Ethical Hacking 2013

Transcript

1. Don’t learn to hack Hack to Learn ethical hacking, almog

   ohayon [email protected] ; 054-3366580 ; www.TheSniffer.info

2. This course is not focusing on specific Certification, it is

   about providing you The most up to date knowledge and tools In the domains of system, networking, Security and penetration testing. After you will finish this course you will Be able to - upgrade your IT carrier, start your carrier as professional penetration tester, use this knowledge in any workspace and learn easily to any certification such as CEH, CISSP, MCITP, CCNA, and many more. Course Overview

3. Course Topics  Hacking Introduction  OS fundamentals – Linux,

   Windows, vm’s  network fundamentals  Backtrack 5  information gathering  Network scanning  Vulnerabilities assessment  Sniffing, spoofing and mitm  Exploitation  Password cracking and brute force  Social engineering and Google  Wireless discovery and hacks  Hardening and protecting your network

4. Hacking Introduction • Hacking terminologies and concepts • Latest attacks

   and hacks in the world • Common attacks scenarios • Hacker types and skills • ethical hacking • Penetration testing introduction

5. OS fundamentals – Linux, Windows, vm’s Linux: • Overview –

   distributions, installation, boot, cli, gui • Basics – directories, configuration files, processes, users, logs • Files – permissions, operating, search, vi • Networking – configuration, security • Packages – installation, remove, updates • services – ssh, apache, mysql, php, dns, ftp Windows: • Overview – versions and evolution, cmd, boot, services • Basics – directories, configuration files, processes, users • Networking – configuration, security • Server side – ldap, iis, dns, dhcp, wamp, Virtual machines • Vmware – desktop, esx, installation, configuration • Virtual box – installation, configuration

6. Network fundamentals • ipv4, ipv6, tcp/ip, nat • Routing, switching,

   layer7 • Firewalls – iptables, checkpoint, cisco • Protocols – arp, dhcp, dns, smb, http, ssl, telnet, ssh, ftp, snmp • Tools – wireshark, tcpdump, fiddler • Os tools – nslookup, netstat, dig, whois • Wireless – standards, security

7. Backtrack 5 • Installation – windows, linux, vm, dual boot

   • Basic configuration – network, services, boot, gui, cli • Apps and tools overview – nessus, nexpose, metasploit, nmap, nikto, Armitage • Penetration testing overview – information gathering, vulnerabilities assessment, exploits

8. information gathering • Collect information – network, system and organization’s

   information. • information gathering – Footprinting and reconnaissance, dns analysis, os fingerprints, web applications, cms identification, database analysis, smtp analysis • Tools – nmap, whois, dnswalk, sqlmap, wpscan, joomscan, blindelephant, whatweb, maltego, DirBuster and http enumeration • collect information using search engines and social networks

9. Network Scanning • External and internal Scanning overview • Network

   scanning – identify live hosts, pingsweeps, find open ports , route path, understand open services. • Use proxy server to hide your IP • Tools – hping, nmap, online websites,

10. Vulnerabilities assessment • Common vulnerabilities overview • Nessus – install,

    license, scans, reports • Nexpose - install, license, scans, reports • Openvas • Nikto

11. Sniffing, spoofing and mitm • Network architecture • Identify lan

    components • Arp spoofing and mitm • Dhcp spoofing and snooping • Password sniffing • Span switch port • Wireless sniffing

12. Exploitation • Metasploit introduction • Metasploit installation – windows, linux

    • Metasploit database configuration • Scanning – nmap, nexpose, auxiliary • Using metasploit exploits • Metasploit post exploitation • Armitage integration

13. Password cracking and brute force • User enumeration • Password

    cracking • Brute force – ftp, ssh, telnet, http • Dictionary attacks • Creating passwords list – cupp • keyloggers

14. Social engineering and Google “help” • Social engineering introduction •

    Social engineering toolkit • Website mirroring and cloning • Phishing and web cloner • Google hacks

15. Wireless discovery and hacks • Wireless architecture and overview •

    Wireless security methods • Wireless sniffing • Wireless mitm

16. Hardening and protecting your network • Weak components in the

    network • Secure your iis and apache • Secure your switches and routers • Restrict access to your network • Remove old unprotected protocols • benchmarking according to best practice