Ethical Hacking Training Overview
Ethical hacking and Ethical hacker terms are used to describe the hacking performed by a company or individual to help identify potential threats to a computer or network. It means for those professionals who are looking for comprehensive and total knowledge in the network security domain. This Ethical Hacking course is entirely hands-on a real-time oriented. This information is used by the organization to improve the system security, and eliminate any potential attacks, various cracking techniques by practical approach showing life demonstrations of the cracks.
Objectives of the Course
- Learn to improve the system security
- Eliminate Potential Attacks
- Learn actual methodologies, concepts, tools and techniques involved in each crack with respect to the
career perspective.
Pre-requisites of the course
- You will need to have a working knowledge of TCP/IP
- A background in either security or information systems
- Enough knowledge of Network Technologies is an added advantage
Who can attend this course
- Who have fundamental concepts of a computer and how it operates in a networked environment?
Ethical Hacking Course Content
Introduction To Ethical Hacking
- What is hacking? And what is Ethical about it?
- Types of Hackers.
- The terminology of Hacking [Vulnerability, Exploit, 0-Day]
- 5 Steps of Hacking [Information Gathering, Scanning, Gaining Access, Maintaining Access, Covering Tracks]
- Discussing Information Gathering [Active, Passive]
- Information Gathering Practical [who.is, yougetsignal.com]
- Google Hacking
- Types of malicious files [virus, worm, rootkit etc]
- Introduction to Kali/Linux OS
- Social Engineering
Installation
- According to the configuration of Laptop, 32/64 bit, provide VMware, and any Penetration testing OS like Kali 1.1.0a/Backbox, Windows XP SP2
- Install VMware, OSs on it using Bridge Connection
- Completion of the Lab setup.
Explanation of the tools
- Ping a Website to get IP Addon:-server spy, Passive recon, Flagfox, Ghostery, Cryptofox, Wapplazer (Mozilla Firefox), Tamper data
- Network Scan, Port Scan, Service Scan, OS Fingerprint Scan [Nmap/Zenmap]
- Network Vulnerability Scanning [Nessus/Open VAS]
- Metasploit, SE Toolkit
- Web Vulnerability Scanning [Acunetix/Zap]
- SQL-Injection [Havij, Sqlmap]
- Cryptography
- Steganography
System Hacking
- System Hacking using Kon-Boot, Live CD
- Prevention of System Hacking
- Types of Passwords
- Password Cracking
- Dictionary, brute force attack, Rule-Based attack
- Keylogger, Spyware, Rootkits
- Defending Keylogger, Spyware and Rootkits
Network Penetration Testing
- Remote Administration Tool {RAT}
- Scanning with NMAP
- Installing of Nessus
- Vulnerability Scanning using Nessus/Qualys Free Scan/ GFI Lan Guard
- Metasploit
- Set toolkit
- Protect System from RAT
- Protect System from Metasploit
- What is Sniffing and what is the mechanism of Sniffing
- How to use Wireshark and Cain and Able as a sniffer
- What is netscan and how it works in Real-time and practical
- Malware threats and prevention
- Denial Of Service/ Distributed Denial Of Service
- Session Hijacking
- Hacking Wireless Network
- MAC Spoofing
- IP Spoofing
- Tor Browser and VPN
Web Application Penetration
- Web Application and its basics (Understanding HTML and its response and a website works)
- OWASP Top 10 Vulnerability
- SQL-Injection [Basic, Advance, Blind]
- Practical of SQL-Injection using Havij/Sqlmap
- Prevention of SQL-Injection
- Cross Site Scripting and Its effect
- Prevention of Cross-site scripting
- Data-tampering on E-commerce Sites
- Prevention of Data-tampering
- Website Defacement and Prevention
- E-mail hacking using phishing
- Hacking Web Servers
