Carnegie Mellon University Certified Ethical Hacker Online Course!

[caovantan 42]

 

Carnegie Mellon University Certified Ethical Hacker Online Course!

English | Size: 2.36 GB

Category: Security

 

Certified Ethical Hacker Introduction

CEH Course Overview

Active and Passive Reconnaissance

Introduction to Active and Passive Reconnaissance

Information Gathering

Types of Information to Gather

Methods for Gathering Information

Understanding DNS

DNS Enumeration

 

Whois Database Information

Other DNS Enumeration Tools

Other Sources of Information

Active Reconnaissance - Exploiting DNS

DNS Zone Transfers

Brute Force DNS Queries

Gathering Information Using Traceroute

Gathering Information from E-mails

Searching for Internal URLs

Competitive Intelligence Gathering

DEMO: Sam Spade

LAB: Passive Reconnaissance

Hacking Laws

Introduction to Hacking Laws

Title 18 of the United States Code

Federal Information Security Management Act

The Fair Credit Reporting Act

Privacy Act of 1974

International Law

Google Hacking

Intro to Google Hacking

Basic Search Operations

Advanced Search Operations

Additional Google "Features"

Google Hacking in Practice

Finding Vulnerabilities and Targets

Finding Exploits

Enumerating Error Messages

Google Hacking Tools and Defenses

DEMO: Google Hacking

LAB: Google Hacking

Social Engineering

Social Engineering Introduction

Human-Based Social Engineering

Computer-Based Social Engineering

Social Engineering and Phishing

DEMO: Sample Phishing Scams

Social Engineering and Phishing (cont'd)

Thwarting Social Engineering

Packet Capture

Intro to Packet Captures and Sniffing Types

Active SniffingYou

ARP Cache Poisoning

DEMO: ARP Cache Poisoning

MAC Address Flooding

DEMO: MAC Address Flooding with MACof and other DSniff tools

Firewalking and Passive Sniffing Tools

DEMO: ARP Poison Routing

Scanning

Types of Scanning

NMAP Introduction

Netcat

DEMO: Netcat

Banner Grabbing

War Dialing and IP Spoofing

DEMO - Superscan

LAB: Vulnerability Assessment with MBSA and Nessus

NMAP and Its Switches

NMAP -1

DEMO: NMAP TCP Scanning

NMAP -2

DEMO: NMAP UDP Scanning

NMAP -3

DEMO: NMAP Operating System Enumeration

NMAP -4

Enumeration

Windows Enumeration

DEMO - Languard Network Security Scanner

Application Enumeration -1

DEMO: Split DNS

Application Enumeration -2

Web Application Vulnerabilities

Exploitative Behavior

Anatomy of a Web Application Attack

Cross-Site Scripting

Command Injection -1

DEMO: Command Injection

Command Injection -2

SQL Injection

Cookie Poisoning

Parameter Tampering

Buffer Overflows

Directory Traversal

Cryptographic Interception

Authentication Hijacking and Log Tampering

Error Message Interception

DEMO: Show Friendly HTTP Error Messages

Obfuscation, Platform Exploits, and DMZ Attacks

DMZ Attacks and Security Management Exploits

Web Service, 0-Day, and Network Attacks

Web Application Hacking Tools

LAB: Web Application Penetration Testing

Web Server Hacking

Intro to Web Server Hacking

IIS Features and Vulnerabilities

Web Service Attack Tools and Countermeasures

Patch and Vulnerability Management

Increasing Web Server Security

DEMO: XSS - Web Exploitation

DEMO: SQLInjection - Web Exploitation

DEMO: Directory Traversal - Web Exploitation

SQL Injection

Structured Query Language (SQL) Injection

Finding SQL Injection Targets

DEMO: SQL Injection Web Server Log

Using SQL Commands to Extract Information and Data

SQL Server Hacking Tools and Countermeasures

System Hacking

Finding and Exploiting Vulnerabilities

Payloads

Meterpreter

Exploit Frameworks

Intro to Exploit Frameworks

The Metasploit Framework - 1

DEMO: Using YouTube to Learn Toolz--OpenVAS

The Metasploit Framework - 2

DEMO: The Metasploit GUI

The Metasploit Framework - 3

Overview of Commercial Exploit Frameworks

DEMO: Exploiting Hosts

LAB: System Hacking

Password Cracking Techniques

Intro to Password Cracking Techniques

Password Cracking Tools and Techniques

DEMO: Password Cracking

Authentication Best Practices and Countermeasures

Keyloggers and Spyware

Escalating Privileges

Privilege Escalation - Command Execution

Privilege Escalation - Impersonation

Privilege Escalation - Passing the Hash

DEMO: Privilege Escalation

Session Hijacking

Pass the Hash Recap

Session Hijacking

Session Hijacking Tools

DEMO: Denial of Servie (DoS)

Denial of Service

Denial of Service (DoS)

Distributed Denial of Service Methods (DDoS)

DoS and DDoS Tools and Countermeasures

Tunneling and Trojans

Maintaining Access

Types of Tunnels

Getting Files Through Tunnels -1

DEMO: VBS File Download

Getting Files Through Tunnels -2

Tunneling Programs and Countermeasures

DEMO: Tunneling

LAB: Tunneling

Viruses and Worms

Viruses and Worms -1

Viruses and Worms -2

DEMO: Conficker Overview

Covering Your Tracks

Covering Your Tracks Introduction

Hiding Files

Alternate Data Streams

Hiding Files Using Rootkits

Detecting Rootkits

Hiding Information Using Steganography

Steganography Detection

Hiding Actions

DEMO: HiddingFiles-ADS

DEMO: Rootkits

DEMO: Steganography

LAB: Hiding Files

Wireless Hacking

Wireless Networks

Setting Up a Wireless Network

Wireless Authentication

Wireless Lingo

Wireless Attack Methodology

Wireless Attacks

Wireless Hacking Defensive Measures

DEMO: Wireless Hacking

Physical Security

Introduction to Physical Security

Threats to Physical Security

Physical Security Considerations

Infrastructure Physical Security

Laptop Security

TEMPEST

Physical Security Access Controls

Biometric Access Control Devices

Authentication

Wiretapping

Remote Access

Locks

Spyware Technologies

Evasion Techniques

Intrusion Detection Systems

Firewalls

Honeypots

DEMO: Honeywall Overview

Evasion Techniques

Cryptography

Introduction to Cryptography

Public Key Cryptography

Digital Signatures

Encryption Algorithms

XOR (Exclusive OR) Encryption

Encryption Key Size

Message Digest and Cryptographic Hash Functions

Secure Sockets Layer (SSL)

Government Access to Encryption Keys

Pretty Good Privacy (PGP)

Disk Encryption

DEMO: Evasion

Pulling It All Together

Phase 1 - Reconnaissance (Review)

Phase 2 - Scanning and Enumeration (Review)

Phase 3 - Gaining Access (Review)

Phase 4 - Maintain Access (Review)

Phase 5 - Cover Your Tracks (Review)

CEH Pentesting Methodology

DEMO: Putting it all together

LAB: Pulling it all together

 

QUIZ: CEH 200 Question Exam

QUIZ: CEH Random 50 Exam Questions

LAB: Hacking and Assessment Training Environment

 

Download link:

Ukryta Zawartość

Treść widoczna tylko dla użytkowników forum DarkSiders. Zaloguj się lub załóż darmowe konto na forum aby uzyskać dostęp bez limitów.

 

Links are Interchangeable - No Password - Single Extraction