SlideShare a Scribd company logo

Ethical System Hacking- Cyber Training Diploma

Download as PPTX, PDF
begmohsin
begmohsin

Become a Professional Ethical Cyber Hacker and learn to protect your organisation from being attacked. Become a truly invaluable asset to your organisation its cyber security defence against cyber hackers. Almost 3 million worldwide shortages of Cybersecurity professionals. 1.76 billion records leaked in January 2019 alone The 10 biggest data breaches of all time — with the number of accounts hacked and year occurred — according to Quartz: Yahoo, 3 billion (2013); Marriott, 500 million (2014-2018); Adult FriendFinder, 412 million (2016); MySpace, 360 million (2016); Under Armor, 150 million (2018); Equifax, 145.5 million (2017); eBay, 145 million (2014); Target, 110 million (2013); Heartland Payment Systems, 100+ million (2018); LinkedIn, 100 million (2012) The 5 most cyber-attacked industries over the past 5 years are healthcare, manufacturing, financial services, government, and transportation. Cybersecurity Ventures predicts that retail, oil and gas / energy and utilities, media and entertainment, legal, and education (K-12 and higher ed), will round out the top 10 industries for 2019 to 2022. Distributed-Denial-of-Service (DDoS) attacks represent the dominant threat observed by the vast majority of service providers — and they can represent up to 25 percent of a country’s total Internet traffic while they are occurring. Globally the total number of DDoS attacks will double to 14.5 million by 2022 (from 2017), according to the Cisco Visual Networking Index (VNI). Global ransomware damage costs are predicted to hit $20 billion in 2021, up from $11.5 billion in 2019, $5 billion in 2017, and just $325 million in 2015, according to Cybersecurity Ventures.

Technology
1 of 33
Ethical System Hacking – Training Diploma Course Module Descriptors UK Cyber Defence Academy www.tech-strategygroup.com
Course Structure Unit 1: Introduction to Ethical Hacking Unit 2: Technical Processes of Hacking Unit 3: Footprint and Scanning Unit 4: Enumeration and System Hacking Unit 5: Fundamentals of Malware Threats Unit 6: Sniffers, Session Hijacking and Denial of Service Unit 7: Web Server Hacking, Web Applications and Database Hacking Unit 8: Wireless Technologies, Mobile Security and Attacks Unit 9: IDS, Firewalls and Honeypots
Course Structure Unit 10: Physical Security and Social Engineering Unit 11: Cryptographic Attacks and Defences Unit 12: Cloud Computing and Botnets Unit 13: Fundamentals of Kali Linux Unit 14: Encryption Cracking Tools
Module 1: Introduction to Ethical Hacking
Learning Objectives • Develop broad understanding about the Security Fundamentals • Learn about the differences between ethical hackers and hackers • Develop understanding about the different types of hacking attacks • Develop understanding about the different types of security testing that is performed by ethical hackers: white box testing, grey box testing, black box testing, penetration testing • Develop understanding about system risks, threats and vulnerabilities • Learn how to conduct Quantitative Risk Assessments. • Learn about the different types of hackers such as white hat hackers, black hat hackers, grey hat hackers, suicide hackers. • Learn about the hacker’s workflow methodology with regards to reconnaissance and footprinting, scanning and enumeration, gaining access, maintaining access and covering trackers. • Learn about the technical skills and knowledge ethical hackers should possess to be effective in your role. • Develop detailed understanding about the ethical hacking methods with regards to information gathering, external penetration testing, internal penetration testing, network gear testing and DoS testing, wireless network testing, application testing and social engineering, physical security testing, authentication system testing, database testing, communication system testing. • Learn about US federal laws that ethical hackers must be aware with regards to cyber fraud, cyber breaches and PCI DSS Company compliance.
Module 2: Technical Process of Hacking
Learning Objectives • Learn about the attacker’s process with regards to the following: Performing reconnaissance and footprinting, scanning and enumeration, gaining access, escalation of privilege and maintaining access and covering tracks. • Develop understanding about the most prominent security methodologies for security testing purposes • Develop understanding about the fundamentals of networking protocols and networking devices. • Develop understanding about the OSI Model and TCP/IP Layers: application, presentation, session, transport, network, data link and physical. • Learn about global application security and operation issues. • Develop understanding about the TCP packet structure, datagram fragmentation and how hackers manipulate packets
Module 3: Footprint and Scanning
Learning Objectives • Develop comprehensive understanding about the 7-step information gathering process with regards to footprinting mapping, mapping attack surface and exploring ways to penetrate external environments. • Learn how to identify active machines, open ports and access points and how to shut down TCP connection termination • Learn about the most popular scanning techniques and applications such as NMAP that can be used effectively. • Develop understanding about war driving, active fingerprint methods, fingerprinting services and how to explore open services • Learn how to map the network attack surface in depth
Module 4 : Enumeration and System Hacking
Learning Objectives • Develop understanding about enumeration, system hacking with regards to NetBIOS enumeration tools, Windows security, Linux Unix enumeration, NTP- SMTP enumeration, DNS enumeration, technical password attacks, automated password guessing, password sniffing, keylogging. • Learn how to exploit buffer overflow, access the SAM and the different types of windows authentication types. • Develop understanding about cracking windows passwords, hiding files and covering tracks, rootkit, ethical hacker response rootkit and file hiding.
Unit 5: Fundamentals of Malware Threats
Learning Objectives • Develop comprehensive understanding about the different types of attacks with regards to viruses and worms • Learn about transmission methods of viruses, trojans its behaviour and characteristics, virus payload characteristics and the architecture component structure of viruses. • Develop understanding about cover communication, keystroke logging and spyware. • Learn about Malware countermeasures. • Develop understanding about trojan behaviours with regards to remote access, data hiding, e-banking, denial of service (DoS), proxy and ftp. • Learn about RAT trojans tools, wrapper binding programs, trojan ports and communication methods, trojan targets and infection mechanisms. • Develop understanding about the deployment of a trojan, covert communication and tunneling via the internet, application layer • Learn about keystroke logging and spyware, hardware keyloggers, software keyloggers, spyware and malware countermeasures • Develop understanding about how to detect malware, and the types of known techniques antivirus programs implement with regards to the following: signature scanning, heuristic scanning, integrity checking and activity blocking. • Learn about how to conduct malware analysis
Module 6: Sniffers, Session Hijacking and Denial of Service
Learning Objectives • Develop understanding about sniffers as hacking tools • Learn about the core fundamentals of session hijacking techniques and denial of service and distributed denial of service • Learn about the prominent types of sniffing tools that are used, passive sniffing, active sniffing, address resolution protocol (ARP) and ARP spoofing attacks • Develop understanding about ARP poisoning, MAC Flooding processes and how hackers launch server attacks on the DHCP servers • Develop understanding about MAC Spoofing, DNS spoofing and tools which ethical hackers can implement spoofing purpose • Learn about sniffing and spoofing countermeasures, session hijacking, transport layer hijacking and the lifecycle of a session hijack • Develop understanding of the detailed steps that are involved in how session hijack is used to manipulate the TCP start-up. • Learn how hackers can launch attacks through the following methods: session sniffing, predictable session token ID, man in the middle attacks, man in the browser attacks, client side attacks and session replay attacks. • Learn about the session hijacking attacks and tools that can be used by hackers and how to prevent session hijacking • Develop understanding about the role of DoS in the hacker’s methodology • Learn about the different types of techniques which can be incorporated in the DoS attacks such as the following: bandwidth attacks, SYN flood attacks, internet control message protocol (ICMP) attacks, peer to peer (P2P) attacks and application level attacks • Develop understanding of the countermeasures and best practices that can be implemented for DoS and DDOS attacks
Unit 7: Fundamentals of Webserver Hacking, Web Applications and Database Attacks
Learning Objectives • Develop comprehensive understanding about Web Server Hacking patterns, approaches and techniques • Understand the process of Web Application Hacking • Learn about the fundamentals of Database Hacking • Learn about the tools that hackers can employ when launching a webserver attack • Develop understanding about scanning webservers, banner grabbing and enumeration, website ripper tools and webserver vulnerability identification • Learn about the following types of webserver attacks: DoS/DDoS attacks , DNS server hijacking, DNS amplification attacks, Directory traversal, Man in the middle, Website defacement, Web server misconfiguration, HTTP response splitting and Web server password cracking • Learn about the following ways web applications can be attacked by hackers: Unvalidated Input, Parameter/form tampering, Injection flaws, Cross-site scripting, Cross-site request forgery attacks, Hidden field attacks, Attacking web-based authentication, Web-based password cracking, Web based authentication attacks, and intercepting web traffic. • Develop understanding about the most common authentication types: basic, message digest, certificate based, forms based • Learn about web application hacking and how hackers launch dictionary attacks, hybrid attacks, brute force attacks and the types of tools hackers can utilise. • Learn how hackers intercept web traffic and how to secure web applications using source scanners and relevant tools • Learn how database hacking occurs and the vulnerabilities which exist within SQL databases • Learn about the types of tools which can be incorporated to hack SQL Databases.
This Photo by Unknown Author is licensed under CC BY-ND
Learning Objectives • Learn about the diverse types of mobile phone technologies that can be hacked • Learn how mobile security violations happen and mobile attacks launched by hackers • Develop core understanding about the essentials of Wireless LANS • Develop understanding about the concerns with mobile platforms and global mobile security issues • Learn about security issues associated with android applications • Learn about the techniques and the types of tools that can be used for jail breaking apple iphone, windows, blackberry and android mobile applications • Learn about the tools which can be implemented to prevent hackers exploiting vulnerable mobile devices • Learn about the Bluetooth tools which can be used to attack Bluetooth security loopholes • Develop understanding about WLAN threats and issues • Develop understanding about evil twin attacks, denial of service (DoS), wireless hacking tools, and how to perform wireless traffic analysis. • Learn how to launch wireless attacks and prevent Wi Fi networks from being compromised and make wireless networks more secure • Learn how to build high level defence designs and develop understanding about wireless authentication
Module 9: IDS, Firewalls and Honeypots This Photo by Unknown Author is licensed under CC BY-NC
Learning Objectives • Develop understanding about the Intrusion Detection Systems that are used to detect malicious activity • Learn about Firewalls that exist amongst trusted and untrusted networks • Develop understanding about Honeypots and fake systems that are used to lure in attackers • Learn about the essential components of intrusion detection systems and pattern matching anomaly detection techniques • Learn about insertion attacks employed by hackers, overlapping fragments and TCP, Protocol ambiguities, session splicing, shellcode attacks and other form of IDS evasion techniques. • Develop understanding about the differences between the following types of firewalls: packet filters, application-level gateway, circuit-level gateway and stateful multilayer inspection • Learn about firewalking, banner grabbing, different types of honeypots and how to detect them.
Module 10 Cryptographic Attacks and Defenses
Learning Objectives • Develop understanding about the functions of Cryptography with regards to providing confidentiality, integrity, authenticity and non-repudiation • Learn about Algorithms, and the differences between asymmetric, symmetric and hashing algorithms • Develop understanding about the objectives of the Public Key Infrastructure (PKI and it’s communication and third-party trust • Develop broad understanding about Protocols, Standards and Applications with regards to Secure Shell, IPSec and PGP. • Learn about the hashing process, SHA-1 and how asymmetric encryptions implemented for confidentiality and integrity. • Develop understanding about steganography, steganogrpahic tools, steganalysis, digital watermark, PGP, SSH, SSL, IPSec, PPTP, EFS • Develop understanding about the following types of attacks carried out by hackers: Known plain text attack: cipher text only attack, Man in the middle attack, replay attack, side channel attack, chosen plan text attack and chosen ciper text attack
Module 11: Physical Security and Social Engineering
Learning Objectives • Learn about the different types of threats to physical security • Develop understanding about the various types of physical controls which can be implemented to protect enterprises from hackers and thieves • Develop broad understanding about the different types of Social Engineering attacks and the various ways in how hackers manipulate people • Develop understanding about the common types of backup media and by passing techniques • Develop understanding about biometric systems, social engineering, person social engineering, computer based social engineering, phishing, social networking and targeted attacks.
Module 12 Cloud Computing and Botnets
Learning Objectives • Develop understanding about the different types of cloud-based services • Learn about cloud deployment models and cloud computing models • Learn about the issues with cloud computing and the following types of cloud attacks: session hijackings, DNS attacks, cross site scripting (XSS), SQL injection and session riding, distributed denial of service (DDoS), man in the middle cryptographic attacks, side channel attacks, authentication attacks, wrapping attacks. • Develop understanding about cloud security control layers. • Learn about botnets and botnet architecture, botnet client server models, botnet peer to peer models. • Develop understanding about banking trojans, botnet countermeasures and techniques to build defences. • Learn how to create a botnet in order to achieve malicious gains
Module 13 Fundamentals of Kali Linux
Learning Objectives • Learn how to install Kali Linux on your network • Learn how to setup a virtual laboratory • Learn how to use information gathering tools in Kali Linux • Learn about vulnerability analysis tools and wireless attacks • Learn about penetration testing tools in Kali Linux • Learn about database tools, CMS scanning tools, forensic tools and exploitation Tools • Learn about social engineering toolkit, stressing tools, sniffing and spoofing Tools • Learn about password cracking tools, reverse engineering tools and reporting tools.
Module 14: Encryption Cracking Tools
Learning Objectives Learn about the following types of tools that you can implement as part of your workflow strategy when performing tasks as a Ethical Hacker: • Encryption Cracking tools • Cyber security Tools and Sites • Footprinting Tools • Competitive Intelligence • Tracking Online Reputation • Website Research • DNS and Whois Tools • Traceeroute Tools and Links
Learning Objectives Learn about the following types of tools that you can implement as part of your workflow strategy when performing tasks as a Ethical Hacker: • Website Mirroring Tools and Sites • Google Hacking • Scanning and Enumeration Tools • System Hacking Tools • Cryptography and Encryption • Sniffing • Wireless Attacking • Trojans and Malware • Web Attacking Tools • SQL Injection Tools
End

Recommended

Certied Ethical Hacker
Certied Ethical HackerCertied Ethical Hacker
Certied Ethical Hacker
Knowledgehut
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
limsh
 
Cyber crime trends in 2013
Cyber crime trends in 2013 Cyber crime trends in 2013
Cyber crime trends in 2013
The eCore Group
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overview
limsh
 
Ethical Hacking Class
Ethical Hacking ClassEthical Hacking Class
Ethical Hacking Class
Laney Dale
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
Kevin Fisher
 
Security
Security Security
Security
chian417
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Chetanmalviya8
 

Recommended

Certied Ethical Hacker
Certied Ethical HackerCertied Ethical Hacker
Certied Ethical Hacker
Knowledgehut
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
limsh
 
Cyber crime trends in 2013
Cyber crime trends in 2013 Cyber crime trends in 2013
Cyber crime trends in 2013
The eCore Group
 
BAIT1103 Course Overview
BAIT1103 Course OverviewBAIT1103 Course Overview
BAIT1103 Course Overview
limsh
 
Ethical Hacking Class
Ethical Hacking ClassEthical Hacking Class
Ethical Hacking Class
Laney Dale
 
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
DRC - Cybersecurity Concepts 2015 - 5 Basics you must know!
Kevin Fisher
 
Security
Security Security
Security
chian417
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Chetanmalviya8
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
vishnukp34
 
Cs8792 cns - unit v
Cs8792 cns - unit vCs8792 cns - unit v
Cs8792 cns - unit v
ArthyR3
 
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
Theko Moima
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentals
Manesh T
 
Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities
Joel Aleburu
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
UK Defence Cyber School
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
Sweta Leena Panda
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
Khawar Nehal khawar.nehal@atrc.net.pk
 
Cisel1 d
Cisel1 dCisel1 d
Cisel1 d
chandu_sai
 
Ethical hacking11601031 (1)
Ethical hacking11601031 (1)Ethical hacking11601031 (1)
Ethical hacking11601031 (1)
Mohammad Affan
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in it
lavakumar Thatisetti
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
udemy course
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015
T. J. Saotome
 
TestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-WorkshopsTestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-Workshops
Aaron Rinehart
 
Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy
Nicholas Davis
 
Lesson plan ethical hacking
Lesson plan ethical hackingLesson plan ethical hacking
Lesson plan ethical hacking
Nigam Dave
 
Web security
Web securityWeb security
Web security
Iqbal Shaikh
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
leminhvuong
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
Viral Parmar
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
Thangaraj Murugananthan
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
ankit sarode
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training Course
ShivamSharma909
 

More Related Content

What's hot

CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
vishnukp34
 
Cs8792 cns - unit v
Cs8792 cns - unit vCs8792 cns - unit v
Cs8792 cns - unit v
ArthyR3
 
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
Theko Moima
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentals
Manesh T
 
Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities
Joel Aleburu
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
UK Defence Cyber School
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
Sweta Leena Panda
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
Khawar Nehal khawar.nehal@atrc.net.pk
 
Cisel1 d
Cisel1 dCisel1 d
Cisel1 d
chandu_sai
 
Ethical hacking11601031 (1)
Ethical hacking11601031 (1)Ethical hacking11601031 (1)
Ethical hacking11601031 (1)
Mohammad Affan
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in it
lavakumar Thatisetti
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
udemy course
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015
T. J. Saotome
 
TestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-WorkshopsTestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-Workshops
Aaron Rinehart
 
Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy
Nicholas Davis
 
Lesson plan ethical hacking
Lesson plan ethical hackingLesson plan ethical hacking
Lesson plan ethical hacking
Nigam Dave
 
Web security
Web securityWeb security
Web security
Iqbal Shaikh
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
leminhvuong
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
Viral Parmar
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
Thangaraj Murugananthan
 

What's hot (20)

CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Cs8792 cns - unit v
Cs8792 cns - unit vCs8792 cns - unit v
Cs8792 cns - unit v
 
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentals
 
Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities Covert channels: A Window of Data Exfiltration Opportunities
Covert channels: A Window of Data Exfiltration Opportunities
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
 
Network Security Topic 1 intro
Network Security Topic 1 introNetwork Security Topic 1 intro
Network Security Topic 1 intro
 
Cisel1 d
Cisel1 dCisel1 d
Cisel1 d
 
Ethical hacking11601031 (1)
Ethical hacking11601031 (1)Ethical hacking11601031 (1)
Ethical hacking11601031 (1)
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in it
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015
 
TestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-WorkshopsTestBed-Cyber-Security-Workshops
TestBed-Cyber-Security-Workshops
 
Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy
 
Lesson plan ethical hacking
Lesson plan ethical hackingLesson plan ethical hacking
Lesson plan ethical hacking
 
Web security
Web securityWeb security
Web security
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
 

Similar to Ethical System Hacking- Cyber Training Diploma

Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
ankit sarode
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training Course
ShivamSharma909
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
 
CEH-brochure.pdf
CEH-brochure.pdfCEH-brochure.pdf
CEH-brochure.pdf
kaouthermejri
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
GovandJamalSaeed
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security Measures
Carl B. Forkner, Ph.D.
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
parveen837153
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Tharindu Kalubowila
 
Network Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. ShivashankarNetwork Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. Shivashankar
Dr. Shivashankar
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
parveen837153
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
vamshimatangi
 
Careers in Cyber Security
Careers in Cyber SecurityCareers in Cyber Security
Careers in Cyber Security
Deep Shankar Yadav
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptx
Binod Rimal
 
edCeh brochure
edCeh brochureedCeh brochure
edCeh brochure
Knowledgehut
 
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking Redefined
Pawan Patil
 
mille2.pptx
mille2.pptxmille2.pptx
mille2.pptx
yehyaibrahem2
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Јаѓќеѕн Јажѕшаф
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
Daniel Thomas
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf file
debmajumder741249
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
Raffa Learning Community
 

Similar to Ethical System Hacking- Cyber Training Diploma (20)

Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training Course
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
CEH-brochure.pdf
CEH-brochure.pdfCEH-brochure.pdf
CEH-brochure.pdf
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security Measures
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Network Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. ShivashankarNetwork Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. Shivashankar
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
 
Careers in Cyber Security
Careers in Cyber SecurityCareers in Cyber Security
Careers in Cyber Security
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptx
 
edCeh brochure
edCeh brochureedCeh brochure
edCeh brochure
 
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking Redefined
 
mille2.pptx
mille2.pptxmille2.pptx
mille2.pptx
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf file
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 

More from begmohsin

Skills you need to become a ethical hacker
Skills you need to become a ethical hackerSkills you need to become a ethical hacker
Skills you need to become a ethical hacker
begmohsin
 
Attackers process
Attackers processAttackers process
Attackers process
begmohsin
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
begmohsin
 
How hackers collate information about employees
How hackers collate information about employees How hackers collate information about employees
How hackers collate information about employees
begmohsin
 
Types of hackers
Types of hackersTypes of hackers
Types of hackers
begmohsin
 
Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques
begmohsin
 
Defend your organisation from Cyber Attacks
Defend your organisation from Cyber AttacksDefend your organisation from Cyber Attacks
Defend your organisation from Cyber Attacks
begmohsin
 

More from begmohsin (7)

Skills you need to become a ethical hacker
Skills you need to become a ethical hackerSkills you need to become a ethical hacker
Skills you need to become a ethical hacker
 
Attackers process
Attackers processAttackers process
Attackers process
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
 
How hackers collate information about employees
How hackers collate information about employees How hackers collate information about employees
How hackers collate information about employees
 
Types of hackers
Types of hackersTypes of hackers
Types of hackers
 
Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques
 
Defend your organisation from Cyber Attacks
Defend your organisation from Cyber AttacksDefend your organisation from Cyber Attacks
Defend your organisation from Cyber Attacks
 

Recently uploaded

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
Pixlogix Infotech
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 

Recently uploaded (20)

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 

Ethical System Hacking- Cyber Training Diploma

  • 1. Ethical System Hacking – Training Diploma Course Module Descriptors UK Cyber Defence Academy www.tech-strategygroup.com
  • 2. Course Structure Unit 1: Introduction to Ethical Hacking Unit 2: Technical Processes of Hacking Unit 3: Footprint and Scanning Unit 4: Enumeration and System Hacking Unit 5: Fundamentals of Malware Threats Unit 6: Sniffers, Session Hijacking and Denial of Service Unit 7: Web Server Hacking, Web Applications and Database Hacking Unit 8: Wireless Technologies, Mobile Security and Attacks Unit 9: IDS, Firewalls and Honeypots
  • 3. Course Structure Unit 10: Physical Security and Social Engineering Unit 11: Cryptographic Attacks and Defences Unit 12: Cloud Computing and Botnets Unit 13: Fundamentals of Kali Linux Unit 14: Encryption Cracking Tools
  • 5. Learning Objectives • Develop broad understanding about the Security Fundamentals • Learn about the differences between ethical hackers and hackers • Develop understanding about the different types of hacking attacks • Develop understanding about the different types of security testing that is performed by ethical hackers: white box testing, grey box testing, black box testing, penetration testing • Develop understanding about system risks, threats and vulnerabilities • Learn how to conduct Quantitative Risk Assessments. • Learn about the different types of hackers such as white hat hackers, black hat hackers, grey hat hackers, suicide hackers. • Learn about the hacker’s workflow methodology with regards to reconnaissance and footprinting, scanning and enumeration, gaining access, maintaining access and covering trackers. • Learn about the technical skills and knowledge ethical hackers should possess to be effective in your role. • Develop detailed understanding about the ethical hacking methods with regards to information gathering, external penetration testing, internal penetration testing, network gear testing and DoS testing, wireless network testing, application testing and social engineering, physical security testing, authentication system testing, database testing, communication system testing. • Learn about US federal laws that ethical hackers must be aware with regards to cyber fraud, cyber breaches and PCI DSS Company compliance.
  • 7. Learning Objectives • Learn about the attacker’s process with regards to the following: Performing reconnaissance and footprinting, scanning and enumeration, gaining access, escalation of privilege and maintaining access and covering tracks. • Develop understanding about the most prominent security methodologies for security testing purposes • Develop understanding about the fundamentals of networking protocols and networking devices. • Develop understanding about the OSI Model and TCP/IP Layers: application, presentation, session, transport, network, data link and physical. • Learn about global application security and operation issues. • Develop understanding about the TCP packet structure, datagram fragmentation and how hackers manipulate packets
  • 9. Learning Objectives • Develop comprehensive understanding about the 7-step information gathering process with regards to footprinting mapping, mapping attack surface and exploring ways to penetrate external environments. • Learn how to identify active machines, open ports and access points and how to shut down TCP connection termination • Learn about the most popular scanning techniques and applications such as NMAP that can be used effectively. • Develop understanding about war driving, active fingerprint methods, fingerprinting services and how to explore open services • Learn how to map the network attack surface in depth
  • 10. Module 4 : Enumeration and System Hacking
  • 11. Learning Objectives • Develop understanding about enumeration, system hacking with regards to NetBIOS enumeration tools, Windows security, Linux Unix enumeration, NTP- SMTP enumeration, DNS enumeration, technical password attacks, automated password guessing, password sniffing, keylogging. • Learn how to exploit buffer overflow, access the SAM and the different types of windows authentication types. • Develop understanding about cracking windows passwords, hiding files and covering tracks, rootkit, ethical hacker response rootkit and file hiding.
  • 13. Learning Objectives • Develop comprehensive understanding about the different types of attacks with regards to viruses and worms • Learn about transmission methods of viruses, trojans its behaviour and characteristics, virus payload characteristics and the architecture component structure of viruses. • Develop understanding about cover communication, keystroke logging and spyware. • Learn about Malware countermeasures. • Develop understanding about trojan behaviours with regards to remote access, data hiding, e-banking, denial of service (DoS), proxy and ftp. • Learn about RAT trojans tools, wrapper binding programs, trojan ports and communication methods, trojan targets and infection mechanisms. • Develop understanding about the deployment of a trojan, covert communication and tunneling via the internet, application layer • Learn about keystroke logging and spyware, hardware keyloggers, software keyloggers, spyware and malware countermeasures • Develop understanding about how to detect malware, and the types of known techniques antivirus programs implement with regards to the following: signature scanning, heuristic scanning, integrity checking and activity blocking. • Learn about how to conduct malware analysis
  • 14. Module 6: Sniffers, Session Hijacking and Denial of Service
  • 15. Learning Objectives • Develop understanding about sniffers as hacking tools • Learn about the core fundamentals of session hijacking techniques and denial of service and distributed denial of service • Learn about the prominent types of sniffing tools that are used, passive sniffing, active sniffing, address resolution protocol (ARP) and ARP spoofing attacks • Develop understanding about ARP poisoning, MAC Flooding processes and how hackers launch server attacks on the DHCP servers • Develop understanding about MAC Spoofing, DNS spoofing and tools which ethical hackers can implement spoofing purpose • Learn about sniffing and spoofing countermeasures, session hijacking, transport layer hijacking and the lifecycle of a session hijack • Develop understanding of the detailed steps that are involved in how session hijack is used to manipulate the TCP start-up. • Learn how hackers can launch attacks through the following methods: session sniffing, predictable session token ID, man in the middle attacks, man in the browser attacks, client side attacks and session replay attacks. • Learn about the session hijacking attacks and tools that can be used by hackers and how to prevent session hijacking • Develop understanding about the role of DoS in the hacker’s methodology • Learn about the different types of techniques which can be incorporated in the DoS attacks such as the following: bandwidth attacks, SYN flood attacks, internet control message protocol (ICMP) attacks, peer to peer (P2P) attacks and application level attacks • Develop understanding of the countermeasures and best practices that can be implemented for DoS and DDOS attacks
  • 16. Unit 7: Fundamentals of Webserver Hacking, Web Applications and Database Attacks
  • 17. Learning Objectives • Develop comprehensive understanding about Web Server Hacking patterns, approaches and techniques • Understand the process of Web Application Hacking • Learn about the fundamentals of Database Hacking • Learn about the tools that hackers can employ when launching a webserver attack • Develop understanding about scanning webservers, banner grabbing and enumeration, website ripper tools and webserver vulnerability identification • Learn about the following types of webserver attacks: DoS/DDoS attacks , DNS server hijacking, DNS amplification attacks, Directory traversal, Man in the middle, Website defacement, Web server misconfiguration, HTTP response splitting and Web server password cracking • Learn about the following ways web applications can be attacked by hackers: Unvalidated Input, Parameter/form tampering, Injection flaws, Cross-site scripting, Cross-site request forgery attacks, Hidden field attacks, Attacking web-based authentication, Web-based password cracking, Web based authentication attacks, and intercepting web traffic. • Develop understanding about the most common authentication types: basic, message digest, certificate based, forms based • Learn about web application hacking and how hackers launch dictionary attacks, hybrid attacks, brute force attacks and the types of tools hackers can utilise. • Learn how hackers intercept web traffic and how to secure web applications using source scanners and relevant tools • Learn how database hacking occurs and the vulnerabilities which exist within SQL databases • Learn about the types of tools which can be incorporated to hack SQL Databases.
  • 18. This Photo by Unknown Author is licensed under CC BY-ND
  • 19. Learning Objectives • Learn about the diverse types of mobile phone technologies that can be hacked • Learn how mobile security violations happen and mobile attacks launched by hackers • Develop core understanding about the essentials of Wireless LANS • Develop understanding about the concerns with mobile platforms and global mobile security issues • Learn about security issues associated with android applications • Learn about the techniques and the types of tools that can be used for jail breaking apple iphone, windows, blackberry and android mobile applications • Learn about the tools which can be implemented to prevent hackers exploiting vulnerable mobile devices • Learn about the Bluetooth tools which can be used to attack Bluetooth security loopholes • Develop understanding about WLAN threats and issues • Develop understanding about evil twin attacks, denial of service (DoS), wireless hacking tools, and how to perform wireless traffic analysis. • Learn how to launch wireless attacks and prevent Wi Fi networks from being compromised and make wireless networks more secure • Learn how to build high level defence designs and develop understanding about wireless authentication
  • 20. Module 9: IDS, Firewalls and Honeypots This Photo by Unknown Author is licensed under CC BY-NC
  • 21. Learning Objectives • Develop understanding about the Intrusion Detection Systems that are used to detect malicious activity • Learn about Firewalls that exist amongst trusted and untrusted networks • Develop understanding about Honeypots and fake systems that are used to lure in attackers • Learn about the essential components of intrusion detection systems and pattern matching anomaly detection techniques • Learn about insertion attacks employed by hackers, overlapping fragments and TCP, Protocol ambiguities, session splicing, shellcode attacks and other form of IDS evasion techniques. • Develop understanding about the differences between the following types of firewalls: packet filters, application-level gateway, circuit-level gateway and stateful multilayer inspection • Learn about firewalking, banner grabbing, different types of honeypots and how to detect them.
  • 23. Learning Objectives • Develop understanding about the functions of Cryptography with regards to providing confidentiality, integrity, authenticity and non-repudiation • Learn about Algorithms, and the differences between asymmetric, symmetric and hashing algorithms • Develop understanding about the objectives of the Public Key Infrastructure (PKI and it’s communication and third-party trust • Develop broad understanding about Protocols, Standards and Applications with regards to Secure Shell, IPSec and PGP. • Learn about the hashing process, SHA-1 and how asymmetric encryptions implemented for confidentiality and integrity. • Develop understanding about steganography, steganogrpahic tools, steganalysis, digital watermark, PGP, SSH, SSL, IPSec, PPTP, EFS • Develop understanding about the following types of attacks carried out by hackers: Known plain text attack: cipher text only attack, Man in the middle attack, replay attack, side channel attack, chosen plan text attack and chosen ciper text attack
  • 25. Learning Objectives • Learn about the different types of threats to physical security • Develop understanding about the various types of physical controls which can be implemented to protect enterprises from hackers and thieves • Develop broad understanding about the different types of Social Engineering attacks and the various ways in how hackers manipulate people • Develop understanding about the common types of backup media and by passing techniques • Develop understanding about biometric systems, social engineering, person social engineering, computer based social engineering, phishing, social networking and targeted attacks.
  • 27. Learning Objectives • Develop understanding about the different types of cloud-based services • Learn about cloud deployment models and cloud computing models • Learn about the issues with cloud computing and the following types of cloud attacks: session hijackings, DNS attacks, cross site scripting (XSS), SQL injection and session riding, distributed denial of service (DDoS), man in the middle cryptographic attacks, side channel attacks, authentication attacks, wrapping attacks. • Develop understanding about cloud security control layers. • Learn about botnets and botnet architecture, botnet client server models, botnet peer to peer models. • Develop understanding about banking trojans, botnet countermeasures and techniques to build defences. • Learn how to create a botnet in order to achieve malicious gains
  • 29. Learning Objectives • Learn how to install Kali Linux on your network • Learn how to setup a virtual laboratory • Learn how to use information gathering tools in Kali Linux • Learn about vulnerability analysis tools and wireless attacks • Learn about penetration testing tools in Kali Linux • Learn about database tools, CMS scanning tools, forensic tools and exploitation Tools • Learn about social engineering toolkit, stressing tools, sniffing and spoofing Tools • Learn about password cracking tools, reverse engineering tools and reporting tools.
  • 31. Learning Objectives Learn about the following types of tools that you can implement as part of your workflow strategy when performing tasks as a Ethical Hacker: • Encryption Cracking tools • Cyber security Tools and Sites • Footprinting Tools • Competitive Intelligence • Tracking Online Reputation • Website Research • DNS and Whois Tools • Traceeroute Tools and Links
  • 32. Learning Objectives Learn about the following types of tools that you can implement as part of your workflow strategy when performing tasks as a Ethical Hacker: • Website Mirroring Tools and Sites • Google Hacking • Scanning and Enumeration Tools • System Hacking Tools • Cryptography and Encryption • Sniffing • Wireless Attacking • Trojans and Malware • Web Attacking Tools • SQL Injection Tools
  • 33. End