Ethical Hacking

(ETHICAL-HACK.AE1)
Lessons
Lab
TestPrep
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Ethical Hacking

  • Overview of Ethics
  • Overview of Ethical Hacking
  • Attack Modeling
  • Methodology of Ethical Hacking
  • Summary
2

Networking Foundations

  • Communications Models
  • Topologies
  • Physical Networking
  • IP
  • TCP
  • UDP
  • Internet Control Message Protocol
  • Network Architectures
  • Cloud Computing
  • Summary
3

Footprinting and Reconnaissance

  • Open Source Intelligence
  • Domain Name System
  • Passive Reconnaissance
  • Website Intelligence
  • Technology Intelligence
  • Summary
4

Scanning Networks

  • Ping Sweeps
  • Port Scanning
  • Vulnerability Scanning
  • Packet Crafting and Manipulation
  • Evasion Techniques
  • Protecting and Detecting
  • Summary
5

System Hacking

  • Searching for Exploits
  • System Compromise
  • Gathering Passwords
  • Password Cracking
  • Client‐Side Vulnerabilities
  • Living Off the Land
  • Fuzzing
  • Post Exploitation
  • Summary
6

Malware

  • Malware Types
  • Malware Analysis
  • Creating Malware
  • Malware Infrastructure
  • Antivirus Solutions
  • Persistence
  • Summary
7

Cryptography

  • Basic Encryption
  • Symmetric Key Cryptography
  • Asymmetric Key Cryptography
  • Certificate Authorities and Key Management
  • Cryptographic Hashing
  • PGP and S/MIME
  • Disk and File Encryption
  • Summary
8

Sniffing

  • Packet Capture
  • Detecting Sniffers
  • Packet Analysis
  • Spoofing Attacks
  • Summary
9

Social Engineering

  • Social Engineering
  • Physical Social Engineering
  • Phishing Attacks
  • Social Engineering for Social Networking
  • Website Attacks
  • Wireless Social Engineering
  • Automating Social Engineering
  • Summary
10

Security Ops: Vulnerability Assessments and Operational Risk

  • Terminology
  • Vulnerability Management
  • Vulnerabilities
  • Inherently Vulnerable System/Application
  • Proactive Detection
  • Summary
  • Exam Essentials
11

Attack and Defense

  • Web Application Attacks
  • Denial‐of‐Service Attacks
  • Application Exploitation
  • Lateral Movement
  • Defense in Depth/Defense in Breadth
  • Defensible Network Architecture
  • Summary
12

Scripting for Penetration Testing

  • Scripting and Penetration Testing
  • Variables, Arrays, and Substitutions
  • Comparison Operations
  • String Operations
  • Flow Control
  • Input and Output (I/O)
  • Error Handling
  • Advanced Data Structures
  • Reusing Code
  • The Role of Coding in Penetration Testing
  • Summary
  • Exam Essentials
  • Lab Exercises

1

Footprinting and Reconnaissance

  • Using Recon-ng to Gather Information
  • Using Maltego to Gather Information
  • Using the theHarvester Tool
  • Using the whois Program
  • Using dnsrecon to Perform Enumeration
  • Performing Zone Transfer Using dig
  • Using ipconfig to Perform Reconnaissance
  • Mirroring Sites with HTTrack
  • Using and Checking Google Hacking Database (GHDB)
2

Scanning Networks

  • Using the Zenmap Tool
  • Conducting Vulnerability Scanning Using Nessus
  • Performing Vulnerability Scanning Using OpenVAS
3

System Hacking

  • Searching Exploits Using searchsploit
  • Grabbing a Screenshot of a Target Machine Using Metasploit
  • Loading and Using Mimikatz
  • Cracking a Linux Password Using John the Ripper
  • Cracking Windows Passwords
  • Using Rainbow Tables to Crack Passwords
  • Exploiting Windows 7 Using Metasploit
4

Malware

  • Observing an MD5-Generated Hash Value
  • Using the msfvenom Program
  • Scanning Malware Using Antivirus
5

Cryptography

  • Performing Symmetric Encryption
  • Examining Asymmetric Encryption
  • Using OpenSSL to Create a Public/Private Key Pair
  • Observing an SHA-Generated Hash Value
  • Creating PGP Certification
6

Sniffing

  • Capturing Packets Using Wireshark
  • Performing ARP Spoofing
7

Social Engineering

  • Detecting a Phishing Site Using Netcraft
  • Using the SET Tool to Plan an Attack
8

Security Ops: Vulnerability Assessments and Operational Risk

  • Using Burpsuite
  • Simulating a DoS Attack
  • Tracking Vulnerabilities in Software
  • Performing Passive Reconnaissance
  • Cracking Passwords using Pwdump7 and Cain and Abel
  • Conducting Vulnerability Scanning Using Nessus
  • Performing Nmap Port Scanning
  • Cracking a Password Using the John the Ripper Tool
  • Using PuTTY
  • Exploiting a Website using SQL Injection
  • Conducting Cross-Site Request Forgery Attacks
  • Attacking a Website using XSS Injection
9

Attack and Defense

  • Exploiting a Website Using SQL Injection
  • Attacking a Website Using XSS Injection
  • Simulating a DoS Attack
  • Defending Against a Buffer Overflow Attack
10

Scripting for Penetration Testing

  • Whitelisting an IP Address in the Windows Firewall
  • Viewing Exploits Written in Perl
  • Viewing the Effects of Hostile JavaScript in the Browser
  • Finding Live Hosts by Using the Ping Sweep in Python
  • Writing Bash Shell Script