Ethical Hacking, also known as penetration testing, intrusion testing, or red teaming, is the controversial act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious hackers.
An ethical hacker is an individual hired to hack into a system to identify and repair potential vulnerabilities, effectively preventing exploitation by malicious hackers. They are security experts that specialize in the penetration testing(pen-testing)of computer and software systems for the purpose of evaluating,strengthening and improving security.
An ethical hacker is also known as a white hat hacker, red team, tiger team, or sneaker. Generally, a software or hardware vendor achieves greater profitability by hiring ethical hackers, versus being subjected to other types of vulnerabilities and exploitations
.Ethical hackers evaluate systems using a number of methods,some of which include:
- Denial of Service(DoS)attacks: These are usually applied by flooding a system with requests,rendering it unable to handle additional requests,which halts service to other users or results in system overflow and/or shutdown.
- Social Engineering tactics: Akin to simple fraud,these include any act that manipulates a user into divulging information or performing specific actions.
- Security Scanners: Used to discover vulnerabilities,security scanners are exploitation tools designed to discover vulnerabilities in networks.
Content:
- Ethical Hacking Level 1
- Introduction to Ethical Hacking
- History
- Ethics
- Legality
- important terminologies
- Hacking Concepts,Types,and Phases
- cyber-crime and its type
- case studies
- cyber law
- career options
-
- Setting Up Lab
- Installation and configuration of different types of Os in virtual environment.
-
- Footprinting and Reconnaissance
- Footprinting Concepts
- Footprinting Methodology
- Footprinting through Search Engines
- Footprinting Using Advanced Google Hacking Techniques
- Footprinting through Social Networking Sites
- Website Footprinting
- Email Footprinting
- WHOIS Footprinting
- DNS Footprinting
- Network Footprinting
- Footprinting through Social Engineering
- Footprinting Tools
- Footprinting Countermeasures
-
- Scanning Networks
- Scanning Networks overview
- Check for Live Systems
- Check for Open Ports
- Scanning Beyond IDS
- Banner Grabbing
- Scan for Vulnerability
- Draw Network Diagrams
- Prepare Proxies
-
- Enumeration
- Enumeration Conecpts
- NetBIOS Enumeration
- SNMP Enumeration
- LDAP Enumeration
- NTP Enumeration
- SMTP and DNS Enumeration
- Enumeration Countermeasures
-
- System Hacking
- Cracking Passwords
- Escalating Privileges
- Executing Applications
- Hiding Files
- Covering Tracks
-
- Malware Threats
- Introduction to Malware
- Trojan Concepts
- Virus and Worm Concepts
- Malware Reverse Engineering
- Malware Detection
- Countermeasures
- Anti-Malware Software
-
- Sniffing
- Sniffing Conecpts
- MAC Attacks
- DHCP Attacks
- ARP Poisoning
- Spoofing Attack
- DNS Poisoning
- Sniffing Tools
- Sniffing Detection Techniques
- Countermeasures
-
- Social Engineering
- Social Engineering Concepts
- Social Engineering Techniques
- Impersonation on Social Networking Sites
- Identity Theft
- Social Engineering Countermeasures
-
- Denial-of-Service
- DoS/DDoS Concepts
- DoS/DDoS Attack Techniques
- Botnets
- DDoS Case Study
- DoS/DDoS Attack Tools
- Countermeasures
- DoS/DDoS Protection Tools
-
- Session Hijacking
- Session Hijacking Concepts
- Application Level Session Hijacking
- Network Level Session Hijacking
- Session Hijacking Tools
- Countermeasures
-
- Hacking Webservers
- Webserver Concepts
- Webserver Attacks
- Attack Methodology
- Webserver Attack Tools
- Countermeasures
- Patch Management
- Webserver Security Tools
-
- Hacking Web Applications
- Web App Concepts
- Web App Threats
- Hacking Methodology
- Web Application Hacking Tools
- Countermeasures
- Security Tools
-
- SQL Injection
- SQL Injection Concepts
- Types of SQL Injection
- SQL Injection Methodology
-
- Hacking Wireless Networks
- Wireless Concepts
- Wireless Encryption
- Wireless Hacking Methodology
- Wireless Hacking Tools
- Bluetooth Hacking
-
- Hacking Mobile Platforms
- Mobile Platform Attack Vectors
-
- Evading IDS,Firewalls,and Honeypots
- IDS,Firewall and Honeypot Concepts
- IDS,Firewall and Honeypot Solutions
- Evading IDS
- Evading Firewalls
-
- IoT Hacking
- Cloud Computing
- Introduction to Cloud Computing
-
- Cryptography
- Cryptography Concepts
- Encryption Algorithms
- Email Encryption
- Public Key Infrastructure(PKI)
- Ethical Hacking Level 2
- Linux Administration
- Starting with Linux
- Creating the Perfect Linux Desktop
-
- Becoming a Linux Power User
- Using the Shell
- Moving around the File system
- Working with Text Files
- Managing Running Processes
- Writing Simple Shell Scripts
-
- Linux System Administrator
- Learning System Administration
- Installing Linux
- Getting and Managing Software
- Managing User Accounts
- Managing Disks and File systems
-
- File Operation
- Understanding Server Administration
- Administering Networking
- Starting and Stopping Services
- Configuring a Print Server
- Configuring a Web Server
- Configuring an FTP Server
- Configuring a Windows File Sharing(Samba)Server
- Configuring an NFS File Server
- Troubleshooting Linux
-
- Learning Linux Security Techniques
- Understanding Basic Linux Security
- Understanding Advanced Linux Security
- Enhancing Linux Security with SE Linux 6
- Securing Linux on a Network
- Part VI:Extending Linux into the Cloud
- Using Linux for Cloud Computing
- Deploying Linux to the Cloud
-
- Web Application Penetration Testing
- Introduction to Web Application security
- Core Defence Mechanisms
- Web Application Technologies
- Mapping the Application
- Bypassing Client-Side Controls
- Attacking Authentication
- Attacking Session Management
- Attacking Access Controls
- Attacking Data Stores
- Attacking Back-End Components
- Attacking Application Logic
- Attacking Users:Cross-Site Scripting
- Attacking Users:Other Techniques
- Automating Customized Attacks
- Exploiting Information Disclosure
- Attacking Native Compiled Applications
- Attacking Application Architecture
- Attacking the Application Server
- Finding Vulnerabilities in Source Code
- Web Application Hacker’s Toolkit
- Web Application Hacker’s Methodology
-
- Cyber Forensic
- The Forensics Process
- Computer Fundamentals
- Forensic Lab Environment Preparation
-
- Collecting the Evidence
- Forensically Sound Evidence Collection
- Remote Investigations and Collections
-
- Forensic Investigation Techniques
- Microsoft Windows Systems Analysis
- Linux Analysis
- Macintosh Analysis
- Defeating Anti-forensic Techniques
- Enterprise Storage Analysis
- E-mail Analysis
- Tracking User Activity
- Forensic Analysis of Mobile Devices