CEH: Certified Ethical Hacker v7.1 Training Package

About the CEH: Certified Ethical Hacker v7.1

CEH: Certified Ethical Hacker v7.1 (5 days)   

Course Objectives

• Students will begin by understanding perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed.
• Students then learn how intruders escalate intruders escalate privileges and what steps can be taken to secure a system.
• Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

Course Outline

• Introduction to Ethical Hacking
  1. Internet Crime Current Report: IC3
  2. Data Breach Investigations Report
  3. Types of Data Stolen From the Organizations
  4. Essential Terminologies
  5. Elements of Information Security
  6. Authenticity and Non-Repudiation
  7. The Security, Functionality, and Usability Triangle
  8. Security Challenges
  9. Effects of Hacking
  10. Who is a Hacker?
  11. Hacker Classes
  12. Hacktivism
  13. What Does a Hacker Do?
  14. Phase 1 - Reconnaissance
  15. Phase 2 - Scanning
  16. Phase 3 - Gaining Access
  17. Phase 4 - Maintaining Access
  18. Phase 5 - Covering Tracks
  19. Types of Attacks on a System
  20. Why Ethical Hacking is Necessary?
  21. Defense in Depth
  22. Scope and Limitations of Ethical Hacking
  23. What Do Ethical Hackers Do?
  24. Skills of an Ethical Hacker
  25. Vulnerability Research
  26. Vulnerability Research Websites
  27. What is Penetration Testing?
  28. Why Penetration Testing?
  29. Penetration Testing Methodology
• Footprinting and Reconnaissance
  1. Footprinting Terminologies
  2. What is Footprinting?
  3. Objectives of Footprinting
  4. Footprinting Threats
  5. Finding a Company's URL
  6. Locate Internal URLs
  7. Public and Restricted Websites
  8. Search for Company's Information
  9. Footprinting Through Search Engines
  10. Collect Location Information
  11. People Search
  12. Gather Information from Financial Services
  13. Footprinting Through Job Sites
  14. Monitoring Target Using Alerts
  15. Competitive Intelligence Gathering
  16. WHOIS Lookup
  17. Extracting DNS Information
  18. Locate the Network Range
  19. Traceroute
  20. Mirroring Entire Website
  21. Extract Website Information from http://www.archive.org
  22. Monitoring Web Updates Using Website Watcher
  23. Tracking Email Communications
  24. Footprint Using Google Hacking Techniques
  25. What a Hacker Can Do With Google Hacking?
  26. Google Advance Search Operators
  27. Google Hacking Tool: Google Hacking Database (GHDB)
  28. Google Hacking Tools
  29. Additional Footprinting Tools
  30. Footprinting Countermeasures
  31. Footprinting Pen Testing
• Scanning Networks
  1. Network Scanning
  2. Types of Scanning
  3. Checking for Live Systems - ICMP Scanning
  4. Ping Sweep
  5. Three-Way Handshake
  6. TCP Communication Flags
  7. Hping2 / Hping3
  8. Hping Commands
  9. Scanning Techniques
  10. Scanning: IDS Evasion Techniques
  11. IP Fragmentation Tools
  12. Scanning Tool: Nmap
  13. Scanning Tool: NetScan Tools Pro
  14. Scanning Tools
  15. Do Not Scan These IP Addresses (Unless you want to get into trouble)
  16. Scanning Countermeasures
  17. War Dialing
  18. Why War Dialing?
  19. War Dialing Tools
  20. War Dialing Countermeasures
  21. OS Fingerprinting
  22. Banner Grabbing Tool: ID Serve
  23. GET REQUESTS
  24. Banner Grabbing Tool: Netcraft
  25. Banner Grabbing Tools
  26. Banner Grabbing Countermeasures: Disabling or Changing Banner
  27. Hiding File Extensions
  28. Hiding File Extensions from Webpages
  29. Vulnerability Scanning
  30. Network Vulnerability Scanners
  31. LANsurveyor
  32. Network Mappers
  33. Proxy Servers
  34. Why Attackers Use Proxy Servers?
  35. Use of Proxies for Attack
  36. How Does MultiProxy Work?
  37. Free Proxy Servers
  38. Proxy Workbench
  39. Proxifier Tool: Create Chain of Proxy Servers
  40. SocksChain
  41. TOR (The Onion Routing)
  42. TOR Proxy Chaining Software
  43. HTTP Tunneling Techniques
  44. Why do I Need HTTP Tunneling?
  45. Super Network Tunnel Tool
  46. Httptunnel for Windows
  47. Additional HTTP Tunneling Tools
  48. SSH Tunneling
  49. SSL Proxy Tool
  50. How to Run SSL Proxy?
  51. Proxy Tools
  52. Anonymizers
  53. Types of Anonymizers
  54. Case: Bloggers Write Text Backwards to Bypass Web Filters in China
  55. Text Conversion to Avoid Filters
  56. Censorship Circumvention Tool: Psiphon
  57. How Psiphon Works?
  58. How to Check if Your Website is Blocked in China or Not?
  59. G-Zapper
  60. Anonymizer Tools
  61. Spoofing IP Address
  62. IP Spoofing Detection Techniques: Direct TTL Probes
  63. IP Spoofing Detection Techniques: IP Identification Number
  64. IP Spoofing Detection Techniques: TCP Flow Control Method
  65. IP Spoofing Countermeasures
  66. Scanning Pen Testing
• Enumeration
  1. What is Enumeration?
  2. Techniques for Enumeration
  3. NetBIOS Enumeration
  4. Enumerating User Accounts
  5. Enumerate Systems Using Default Passwords
  6. SNMP (Simple Network Management Protocol) Enumeration
  7. UNIX/Linux Enumeration
  8. LDAP Enumeration
  9. NTP Enumeration
  10. SMTP Enumeration
  11. DNS Zone Transfer Enumeration Using nslookup
  12. Enumeration Countermeasures
  13. Enumeration Pen Testing
• System Hacking
  1. Information at Hand Before System Hacking Stage
  2. System Hacking: Goals
  3. CEH Hacking Methodology (CHM)
  4. Password Cracking
  5. Types of Password Attacks
  6. Microsoft Authentication
  7. How Hash Passwords are Stored in Windows SAM?
  8. What is LAN Manager Hash?
  9. Kerberos Authentication
  10. Salting
  11. PWdump7 and Fgdump
  12. L0phtCrack
  13. Ophcrack
  14. Cain & Abel
  15. RainbowCrack
  16. Password Cracking Tools
  17. LM Hash Backward Compatibility
  18. How to Defend against Password Cracking?
  19. Privilege Escalation
  20. Active@ Password Changer
  21. Privilege Escalation Tools
  22. How to Defend against Privilege Escalation?
  23. Executing Applications
  24. Alchemy Remote Executor
  25. RemoteExec
  26. Execute This!
  27. Keylogger
  28. Types of Keystroke Loggers
  29. Acoustic/CAM Keylogger
  30. Keyloggers
  31. Spyware
  32. How to Defend against Keyloggers?
  33. How to Defend against Spyware?
  34. Rootkits
  35. Types of Rootkits
  36. How Rootkit Works?
  37. Rootkit: Fu
  38. Detecting Rootkits
  39. How to Defend against Rootkits?
  40. Anti-Rootkit: RootkitRevealer and McAfee Rootkit Detective
  41. NTFS Data Stream
  42. What is Steganography?
  43. Types of Steganography
  44. Image Steganography
  45. Document Steganography: wbStego
  46. Video Steganography: Our Secret
  47. Audio Steganography: Mp3stegz
  48. Folder Steganography: Invisible Secrets 4
  49. Spam/Email Steganography: Spam Mimic
  50. Natural Text Steganography: Sams Big G Play Maker
  51. Steganalysis
  52. Steganography Detection Tool: Stegdetect
  53. Why Cover Tracks?
  54. Ways to Clear Online Tracks
  55. Disabling Auditing: Auditpol
  56. Covering Tracks Tool: Window Washer
  57. Covering Tracks Tool: Tracks Eraser Pro
  58. System Hacking Penetration Testing
• Trojans and Backdoors
  1. What is a Trojan?
  2. Overt and Covert Channels
  3. Purpose of Trojans
  4. What Do Trojan Creators Look For?
  5. Indications of a Trojan Attack
  6. Common Ports used by Trojans
  7. How to Infect Systems Using a Trojan?
  8. Wrappers
  9. Different Ways a Trojan can Get into a System
  10. How to Deploy a Trojan?
  11. Evading Anti-Virus Techniques
  12. Types of Trojans
  13. Destructive Trojans
  14. Notification Trojans
  15. Credit Card Trojans
  16. Data Hiding Trojans (Encrypted Trojans)
  17. BlackBerry Trojan: PhoneSnoop
  18. MAC OS X Trojan: DNSChanger
  19. MAC OS X Trojan: DNSChanger
  20. Mac OS X Trojan: Hell Raiser
  21. How to Detect Trojans?
  22. Process Monitoring Tool: What's Running
  23. Scanning for Suspicious Registry Entries
  24. Registry Entry Monitoring Tools
  25. Scanning for Suspicious Device Drivers
  26. Scanning for Suspicious Windows Services
  27. Scanning for Suspicious Startup Programs
  28. Scanning for Suspicious Files and Folders
  29. Scanning for Suspicious Network Activities
  30. Trojan Countermeasures
  31. Backdoor Countermeasures
  32. Trojan Horse Construction Kit
  33. Anti-Trojan Software: TrojanHunter
  34. Anti-Trojan Software: Emsisoft Anti-Malware
  35. Anti-Trojan Softwares
  36. Pen Testing for Trojans and Backdoors
• Viruses and Worms
  1. Introduction to Viruses
  2. Virus and Worm Statistics 2010
  3. Stages of Virus Life
  4. Working of Viruses: Infection Phase
  5. Working of Viruses: Attack Phase
  6. Why Do People Create Computer Viruses?
  7. Indications of Virus Attack
  8. How does a Computer get Infected by Viruses?
  9. Virus Hoaxes
  10. Virus Analysis:
  11. Types of Viruses
  12. Transient and Terminate and Stay Resident Viruses
  13. Writing a Simple Virus Program
  14. Computer Worms
  15. How is a Worm Different from a Virus?
  16. Example of Worm Infection: Conficker Worm
  17. Worm Analysis:
  18. Worm Maker: Internet Worm Maker Thing
  19. What is Sheep Dip Computer?
  20. Anti-Virus Sensors Systems
  21. Malware Analysis Procedure
  22. String Extracting Tool: Bintext
  23. Compression and Decompression Tool: UPX
  24. Process Monitoring Tools: Process Monitor
  25. Log Packet Content Monitoring Tools: NetResident
  26. Debugging Tool: Ollydbg
  27. Virus Analysis Tool: IDA Pro
  28. Online Malware Testing:
  29. Online Malware Analysis Services
  30. Virus Detection Methods
  31. Virus and Worms Countermeasures
  32. Companion Antivirus: Immunet Protect
  33. Anti-virus Tools
  34. Penetration Testing for Virus
• Sniffers
  1. Lawful Intercept
  2. Wiretapping
  3. Sniffing Threats
  4. How a Sniffer Works?
  5. Hacker Attacking a Switch
  6. Types of Sniffing: Passive Sniffing
  7. Types of Sniffing: Active Sniffing
  8. Protocols Vulnerable to Sniffing
  9. Tie to Data Link Layer in OSI Model
  10. Hardware Protocol Analyzers
  11. SPAN Port
  12. MAC Flooding
  13. How DHCP Works?
  14. What is Address Resolution Protocol (ARP)?
  15. Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
  16. MAC Spoofing/Duplicating
  17. DNS Poisoning Techniques
  18. Sniffing Tool: Wireshark
  19. Sniffing Tool: CACE Pilot
  20. Sniffing Tool: Tcpdump/Windump
  21. Discovery Tool: NetworkView
  22. Discovery Tool: The Dude Sniffer
  23. Password Sniffing Tool: Ace
  24. Packet Sniffing Tool: Capsa Network Analyzer
  25. OmniPeek Network Analyzer
  26. Network Packet Analyzer: Observer
  27. Session Capture Sniffer: NetWitness
  28. Email Message Sniffer: Big-Mother
  29. TCP/IP Packet Crafter: Packet Builder
  30. Additional Sniffing Tools
  31. How an Attacker Hacks the Network Using Sniffers?
  32. How to Defend Against Sniffing?
  33. Sniffing Prevention Techniques
  34. How to Detect Sniffing?
  35. Promiscuous Detection Tool: PromqryUI
  36. Promiscuous Detection Tool: PromiScan
• Social Engineering
  1. What is Social Engineering?
  2. Behaviors Vulnerable to Attacks
  3. Why is Social Engineering Effective?
  4. Warning Signs of an Attack
  5. Phases in a Social Engineering Attack
  6. Impact on the Organization
  7. Command Injection Attacks
  8. Common Targets of Social Engineering
  9. Types of Social Engineering
  10. Insider Attack
  11. Common Intrusion Tactics and Strategies for Prevention
  12. Social Engineering Through Impersonation on Social Networking Sites
  13. Risks of Social Networking to Corporate Networks
  14. Identity Theft Statistics 2010
  15. Real Steven Gets Huge Credit Card Statement
  16. Identity Theft - Serious Problem
  17. Social Engineering Countermeasures: Policies
  18. How to Detect Phishing Emails?
  19. Identity Theft Countermeasures
  20. Social Engineering Pen Testing
• Denial of Service
  1. What is a Denial of Service Attack?
  2. What is Distributed Denial of Service Attacks?
  3. Symptoms of a DoS Attack
  4. Cyber Criminals
  5. Internet Chat Query (ICQ)
  6. Internet Relay Chat (IRC)
  7. DoS Attack Techniques
  8. Botnet
  9. WikiLeak Operation Payback
  10. DoS Attack Tools
  11. Detection Techniques
  12. DoS/DDoS Countermeasure Strategies
  13. DDoS Attack Countermeasures
  14. Post-attack Forensics
  15. Techniques to Defend against Botnets
  16. DoS/DDoS Countermeasures
  17. DoS/DDoS Protection at ISP Level
  18. Enabling TCP Intercept on Cisco IOS Software
  19. Advanced DDoS Protection: IntelliGuard DDoS Protection System (DPS)
  20. DoS/DDoS Protection Tool
  21. Denial of Service (DoS) Attack Penetration Testing
• Session Hijacking
  1. What is Session Hijacking?
  2. Dangers Posed by Hijacking
  3. Why Session Hijacking is Successful?
  4. Key Session Hijacking Techniques
  5. Brute Forcing
  6. HTTP Referrer Attack
  7. Spoofing vs. Hijacking
  8. Session Hijacking Process
  9. Packet Analysis of a Local Session Hijack
  10. Types of Session Hijacking
  11. Predictable Session Token
  12. Man-in-the-Middle Attack
  13. Man-in-the-Browser Attack
  14. Client-side Attacks
  15. Cross-site Script Attack
  16. Session Fixation
  17. Network Level Session Hijacking
  18. The 3-Way Handshake
  19. Sequence Numbers
  20. TCP/IP Hijacking
  21. IP Spoofing: Source Routed Packets
  22. RST Hijacking
  23. Blind Hijacking
  24. Man-in-the-Middle Attack using Packet Sniffer
  25. UDP Hijacking
  26. Session Hijacking Tools
  27. Countermeasures
  28. Protecting against Session Hijacking
  29. Methods to Prevent Session Hijacking: To be Followed by Web Developers
  30. Methods to Prevent Session Hijacking: To be Followed by Web Users
  31. Defending against Session Hijack Attacks
  32. Session Hijacking Remediation
  33. IPSec
  34. Session Hijacking Pen Testing
• Hijacking Webservers
  1. Webserver Market Shares
  2. Open Source Webserver Architecture
  3. IIS Webserver Architecture
  4. Website Defacement
  5. Case Study
  6. Why Web Servers are Compromised?
  7. Impact of Webserver Attacks
  8. Webserver Misconfiguration
  9. Directory Traversal Attacks
  10. HTTP Response Splitting Attack
  11. Web Cache Poisoning Attack
  12. HTTP Response Hijacking
  13. SSH Bruteforce Attack
  14. Man-in-the-Middle Attack
  15. Webserver Password Cracking
  16. Web Application Attacks
  17. Webserver Attack Methodology
  18. Webserver Attack Tools
  19. Web Password Cracking Tool
  20. Countermeasures
  21. How to Defend Against Web Server Attacks?
  22. How to Defend against HTTP Response Splitting and Web Cache Poisoning?
  23. Patches and Hotfixes
  24. What is Patch Management?
  25. Identifying Appropriate Sources for Updates and Patches
  26. Installation of a Patch
  27. Patch Management Tool: Microsoft Baseline Security Analyzer (MBSA)
  28. Web Application Security Scanner: Sandcat
  29. Web Server Security Scanner: Wikto
  30. Webserver Malware Infection Monitoring Tool: HackAlert
  31. Webserver Security Tools
  32. Web Server Penetration Testing
• Hacking Web Applications
  1. Web Application Security Statistics
  2. Introduction to Web Applications
  3. Web Application Components
  4. How Web Applications Work?
  5. Web Application Architecture
  6. Web 2.0 Applications
  7. Vulnerability Stack
  8. Web Attack Vectors
  9. Web Application Threats - 1
  10. Web Application Threats - 2
  11. Unvalidated Input
  12. Parameter/Form Tampering
  13. Directory Traversal
  14. Security Misconfiguration
  15. Injection Flaws
  16. What is LDAP Injection?
  17. How LDAP Injection Works?
  18. Hidden Field Manipulation Attack
  19. Cross-Site Scripting (XSS) Attacks
  20. Web Application Denial-of-Service (DoS) Attack
  21. Buffer Overflow Attacks
  22. Cookie/Session Poisoning
  23. Session Fixation Attack
  24. Insufficient Transport Layer Protection
  25. Improper Error Handling
  26. Insecure Cryptographic Storage
  27. Broken Authentication and Session Management
  28. Unvalidated Redirects and Forwards
  29. Web Services Architecture
  30. Footprint Web Infrastructure
  31. Web Spidering Using Burp Suite
  32. Hacking Web Servers
  33. Analyze Web Applications
  34. Attack Authentication Mechanism
  35. Username Enumeration
  36. Password Attacks: Password Functionality Exploits
  37. Password Attacks: Password Guessing
  38. Password Attacks: Brute-forcing
  39. Session Attacks: Session ID Prediction/ Brute-forcing
  40. Cookie Exploitation: Cookie Poisoning
  41. Authorization Attack
  42. Session Management Attack
  43. Injection Attacks
  44. Attack Data Connectivity
  45. Attack Web App Client
  46. Attack Web Services
  47. Web Services Probing Attacks
  48. Web Service Attack Tool: soapUI
  49. Web Service Attack Tool: XMLSpy
  50. Web Application Hacking Tool: Burp Suite Professional
  51. Web Application Hacking Tools: CookieDigger
  52. Web Application Hacking Tools: WebScarab
  53. Encoding Schemes
  54. Web Application Countermeasures
  55. Web Application Firewall: dotDefender
  56. Web Application Firewall: IBM AppScan
  57. Web Application Firewall: ServerDefender VP
  58. Web Application Pen Testing
• SQL Injection
  1. SQL Injection is the Most Prevalent Vulnerability in 2010
  2. SQL Injection Threats
  3. What is SQL Injection?
  4. SQL Injection Attacks
  5. How Web Applications Work?
  6. Server Side Technologies
  7. HTTP Post Request
  8. SQL Injection Detection
  9. SQL Injection Black Box Pen Testing
  10. Types of SQL Injection
  11. What is Blind SQL Injection?
  12. SQL Injection Methodology
  13. Information Gathering
  14. Database, Table, and Column Enumeration
  15. Features of Different DBMSs
  16. Password Grabbing
  17. Transfer Database to Attacker's Machine
  18. Interacting with the Operating System
  19. Interacting with the FileSystem
  20. Network Reconnaissance Full Query
  21. SQL Injection Tools
  22. Evading IDS
  23. How to Defend Against SQL Injection Attacks?
  24. SQL Injection Detection Tools
  25. Snort Rule to Detect SQL Injection Attacks
• Hacking Wireless Networks
  1. Wireless Networks
  2. Wi-Fi Usage Statistics in the US
  3. Wi-Fi Hotspots at Public Places
  4. Wi-Fi Networks at Home
  5. Types of Wireless Networks
  6. Wireless Standards
  7. Service Set Identifier (SSID)
  8. Wi-Fi Authentication Modes
  9. Wireless Terminologies
  10. Wi-Fi Chalking
  11. Wi-Fi Hotspot Finder: jiwire.com
  12. Wi-Fi Hotspot Finder: WeFi.com
  13. Types of Wireless Antenna
  14. Parabolic Grid Antenna
  15. Types of Wireless Encryption
  16. WEP Encryption
  17. What is WPA?
  18. Temporal Keys
  19. What is WPA2?
  20. WEP vs. WPA vs. WPA2
  21. WEP Issues
  22. Weak Initialization Vectors (IV)
  23. How to Break WEP Encryption?
  24. How to Break WPA/WPA2 Encryption?
  25. How to Defend Against WPA Cracking?
  26. Wireless Threats: Access Control Attacks
  27. Wireless Threats: Integrity Attacks
  28. Wireless Threats: Confidentiality Attacks
  29. Wireless Threats: Availability Attacks
  30. Wireless Threats: Authentication Attacks
  31. Rogue Access Point Attack
  32. Client Mis-association
  33. Misconfigured Access Point Attack
  34. Unauthorized Association
  35. Ad Hoc Connection Attack
  36. HoneySpot Access Point Attack
  37. AP MAC Spoofing
  38. Denial-of-Service Attack
  39. Jamming Signal Attack
  40. Wi-Fi Jamming Devices
  41. Wireless Hacking Methodology
  42. Find Wi-Fi Networks to Attack
  43. Attackers Scanning for Wi-Fi Networks
  44. Footprint the Wireless Network
  45. Wi-Fi Discovery Tool: inSSIDer
  46. Wi-Fi Discovery Tool: NetSurveyor
  47. Wi-Fi Discovery Tool: NetStumbler
  48. Wi-Fi Discovery Tool: Vistumbler
  49. Wi-Fi Discovery Tool: WirelessMon
  50. Wi-Fi Discovery Tools
  51. GPS Mapping
  52. How to Discover Wi-Fi Network Using Wardriving?
  53. Wireless Traffic Analysis
  54. Wireless Cards and Chipsets
  55. Wi-Fi USB Dongle: AirPcap
  56. Wi-Fi Packet Sniffer: Wireshark with AirPcap
  57. Wi-Fi Packet Sniffer: Wi-Fi Pilot
  58. Wi-Fi Packet Sniffer: OmniPeek
  59. Wi-Fi Packet Sniffer: CommView for Wi-Fi
  60. What is Spectrum Analysis?
  61. Wireless Sniffers
  62. Aircrack-ng Suite
  63. How to Reveal Hidden SSIDs
  64. Fragmentation Attack
  65. How to Launch MAC Spoofing Attack?
  66. Denial of Service: Deauthentication and Disassociation Attacks
  67. Man-in-the-Middle Attack
  68. MITM Attack Using Aircrack-ng
  69. Wireless ARP Poisoning Attack
  70. Rogue Access Point
  71. Evil Twin
  72. How to Crack WEP Using Aircrack?
  73. How to Crack WEP Using Aircrack? Screenshot 1/2
  74. How to Crack WEP Using Aircrack? Screenshot 2/2
  75. How to Crack WPA-PSK Using Aircrack?
  76. WPA Cracking Tool: KisMAC
  77. WEP Cracking Using Cain & Abel
  78. WPA Brute Forcing Using Cain & Abel
  79. WPA Cracking Tool: Elcomsoft Wireless Security Auditor
  80. WEP/WPA Cracking Tools
  81. Wi-Fi Sniffer: Kismet
  82. Wardriving Tools
  83. RF Monitoring Tools
  84. Wi-Fi Connection Manager Tools
  85. Wi-Fi Traffic Analyzer Tools
  86. Wi-Fi Raw Packet Capturing Tools
  87. Wi-Fi Spectrum Analyzing Tools
  88. Bluetooth Hacking
  89. How to BlueJack a Victim?
  90. Bluetooth Hacking Tool: Super Bluetooth Hack
  91. Bluetooth Hacking Tool: PhoneSnoop
  92. Bluetooth Hacking Tool: BlueScanner
  93. How to Defend Against Bluetooth Hacking?
  94. How to Detect and Block Rogue AP?
  95. Wireless Security Layers
  96. How to Defend Against Wireless Attacks?
  97. Wireless Intrusion Prevention Systems
  98. Wireless IPS Deployment
  99. Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer
  100. Wi-Fi Security Auditing Tool: AirDefense
  101. Wi-Fi Security Auditing Tool: Adaptive Wireless IPS
  102. Wi-Fi Security Auditing Tool: Aruba RFProtect WIPS
  103. Wi-Fi Intrusion Prevention System
  104. Wi-Fi Predictive Planning Tools
  105. Wi-Fi Vulnerability Scanning Tools
  106. Wireless Penetration Testing
• Evading IDS, Firewalls, and Honeypots
  1. Intrusion Detection Systems (IDS) and its Placement
  2. How IDS Works?
  3. Ways to Detect an Intrusion
  4. Types of Intrusion Detection Systems
  5. System Integrity Verifiers (SIV)
  6. General Indications of Intrusions
  7. General Indications of System Intrusions
  8. Firewall
  9. DeMilitarized Zone (DMZ)
  10. Types of Firewall
  11. Firewall Identification
  12. Honeypot
  13. How to Set Up a Honeypot?
  14. Intrusion Detection Tool
  15. Intrusion Detection Systems: Tipping Point
  16. Firewall: Sunbelt Personal Firewall
  17. Honeypot Tools
  18. Insertion Attack
  19. Evasion
  20. Denial-of-Service Attack (DoS)
  21. Obfuscating
  22. False Positive Generation
  23. Session Splicing
  24. Unicode Evasion Technique
  25. Fragmentation Attack
  26. Overlapping Fragments
  27. Time-To-Live Attacks
  28. Invalid RST Packets
  29. Urgency Flag
  30. Polymorphic Shellcode
  31. ASCII Shellcode
  32. Application-Layer Attacks
  33. Desynchronization
  34. Pre Connection SYN
  35. Post Connection SYN
  36. Other Types of Evasion
  37. Bypass Blocked Sites Using IP Address in Place of URL
  38. Bypass a Firewall using Proxy Server
  39. Detecting Honeypots
  40. Honeypot Detecting Tool: Send-Safe Honeypot Hunter
  41. Firewall Evasion Tools
  42. Packet Fragment Generators
  43. Countermeasures
  44. Firewall/IDS Penetration Testing
• Buffer Overflow
  1. Buffer Overflows
  2. Why are Programs And Applications Vulnerable?
  3. Understanding Stacks
  4. Stack-Based Buffer Overflow
  5. Understanding Heap
  6. Stack Operations
  7. Knowledge Required to Program Buffer Overflow Exploits
  8. Buffer Overflow Steps
  9. Simple Uncontrolled Overflow
  10. Simple Buffer Overflow in C
  11. Code Analysis
  12. Exploiting Semantic Comments in C (Annotations)
  13. How to Mutate a Buffer Overflow Exploit?
  14. Identifying Buffer Overflows
  15. How to Detect Buffer Overflows in a Program?
  16. BOU (Buffer Overflow Utility)
  17. Testing for Heap Overflow Conditions: heap.exe
  18. Steps for Testing for Stack Overflow in OllyDbg Debugger
  19. Testing for Format String Conditions using IDA Pro
  20. BoF Detection Tools
  21. Defense Against Buffer Overflows
  22. Data Execution Prevention (DEP)
  23. Enhanced Mitigation Experience Toolkit (EMET)
  24. /GS http://microsoft.com
  25. BoF Security Tools
  26. Buffer Overflow Penetration Testing
• Cryptography
  1. Cryptography
  2. Types of Cryptography
  3. Government Access to Keys (GAK)
  4. Ciphers
  5. Advanced Encryption Standard (AES)
  6. Data Encryption Standard (DES)
  7. RC4, RC5, RC6 Algorithms
  8. The DSA and Related Signature Schemes
  9. RSA (Rivest Shamir Adleman)
  10. Message Digest (One-way Bash) Functions
  11. Secure Hashing Algorithm (SHA)
  12. What is SSH (Secure Shell)?
  13. MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles
  14. Cryptography Tool: Advanced Encryption Package
  15. Cryptography Tools
  16. Public Key Infrastructure (PKI)
  17. Certification Authorities
  18. Digital Signature
  19. SSL (Secure Sockets Layer)
  20. Transport Layer Security (TLS)
  21. Disk Encryption
  22. Cryptography Attacks
  23. Code Breaking Methodologies
  24. Meet-in-the-Middle Attack on Digital Signature Schemes
  25. Cryptanalysis Tool: CrypTool
  26. Cryptanalysis Tools
  27. Online MD5 Decryption Tool
• Penetration Testing
  1. Introduction to Penetration Testing
  2. Security Assessments
  3. Vulnerability Assessment
  4. Penetration Testing
  5. Why Penetration Testing?
  6. What Should be Tested?
  7. What Makes a Good Penetration Test?
  8. ROI on Penetration Testing
  9. Testing Points
  10. Testing Locations
  11. Types of Penetration Testing
  12. Common Penetration Testing Techniques
  13. Using DNS Domain Name and IP Address Information
  14. Enumerating Information about Hosts on Publicly-Available Networks
  15. Phases of Penetration Testing
  16. Penetration Testing Methodology
  17. Network Security Assessment
  18. Wireless/Remote Access Assessment
  19. Outsourcing Penetration Testing Services
  20. Evaluating Different Types of Pentest Tools
  21. Application Security Assessment Tool
  22. Network Security Assessment Tool
  23. Wireless/Remote Access Assessment Tool
  24. Telephony Security Assessment Tool
  25. Testing Network-Filtering Device Tool
  26. Traffic IQ Professional

Do you have the right background for CEH: Certified Ethical Hacker v7.1?

Benefit of taking CEH: Certified Ethical Hacker v7.1 at NetCom

• Why Choose EC-Council Training at NetCom Learning?

  As a recognition for training excellence, NetCom Learning was chosen by Microsoft as the 2007 Worldwide Learning Solutions Partner of the year out of 1400 training companies.

  In addition, we have won numerous other training awards for quality and customer satisfaction by CompTIA, EC-Council and other vendors. We are simply passionate about learning and achieving the highest customer satisfaction in your learning experience!

  See the training value proposition below:

  Why EC-Council Training at NetCom?   CEH: Certified Ethical Hacker v7  CEH v7 showcases the latest hacking techniques and countermeasures. This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. CEHv7.1 provides a comprehensive ethical hacking and network security-training program to meet the standards of highly skilled security professionals. Hundreds of SMEs and authors have contributed towards the content presented in the CEHv7.1 courseware. Latest tools and exploits uncovered from the underground community are featured in the new package. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.    Updated core content and well-organized flow for a best-in-class learning experience. Exclusive section for countermeasures against different attacks with detailed explanation of how to implement the countermeasures in a real-time environment. Attractive and descriptive diagrammatic representations of concepts and attacks. Complete section dedicated to penetration testing, illustrating how to implement learned concepts to test network system security. Courseware includes over 20GB of the latest hacking and security tools. A result-oriented, descriptive lab manual; the labs showcased in the courseware are tested against the latest Operating Systems with all patches and hot fixes applied. CEH v7 meets Government and DoD compliance with Federal Information Security Management Act (FISMA) and DoD Directive 8570.1-M. Over 1000 minutes of video demonstrations and more. Â

• NetCom provides Authorized Training

  NetCom Learning is a Microsoft Gold Certified Partner for Learning Solutions (CPLS), Cisco Learning Partner, CompTIA Platinum Partner, EC-Council Accredited Training Center, Adobe Authorized Training Center, Autodesk Authorized Training Center and many others. We are proud to offer the highest quality, authorized training solutions from our many partners for our customers.

  See our comprehensive list of partner authorizations.

• Award winning, world-class Instructors

  Emilio G. - Vastly experienced working within multinational environments and capable of connecting to different audiences - In-depth expertise in the implementation, troubleshooting and documentation of networks and security systems, with strong "hands on" technical knowledge of CISSP, CEH and CHFI. - Master of Science in Electronics Engineering, and holder of several technical certifications. - Highly-skilled in diverse fields ranging from Security, Computer Forensics, Networking, Routing Protocols, Programming, Databases and Applications to name a few. Bio: With over 25 years of technical experience, Emilio brings a dynamic set of skills supported by a Masters Degree in Electronics Engineering and on-the-field experience working in multinational environments. He also holds more than 12 Cisco, CompTIA, and Microsoft certifications. Although he is well versed and thorough in multiple technological fields, his technical forte lies in the security domain, specifically CISSP, CEH and CHFI. Emilio�s skills have evolved over time, studying closely and constantly staying well informed of the growing cyber threats. These are just some of the few reasons why Emilio brings to his classes more than just what's in the books.

  Richard L. - Over 20 years experience in the IT industry. - CEH and Microsoft training for many government agencies, including the United States Department of Homeland Security, and the Federal Bureau of Investigation. - CEH and Microsoft training for Fortune corporations such as Merrill Lynch and ADP. Bio: Richard is a premier Microsoft Certified Trainer and Certified EC-Council Instructor. He has over 20 years of experience as a network administrator, security consultant, vulnerability assessor, and penetration tester for assorted Fortune companies. Richardâ??s knowledge on the development and implementation of policies and procedures concerning the security of network data is unsurpassed. He has conducted successful CEH and Microsoft training classes for many government agencies including the United States Department of Homeland Security, the Department of Justice and the Federal Bureau of Investigation, as well as Fortune enterprises such as Merrill Lynch and ADP.

  See more...  
• Actual Client Testimonials

  Mar 02 2012 The training was "outstanding". Mr. Garcia is the best instructor on the subject; very knowledgeable. - Draughon W. Course(s) Taken CEH: Certified Ethical Hacker v7.1 Boot Camp

  
  

  Jan 13 2012 Excellent instructor. Good Course material. -Dan S. Course(s) Taken CEH: Certified Ethical Hacker v7.1

  
  

  Sep 30 2011 I will be back for more training. The training material/illustrations are perfect. Once I pass the certification it will make all this work well worth it. -Robert K. Course(s) Taken CEH: Certified Ethical Hacker v7.1 Boot Camp

  
  

  Sep 19 2011 The instructor was very knowledgeable and presented well! -Marvin L. Course(s) Taken CEH: Certified Ethical Hacker v7.1 Boot Camp

  
  

  Sep 19 2011 The instructor's breath of knowledge and professionalism was nothing short of outstanding. As such, I would continue to coordinate service through Greg. He has assured high quality training for the past few years. -Greg C. Course(s) Taken CEH: Certified Ethical Hacker v7.1 Boot Camp

  
  

  Sep 19 2011 A lot of material, but good to go! -Victor W. Course(s) Taken CEH: Certified Ethical Hacker v7.1 Boot Camp

  
  

  May 07 2010 Very knowledgeable instructor. Class was very helpful. -Robert D. Course(s) Taken CEH and CHFI Certification

  
  

  May 07 2010 Overall experience is good. Instructor very knowledgeable Educational consultant also very helpful and great. -Binh V. Course(s) Taken CEH and CHFI Certification

  
  
• Awards won by NetCom

  NetCom Learning is an award winning, customer focused company. We are simply Passionate About Learning!

  See our list of awards.

• Specialized Boot Camp Training

  

  This training is also available as a boot camp. NetCom is world famous for delivering specialized boot camp training to our clients.

  For answers to questions regarding our boot camp training delivery format, please refer to our Boot Camp FAQ section.

Next Step, how do I attend the CEH: Certified Ethical Hacker v7.1?

Call us toll-free at 1-888-563-8266 FREE Training Inquiry form Website Live Chat Contact us via Email: info@netcomlearning.com

NetCom Named to EC-Council's Circle of Excellence The EC-Council Circle of Excellence award is given out to schools that have attributed to the success of EC-Council certification programs and made a difference in the rapidly evolving security domain.