CEH (Ethical Hacking)
Introduction to Ethical Hacking and Penetration Testing
1.1 Can hacking be ethical?
1.2 What does a malicious hacker do?
1.3 Classification of hackers
1.4 What do ethical Hackers do?
1.5 Skill profile of an ethical hacker
1.6 Penetration testing
1.7 Modes of ethical hacking
1.8 Types of security testing
1.9 Summary
2. Footprinting
2.1 Scenario
2.2 Objectives
2.3 Revisiting reconnaissance
2.4 Scenario (continued)
2.5 Network range
2.6 Scenario (continued)
2.7 Other tools
2.8 Summary
2.9 Demo: e-mail tracking
3. Scanning
3.1 Objectives
3.2 War dialers
3.3 Ping utilities
3.4 Discovering services
3.5 Scanning demonstration
3.6 OS detection
3.7 Summary
4. Enumeration
4.1 Objectives
4.2 What is enumeration?
4.3 NetBIOS enumeration
4.4 SNMP enumeration
4.5 Zone Transfer information
4.6 CIFS/SMB enumeration
4.7 Active directory
5. System Hacking
5.1 Objectives
5.2 Remote password guessing
5.3 Password sniffing
5.4 Privilege escalation
5.5 Password cracking
5.6 Keystroke loggers
5.7 Rootkits
5.8 Covering tracks
5.9 Steganography
5.10 Buffer overflows
5.11 Summary
6. Trojans and Backdoors
6.1 Objectives
6.2 Trojans and backdoors: explanation
6.3 Trojans and backdoors
6.4 Wrappers
6.5 Spreading Trojans via CD-ROM
6.6 Hacking tools
6.7 ICMP tunneling
6.8 Reverse WWW Shell: covert channels
6.9 Backdoor countermeasures
6.10 More tools
7. Sniffers
7.1 Objectives
7.2 Passive sniffing
7.3 Active sniffing
7.4 Summary
8. Denial of Service
8.1 Objectives
8.2 Real Life DOS
8.3 Examples of DOS
8.4 Examples of Distributed Denial of Service Attacks
8.5 Protection from DOS attacks
8.6 Preventing the DDoS
8.7 Common IDS systems
8.8 Scanning tools
8.9 Summary
9. Social Engineering
9.1 Objectives
9.2 What is social engineering?
9.3 Common types of social engineering
9.4 Human-based impersonation
9.5 Examples
9.6 Technical social engineering
9.7 Reverse social engineering
9.8 Policies and procedures
9.9 Summary
10. Session Hijacking
10.1 Objectives
10.2 Understand session hijacking
10.3 Session hijacking types
10.4 Programs for session hijacking
10.5 Dangers posed by hijacking
10.6 Protecting against session hijacking
10.7 Summary
11. Hacking Web Servers
11.1 Objectives
11.2 Web Server principles
11.3 Apache vulnerabilities
11.4 IIS vulnerabilities
11.5 Summary
12. Web Application Vulnerabilities
12.1 Objectives
12.2 Web application security
12.3 Hidden fields
12.4 Input manipulation
12.5 Cross site scripting (XSS)
12.6 Tools
12.7 Summary
13. Web-based Password Cracking
13.1 Objectives
13.2 Web server authentication methods
13.3 Tools
13.4 Summary
14. SQL Injection
14.1 Objectives
14.2 Introduction to SQL Injection
14.3 Tools
14.4 Preventive measures
14.5 Summary
15. Hacking Wireless Networks
15.1 Objectives
15.2 Introduction to wireless networking
15.3 MAC Sniffing and AP spoofing
15.4 Denial of Service Attacks
15.5 Tools
15.6 Wireless intrusion detection system
15.7 Securing wireless networks
15.8 Summary
16. Evading IDS, Firewalls, and Honeypots
16.1 Objectives
16.2 Intrusion Detection Systems (IDS)
16.3 Evading IDS Systems
16.4 Incident response
16.5 Hacking through firewalls
16.6 Honeypots
17. Linux Hacking
17.1 Objectives
17.2 Linux hacking
17.3 Compiling programs
17.4 Scanning and mapping networks
17.5 Password cracking in Linux
17.6 SARA/TARA
17.7 Sniffing and hijacking
17.8 Rootkits
17.9 IP Chains and IP Tables
17.10 Application security
17.11 Intrusion Detections Systems
17.12 Security Testing Tools
17.13 Encryption
17.14 Log and traffic monitors
17.15 Countermeasures
17.16 Summary
18. Buffer Overflows
18.1 Objectives
18.2 Definition
18.3 Exploitations and payloads
18.4 Countermeasures for Buffer Overflows
18.5 Vulnerability Search: ICAT
18.6 Summary
19. Cryptography
19.1 Objectives
19.2 Public key cryptography
19.3 Working of encryption
19.4 Encryption: hashing algorithms
19.5 Summary
20. Viruses and Worms
20.1 Overview
20.2 Characteristics and terminology
20.3 Access methods and modes of infection
20.4 Virus detection methods
20.5 Anti-virus software
20.6 Summary
21. Physical Security
21.1 Objectives
21.2 Understanding physical security
21.3 Physical security checklist
21.4 Summary