NDS Ethical Hacking and Information Security

Duration: 15 Days Making of a Hacker

Hacking Dictionary Major Terms What is a Computer - From the eyes of a Hacker Concept of Computer o Descriptions of the Devices o OS Installation Windows & Linux o Boot Process o Types of OS o Live OS o File System o Kernel & Library o Drivers o Software Apps o Registry Database What is a Network? Concept of Networking o IP Address Static v/s Dynamic Public v/s Private LAN/WA N IPv4/IPv6 Classes of IP o MAC Address o Client & Server Web Server DNS Server o Network Devices Switch Router Wire o Protocols o Ports & Services DN STP F HTTP SMTP DHCP UDP Telnet TCP ARP

Concept of Hacking
What is Hacking? Who is a Hacker?

 Who is not a Hacker? What is Cracking? Who is a Cracker? How to become a Hacker? Types of Hackers? Types of Hacking? Let Us Become a Hacker o Software Requirement o Hardware o Intellectual o Appearance & Interaction o Communication Skills o Time Management Start with Hacking o Foot Printing o Scanning Port Scanning Finger Printing Fire w alking o Gaining Access Password Attacks Social Engineering Viruses Keyloggers o Maintaining Access OS Backdoors Trojans PHP Injection o Clearing Tracks Deleting Log Files Remove Traces Delete Event Logs Foot Printing o What is Foot Printing o Why is it Necessary o Whois Lookup o NS Lookup o IP lookup Target Information gathering Website Social Profiles Contact Info Fake Calling Fake Mails Google Digging Make a Report Scanning: o What is Scanning o Why is it Necessary

o Port Scanning Types of Port Scanning o Finger Printing Active Finger Printing Passive Finger Printing o Fire Walking o Network enumeration o Make a Report

Attacks on Email
What is an Email What is an Email Server? Working of an Email Server? o How to setup an Email Server What is the Login Process? What is Email Hacking? Different kind of Attacks on Email o Sending Fake Mails o Phishing o Stealing Cookies o Keyloggers Fake Mails o Introduction to Email o What is a Fake Mail o Why Fake Mail goes? o Sending a Fake Mail Using Scripts What is the working of the Script How to use the Script Topic Hierarchy From Open Relay Servers What is a Open Relay Server How to Send Email Topic Hierarchy o Detecting a Fake Mail Understanding the Travelling Path of an email Reading Headers What is a Header How to Access the Header in different Email Accounts Checking outgoing server address from Header o Tracing an Original Email Reading Headers Checking the Senders IP Address Tracing the IP Address Tools Websites Phishing o Introduction to the Topic

o Why Phishing is successful o Steps in Phishing Making a look alike website, as the Original one Changing the code of the Webpage Sending the link of the webpage to several users to get the Personal Data o Working of Phishing Introduction to Phishing Script o Ways to do Phishing o Protection from Phishing Anti-Phishing Tools Awareness about Phishing techniques Stealing Cookies o Introduction to Cookies o Information stored in Cookies o Ways to get Cookies from a computer Physically accessing the computer Remote Attacks o Getting Information from Cookies o Using Cookie to impersonate as a different user o Protection from Cookie Attacks Deleting Cookies Keyloggers o Introduction to Keyloggers o Using a Keylogger o Types of Keylogger Local Keylogger Remote Keylogger o Detecting a Keylogger Using Anti-Virus Using Process Explorer Securing an Email Account o Configure Strong Passwords o Configure a Secure Account o Follow Counter-measures of Phishing

Windows Systems Hacking

Introduction to Windows OS o Windows Architecture o Windows File system NT File System FAT File System o Windows Security Local Security Authority Security Account Manager Security Reference Monitor o Windows Login Process Cracking Login Password o Security Account Manager (SAM) Introduction to SAM File

Location of SAM File Importance of SAM File Introduction to Hashes o Introduction to Live OS Disks Using a Live CD Advantages of a Live CD o Ways to Crack Login Password Shoulder Surfing Password Guessing Dictionary Attack Rainbow Table Attack Brute-force Attack Using Command Prompt o Cracking Password from Hashes Using Ophcrack Live CD Using NT Offline Password Cracker Using Cain & Abel Privilege Escalation o Using Live CD o Using Command Prompt o Using GPEdit Creating Backdoors o Creating Hidden Account o Getting Command Prompt on Login Screen(Sticky Keys Attack) Clearing Tracks o Introduction to Event Viewer o Deleting Event Logs o Deleting Windows Logs Securing Windows Systems o Configuring Strong Login Passwords o Using Syskey Introduction to Syskey Configuring the Syskey Password o BIOS Password Introduction to BIOS Configuring BIOS o Changing Boot Sequence o Checking for Backdoors Checking Hidden Accounts Checking Sticky Keys Attack o Checking the Event Logs Hiding Files in Windows o CACLS Introduction to ACL Changing ACL o AD S Performing ADS Retrieving Data from ADS files Detecting ADS Files Introduction to Streams

o Steganography Introduction to Steganography Ways to perform Steganography Using Command Prompt Using Tools o Winrar

Website Hacking
Introduction to Web Server o What is a Web Server o Working of a Web Server Request-response Cycle o Setup a Web Server Tools Introduction to Database Server o What is a Database Server o Working of a Database Server o Setup a Database Server Tools Required Login Process on a Website o Connection between Web Server & Database Server Attacking a Web Server o SQL Injection o Remote Code Execution o Cross Side Scripting o Directory Traversal Attack SQL Injection o Introduction to SQL o Working of SQL Database Introduction to SELECT Query Working of SELECT Query in Login Process o Introduction to SQL Injection The SQL Injection Query Understanding the Working of the Query o Using the SQL Injection to Get Login Live Demonstrations o Counter-measures of SQL Injection Attack Validating the Input on the Web Server Encrypting the Input on the Web Server Remote Code Execution o Introduction to the Topic o Introduction to PHP eval() function Working of the eval() function o Hacking using the eval() function Executing commands on the Web Server Live Demonstrations Getting information on the Web Server Live Demonstrations o Counter-measures

 Cross-side Scripting o Introduction to the XSS o Working of XSS o Flaw in XSS implemented websites o Hacking using XSS o Counter-measures Directory Traversal Attack o Introduction to the Topic o Structure of a Website o Performing the Attack Live Demonstrations o Counter-measures Alternative way to Attack websites o Getting all the files of a Website Using Tools Black Widow Wget WebSleuth

Linux & Macintosh Hacking

History of Unix Introduction to Linux Advantages to Linux Different Versions of Linux Difference between Linux & Windows Basics of Linux o Commands o File System o Kernels Installation Configuration Compilation o Files & Directories File Structure Compiling Programs in Linux o Introduction to GCC Compiler Linux Vulnerabilities o Concept of Open Source Code o Optimizing Linux Hacking Linux o Introduction to /etc/shadow file o Cracking Passwords Modifying the Grub Using Live CD Using Tools o Hacking Linux Networks Tools Used o Maintaining Access Installing Rootkits Firew alls in Linux o Introduction to IP Tables Clearing Tracks o Deleting System Logs Securing Linux o Improve Login & User Security o Protect GRUB o Set Boot Security Controls o Secure Network Secure via deamons o Increase Logging & Audit Information Auditing Tools o Patch System Download Updates Introduction to MAC OS o History of MAC Basics of MAC OS Vulnerability in MAC OS

o Crafted URL o CoreText Pointer o Image IO Integer Overflow o Image IO Memory Corruption o UFS File System Overflow o User Privilege Escalation Cracking MAC OS o Malformed Installer Package Crack Worms & Viruses In MAC OS o Working of Worms & Viruses o Removal of Worms & Viruses Anti-Viruses in MAC Security Tools in MAC Counter-measures

Network and Networking Security Measures and Attacks

Networking Devices o Switches o Router Types of Network o Local Area Network o Wide Area Network Three Way Handshake Compromising a Network o Network Enumeration Ping Sweep OS Fingerprinting o Sniffin g Host Scanning Active Sniffing Passive Sniffing o ARP Poisoning - Man in the Middle Attack o DNS Spoofing o Pharming o Denial of Service Attack Tools Used in Network Attack o Ethereal o Ettercap o Wireshark Detecting Network Attacks Securing Network Perimeter o Concept of Firewalls o Intrusion Detection Systems o Configuring Firewall on Windows Operating System

Wireless Hacking
Introduction to Wireless Technology History of Wireless Technology

 Concept of Wireless Networks Wired Network vs. Wireless Network Types of Wireless Netw ork Types of Wireless Standards o 802.1 o1 802.11a o 802.11 ob 802.11g o 802.11 oi 802.11 n Terminology in Wireless Networks o MAC Address o WAP o SSI oD Beacon Frames o ESSI oD Channel o Association & Authentication Setting up a WLAN o Ad-Hoc Mode o Infrastructure Mode Security Options in WLAN o MAC Filtering o WEP Key o WPA & WPA2 Keys Hacking a WLAN o Terminologies War Walking War Driving War Flying o MAC Spoofing o WEP Cracking WEP Flaws Passive Attacks Active Attacks Steps to Hack a WLAN o Finding Networks o Analyzing the Target Network o Sniffing the Network o Cracking the WEP Key Authentication & Disassociation Attack Live Demonstration using Aircrack o Rogue Access Point Creating a Rogue Access Point o WPA Cracking Live Demonstration Some More Attacks on WLAN o Man in the Middle Attack (MITM) Eavesdropping Manipulation (ARP Poisoning)

o Denial of Service Attack Wireless Sniffing Tools o Introduction to the Tools Securing a Wireless Network o MAC Filtering o Disable Broadcasting of SSID o Correct selection of Encryption Method WLAN Security Passphrase o Configure Firewall

Reverse Engineering
Introduction to the Topic Why to Reverse Engineer o Advantages o Disadvantages What is a Software Concept of Languages o Programming Language o Machine Language o Assembly Language What is a Disassembler o Why to Disassemble a Software o Working of a Disassembler o Tools to Disassemble What is a Decompiler o Why Decompile a Software o Working of a Decompiler o Tools to Decompiler What is a Debugger o Why to Debug a Software o Working of a Debugger o Tools to Debug a Software Difference between Disassembler & Debugger Serial Key Phishing o Introduction to the Topic o Steps in Serial Key Phishing Analyzing Assembly Code of Software Tracing the Error Message Setting Break Point Stepping the Assembly Code Checking the Registers for the Key Manipulating the Software o Introduction to the Topic o Steps to Manipulate Analyzing Assembly Code Error Tracing Setting Break Point Stepping the Assembly Code Tracing Conditional Jumps

Injecting the Code Generating Patched Exe File Software Patching o Concept of Patching o Steps in Patching Disassembling a Software Tool Error Tracing Decoding the Instructions Generating Patch to Inject the instruction Introduction to Patching Tool Using Code Fusion Running the Patch Counter-measures o Securing a Software Encryption Program Obfuscation

Trojans & Viruses

Introduction to the Topic Different Applications o Trojans o Viruses o Worms o Spywares What is a Trojan Types of Trojans o Remote Access Trojans o Service Denying or Destructive Trojans o FTP Trojans Trojan Attack Methods o Emails & Attachments o Deception & Social Engineering o Website Bugs & Downloads o Physical Access o Fake Executables Concept of Wrappers Working of Wrappers Live Demonstration of Known Trojans o Beast o Back Orifice o Donald Dick o Netbus Detecting a Trojan o Using Anti-Trojan Software o Manual Detection TCPView Process Viewer Process Explorer

 What is a Virus Working of a Virus Types of Viruses Developing a Virus o Introduction to Batch Programming Removal of Virus o Using Anti-Virus Software o Manual Removal Process Explorer TCPView

Penetration Testing
Concept of Penetration Testing Difference between Ethical Hacking and Penetration Testing Manuals of Penetration Testing o OWASP o OSSTM Types of Penetration Testing o White Box Testing o Black Box Testing o Grey Box Testing Steps in Penetration Testing o Preparation o Conduct o Conclusion Tools Used in Penetration Testing o Backtrack - Linux Based Live OS o Nessus - Network Vulnerability Scanner o Nmap - Port Scanner o Accunetix - Web Scanner

Buffer Overflow Attacks

Concept of Buffer, Stack and Heap What is Buffer Overflow? Exploiting an Overflow in Buffer Types of Buffer Overflow Attacks o Heap Based Buffer Overflow o Stack Based Buffer Overflow NOPS (No-Operation instructions) Tools Used in Buffer Overflow Attacks o Meta-Sploit in Windows o Backtrack Meta-Sploit Framework Live Demonstrations o Exploiting Internet Explorer Take Control of Victim's Command Prompt Take Over Victim's Computer o Exploiting Adobe Reader

Tracking the location of the Victim Protective countermeasures o Choice of programming language o Use of safe libraries o Pointer protection

Cryptography
Introduction to Symmetric Key Cryptography o Symmetric Key Encipherment Substitution Cipher Vernam Cipher (One-Time Pad) Transposition (Permutation) Cipher o Symmetric Key Cryptography Characteristics Data Encryption Standard (DES) Triple DES The Advanced Encryption Standard (AES) The Blowfish Algorithm The Twofish Algorithm The IDEA Cipher RC5/RC6 Public Key Cryptosystems o One-Way Functions o Public Key Algorithms RS Al Gamal E o Summaries of Public Key Cryptosystem Approaches o Digital Signatures Hash Function Developing the Digital Signature MD 5 Public Key Certificates o Digital Certificates o Public Key Infrastructure (PKI) Cryptanalysis Email Security Wireless Security Disk Encryption

Cyber Forensics and Investigation

Introduction The History of Forensics The Objectives of Computer Forensics Reasons for Cyber Attacks Computer Forensics o Rules o Procedures o Legal Issues

 Digital Forensics o Assessing the Case Detecting Identifying the Event Crime o Preservation of Evidence Chain of Custody o Collection Data Recovery Evidence Collection o Examination: Tracing Filtering Extracting Hidden Data o Analysis o Where and When to Use Computer Forensics? Investigating Computer Crime o How an Investigation Starts o The Role of Evidence o Investigation Methodology o Securing Evidence o Chain of Evidence Form o Before Investigating o Professional Conduct Acquiring Data, Duplicating Data, and Recovering Deleted Files o Recovering Deleted Files and Deleted Partitions Data Recovery in Linux Deleted File Recovery Tools Recovering Deleted Partitions Deleted Partition Recovery Tools o Data Acquisition and Duplication Data Acquisition Tools Backing Up and Duplicating Data Acquiring Data in Linux