs Cryptographic Hash
Classi�cation of Hash functions
Applications of Hash
MD5
SHA
HMAC
Digital Signatures
Cryptographic ProtocolsIntroduction
Common Protocols: SSL, TLS,
PGP
Cryptographic ToolsEncryption
Hashing
File Shredders
Steganography
Miscellaneous Tools
Cryptographic A�acksBrute Force A�ack
Dictionary A�ack
Rainbow Table A�ack
Collision A�ack
Pre-image A�ack
5Introduction
Need of Footprinting
Footprinting3Hrs
Targets of FootprintingIT Infrastructure
Organizational Infrastructure
Footprinting TechniquesFootprinting using search engine
Footprinting using Google
Footprinting using Shodan
Footprinting Using WHOIS
Footprinting Using DNS Queries
Footprinting through Social Engineering
Footprinting through command-line utilities
Footprinting using Tools
Footprinting using Source Code Examination
Footprinting individuals
Google.com
shodan.io
whois.com
6Network Scanning
Introduction
Types of scanning
Objectives of scanning techniquesScanning for Live Single Systems
Scanning for Live Multiple Systems
Scanning for Open Po�s
ping
Zenmap/Nmap
TCP Connect / Open Scan,Half Open Scan,
Strobe Scan ,FIN | Null | Xmas Tree Scan,
FTP Bounce Scan ,UDP Scan
Po� Scanning TechniquesZenmap/Nmap
Zenmap/Nmap
Zenmap/Nmap
Hping, NetScan Tool,
Strobe (Super optimised TCP po� surveyor)
Scanning for System Information
Po� Scanner Tools
Vulnerability Scanner Tools
Vulnerability Scanning Nessus, OpenVas
Tools for mapping Network Architecture
Determining Network Architecture, Nessus
LanState Pro, Network Mapper
Conclusion
7Spoo�ng
IP Address Spoo�ng
MAC Address Spoo�ng
Call Spoo�ng
SMS Spoo�ng
URL Spoo�ng
Email Spoo�ng
ARP Spoo�ng
DNS Spoo�ng
Ultrasu�, free-proxy-lists.net, vpnbook.com/webproxy, protonvpn
Technitium MAC Changer(Windows), Macchanger (linux)
crazycall.net, spoo�el.com,spoofcard.com
spoo�el.com, spoofcard.com
Emkei.cz, PHP Mailer
Legitimate use and Impact of spoo�ng
Objectives of Spoo�ng
Types of Spoo�ng
6Hrs
3Hrs
8System Hacking
Basics: Function and Process
What do OS do?
Types of OSMicroso� Windows
Password Management in Windows
Hacking Closed SystemFile Swap
Mimikatz
Hacking Open SystemCommand Prompt
Mimikatz
9Web Application Hacking
Basics of Web ApplicationArchitecture of Web Applications
Need and use of Web Applications
Pasive Information GatheringGoogle Hacking
Whois Lookup
DNS Interrogation
Maltego, webapplyzer
GHDB
netcra�, whois.net
mxtoolbox, dns queries, virustotal
Active Information Gathering1.Po� Scanning
2.Service Scanning
3.OS Fingerprinting
4.Enumerating Web Application framework
5.Web App. Content Discovery Burpsuite, HTTrack, BlackWidow
Check Authentication MechanismUsername
Passwords
Session
Vulnerabilities in Authorization MechanismDirectory Traversal (horizontal and ve�ical directory)
Bypassing Authorisation Schema
Privilege Escalation
Insecure Direct Object reference
Injection A�acksWeb Script Injection
SMTP Injection
SQL Injection
LDAP Injection
XPath Injection
Command Injection A�ack
Web Application Vulnerabilities and its DefencesInsu�cient Transpo� LayerProtection
Security Miscon�guration
Insecure Cyptographic Storage
Bu�er Ove�low
Cross Site Request Forgery a�ack
(CSRF)
Cross Site Scripting (XSS)
Redirection A�ack
Burpsuite,
OWASP ZAP
8Hrs
10Hrs
10Injection
SQL InjectionTypes of SQL injection
SQL Injection tools
HTTP GET and POST request protocols
Basic queries of SQL injection
Improper Error Handling
Information Leakage
Failure to Restrict URL Access
Security Management Exploits
Malicious File Execution
Captcha A�acks
Authentication Hijacking
Network Access A�acks
Cookie Snooping
Web Application Security ScannerCommercial Tools
So�ware-as-a-Service Providers
Free / Open Source Tools
List of Tools
Acunetix, Nessus, BurpSuite, OWASP ZAP
Sqlmap, Sqlninja
Code InjectionTypes of Code Injection
Vulnerability of Code Injection
Prevention of Code Injection
Sqlmap, Sqlninja
File Inclusion VulnerabilityTypes of File Inclusion
Command InjectionHow to pe�orm command injection?
How to prevent SQL Injection
11Mobile Security
Mobile Application Security
Need for Mobile Application Security Testing
Android ArchitectureApplication framework
Interaction with Android DevicesAndroid Emulators and Devices
Android Debug Bridge (ADB)
Downloading and installing applications with ADB
Android Network AnalysisSe�ing Up a Proxy For Android Emulator
Se�ing Up a Proxy For Android Device
Data Capturing(MITM A�ack)
Download And Install CA Ce�i�cate
SSL Data Capturing(MITM A�ack)
Android Application Pen-TestingAndroid APK Reverse Engineering
Static Manual Testing with Drozer
Automation testing with MobSF
OWASP top 10 Mobile Vulnerabilities
2Hrs
6Hrs
Rooting of Android DevicesPreparing a Device for Rooting
Tools used for Rooting
Unrooting Android Device
12Web Server Hacking
Web ServerFile Servers
Application Servers
Message Servers
Proxy Servers
Database Servers
Mail Servers
Web Server ArchitectureConcurrent Approach
Single Process Event driven approach
A�acking MethodologyWeb Server A�ack Vectors
Footprinting
Scanning
Gaining AccessWeb Server A�acks metasploit
Privilege EscalationVe�ical Privilege Escalation
Horizontal Privilege Escalation
Remote Code Execution
DoS
Memory Corruption
Metasploit
Impact of WebServer A�acks
Countermeasures to Web Server A�acks
13Firewall, IDS and IPS
Types o FirewallPacket-�ltering �rewalls
Stateful inspection �rewalls
Proxy �rewalls
Circuit-level gateways
Application-level gateways
Stateful Multilayer inspection �rewalls
Firewall Requirement Analysis and ImplementationRequirement analysis
Practical implementation of Firewall
Uni�ed Threat ManagementAdvantages of using UTM
Challenges of using UTM
Evading Firewalls
Firewall Identi�cationPo� Scanning
Firewalking
Banner Grabbing
8Hrs
2Hrs
IP Address Spoo�ngTiny Fragments
Bypass Blocked Sites Using IP Address in Place of URL
Bypass Blocked Sites Using Anonymous Website Su�ing Sites
Bypass a Firewall Using Proxy Server
Bypassing Firewall through ICMP Tunneling Method
Bypassing Firewall through ACK Tunneling Method
Bypassing Firewall through HTTP Tunneling Method
Bypassing Firewall through SSH Tunneling Method
Bypassing Firewall through External Systems
Bypassing Firewall through MITM A�ack
Bypassing Firewall through Content
Intrusion Detection System (IDS)What is IDS?
How does IDS work ?
Functions of IDS
Classi�cationsAnalyzed activity
Detection method
IDS Evasion Tools
Firewall Evasion ToolsTra�c IQ Professional
TCP over DNS
Packet Fragment Generator
Intrusion Prevention System (IPS)How does IPS work?
What is the function of IPS?
Intrusion Prevention System (IPS)How does IPS work?
What is the function of IPS?
Classi�cationHost-based intrusion prevention system (HIPS)
Network behavior analysis (NBA)
Wireless intrusion prevention systems (WIPS)
Detection methodsSignature-Based Detection
Statistical anomaly-based detection
Stateful Protocol Analysis Detection
Limitations
Free and open source systems
Evading IDS
HoneypotTypes of honeypot
How does it work?
How to setup honeypots?
14Malwares
Statistics of Malware Infection
Classi�cation of Malwares
4Hrs
Virus
Worm
Bot
Trojans
Ransomware
Rootkit
Adware
PUP/PUA
Keyloggers
Browser Hijackers
Malware EconomyImpact of Malware Infections
CountermeasuresAntivirus
AdBlockers
Firewalls, IDS, IPS
Anti-ransomware
Strict Usage Policies
BYOD Policies
User Awareness
PC Health monitoring
Browser Plugins
Online Malware Detection Tools
15Denial-of-Service (DOS)
DDoS a�acks
Statistics related to DoS
Types of DDoS a�acksSmu� A�ack
DNS Flood A�ack
DNS Ampli�cation A�ack
Ping of Death
ICMP Flood
NUKE A�acks
NTP Ampli�cation
UDP Flood
SYN A�acks
Re�ected DoS
Teardrop
Peer to Peer
Slowloris
RUDY A�ack
XML A�ack
HTTP Flood
SNMP a�ack
Other Types
Sources & tools of DDoSLOIC
XOIC
HOIC
Botnets
Insecure IoT Devices
JMeter
Di� Jumper
OWASP HTTP DOS Tool
2Hrs
Detection of DoS A�acks
Mitigation StrategiesFirewalls
Redundant Resources
Third Pa�y Service providers
Preventing Flooding a�acks
Unintentional DoS
Economics of DoS
Impact of DoS A�acks
Bu�er Ove�low A�ackStacks
Heaps
Shellcodes
Memory Segment Ove�lowMemory Organisation
Stack Ove�low
Heap Ove�low
Impact
16Wireless Hacking
Wi-Fi SecurityTypes of Wireless Networks
Bene�ts of Wireless Technology
Disadvantages of Wireless Technology
Introduction to 802.11WLAN Protocols
Basic conceptsNetwork Basics
Wireless A�ack ScenariosMAC Spoo�ng
Packet Injection
Packet Sni�ng
Pawning Beacon Frames (Fake Access Points)
De-auth A�ack
Bypassing WLAN AuthenticationHidden SSIDs
Unmasking hidden SSIDs
What is MAC Filter?
Grabbing MAC Address of Associated Clients (MAC Filter)
Cracking WEP Wi-Fi networksLogic behind WEP Wi-Fi encryption
Vulnerabilities in WEP
Cracking WEP
Speed-Up WEP Cracking
Countermeasures to avoid WEP cracking
Cracking WPA/WPA2 Wi-Fi networksLogic behind WEP Wi-Fi encryption
Vulnerabilities in WEP
Cracking WEP
Speed-Up WEP Cracking
Countermeasures to avoid WEP cracking
Vulnerabilities in WPA/WPA2
8Hrs
Vulnerabilities in WPA/WPA2Types of WPA/WPA2 Cracking
How to Crack WPA/WPA2
Speed WPA Cracking
aircrack-ng, airmon-ng, airodump-ng
Client Side Wi-Fi A�acksCracking WEP
Requirements fo Conducting Cracking at Client Side
Cracking WPA/WPA2
aircrack-ng, airmon-ng, airodump-ng
Man in the Middle A�ackExecuting MITM A�acks
Types of MITM A�acksaircrack-ng, airmon-ng, airodump-ng
Wireless Penetration Testing MethodologyPentest
Penetration Testing Tool
Phases of Penetration Testing Methodology
17Social Engineering
Statistics
Stages of Social Engineering A�ackInformation Gathering
Developing Relationship
Exploitation
Execution
Target Pro�ling
Types of Social Engineering A�ackDigital A�acks
Personal A�acks
Impersonation A�acks
Techno-Personal A�acks
Mitigation StrategiesTraining of Stakeholders
Policy Implementation
18Cloud Security
What is Cloud Security?
Deployment models of CloudPrivate
Public
Hybrid
Vi�ual Private Cloud
Community Cloud
Categories of Cloud Services1. IaaS (Infrastructure as a Service)
2. PaaS(Pla�orm as a Service)
3. SaaS(So�ware as a Service)
4. DaaS (Desktop as a Service)
5. Communications as a Service (CaaS)
6. Network as a Service (NaaS)
2Hrs
2Hrs
Cloud Bene�ts
Information Management and Data SecurityInformation Management
Data Security
Volume storage
Object storage
Logical vs physical locations of data
Data Loss Prevention
Detecting Data Migration to the Cloud
Database Activity Monitoring and File Activity Monitoring
Encryption in IaaS, PaaS & SaaS
Data Backup
Data Dispersion
Data Fragmentation
Po�ability and InteroperabilityPo�ability
Interoperability
SAML and WS-Security
Lock-In considerations by IaaS, PaaS & SaaS delivery models
Mitigating Hardware Compatibility Issues
Cloud Security ModelJerico Cube Model
Cloud SecurityCloud Security Control Layers
Responsibility of Cloud Security
NIST Recommendations for Cloud Security
Cloud Computing Security Considerations
Placement of Security Controls in the Cloud
NIST
Cloud Security Tools
Cloud Encryption Tools
Cloud Service Providers
Privacy and Security Concerns
Limitations of Cloud
19Internet of Things (IoT) Security
Technical Overview
Elements of IoT infrastructuresIOT Network Architecture and Design
IOT and the 3 C's
Hardware
Firmware
Communication Channels
IoT A�ack Su�aces
Common Vulnerabilities in IoT Devices
Securing IoT1. Cryptographic Solutions
2. Security Features of IoT protocols
3. Security Management
2Hrs
Advantages of IoT
Challenges in IoT
20Pentesting
Penetration testing
Vulnerability Assesment vs Penetration testing
Impo�ance of Penetration testing
Advantages of Pentesting
Methods of PentestingBlack Box testing
White Box testing
Grey Box testing
Bug Bounty
Penetration Testing Execution StandardOWASP Testing Guide
NIST SP800-115
New PCI DSS Guidance
FedRAMP
PTES
Legal AuthorityScope of Work
Damage Control
Indemni�cation
Hack-Back
Professionalism
Licensing and Ce�i�cation
Privacy Issues
Data Ownership
Duty to Warn
Stages of Pentesting1.Footprinting
2. Scanning
3. Enumeration
4. Pe�orming Penetration Tests
Web Application Pentesting
OWASP Top 10 for Mobile
Servers
Network Penetration Testing
Repo�ingStructure of a Repo�
1 Hr
