Module 01: Ethical Hacking: An Introduction

In this first module, you will learn the basics of ethical hacking that are essential for the CEH exam.

Overview of Information Security

1.1 Internet is an Integral Part of Business and Personal Life – What Happens Online in 60 Seconds
1.2 Essential Terminology
1.3 Elements of Information Security
1.4 The Security, Functionality, and Usability Triangle

Attack Vectors and Threats to Information Security

1.5 Motives, Goals, and Objectives of Information Security Attacks
1.6 Top Information Security Attack Vectors
1.7 Information Security Threat Categories
1.8 Types of Attacks on a System
1.9 Information Warfare

Basic Concepts of Hacking

1.10 What is Hacking?
1.11Who is a Hacker?
1.12 Hacker Classes
1.13 Hacking Phases

Basic Concepts of Ethical Hacking

1.14 What is Ethical Hacking?
1.15 Why is Ethical Hacking Necessary?
1.16 Scope and Limitations of Ethical Hacking
1.17 Skills of an Ethical Hacker

Information Security Controls

1.18 Information Assurance (IA)
1.19 Information Security Management Program
1.20 Enterprise Information Security Architecture (EISA)
1.21 Network Security Zoning
1.22 Defense-in-Depth
1.23 Information Security Policies
1.24 Physical Security
1.25 What is Risk?
1.26 Threat Modeling
1.27 Incident Management
1.28 Security Incident and Event Management (SIEM)
1.29 User Behavior Analytics (UBA)
1.30 Network Security Controls
1.31 Identity and Access Management (IAM)
1.32 Data Leakage
1.33 Data Backup
1.34 Data Recovery
1.35 Role of AI/ML in Cyber Security

Concepts of Penetration testing

1.36 Penetration Testing
1.37 Why Penetration Testing
1.38 Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
1.39 Blue Teaming/Red Teaming
1.40 Types of Penetration Testing
1.41 Phases of Penetration Testing
1.42 Security Testing Methodology

Laws and Standards of information Security

1.43 Payment Card Industry Data Security Standard (PCI-DSS)
1.44 ISO/IEC 27001:2013
1.45 Health Insurance Portability and Accountability Act (HIPAA)
1.46 Sarbanes Oxley Act (SOX)
1.47 The Digital Millennium Copyright Act (DMCA)
1.48 Federal Information Security Management Act (FISMA)
1.49 Cyber Law in Different Countries

Module 02: Basics of Reconnaissance and Footprinting

Moving ahead in this Ethical Hacking course, you will master the first phase of ethical hacking, i.e. Footprinting and Reconnaissance

Concepts of Footprinting

2.1 What is Footprinting?
2.2 Objectives of Footprinting

Footprinting Using Search Engines

2.3 Footprinting through Search Engines
2.4 Footprint Using Advanced Google Hacking Techniques
2.5 Information Gathering Using Google Advanced Search and Image Search
2.6 Google Hacking Database
2.7 VoIP and VPN Footprinting through Google Hacking Database

Footprinting Using Web Services

2.8 Finding Company’s Top-Level Domains (TLDs) and Sub-Domains
2.9 Finding the Geographical Location of the Target
2.10 People Search on Social Networking Sites and People Search Services
2.11 Gathering Information from LinkedIn
2.12 Gathering Information from Financial Services
2.13 Footprinting through Job Sites
2.14 Monitoring Target Using Alerts
2.15 Information Gathering Using Groups, Forums, and Blogs
2.16 Determining the Operating System
2.17 VoIP and VPN Footprinting through SHODAN

Footprinting Using Social Networking Sites

2.18 Collecting Information through Social Engineering on Social Networking Sites

Footprinting of Websites

2.19 Website Footprinting
2.20 Website Footprinting using Web Spiders
2.21 Mirroring Entire Website
2.22 Extracting Website Information from https://archive.org
2.23 Extracting Metadata of Public Documents
2.24 Monitoring Web Pages for Updates and Changes

Footprinting of Emails

2.25 Tracking Email Communications
2.26 Collecting Information from Email Header
2.27 Email Tracking Tools

Competitive Intelligence

2.28 Competitive Intelligence Gathering
2.29 Competitive Intelligence – When  When did this company begin? How did it develop?
2.30 Competitive Intelligence – What are the company’s plans?
2.31 Competitive Intelligence – What  do expert opinions say about the company?
2.32 Monitoring Website Traffic of Target Company
2.33 Tracking Online Reputation of the Target

Footprinting using Whois

2.34 Whois Lookup
2.35 Whois Lookup Result Analysis
2.36 Whois Lookup Tools
2.37 Finding IP Geolocation Information

DNS Footprinting

2.38 Extracting DNS Information
2.39 DNS Interrogation Tools

Network Footprinting

2.40 Locate the Network Range
2.41 Traceroute
2.42 Traceroute Analysis
2.43 Traceroute Tools

Footprinting by Social Engineering

2.44 Footprinting through Social Engineering
2.45 Collect Information Using Eavesdropping, Shoulder Surfing, and Dumpster Diving

Tools used for Footprinting

2.46 Maltego
2.47 Recon-ng
2.48 FOCA
2.49 Recon-Dog
2.50 OSRFramework
2.51 Additional Footprinting Tools

Countermeasures

2.52 Footprinting Countermeasures

Footprinting Pen Testing

2.53 Footprinting Pen Testing
2.54 Footprinting Pen Testing Report Templates

Module 03: Network Scanning

In this part, you will learn how to scan networks and find vulnerabilities in a network.

Concepts Network Scanning

3.1 Overview of Network Scanning
3.2 TCP Communication Flags
3.3 TCP/IP Communication
3.4 Creating Custom Packet Using TCP Flags
3.5 Scanning in IPv6 Networks

Tools used for Scanning

3.6 Nmap
3.7 Hping2 / Hping3
3.8 Scanning Tools
3.9 Scanning Tools for Mobile

Techniques used for Scanning

3.10 Scanning Techniques

Scanning Beyond IDS and Firewall

3.11 IDS/Firewall Evasion Techniques

Banner Grabbing

3.12 Banner Grabbing
3.13 How to Identify Target System OS
3.14 Banner Grabbing Countermeasures

Network Diagrams

3.15 Drawing Network Diagrams
3.16 Network Discovery and Mapping Tools
3.17 Network Discovery Tools for Mobile

Scanning Pen Testing

3.18 Scanning Pen Testing

Module 04: Basics of Enumeration

Concepts of Enumeration

4.1 What is Enumeration?
4.2 Techniques for Enumeration
4.3 Services and Ports to Enumerate

NetBIOS Enumeration

4.4 NetBIOS Enumeration
4.5 NetBIOS Enumeration Tools
4.6 Enumerating User Accounts
4.7 Enumerating Shared Resources Using Net View

SNMP Enumeration

4.8 Simple Network Management Protocol (SNMP) Enumeration
4.9 Working of SNMP
4.10 Management Information Base (MIB)
4.11 SNMP Enumeration Tools

LDAP Enumeration

4.12 LDAP Enumeration
4.13 LDAP Enumeration Tools

NTP Enumeration

4.14 NTP Enumeration
4.15 NTP Enumeration Commands
4.16 NTP Enumeration Tools

SMTP and DNS Enumeration

4.17 SMTP Enumeration
4.18 SMTP Enumeration Tools
4.19 DNS Enumeration Using Zone Transfer

Other Enumeration Techniques

4.20 IPsec Enumeration
4.21 VoIP Enumeration
4.22 RPC Enumeration
4.23 Unix/Linux User Enumeration

Enumeration Countermeasures

4.24 Enumeration Countermeasures

Enumeration Pen Testing

4.25 Enumeration Pen Testing

Module 05: Vulnerability Analysis

This module of Ethical Hacking training will train you in analyzing the vulnerabilities in the system.

Concepts of Vulnerability Assessment

5.1 Vulnerability Research
5.2 Vulnerability Classification
5.3 What is Vulnerability Assessment?
5.4 Types of Vulnerability Assessment
5.5 Vulnerability-Management Life Cycle

Solutions for Vulnerability Assessment

5.6 Comparing Approaches to Vulnerability Assessment
5.7 Working of Vulnerability Scanning Solutions
5.8 Types of Vulnerability Assessment Tools
5.9 Characteristics of a Good Vulnerability Assessment Solution
5.10 Choosing a Vulnerability Assessment Tool
5.11 Criteria for Choosing a Vulnerability Assessment Tool
5.12 Best Practices for Selecting Vulnerability Assessment Tools

Vulnerability Scoring Systems

5.13 Common Vulnerability Scoring System (CVSS)
5.14 Common Vulnerabilities and Exposures (CVE)
5.15 National Vulnerability Database (NVD)
5.16 Resources for Vulnerability Research

Vulnerability Assessment Tools

5.17 Vulnerability Assessment Tools
5.18 Vulnerability Assessment Tools for Mobile

Vulnerability Assessment Reports

5.19 Vulnerability Assessment Reports
5.20 Analyzing Vulnerability Scanning Report

Module 06: basics of System Hacking

Moving ahead in this training, you will learn about system hacking; one of the most important topics in the CEH exam.

Concepts of System Hacking

6.1 CEH Hacking Methodology (CHM)
6.2 System Hacking Goals

Cracking Passwords

6.3 Password Cracking
6.4 Types of Password Attacks
6.5 Password Recovery Tools
6.6 Microsoft Authentication
6.7 How Hash Passwords Are Stored in Windows SAM?
6.8 NTLM Authentication Process
6.9 Kerberos Authentication
6.10 Password Salting
6.11 Tools to Extract the Password Hashes
6.12 Password Cracking Tools
6.13 How to Defend against Password Cracking
6.14 How to Defend against LLMNR/NBT-NS Poisoning

Escalating Privileges

6.15 Privilege Escalation
6.16 Privilege Escalation Using DLL Hijacking
6.17 Privilege Escalation by Exploiting Vulnerabilities
6.18 Privilege Escalation Using Dylib Hijacking
6.19 Privilege Escalation using Spectre and Meltdown Vulnerabilities
6.20 Other Privilege Escalation Techniques
6.21 How to Defend Against Privilege Escalation

Executing Applications

6.22 Executing Applications
6.23 Keylogger
6.24 Spyware
6.25 How to Defend Against Keyloggers
6.26 How to Defend Against Spyware

Hiding Files

6.27 Rootkits
6.28 NTFS Data Stream
6.29 What is Steganography?

Covering Tracks

6.30 Covering Tracks
6.31 Disabling Auditing: Auditpol
6.32 Clearing Logs
6.33 Manually Clearing Event Logs
6.34 Ways to Clear Online Tracks
6.35 Covering BASH Shell Tracks
6.36 Covering Tracks on Network
6.37 Covering Tracks on OS
6.38 Covering Tracks Tools

Penetration Testing

6.39 Password Cracking
6.40 Privilege Escalation
6.41 Executing Applications
6.42 Hiding Files
6.43 Covering Tracks

Module 07: Threats from Malware

Concepts of Malwares

7.1 Introduction to Malware
7.2 Different Ways Malware can Get into a System
7.3 Common Techniques Attackers Use to Distribute Malware on the Web
7.4 Components of Malware

Concepts of Trojans

7.5 What is a Trojan?
7.6 How Hackers Use Trojans
7.7 Common Ports Used by Trojans
7.8 How to Infect Systems Using a Trojan
7.9 Trojan Horse Construction Kit
7.10 Wrappers
7.11 Crypters
7.12 How Attackers Deploy a Trojan
7.13 Exploit Kits
7.14 Evading Anti-Virus Techniques
7.15 Types of Trojans

Concepts of Viruses and Worms

7.16 Introduction to Viruses
7.17 Stages of Virus Life
7.18 Working of Viruses
7.19 Indications of Virus Attack
7.20 How does a Computer Get Infected by Viruses
7.21 Virus Hoaxes
7.22 Fake Antiviruses
7.23 Ransomware
7.24 Types of Viruses
7.25 Creating Virus
7.26 Computer Worms
7.27 Worm Makers

Malware Analysis

7.28 What is Sheep Dip Computer?
7.29 Anti-Virus Sensor Systems
7.30 Introduction to Malware Analysis
7.31 Malware Analysis Procedure: Preparing Testbed
7.32 Static Malware Analysis
7.33 Dynamic Malware Analysis
7.34 Virus Detection Methods
7.35 Trojan Analysis: ZeuS/Zbot
7.36 Virus Analysis: WannaCry

Countermeasures

7.37 Trojan Countermeasures
7.38 Backdoor Countermeasures
7.39 Virus and Worms Countermeasures

Anti-Malware Software

7.40 Anti-Trojan Software
7.41 Antivirus Software

Malware Penetration Testing

7.42 Malware Penetration Testing

Module 08: Basics of Sniffing

Concepts of Sniffing

8.1 Network Sniffing
8.2 Types of Sniffing
8.3 How an Attacker Hacks the Network Using Sniffers
8.4 Protocols Vulnerable to Sniffing
8.5 Sniffing in the Data Link Layer of the OSI Model
8.6 Hardware Protocol Analyzers
8.7 SPAN Port
8.8 Wiretapping
8.9 Lawful Interception

Sniffing Technique: MAC Attacks

8.10 MAC Address/CAM Table
8.11 How CAM Works
8.12 What Happens When CAM Table Is Full?
8.13 MAC Flooding
8.14 Switch Port Stealing
8.15 How to Defend against MAC Attacks

Sniffing Technique: DHCP Attacks

8.16 How DHCP Works
8.17 DHCP Request/Reply Messages
8.18 DHCP Starvation Attack
8.19 Rogue DHCP Server Attack
8.20 How to Defend Against DHCP Starvation and Rogue Server Attack

Sniffing Technique: ARP Poisoning

8.21 What Is Address Resolution Protocol (ARP)?
8.22 ARP Spoofing Attack
8.23 Threats of ARP Poisoning
8.24 ARP Poisoning Tools
8.25 How to Defend Against ARP Poisoning
8.26 Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
8.27 ARP Spoofing Detection Tools

Sniffing Technique: Spoofing Attacks

8.28 MAC Spoofing/Duplicating
8.29 MAC Spoofing Technique: Windows
8.30 MAC Spoofing Tools
8.31 IRDP Spoofing
8.32 How to Defend Against MAC Spoofing

Sniffing Technique: DNS Poisoning

8.33 DNS Poisoning Techniques
8.34 How to Defend Against DNS Spoofing

Tools for Sniffing

8.35 Sniffing Tool: Wireshark
8.36 Display Filters in Wireshark
8.37 Additional Wireshark Filters
8.38 Sniffing Tools
8.39 Packet Sniffing Tools for Mobile

Countermeasures

8.40 How to Defend Against Sniffing

Sniffing Detection Techniques

8.41 How to Detect Sniffing
8.42 Sniffer Detection Techniques
8.43 Promiscuous Detection Tools

Sniffing Pen Testing

8.44 Sniffing Penetration Testing

Module 09: Social Engineering

Moving ahead in this Ethical Hacking course, you will learn social engineering

Concepts of Social Engineering

9.1 What is Social Engineering?
9.2 Phases of a Social Engineering Attack

Techniques of Social Engineering

9.3 Types of Social Engineering
9.4 Human-based Social Engineering
9.5 Computer-based Social Engineering
9.6 Mobile-based Social Engineering

Insider Threats

9.7 Insider Threat / Insider Attack
9.8 Type of Insider Threats

Impersonation on Social Networking Sites

9.9 Social Engineering Through Impersonation on Social Networking Sites
9.10 Impersonation on Facebook
9.11 Social Networking Threats to Corporate Networks

Identity Theft

9.12 Identity Theft

Countermeasures

9.13 Social Engineering Countermeasures
9.14 Insider Threats Countermeasures
9.15 Identity Theft Countermeasures
9.16 How to Detect Phishing Emails?
9.17 Anti-Phishing Toolbar
9.18 Common Social Engineering Targets and Defense Strategies

Social Engineering Pen-Testing

9.19 Social Engineering Pen-Testing
9.20 Social Engineering Pen-Testing Tools

Module 10: Denial-of-Service Attack

DoS/DDoS Concepts

10.1 What is a Denial-of-Service Attack?
10.2 What is Distributed Denial-of-Service Attack?

Techniques used for DoS/DDoS Attacks

10.3 Basic Categories of DoS/DDoS Attack Vectors
10.4 UDP Flood Attack
10.5 ICMP Flood Attack
10.6 Ping of Death and Smurf Attack
10.7 SYN Flood Attack
10.8 Fragmentation Attack
10.9 HTTP GET/POST and Slowloris Attacks
10.10 Multi-Vector Attack
10.11 Peer-to-Peer Attacks
10.12 Permanent Denial-of-Service Attack
10.13 Distributed Reflection Denial-of-Service (DRDoS)

Botnets

10.14 Organized Cyber Crime: Organizational Chart
10.15 Botnet
10.16 A Typical Botnet Setup
10.17 Botnet Ecosystem
10.18 Scanning Methods for Finding Vulnerable Machines
10.19 How Malicious Code Propagates?
10.20 Botnet Trojans

DDoS Case Study

10.21 DDoS Attack
10.22 Hackers Advertise Links to Download Botnet
10.23 Use of Mobile Devices as Botnets for Launching DDoS Attacks
10.24 DDoS Case Study: Dyn DDoS Attack

Tools used for DoS/DDoS Attack

10.25 DoS/DDoS Attack Tools
10.26 DoS and DDoS Attack Tool for Mobile

Countermeasures

10.27 Detection Techniques
10.28 DoS/DDoS Countermeasure Strategies
10.29 DDoS Attack Countermeasures
10.30 Techniques to Defend against Botnets
10.31 DoS/DDoS Countermeasures
10.32 DoS/DDoS Protection at ISP Level
10.33 Enabling TCP Intercept on Cisco IOS Software

Tools used for DoS/DDoS Protection

10.34 Advanced DDoS Protection Appliances
10.35 DoS/DDoS Protection Tools

DoS/DDoS Penetration Testing

10.36 Denial-of-Service (DoS) Attack Pen-Testing

Module 11: Session Hijacking

Concepts of Session Hijacking

11.1 What is Session Hijacking?
11.2 Why Session Hijacking is Successful?
11.3 Session Hijacking Process
11.4 Packet Analysis of a Local Session Hijack
11.5 Types of Session Hijacking
11.6 Session Hijacking in OSI Model
11.7 Spoofing vs. Hijacking

Application Level Session Hijacking

11.8 Application Level Session Hijacking
11.9 Compromising Session IDs using Sniffing and Predicting Session Token
11.10 Compromising Session IDs Using Man-in-the-Middle Attack
11.11 Compromising Session IDs Using Man-in-the-Browser Attack
11.12 Compromising Session IDs Using Client-side Attacks
11.13 Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
11.14 Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
11.15 Compromising Session IDs Using Session Replay Attack
11.16 Compromising Session IDs Using Session Fixation
11.17 Session Hijacking Using Proxy Servers
11.18 Session Hijacking Using CRIME Attack
11.19 Session Hijacking Using Forbidden Attack

Network Level Session Hijacking

11.20 TCP/IP Hijacking
11.21 IP Spoofing: Source Routed Packets
11.22 RST Hijacking
11.23 Blind Hijacking
11.24 UDP Hijacking
11.25 MiTM Attack Using Forged ICMP and ARP Spoofing

Session Hijacking Tools

11.26 Session Hijacking Tools
11.27 Session Hijacking Tools for Mobile

Countermeasures

11.28 Session Hijacking Detection Methods
11.29 Protecting against Session Hijacking
11.30 Methods to Prevent Session Hijacking: To be Followed by Web Developers
11.31 Methods to Prevent Session Hijacking: To be Followed by Web Users
11.32 Session Hijacking Detection Tools
11.33 Approaches Vulnerable to Session Hijacking and their Preventative Solutions
11.34 Approaches to Prevent Session Hijacking
11.35 IPSec
11.36 Session Hijacking Prevention Tools

Penetration Testing

11.37 Session Hijacking Pen Testing

Module 12: How to Evade IDS, Firewalls, and Honeypots

Concepts of IDSs, Firewalls, and Honeypots

12.1 Intrusion Detection System (IDS)
12.2 Firewall
12.3 Honeypot

IDS, Firewall, and Honeypot Solutions

12.4 Intrusion Detection Tool
12.5 Firewalls
12.6 Honeypot Tools

IDS Evasion

12.7 IDS Evasion Techniques

Firewall Evasion

12.8 Firewall Evasion Techniques

Tools for IDS/Firewall Evasion

12.9 IDS/Firewall Evasion Tools
12.10 Packet Fragment Generator Tools

Detecting Honeypots

12.11 Detecting Honeypots
12.12 Detecting and Defeating Honeypots
12.13 Honeypot Detection Tool: Send-Safe Honeypot Hunter

IDS/Firewall Evasion Countermeasures

12.14 How to Defend Against IDS Evasion
12.15 How to Defend Against Firewall Evasion

Penetration Testing

12.16 Firewall/IDS Penetration Testing

Module 13: Basics of Hacking Web Servers

Web Server Concepts

13.1 Web Server Operations
13.2 Open Source Web Server Architecture
13.3 IIS Web Server Architecture
13.4 Web Server Security Issue
13.5 Why Web Servers Get Compromised?
13.6 Impact of Web Server Attacks

Attacks of Web Servers

13.7 DoS/DDoS Attacks
13.8 DNS Server Hijacking
13.9 DNS Amplification Attack
13.10 Directory Traversal Attacks
13.11 Man-in-the-Middle/Sniffing Attack
13.12 Phishing Attacks
13.13 Website Defacement
13.14 Web Server Misconfiguration
13.15 HTTP Response Splitting Attack
13.16 Web Cache Poisoning Attack
13.17 SSH Brute Force Attack
13.18 Web Server Password Cracking
13.19 Web Application Attacks

Methodology of Web Server Attacks

13.20 Information Gathering
13.21 Web Server Footprinting/Banner Grabbing
13.22 Website Mirroring
13.23 Vulnerability Scanning
13.24 Session Hijacking
13.25 Web Server Passwords Hacking
13.26 Using Application Server as a Proxy

Tools of Web Server Attacks

13.27 Metasploit
13.28 Web Server Attack Tools

Countermeasures

13.29 Place Web Servers in Separate Secure Server Security Segment on Network
13.30 Countermeasures
13.31 Detecting Web Server Hacking Attempts
13.32 How to Defend Against Web Server Attacks
13.33 How to Defend against HTTP Response Splitting and Web Cache Poisoning
13.34 How to Defend against DNS Hijacking

Patch Management

13.35 Patches and Hotfixes
13.36 What is Patch Management
13.37 Installation of a Patch
13.38 Patch Management Tools

Tools of Web Server Security

13.39 Web Application Security Scanners
13.40 Web Server Security Scanners
13.41 Web Server Security Tools

Web Server Pen Testing

13.42 Web Server Penetration Testing
13.43 Web Server Pen-Testing Tools

Module 14: Web Application Hacking

Web App Concepts

14.1 Introduction to Web Applications
14.2 Web Application Architecture
14.3 Web 2.0 Applications
14.4 Vulnerability Stack

Threats to Web App

14.5 OWASP Top 10 Application Security Risks – 2017
14.6 Other Web Application Threats

Hacking Methodology

14.7 Web App Hacking Methodology
14.8 Footprint Web Infrastructure
14.9 Attack Web Servers
14.10 Analyze Web Applications
14.11 Bypass Client-Side Controls
14.12 Attack Authentication Mechanism
14.13 Attack Authorization Schemes
14.14 Attack Access Controls
14.15 Attack Session Management Mechanism
14.16 Perform Injection/Input Validation Attacks
14.17 Attack Application Logic Flaws
14.18 Attack Database Connectivity
14.19 Attack Web App Client
14.20 Attack Web Services

Web App Hacking Tools

14.21 Web Application Hacking Tools

Countermeasures
14.22 Web Application Fuzz Testing
14.23 Source Code Review
14.24 Encoding Schemes
14.25 How to Defend Against Injection Attacks
14.26 Web Application Attack Countermeasures
14.27 How to Defend Against Web Application Attacks

Web App Security Testing Tools

14.28 Web Application Security Testing Tools
14.29 Web Application Firewall

Web App Pen Testing

14.30 Web Application Pen Testing
14.31 Web Application Pen Testing Framework

Module 15: Basics of SQL Injection

SQL Injection Concepts

15.1 What is SQL Injection?
15.2 SQL Injection and Server-side Technologies
15.3 Understanding HTTP POST Request
15.4 Understanding Normal SQL Query
15.5 Understanding an SQL Injection Query
15.6 Understanding an SQL Injection Query – Code Analysis
15.7 Example of a Web Application Vulnerable to SQL Injection: aspx
15.8 Example of a Web Application Vulnerable to SQL Injection: Attack Analysis
15.9 Examples of SQL Injection

Types of SQL Injection

15.10 Types of SQL Injection

SQL Injection Methodology

15.11 SQL Injection Methodology

SQL Injection Tools

15.12 SQL Injection Tools
15.13 SQL Injection Tools
15.14 SQL Injection Tools for Mobile

Evasion Techniques

15.15 Evading IDS
15.16 Types of Signature Evasion Techniques

Countermeasures

15.17 How to Defend Against SQL Injection Attacks
15.18 SQL Injection Detection Tools
15.19 SQL Injection Detection Tools

Module 16: Wireless Network Hacking

Wireless Concepts

16.1 Wireless Terminologies
16.2 Wireless Networks
16.3 Wireless Standards
16.4 Service Set Identifier (SSID)
16.5 Wi-Fi Authentication Modes
16.6 Wi-Fi Authentication Process Using a Centralized Authentication Server
16.7 Types of Wireless Antennas

Wireless Encryption

16.8 Types of Wireless Encryption
16.9 WEP vs. WPA vs. WPA2
16.10 WEP Issues
16.11 Weak Initialization Vectors (IV)

Wireless Threats

16.12 Wireless Threats

Wireless Hacking Methodology

16.13 Wireless Hacking Methodology

Tools for Wireless Hacking

16.14 WEP/WPA Cracking Tools
16.15 WEP/WPA Cracking Tool for Mobile
16.16 Wi-Fi Sniffer
16.17 Wi-Fi Traffic Analyzer Tools
16.18 Other Wireless Hacking Tools

Bluetooth Hacking

16.19 Bluetooth Stack
16.20 Bluetooth Hacking
16.21 Bluetooth Threats
16.22 How to BlueJack a Victim
16.23 Bluetooth Hacking Tools

Countermeasures

16.24 Wireless Security Layers
16.25 How to Defend Against WPA/WPA2 Cracking
16.26 How to Defend Against KRACK Attacks
16.27 How to Detect and Block Rogue AP
16.28 How to Defend Against Wireless Attacks
16.29 How to Defend Against Bluetooth Hacking

Tools Wireless Security

16.30 Wireless Intrusion Prevention Systems
16.31 Wireless IPS Deployment
16.32 Wi-Fi Security Auditing Tools
16.33 Wi-Fi Intrusion Prevention System
16.34 Wi-Fi Predictive Planning Tools
16.35 Wi-Fi Vulnerability Scanning Tools
16.36 Bluetooth Security Tools
16.37 Wi-Fi Security Tools for Mobile

Wireless Pen Testing

16.38 Wireless Penetration Testing
16.39 Wireless Penetration Testing Framework

Module 17: Hacking Mobile Platforms

Moving ahead, we will learn about Hacking Mobile Platforms; an essential topic for the CEH exam.

Mobile Platform Attack Vectors

17.1 Vulnerable Areas in Mobile Business Environment
17.2 OWASP Top 10 Mobile Risks – 2016
17.3 Anatomy of a Mobile Attack
17.4 How a Hacker Can Profit from Mobile when Successfully Compromised
17.5 Mobile Attack Vectors and Mobile Platform Vulnerabilities
17.6 Security Issues Arising from App Stores
17.7 App Sandboxing Issues
17.8 Mobile Spam
17.9 SMS Phishing Attack (SMiShing) (Targeted Attack Scan)
17.10 Pairing Mobile Devices on Open Bluetooth and Wi-Fi Connections

Hacking Android OS

17.11 Android OS
17.12 Android Rooting
17.13 Blocking Wi-Fi Access using NetCut
17.14 Hacking with zANTI
17.15 Hacking Networks Using Network Spoofer
17.16 Launching DoS Attack using Low Orbit Ion Cannon (LOIC)
17.17 Performing Session Hijacking Using DroidSheep
17.18 Hacking with Orbot Proxy
17.19 Android-based Sniffers
17.20 Android Trojans
17.21 Securing Android Devices
17.22 Android Security Tool: Find My Device
17.23 Android Security Tools
17.24 Android Vulnerability Scanner
17.25 Android Device Tracking Tools

Hacking iOS

17.26 Apple iOS
17.27 Jailbreaking iOS
17.28 iOS Trojans
17.29 Guidelines for Securing iOS Devices
17.30 iOS Device Tracking Tools
17.31 iOS Device Security Tools

Mobile Spyware

17.32 Mobile Spyware
17.33 Mobile Spyware: mSpy
17.34 Mobile Spywares

Mobile Device Management
17.35 Mobile Device Management (MDM)
17.36 Mobile Device Management Solutions
17.37 Bring Your Own Device (BYOD)

Mobile Security Guidelines and Tools

17.38 General Guidelines for Mobile Platform Security
17.39 Mobile Device Security Guidelines for Administrator
17.40 SMS Phishing Countermeasures
17.41 Mobile Protection Tools
17.42 Mobile Anti-Spyware

Mobile Pen Testing

17.43 Android Phone Pen Testing
17.44 iPhone Pen Testing
17.45 Mobile Pen Testing Toolkit: Hackode

Module 18: Basics of IoT Hacking

IoT Concepts

18.1 What is IoT
18.2 How IoT Works
18.3 IoT Architecture
18.4 IoT Application Areas and Devices
18.5 IoT Technologies and Protocols
18.6 IoT Communication Models
18.7 Challenges of IoT
18.8 Threat vs Opportunity

Attacks on IoT

18.9 IoT Security Problems
18.10 OWASP Top 10 IoT Vulnerabilities and Obstacles
18.11 IoT Attack Surface Areas
18.12 IoT Threats
18.13 Hacking IoT Devices: General Scenario
18.14 IoT Attacks
18.15 IoT Attacks in Different Sectors
18.16 Case Study: Dyn Attack

Methodology used for IoT Hacking

18.17 What is IoT Device Hacking?
18.18 IoT Hacking Methodology

Tools used for IoT Hacking

18.19 Information Gathering Tools
18.20 Sniffing Tools
18.21 Vulnerability Scanning Tools
18.22 IoT Hacking Tools

Countermeasures

18.23 How to Defend Against IoT Hacking
18.24 General Guidelines for IoT Device Manufacturing Companies
18.25 OWASP Top 10 IoT Vulnerabilities Solutions
18.26 IoT Framework Security Considerations
18.27 IoT Security Tools

IoT Pen Testing

18.28 IoT Pen Testing

Module 19: Basics of Cloud Computing

Cloud Computing Concepts

19.1 Introduction to Cloud Computing
19.2 Separation of Responsibilities in Cloud
19.3 Cloud Deployment Models
19.4 NIST Cloud Deployment Reference Architecture
19.5 Cloud Computing Benefits
19.6 Understanding Virtualization

Cloud Computing Threats

19.7 Cloud Computing Threats

Cloud Computing Attacks

19.8 Service Hijacking using Social Engineering Attacks
19.9 Service Hijacking using Network Sniffing
19.10 Session Hijacking using XSS Attack
19.11 Session Hijacking using Session Riding
19.12 Domain Name System (DNS) Attacks
19.13 Side-Channel Attacks or Cross-guest VM Breaches
19.14 SQL Injection Attacks
19.15 Cryptanalysis Attacks
19.16 Wrapping Attack
19.17 Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
19.18 Man-in-the-Cloud Attack

Cloud Security

19.19 Cloud Security Control Layers
19.20 Cloud Security is the Responsibility of both Cloud Provider and Consumer
19.21 Cloud Computing Security Considerations
19.22 Placement of Security Controls in the Cloud
19.23 Best Practices for Securing Cloud
19.24 NIST Recommendations for Cloud Security
19.25 Organization/Provider Cloud Security Compliance Checklist
19.26 Cloud Security Tools
19.27 What is Cloud Pen Testing?
19.28 Key Considerations for Pen Testing in the Cloud
19.29 Cloud Penetration Testing
19.30 Recommendations for Cloud Testing

Module 20: Basics of Cryptography

Cryptography Concepts

20.1 Cryptography
20.2 Government Access to Keys (GAK)

Encryption Algorithms
20.3 Ciphers
20.4 Data Encryption Standard (DES)
20.5 Advanced Encryption Standard (AES)
20.6 RC4, RC5, and RC6 Algorithms
20.7 Twofish
20.8 The DSA and Related Signature Schemes
20.9 Rivest Shamir Adleman (RSA)
20.10 Diffie-Hellman
20.11 Message Digest (One-Way Hash) Functions

Cryptography Tools

20.12 MD5 Hash Calculators
20.13 Hash Calculators for Mobile
20.14 Cryptography Tools
20.15 Cryptography Tools for Mobile

Public Key Infrastructure (PKI)

20.16 Public Key Infrastructure (PKI)

Email Encryption

20.17 Digital Signature
20.18 Secure Sockets Layer (SSL)
20.19 Transport Layer Security (TLS)
20.20 Cryptography Toolkit
20.21 Pretty Good Privacy (PGP)

Disk Encryption

20.22 Disk Encryption
20.23 Disk Encryption Tools

Cryptanalysis

20.24 Cryptanalysis Methods
20.25 Code Breaking Methodologies
20.26 Cryptography Attacks
20.27 Cryptanalysis Tools
20.28 Online MD5 Decryption Tools

Countermeasures

20.29 How to Defend Against Cryptographic Attacks

Ethical Hacking Projects and Case Studies

Threat Detection

You will have the opportunity to participate in a number of cases where you will get first-hand experience as a member of the ethical hacking team. You will assist in anticipating and preventing cybercrimes as well as identifying threats and data breaches.

Cracking Wifi

In this project, you will learn a lot about WiFi cracking. You will use a variety of pertinent tools, technologies, and techniques to crack WiFi. You will learn how to break into different WiFi routers. The WPA/WPA2 are usually used.

Improvement of Auditing in the Restaurant

The project gives you the knowledge you need to learn how to improve any restaurant’s security system as needed. You will primarily employ a variety of techniques, including system resilience and the implementation of KPIs.

Data Security of a BPO Firm

You will understand the BPO firm’s data security. Working with data that has been generated by machines, you will search for irregularities, threats, and other things like suspicious activity. Additionally, the Splunk SIEM tool will be used to manage a sizable database.

Module 1: CISSP Introduction

1.1 Overview

Module 2: Security and Risk Management

2.1 Security and risk management
2.2 Information security management
2.3 Security controls
2.4 Information security management and governance
2.5 Goals, missions, and objectives
2.6 Due care
2.7 Security policy
2.8 Compliance
2.9 Cybercrimes
2.10 Legal systems
2.11 Intellectual Property (IP) law
2.12 Privacy
2.13 General data protection regulation
2.14 Security
2.15 Risk analysis and types
2.16 Security control assessment
2.17 Threat modeling
2.18 Supply-chain risk management
2.19 Third-party management
2.20 Business continuity planning and phases
2.21 Personal security management
2.22 Security awareness training
2.23 Program effectiveness evaluation

Module 3: Asset Security

3.1 Information and data classification
3.2 Data life cycle and management
3.3 Different roles
3.4 Data remanence
3.5 Privacy
3.6 Data states
3.7 Data loss prevention

Module 4: Security Engineering

4.1 Security engineering and architecture
4.2 Security models
4.3 Evaluation criteria
4.4 System security
4.5 CPU
4.6 Memory
4.7 Security mode
4.8 Cloud Computing
4.9 IoT
4.10 Industrial control system (ICS)
4.11 Cryptography
4.12 Encryption methods
4.13 DES
4.14 Asymmetric cryptography
4.15 Public key infrastructure
4.16 Cryptanalysis
4.17 Key management
4.18 Critical path analysis
4.19 Site location
4.20 Fire
4.21 HVAC

Module 5: Identity and Access Management

5.1 Identity management
5.2 Biometrics
5.3 Passwords
5.4 Tokens
5.5 Memory cards and smart cards
5.6 Access and authorization
5.7 Identity management implementation
5.8 Kerberos
5.9 Access control types and models
5.10 Access control tools and techniques
5.11 Accountability
5.12 Access control monitoring
5.13 Identity proofing
5.14 Markup languages
5.15 Identity as a Service (IDaaS)

Module 6: Communications and Network Security

6.1 Network architecture and design
6.2 IP addressing
6.3 Network protocols
6.4 Transmission media
6.5 Firewall
6.6 Intrusion detection and prevention system
6.7 Network access control (NAC)
6.8 Content delivery network (CDN)
6.9 Networks
6.10 Software-defined networking (SDN)
6.11 Remote access
6.12 Internet Security Protocol (IPsec)
6.13 Voice Over Internet Protocol (VoIP)
6.14 Phreaking
6.15 Secure access protocols
6.16 Wireless technologies
6.17 Network attacks

Module 7: Security Operations

7.1 Investigation
7.2 Forensic investigation
7.3 Evidence
7.4 Electronic discovery
7.5 Incident management
7.6 Security operations management
7.7 Identity and access management
7.8 Assets
7.9 Malware
7.10 Management
7.11 Recovery and backup
7.12 Disaster recovery
7.13 Perimeter security

Module 8: Security Assessment and Testing

8.1 Security assessment
8.2 Vulnerability assessment
8.3 Penetration testing
8.4 Audits
8.5 Log management
8.6 Synthetic and real transaction
8.7 Testing
8.8 Software testing
8.9 Interface
8.10 Key performance indicators (KPIs)

Module 9: Software Development Security

9.1 Importance of software development security
9.2 Programming concepts
9.3 Systems development life cycle
9.4 Application program interface
9.5 Software security and assurance
9.6 Database and data warehouse environments
9.7 Knowledge management
9.8 Web application environment
9.9 Security threats and attacks

Module 01 – Cloud Concepts, Architecture, and Design

1.1 Security concepts
1.2 Defense in due care, depth, and due diligence
1.3 Security functionalities and controls
1.4 Concepts of Cloud Computing
1.5 Business drivers
1.6 Elasticity, scalability, vendor lock-in, and vendor lock-out
1.7 Advantages of Cloud Computing concepts
1.8 Architecture of cloud reference
1.9 Cloud Computing: Actors and roles
1.10 Categories of cloud service: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)
1.11 Management of cloud service categories
1.12 Deployment models of cloud: Public cloud, private cloud, hybrid cloud, and community cloud
1.13 Characteristics and models
1.14 Cloud deployment models: Comparison
1.15 Cloud technology roadmap
1.16 Related technologies and the impact
1.17 Key management, cryptography, and other concepts of security
1.18 Access control and IAM
1.19 Data remanence
1.20 Cloud Computing: Threats
1.21 Virtualization
1.22 Secure Cloud Computing: Design principles
1.23 Analysis of costs and benefits
1.24 Cloud service providers: Evaluation
1.25 SOC
1.26 Evaluating IT security
1.27 FIPS

Module 02 – Cloud Data Security

2.1 Life cycle of cloud data: Create, use, store, and share
2.2 Life cycle of cloud data: Archive
2.3 Life cycle of cloud data: Destroy and other key data functions
2.4 Architectures of cloud data storage types: IaaS, PaaS, and SaaS
2.5 Architectures of cloud data storage: Storage types and threats
2.6 Strategies of data security: Encryption challenges, IaaS encryption, encryption of databases, key management, cloud key storage, masking, tokenization, data anonymization, bit splitting, homomorphic encryption, and data loss prevention
2.7 Data classification and discovery technology: Data classification and cloud data challenges
2.8 Jurisdictional data protections for Personally Identifiable Information (PII)
2.9 Privacy acts: GDPR, and policies of data protection
2.10 Privacy acts: HIPAA, FISMA, and SOX
2.11 Jurisdictional data protection for PII: Cloud services responsibilities
2.12 Management of data rights
2.13 Data retention and deletion
2.14 Archiving policies
2.15 Legal hold
2.16 Auditability, accountability, and traceability of data events
2.17 SIEM
2.18 Custody chain
2.19 Nonrepudiation

Module 03 – Cloud Platform and Infrastructure Security

3.1 Components of cloud infrastructure
3.2 Communications and network
3.3 Virtualization and management plane
3.4 Factors impacting data center design
3.5 Physical design: Buy or build, design standards of a data center, uptime institute, tiers, and features of tier
3.6 Considerations of environmental design
3.7 Connectivity
3.8 Resource allocation and hypervisor
3.9 Risks associated using cloud infrastructure
3.10 Policy, general, and virtualization risks
3.11 Cloud-specific and non-cloud-Specific risks, along with legal ones
3.12 Compensating controls and cloud attack vectors
3.13 Designing and planning security controls
3.14 Business continuity plan and disaster recovery
3.15 Disruptive events and BCDR planning factors
3.16 Cloud infrastructure characteristics
3.17 Strategies of BCDR and returning to normal
3.18 Creation of BCDR: Test, revise, and report
3.19 Testing types, availability, uptime, and activity
3.20 Security awareness and training

Module 04 – Cloud Application Security

4.1 Application security: Awareness and advocate training
4.2 Common pitfalls
4.3 Awareness of encryption dependency
4.4 Understanding the Software Development Life Cycle (SDLC) process
4.5 Risks and vulnerabilities
4.6 Threat modeling
4.7 Encryption
4.8 Application virtualization and sandboxing
4.9 Federated identity management
4.10 Authentication of SAML
4.11 Identity and Access Management (IAM) and Multi-factor Authentication (MFA)
4.12 Cloud access security broker
4.13 Security testing of application
4.14 Supply chain management of software

Module 05 – Cloud Security Operations

5.1 Hardware secure configuration: Servers, storage controllers, and virtual switches
5.2 VM tools configuration: Physical infrastructure running
5.3 Configuration of securing the network
5.4 Clustered hosts
5.5 Clustered storage and dynamic optimization
5.6 Patch management and maintenance mode
5.7 Performance monitoring
5.8 Network security controls: Honeypots, layered security, and SIEM
5.9 Log management and orchestration
5.10 Guest OS availability
5.11 Operations management
5.12 Process of risk management: Framing of risks and risk assessment
5.13 Quantitative risk analysis
5.14 Risk monitoring and response
5.15 Preservation and collection of digital evidence
5.16 Communication using relevant parties
5.17 Center of security operations

Module 06 – Legal Risk and Compliance

6.1 Concepts of legislative
6.2 Intellectual property laws
6.3 Agreements and acts
6.4 NERC
6.5 Generally accepted privacy principles (GAPP) and privacy shield
6.6 Data privacy jurisdictional difference
6.7 E-discovery and related terminology
6.8 PII and forensic requirements
6.9 SOC reports, gap analysis, and chain of custody
6.10 Vendor management
6.11 Risk attitude and Cloud Computing policies
6.12 SLA
6.13 Quality of Service (QoS)
6.14 Risk mitigation and risk management metrics
6.15 ISO 28000:2007

CCSP Projects

Cloud System Encryption

You will primarily focus on efficiently analyzing and encrypting various cloud systems. You will be trained to utilize this in your e-commerce website. Various other topics such as encryption and virtualization will be covered.

Cloud Security Updation

You will learn all the aspects of updating the cloud security system. This includes understanding of concepts such as cloud application security, cloud operations and troubleshooting of software-defined networking.

Module 1 – Information System Auditing Process.

In this module of the ISACA CISA certification program, you get to learn more about the concepts like IS Audit Standards, Guidelines, Codes of Ethics Business Processes, Types of Controls, Risk-Based Audit Planning, Types of Audits and Assessments, Audit Project Management, Sampling Methodology, Audit Evidence Collection Techniques, and a lot more.

Module 2 – Governance and Management of IT

In this segment of the ISACA CISA training program, you get to learn more about the ways to identify critical flaws and loopholes in the process. You learn the best enterprise-specific practices that can help you safeguard the governance of information and associated technologies.

Module 3 – Information Systems Acquisition, Development, and Implementation

This module of the CISA training program helps you get a better knowledge of the concepts like Project Governance and Management, Business Case and Feasibility Analysis, Testing Methodologies Configuration and Release Management, and a lot more

Module 4 – Information Systems Operations and Business Resilience

In this module ISACA CISA certification, you get to learn about Common Technology Components, IT Asset Management, Job Scheduling, Production Process Automation, System Interfaces, End-User Computing, Data Governance, Systems Performance Management, and more.

Module 5 – Protection of Information Assets

In this segment of ISACA CISA certification, you get to learn more about the different aspects of Information Asset Security Frameworks, Standards, and Guidelines Privacy Principles, Physical Access and Environmental Controls, Identity and Access Management, Network and End-Point Security, and more.

Module 1: Information Security Governance.

Part A: Enterprise Governance 

• Importance of Information Security Governance  
• Organizational Culture  
• Legal, Regulatory and Contractual Requirements  
• Organizational Structures, Roles and Responsibilities 

Part B: Information Security Strategy 

• Information Security Strategy Development 
• Information Governance Frameworks and Standards  
• Strategic Planning

Domain 2: Information Security Risk Management 

Part A: Information Risk Assessment 

• Emerging Risk and Threat Landscape 
• Vulnerability and Control Deficiency Analysis 
• Risk Analysis, Evaluation and Assessment  

Part B: Information Risk Response 

• Risk Treatment/Risk Response Options 
• Risk and Control Ownership  
• Risk Monitoring and Reporting 

Domain 3: Information Security Program 

Part A: Information Security Program Development  

• Information Security Program Overview 
• Information Security Program Resources 
• Information Asset Identification and Classification 
• Industry Standards and Frameworks for Information Security 
• Information Security Policies, Procedures and Guidelines 
• Defining an Information Security Program Road Map 
• Information Security Program Metrics 

Part B: Information Security Program Management  

• Information Security Control Design and Selection 
• Information Security Control Implementation and Integration 
• Information Security Control Testing and Evaluation 
• Information Security Awareness and Training 
• Integration of the Security Program with IT Operations 
• Management of External Services and Relationships 
• Information Security Program Communications and Reporting

Domain 4: Incident Management 

Part A: Incident Management Readiness 

• Incident Management and Incident Response Overview  
• Incident Management and Incident Response Plans  
• Business Impact Analysis  
• Business Continuity Plan 
• Disaster Recovery Plan 
• Incident Classification/Categorization 
• Incident Management Training, Testing and Evaluation  

Part B: Incident Management Operations 

• Incident Management Tools and Technologies 
• Incident Investigation and Evaluation  
• Incident Containment Methods 
• Incident Response Communications 
• Incident Eradication and Recovery 
• Post-Incident Review Practices