TechieOasis: First Step To Become Certified Ethical Hacker

CEH Course, Hope you heard of it most time. But then also some peoples are still having doubts "What is CEH course" ?

CEH Course stands for Certified Ethical hacking Course. CEH Course is one of the professional courses nowadays. Some people do CEH Course for just fun and illegal hacking but some people do it for their career. CEH Course is mostly done by IT professionals to find vulnerabilities(weak access points) in the system and make the company organisation secure and protected from hackers.

After completion of this CEH Course you need to give CEH exam. This CEH exam is conducted by EC council on an international level. Remember it's not free. TO give exam you have to pay US$500 for one time (means if you are failed in this CEH exam then you will not be refunded and you have to pay again to give exam second time). The exam code for CEH Course Exam is 312-50.

If a person has completed the CEH Course then he will be called Certified Ethical Hacker. Definately a question pops out in your mind that now "what this ethical hacker means?".
So an ethical hacker is the person who works for an organisation. he then penetrate the system and network of the organisation by using the similar tools and methodologies as a malacious hacker. It is done for the purpose of finding the access points in the system and fix these security issues, so that none can hack the company network and its database.

So CEH Course gives you the same kind of job a software testing engineer does. only difference is that software testing engineers check flaws and bug in software and these certified ethical hacker checks flaw and access points in the network and system. After doing this CEH Course you can apply for Security Professional, Information Security Analyst, Security Consultant, Certified Ethical Hacker, Penetration Tester, Security Analyst job in any company.

CEH Course has many versions from v1 to v8. The ongoing version is v7. But just now v8 is launched. Soon trainings and exams will be available for CEH Course v8. These CEH Course versions are getting updated as more and new Hacking ways are discovered. So they add those modules to defend those new ways.

As we all know that every coin has two sides. Same thing is with CEH Course and Certified ethical Hackers. Some people says that there is no term like ethical hackers and there is no hacker who can be ethical - that's like saying 'ethical rapist' - it's a contradiction in terms." If you see second side of it, you will find some companies do not seem to mind the association. According to the report of EC-Council, there has been an increase in the CEH career and ethical hacking certifications demand is continuously increasing. For the same reason training centres for CEH Course are also increasing.

Know it's time to give the answers for questions related to CEH Course which I expected from you :

Q: Why would a company need an Ethical Hacker for his organisation?

A: They don't want to be the next *TJX (It is the largest store of international home apparels and fashion. But in December 2006 it is got hacked by some hacking society and all credit cards, debit cards, cheque and merchandise returns data was stolen and then whole company was ruined). Some government regulations require companies in certain sectors to have Penetration Testing (checking whether network and database is secured or not) done on regular intervals. All Payment Card Industry or organisations or websites(shopping) requires larger companies to have at least regular vulnerability checking done on fixed intervals. So here Ethical Hackers can help with some of these goals.

*Reference to TJX.

Q: Why did I get certified ?

A: If you are not able to getting a job or if you are interested in networking or security. You are type of detective or investigating attitude. And of course the salary is awesome, Check below. So don't wait do CEH course and get certified.

Salary Ranges by Job:

Information Security Analyst - Rs 149,900 - Rs 883,657
Security Consultant (Computing / Networking ) - Rs 216,000 - Rs 1,100,000
Certified Ethical Hacker - Rs 178,383 - Rs 1,176,851
Security Analyst - Rs 182,267 - Rs 822,022
Penetration Tester - Rs 182,267 - Rs 822,022

After CEH Course completion and Getting CEH certificate from EC council, you become certified to carry out hacking ethically. So if you are interested in this course I will tell you the CEH Course Content for your better knowledge.

Given below CEH Course content is Of v7 if you want to know of v8 then wait for sometime for my next article. CEH Course is build up in modules. module is the collection of topics and concepts. So official there are 19 modules provided by EC council for CEH course v7, these are listed below :

Module 01: Introduction to Ethical Hacking

1. Internet Crime Current Report: IC3
2. Data Breach Investigations Report
3. Types of Data Stolen From the Organizations
4. Essential Terminologies
5. Elements of Information Security
6. Authenticity and Non-Repudiation
7. The Security, Functionality, and Usability Triangle
8. Security Challenges
9. Effects of Hacking
10. Who is a Hacker?
11. Hacker Classes
12. Hacktivism
13. What Does a Hacker Do?
14. Phase 1 - Reconnaissance
15. Phase 2 - Scanning
16. Phase 3 - Gaining Access
17. Phase 4 - Maintaining Access
18. Phase 5 - Covering Tracks
19. Types of Attacks on a System
20. Why Ethical Hacking is Necessary?
21. Defense in Depth
22. Scope and Limitations of Ethical Hacking
23. What Do Ethical Hackers Do?
24. Skills of an Ethical Hacker
25. Vulnerability Research
26. Vulnerability Research Websites
27. What is Penetration Testing?
28. Why Penetration Testing?
29. Penetration Testing Methodology

Module 02: Footprinting and Reconnaissance
1. Footprinting Terminologies
2. What is Footprinting?
3. Objectives of Footprinting
4. Footprinting Threats
5. Finding a Company’s URL
6. Locate Internal URLs
7. Public and Restricted Websites
8. Search for Company’s Information
9. Footprinting Through Search Engines
10. Collect Location Information
11. People Search
12. Gather Information from Financial Services
13. Footprinting Through Job Sites
14. Monitoring Target Using Alerts
15. Competitive Intelligence Gathering
16. WHOIS Lookup
17. Extracting DNS Information
18. Locate the Network Range
19. Traceroute
20. Mirroring Entire Website
21. Extract Website Information from http://www.archive.org
22. Monitoring Web Updates Using Website Watcher
23. Tracking Email Communications
24. Footprint Using Google Hacking Techniques
25. What a Hacker Can Do With Google Hacking?
26. Google Advance Search Operators
27. Google Hacking Tool: Google Hacking Database (GHDB)
28. Google Hacking Tools
29. Additional Footprinting Tools
30. Footprinting Countermeasures
31. Footprinting Pen Testing
Module 03: Scanning Networks
1. Network Scanning
2. Types of Scanning
3. Checking for Live Systems - ICMP Scanning
4. Ping Sweep
5. Three-Way Handshake
6. TCP Communication Flags
7. Hping2 / Hping3
8. Hping Commands
9. Scanning Techniques
10. Scanning: IDS Evasion Techniques
11. IP Fragmentation Tools
12. Scanning Tool: Nmap
13. Scanning Tool: NetScan Tools Pro
14. Scanning Tools
15. Do Not Scan These IP Addresses (Unless you want to get into trouble)
16. Scanning Countermeasures
17. War Dialing
18. Why War Dialing?
19. War Dialing Tools
20. War Dialing Countermeasures
21. OS Fingerprinting
22. Banner Grabbing Tool: ID Serve
23. GET REQUESTS
24. Banner Grabbing Tool: Netcraft
25. Banner Grabbing Tools
26. Banner Grabbing Countermeasures: Disabling or Changing Banner
27. Hiding File Extensions
28. Hiding File Extensions from Webpages
29. Vulnerability Scanning
30. Network Vulnerability Scanners
31. LANsurveyor
32. Network Mappers
33. Proxy Servers
34. Why Attackers Use Proxy Servers?
35. Use of Proxies for Attack
36. How Does Multi Proxy Work?
37. Free Proxy Servers
38. Proxy Workbench
39. Proxifier Tool: Create Chain of Proxy Servers
40. Socks Chain
41. TOR (The Onion Routing)
42. TOR Proxy Chaining Software
43. HTTP Tunneling Techniques
44. Why do I Need HTTP Tunneling?
45. Super Network Tunnel Tool
46. Httptunnel for Windows
47. Additional HTTP Tunneling Tools
48. SSH Tunneling
49. SSL Proxy Tool
50. How to Run SSL Proxy?
51. Proxy Tools
52. Anonymizers
53. Types of Anonymizers
54. Case: Bloggers Write Text Backwards to Bypass Web Filters in China
55. Text Conversion to Avoid Filters
56. Censorship Circumvention Tool: Psiphon
57. How Psiphon Works?
58. How to Check if Your Website is Blocked in China or Not?
59. G-Zapper
60. Anonymizer Tools
61. Spoofing IP Address
62. IP Spoofing Detection Techniques: Direct TTL Probes
63. IP Spoofing Detection Techniques: IP Identification Number
64. IP Spoofing Detection Techniques: TCP Flow Control Method
65. IP Spoofing Countermeasures
66. Scanning Pen Testing
Module 04: Enumeration
1. What is Enumeration?
2. Techniques for Enumeration
3. Netbios Enumeration
4. Enumerating User Accounts
5. Enumerate Systems Using Default Passwords
6. SNMP (Simple Network Management Protocol) Enumeration
7. UNIX/Linux Enumeration
8. LDAP Enumeration
9. NTP Enumeration
10. SMTP Enumeration
11. DNS Zone Transfer Enumeration Using nslookup
12. Enumeration Countermeasures
13. Enumeration Pen Testing
Module 05: System Hacking
1. Information at Hand Before System Hacking Stage
2. System Hacking: Goals
3. CEH Hacking Methodology (CHM)
4. Password Cracking
5. Microsoft Authentication
6. How Hash Passwords are Stored in Windows SAM?
7. What is LAN Manager Hash?
8. Kerberos Authentication
9. Salting
10. PWdump7 and Fgdump
11. L0phtCrack
12. Ophcrack
13. Cain & Abel
14. RainbowCrack
15. Password Cracking Tools
16. LM Hash Backward Compatibility
17. How to Defend against Password Cracking?
18. Privilege Escalation
19. Active@ Password Changer
20. Privilege Escalation Tools
21. How to Defend against Privilege Escalation?
22. Executing Applications
23. Alchemy Remote Executor
24. Remote Exec
25. Execute This!
26. Keylogger
27. Types of Keystroke Loggers
28. Acoustic/CAM Keylogger
29. Keyloggers
30. Spyware
31. How to Defend against Keyloggers?
32. How to Defend against Spyware?
33. Rootkits
34. Types of Rootkits
35. How Rootkit Works?
36. Rootkit: Fu
37. Detecting Rootkits
38. How to Defend against Rootkits?
39. Anti-Rootkit: RootkitRevealer and McAfee Rootkit Detective
40. NTFS Data Stream
41. What is Steganography?
42. Types of Steganography
43. Image Steganography
44. Document Steganography: wbStego
45. Video Steganography: Our Secret
46. Audio Steganography: Mp3stegz
47. Folder Steganography: Invisible Secrets 4
48. Spam/Email Steganography: Spam Mimic
49. Natural Text Steganography: Sams Big G Play Maker
50. Steganalysis
51. Steganography Detection Tool: Stegdetect
52. Why Cover Tracks?
53. Ways to Clear Online Tracks
54. Disabling Auditing: Auditpol
55. Covering Tracks Tool: Window Washer
56. Covering Tracks Tool: Tracks Eraser Pro
57. System Hacking Penetration Testing
Module 06: Trojans and Backdoors
1. What is a Trojan?
2. Overt and Covert Channels
3. Purpose of Trojans
4. What Do Trojan Creators Look For?
5. Indications of a Trojan Attack
6. Common Ports used by Trojans
7. How to Infect Systems Using a Trojan?
8. Wrappers
9. Different Ways a Trojan can Get into a System
10. How to Deploy a Trojan?
11. Evading Anti-Virus Techniques
12. Types of Trojans
13. Destructive Trojans
14. Notification Trojans
15. Credit Card Trojans
16. Data Hiding Trojans (Encrypted Trojans)
17. BlackBerry Trojan: PhoneSnoop
18. MAC OS X Trojan: DNSChanger
19. MAC OS X Trojan: DNSChanger
20. Mac OS X Trojan: Hell Raiser
21. How to Detect Trojans?
22. Process Monitoring Tool: What's Running
23. Scanning for Suspicious Registry Entries
24. Registry Entry Monitoring Tools
25. Scanning for Suspicious Device Drivers
26. Scanning for Suspicious Windows Services
27. Scanning for Suspicious Startup Programs
28. Scanning for Suspicious Files and Folders
29. Scanning for Suspicious Network Activities
30. Trojan Countermeasures
31. Backdoor Countermeasures
32. Trojan Horse Construction Kit
33. Anti-Trojan Software: TrojanHunter
34. Anti-Trojan Software: Emsisoft Anti-Malware
35. Anti-Trojan Softwares
36. Pen Testing for Trojans and Backdoors
Module 07: Viruses and Worms
1. Introduction to Viruses
2. Virus and Worm Statistics 2010
3. Stages of Virus Life
4. Working of Viruses: Infection Phase
5. Working of Viruses: Attack Phase
6. Why Do People Create Computer Viruses?
7. Indications of Virus Attack
8. How does a Computer get Infected by Viruses?
9. Virus Hoaxes
10. Virus Analysis:
11. Types of Viruses
12. Transient and Terminate and Stay Resident Viruses
13. Writing a Simple Virus Program
14. Computer Worms
15. How is a Worm Different from a Virus?
16. Example of Worm Infection: Conficker Worm
17. Worm Analysis:
18. What is Sheep Dip Computer?
19. Anti-Virus Sensors Systems
20. Malware Analysis Procedure
21. String Extracting Tool: Bintext
22. Compression and Decompression Tool: UPX
23. Process Monitoring Tools: Process Monitor
24. Log Packet Content Monitoring Tools: NetResident
25. Debugging Tool: Ollydbg
26. Virus Analysis Tool: IDA Pro
27. Online Malware Testing:
28. Online Malware Analysis Services
29. Virus Detection Methods
30. Virus and Worms Countermeasures
31. Companion Antivirus: Immunet Protect
32. Anti-virus Tools
33. Penetration Testing for Virus

Module 08: Sniffers
1. Lawful Intercept
2. Wiretapping
3. Sniffing Threats
4. How a Sniffer Works?
5. Hacker Attacking a Switch
6. Types of Sniffing: Passive Sniffing
7. Types of Sniffing: Active Sniffing
8. Protocols Vulnerable to Sniffing
9. Tie to Data Link Layer in OSI Model
10. Hardware Protocol Analyzers
11. SPAN Port
12. MAC Flooding
13. How DHCP Works?
14. What is Address Resolution Protocol (ARP)?
15. Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
16. MAC Spoofing/Duplicating
17. DNS Poisoning Techniques
18. Sniffing Tool: Wireshark
19. Sniffing Tool: CACE Pilot
20. Sniffing Tool: Tcpdump/Windump
21. Discovery Tool: NetworkView
22. Discovery Tool: The Dude Sniffer
23. Password Sniffing Tool: Ace
24. Packet Sniffing Tool: Capsa Network Analyzer
25. OmniPeek Network Analyzer
26. Network Packet Analyzer: Observer
27. Session Capture Sniffer: NetWitness
28. Email Message Sniffer: Big-Mother
29. TCP/IP Packet Crafter: Packet Builder
30. Additional Sniffing Tools
31. How an Attacker Hacks the Network Using Sniffers?
32. How to Defend Against Sniffing?
33. Sniffing Prevention Techniques
34. How to Detect Sniffing?
35. Promiscuous Detection Tool: PromqryUI
36. Promiscuous Detection Tool: PromiScan
Module 09: Social Engineering
1. What is Social Engineering?
2. Behaviors Vulnerable to Attacks
3. Why is Social Engineering Effective?
4. Warning Signs of an Attack
5. Phases in a Social Engineering Attack
6. Impact on the Organization
7. Command Injection Attacks
8. Common Targets of Social Engineering
9. Types of Social Engineering
10. Insider Attack
11. Common Intrusion Tactics and Strategies for Prevention
12. Social Engineering Through Impersonation on Social Networking Sites
13. Risks of Social Networking to Corporate Networks
14. Identity Theft Statistics 2010
15. Real Steven Gets Huge Credit Card Statement
16. Identity Theft - Serious Problem
17. Social Engineering Countermeasures: Policies
18. How to Detect Phishing Emails?
19. Identity Theft Countermeasures
20. Social Engineering Pen Testing

Module 10: Denial of Service
1. What is a Denial of Service Attack?
2. What is Distributed Denial of Service Attacks?
3. Symptoms of a DoS Attack
4. Cyber Criminals
5. Internet Chat Query (ICQ)
6. Internet Relay Chat (IRC)
7. DoS Attack Techniques
8. Botnet
9. WikiLeak Operation Payback
10. DoS Attack Tools
11. Detection Techniques
12. DoS/DDoS Countermeasure Strategies
13. DDoS Attack Countermeasures
14. Post-attack Forensics
15. Techniques to Defend against Botnets
16. DoS/DDoS Countermeasures
17. DoS/DDoS Protection at ISP Level
18. Enabling TCP Intercept on Cisco IOS Software
19. Advanced DDoS Protection: IntelliGuard DDoS Protection System (DPS)
20. DoS/DDoS Protection Tool
21. Denial of Service (DoS) Attack Penetration Testing

Module 11: Session Hijacking
1. What is Session Hijacking?
2. Dangers Posed by Hijacking
3. Why Session Hijacking is Successful?
4. Key Session Hijacking Techniques
5. Brute Forcing
6. HTTP Referrer Attack
7. Spoofing vs. Hijacking
8. Session Hijacking Process
9. Packet Analysis of a Local Session Hijack
10. Types of Session Hijacking
11. Predictable Session Token
12. Man-in-the-Middle Attack
13. Man-in-the-Browser Attack
14. Client-side Attacks
15. Cross-site Script Attack
16. Session Fixation
17. Network Level Session Hijacking
18. The 3-Way Handshake
19. Sequence Numbers
20. TCP/IP Hijacking
21. IP Spoofing: Source Routed Packets
22. RST Hijacking
23. Blind Hijacking
24. Man-in-the-Middle Attack using Packet Sniffer
25. UDP Hijacking
26. Session Hijacking Tools
27. Countermeasures
28. Protecting against Session Hijacking
29. Methods to Prevent Session Hijacking: To be Followed by Web Developers
30. Methods to Prevent Session Hijacking: To be Followed by Web Users
31. Defending against Session Hijack Attacks
32. Session Hijacking Remediation
33. IPSec
34. Session Hijacking Pen Testing

Module 12: Hijacking Webservers

Webserver Market Shares
Open Source Webserver Architecture
IIS Webserver Architecture
Website Defacement
Case Study
Why Web Servers are Compromised?
Impact of Webserver Attacks
Webserver Misconfiguration
Directory Traversal Attacks
HTTP Response Splitting Attack
Web Cache Poisoning Attack
HTTP Response Hijacking
SSH Bruteforce Attack
Man-in-the-Middle Attack
Webserver Password Cracking
Web Application Attacks
Webserver Attack Methodology
Webserver Attack Tools
Web Password Cracking Tool
Countermeasures
How to Defend Against Web Server Attacks?
How to Defend against HTTP Response Splitting and Web Cache Poisoning?
Patches and Hotfixes
What is Patch Management?
Identifying Appropriate Sources for Updates and Patches
Installation of a Patch
Patch Management Tool: Microsoft Baseline Security Analyzer (MBSA)
Web Application Security Scanner: Sandcat
Web Server Security Scanner: Wikto
Webserver Malware Infection Monitoring Tool: HackAlert
Webserver Security Tools
Web Server Penetration Testing

Module 13: Hacking Web Applications
1. Web Application Security Statistics
2. Introduction to Web Applications
3. Web Application Components
4. How Web Applications Work?
5. Web Application Architecture
6. Web 2.0 Applications
7. Vulnerability Stack
8. Web Attack Vectors
9. Web Application Threats - 1
10. Web Application Threats - 2
11. Unvalidated Input
12. Parameter/Form Tampering
13. Directory Traversal
14. Security Misconfiguration
15. Injection Flaws
16. What is LDAP Injection?
17. How LDAP Injection Works?
18. Hidden Field Manipulation Attack
19. Cross-Site Scripting (XSS) Attacks
20. Web Application Denial-of-Service (DoS) Attack
21. Buffer Overflow Attacks
22. Cookie/Session Poisoning
23. Session Fixation Attack
24. Insufficient Transport Layer Protection
25. Improper Error Handling
26. Insecure Cryptographic Storage
27. Broken Authentication and Session Management
28. Unvalidated Redirects and Forwards
29. Web Services Architecture
30. Footprint Web Infrastructure
31. Web Spidering Using Burp Suite
32. Hacking Web Servers
33. Analyze Web Applications
34. Attack Authentication Mechanism
35. Username Enumeration
36. Password Attacks: Password Functionality Exploits
37. Password Attacks: Password Guessing
38. Password Attacks: Brute-forcing
39. Session Attacks: Session ID Prediction/ Brute-forcing
40. Cookie Exploitation: Cookie Poisoning
41. Authorization Attack
42. Session Management Attack
43. Injection Attacks
44. Attack Data Connectivity
45. Attack Web App Client
46. Attack Web Services
47. Web Services Probing Attacks
48. Web Service Attack Tool: soapUI
49. Web Service Attack Tool: XMLSpy
50. Web Application Hacking Tool: Burp Suite Professional
51. Web Application Hacking Tools: CookieDigger
52. Web Application Hacking Tools: WebScarab
53. Encoding Schemes
54. Web Application Countermeasures
55. Web Application Firewall: dotDefender
56. Web Application Firewall: IBM AppScan
57. Web Application Firewall: ServerDefender VP
58. Web Application Pen Testing

Module 14: SQL Injection
1. SQL Injection is the Most Prevalent Vulnerability in 2010
2. SQL Injection Threats
3. What is SQL Injection?
4. SQL Injection Attacks
5. How Web Applications Work?
6. Server Side Technologies
7. HTTP Post Request
8. SQL Injection Detection
9. SQL Injection Black Box Pen Testing
10. Types of SQL Injection
11. What is Blind SQL Injection?
12. SQL Injection Methodology
13. Information Gathering
14. Database, Table, and Column Enumeration
15. Features of Different DBMSs
16. Password Grabbing
17. Transfer Database to Attacker’s Machine
18. Interacting with the Operating System
19. Interacting with the FileSystem
20. Network Reconnaissance Full Query
21. SQL Injection Tools
22. Evading IDS
23. How to Defend Against SQL Injection Attacks?
24. SQL Injection Detection Tools
25. Snort Rule to Detect SQL Injection Attacks

Module 15: Hacking Wireless Networks
1. Wireless Networks
2. Wi-Fi Usage Statistics in the US
3. Wi-Fi Hotspots at Public Places
4. Wi-Fi Networks at Home
5. Types of Wireless Networks
6. Wireless Standards
7. Service Set Identifier (SSID)
8. Wi-Fi Authentication Modes
9. Wireless Terminologies
10. Wi-Fi Chalking
11. Wi-Fi Hotspot Finder: jiwire.com
12. Wi-Fi Hotspot Finder: WeFi.com
13. Types of Wireless Antenna
14. Parabolic Grid Antenna
15. Types of Wireless Encryption
16. WEP Encryption
17. What is WPA?
18. Temporal Keys
19. What is WPA2?
20. WEP vs. WPA vs. WPA2
21. WEP Issues
22. Weak Initialization Vectors (IV)
23. How to Break WEP Encryption?
24. How to Break WPA/WPA2 Encryption?
25. How to Defend Against WPA Cracking?
26. Wireless Threats: Access Control Attacks
27. Wireless Threats: Integrity Attacks
28. Wireless Threats: Confidentiality Attacks
29. Wireless Threats: Availability Attacks
30. Wireless Threats: Authentication Attacks
31. Rogue Access Point Attack
32. Client Mis-association
33. Misconfigured Access Point Attack
34. Unauthorized Association
35. Ad Hoc Connection Attack
36. HoneySpot Access Point Attack
37. AP MAC Spoofing
38. Denial-of-Service Attack
39. Jamming Signal Attack
40. Wi-Fi Jamming Devices
41. Wireless Hacking Methodology
42. Find Wi-Fi Networks to Attack
43. Attackers Scanning for Wi-Fi Networks
44. Footprint the Wireless Network
45. Wi-Fi Discovery Tool: inSSIDer
46. Wi-Fi Discovery Tool: NetSurveyor
47. Wi-Fi Discovery Tool: NetStumbler
48. Wi-Fi Discovery Tool: Vistumbler
49. Wi-Fi Discovery Tool: WirelessMon
50. Wi-Fi Discovery Tools
51. GPS Mapping
52. How to Discover Wi-Fi Network Using Wardriving?
53. Wireless Traffic Analysis
54. Wireless Cards and Chipsets
55. Wi-Fi USB Dongle: AirPcap
56. Wi-Fi Packet Sniffer: Wireshark with AirPcap
57. Wi-Fi Packet Sniffer: Wi-Fi Pilot
58. Wi-Fi Packet Sniffer: OmniPeek
59. Wi-Fi Packet Sniffer: CommView for Wi-Fi
60. What is Spectrum Analysis?
61. Wireless Sniffers
62. Aircrack-ng Suite
63. How to Reveal Hidden SSIDs
64. Fragmentation Attack
65. How to Launch MAC Spoofing Attack?
66. Denial of Service: Deauthentication and Disassociation Attacks
67. Man-in-the-Middle Attack
68. MITM Attack Using Aircrack-ng
69. Wireless ARP Poisoning Attack
70. Rogue Access Point
71. Evil Twin
72. How to Crack WEP Using Aircrack?
73. How to Crack WEP Using Aircrack? Screenshot 1/2
74. How to Crack WEP Using Aircrack? Screenshot 2/2
75. How to Crack WPA-PSK Using Aircrack?
76. WPA Cracking Tool: KisMAC
77. WEP Cracking Using Cain & Abel
78. WPA Brute Forcing Using Cain & Abel
79. WPA Cracking Tool: Elcomsoft Wireless Security Auditor
80. WEP/WPA Cracking Tools
81. Wi-Fi Sniffer: Kismet
82. Wardriving Tools
83. RF Monitoring Tools
84. Wi-Fi Connection Manager Tools
85. Wi-Fi Traffic Analyzer Tools
86. Wi-Fi Raw Packet Capturing Tools
87. Wi-Fi Spectrum Analyzing Tools
88. Bluetooth Hacking
89. How to BlueJack a Victim?
90. Bluetooth Hacking Tool: Super Bluetooth Hack
91. Bluetooth Hacking Tool: PhoneSnoop
92. Bluetooth Hacking Tool: BlueScanner
93. How to Defend Against Bluetooth Hacking?
94. How to Detect and Block Rogue AP?
95. Wireless Security Layers
96. How to Defend Against Wireless Attacks?
97. Wireless Intrusion Prevention Systems
98. Wireless IPS Deployment
99. Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer
100. Wi-Fi Security Auditing Tool: AirDefense
101. Wi-Fi Security Auditing Tool: Adaptive Wireless IPS
102. Wi-Fi Security Auditing Tool: Aruba RFProtect WIPS
103. Wi-Fi Intrusion Prevention System
104. Wi-Fi Predictive Planning Tools
105. Wi-Fi Vulnerability Scanning Tools
106. Wireless Penetration Testing

Module 16: Evading IDS, Firewalls, and Honeypots
1. Intrusion Detection Systems (IDS) and its Placement
2. How IDS Works?
3. Ways to Detect an Intrusion
4. Types of Intrusion Detection Systems
5. System Integrity Verifiers (SIV)
6. General Indications of Intrusions
7. General Indications of System Intrusions
8. Firewall
9. DeMilitarized Zone (DMZ)
10. Types of Firewall
11. Firewall Identification
12. Honeypot
13. How to Set Up a Honeypot?
14. Intrusion Detection Tool
15. Intrusion Detection Systems: Tipping Point
16. Firewall: Sunbelt Personal Firewall
17. Honeypot Tools
18. Insertion Attack
19. Evasion
20. Denial-of-Service Attack (DoS)
21. Obfuscating
22. False Positive Generation
23. Session Splicing
24. Unicode Evasion Technique
25. Fragmentation Attack
26. Overlapping Fragments
27. Time-To-Live Attacks
28. Invalid RST Packets
29. Urgency Flag
30. Polymorphic Shellcode
31. ASCII Shellcode
32. Application-Layer Attacks
33. Desynchronization
34. Pre Connection SYN
35. Post Connection SYN
36. Other Types of Evasion
37. Bypass Blocked Sites Using IP Address in Place of URL
38. Bypass a Firewall using Proxy Server
39. Detecting Honeypots
40. Honeypot Detecting Tool: Send-Safe Honeypot Hunter
41. Firewall Evasion Tools
42. Packet Fragment Generators
43. Countermeasures
44. Firewall/IDS Penetration Testing

Module 17: Buffer Overflow

1. Buffer Overflows
2. Why are Programs And Applications Vulnerable?
3. Understanding Stacks
4. Stack-Based Buffer Overflow
5. Understanding Heap
6. Stack Operations
7. Knowledge Required to Program Buffer Overflow Exploits
8. Buffer Overflow Steps
9. Simple Uncontrolled Overflow
10. Simple Buffer Overflow in C
11. Code Analysis
12. Exploiting Semantic Comments in C (Annotations)
13. How to Mutate a Buffer Overflow Exploit?
14. Identifying Buffer Overflows
15. How to Detect Buffer Overflows in a Program?
16. BOU (Buffer Overflow Utility)
17. Testing for Heap Overflow Conditions: heap.exe
18. Steps for Testing for Stack Overflow in OllyDbg Debugger
19. Testing for Format String Conditions using IDA Pro
20. BoF Detection Tools
21. Defense Against Buffer Overflows
22. Data Execution Prevention (DEP)
23. Enhanced Mitigation Experience Toolkit (EMET)
24. /GS http://microsoft.com
25. BoF Security Tools
26. Buffer Overflow Penetration Testing
Module 18: Cryptography
1. Cryptography
2. Types of Cryptography
3. Government Access to Keys (GAK)
4. Ciphers
5. Advanced Encryption Standard (AES)
6. Data Encryption Standard (DES)
7. RC4, RC5, RC6 Algorithms
8. The DSA and Related Signature Schemes
9. RSA (Rivest Shamir Adleman)
10. Message Digest (One-way Bash) Functions
11. Secure Hashing Algorithm (SHA)
12. What is SSH (Secure Shell)?
13. MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles
14. Cryptography Tool: Advanced Encryption Package
15. Cryptography Tools
16. Public Key Infrastructure (PKI)
17. Certification Authorities
18. Digital Signature
19. SSL (Secure Sockets Layer)
20. Transport Layer Security (TLS)
21. Disk Encryption
22. Cryptography Attacks
23. Code Breaking Methodologies
24. Meet-in-the-Middle Attack on Digital Signature Schemes
25. Cryptanalysis Tool: CrypTool
26. Cryptanalysis Tools
27. Online MD5 Decryption Tool

Module 19: Penetration Testing
1. Introduction to Penetration Testing
2. Security Assessments
3. Vulnerability Assessment
4. Penetration Testing
5. Why Penetration Testing?
6. What Should be Tested?
7. What Makes a Good Penetration Test?
8. ROI on Penetration Testing
9. Testing Points
10. Testing Locations
11. Types of Penetration Testing
12. Common Penetration Testing Techniques
13. DNS Domain Name and IP Address Information
14. Enumerating of Hosts on Publicly-Available Networks
15. Phases of Penetration Testing
16. Penetration Testing Methodology
17. Penetration Testing Services
18. Different Types of Pentest Tools
19. Application Security Tool
20. Network Security Tool
21. Wireless/Remote Access Tool
22. Telephony Security Tool
23. Testing Network-Filtering Tool

If You are having any query, then mail me or comment here!
If You like this post then Share and Like this on social Site.
Keep Enjoying!