Certified Ethical Hacker

Transcription

1 Certified Ethical Hacker Authrized EC Cuncil Versin 9 Class Descriptin This class will immerse the students int an interactive envirnment where they will be shwn hw t scan, test, hack and secure their wn systems. The lab intensive envirnment gives each student in-depth knwledge and practical experience with the current essential security systems. Students will begin by understanding hw perimeter defenses wrk and then be lead int scanning and attacking their wn netwrks, n real netwrk is harmed. Students then learn hw intruders escalate privileges and what steps can be taken t secure a system. Students will als learn abut Intrusin Detectin, Plicy Creatin, Scial Engineering, DDS Attacks, Buffer Overflws and Virus Creatin. When a student leaves this intensive 5 day class they will have hands n understanding and experience in Ethical Hacking. This curse prepares yu fr EC- Cuncil ANSI accredited Certified Ethical Hacker exam Audience This curse will significantly benefit security fficers, auditrs, security prfessinals, site administratrs, and anyne wh is cncerned abut the integrity f the netwrk infrastructure. Curse Details Intrductin t Ethical Hacking 1. Intrductin t Ethical Hacking Internet is Integral Part f Business and Persnal Life - What Happens Online in 60 Secnds Infrmatin Security Overview Case Study ebay Data Breach Ggle Play Hack The Hme Dept Data Breach Year f the Mega Breach Data Breach Statistics Tel E. Fairview Ave Ste 12, Meridian, ID 83642

2 Malware Trends in 2014 Essential Terminlgy Elements f Infrmatin Security The Security, Functinality, and Usability Triangle Infrmatin Security Threats and Attack Vectrs Mtives, Gals, and Objectives f Infrmatin Security Attacks Tp Infrmatin Security Attack Vectrs Infrmatin Security Threat Categries Types f Attacks n a System Operating System Attacks Examples f OS Vulnerabilities Miscnfiguratin Attacks Applicatin-Level Attacks Examples f Applicatin-Level Attacks Shrink Wrap Cde Attacks Infrmatin Warfare Hacking Cncepts, Types, and Phases What is Hacking Wh is a Hacker? Hacker Classes Hacking Phases Recnnaissance Scanning Gaining Access Maintaining Access Clearing Tracks Ethical Hacking Cncepts and Scpe What is Ethical Hacking? Why Ethical Hacking is Necessary Scpe and Limitatins f Ethical Hacking Skills f an Ethical Hacker Infrmatin Security Cntrls Infrmatin Assurance (IA) Infrmatin Security Management Prgram Threat Mdeling Enterprise Infrmatin Security Architecture (EISA) Page 2 f 46

3 Netwrk Security Zning Defense in Depth Infrmatin Security Plicies Types f Security Plicies Examples f Security Plicies Privacy Plicies at Wrkplace Steps t Create and Implement Security Plicies HR/Legal Implicatins f Security Plicy Enfrcement Physical Security Physical Security Cntrls Incident Management Incident Management Prcess Respnsibilities f an Incident Respnse Team What is Vulnerability Assessment? Types f Vulnerability Assessment Netwrk Vulnerability Assessment Methdlgy Vulnerability Research Vulnerability Research Websites Penetratin Testing Why Penetratin Testing Cmparing Security Audit, Vulnerability Assessment, and Penetratin Testing Blue Teaming/Red Teaming Types f Penetratin Testing Phases f Penetratin Testing Security Testing Methdlgy Penetratin Testing Methdlgy Infrmatin Security Laws and Standards Payment Card Industry Data Security Standard (PCI-DSS) ISO/IEC 27001:2013 Health Insurance Prtability and Accuntability Act (HIPAA) Sarbanes Oxley Act (SOX) The Digital Millennium Cpyright Act (DMCA) and Federal Infrmatin Security Management Act (FISMA) Cyber Law in Different Cuntries Page 3 f 46

4 2. Ftprinting and Recnnaissance Ftprinting Cncepts What is Ftprinting? Objectives f Ftprinting Ftprinting Methdlgy Ftprinting thrugh Search Engines Finding Cmpany s Public and Restricted Websites Determining the Operating System Cllect Lcatin Infrmatin Peple Search: Scial Netwrking Services Peple Search Online Services Gather Infrmatin frm Financial Services Ftprinting thrugh Jb Sites Mnitring Target Using Alerts Infrmatin Gathering Using Grups, Frums, and Blgs Ftprinting using Advanced Ggle Hacking Techniques Ggle Advance Search Operatrs Finding Resurces Using Ggle Advance Operatr Ggle Hacking Database (GHDB) Infrmatin Gathering Using Ggle Advanced Search Ftprinting thrugh Scial Netwrking Sites Cllect Infrmatin thrugh Scial Engineering n Scial Netwrking Sites Infrmatin Available n Scial Netwrking Sites Website Ftprinting Website Ftprinting using Web Spiders Mirrring Entire Website Website Mirrring Tls Extract Website Infrmatin frm Mnitring Web Updates Using Website Watcher Ftprinting Web Updates Mnitring Tls Tracking Cmmunicatins Cllecting Infrmatin frm Header Page 4 f 46

5 Tracking Tls Cmpetitive Intelligence Cmpetitive Intelligence Gathering Cmpetitive Intelligence - When Did this Cmpany Begin? Hw Did it Develp? Cmpetitive Intelligence - What Are the Cmpany's Plans? Cmpetitive Intelligence - What Expert Opinins Say Abut the Cmpany Mnitring Website Traffic f Target Cmpany Tracking Online Reputatin f the Target WHOIS Ftprinting Tls fr Tracking Online Reputatin f the Target WHOIS Lkup WHOIS Lkup Result Analysis WHOIS Lkup Tls WHOIS Lkup Tls fr Mbile DNS Ftprinting Extracting DNS Infrmatin DNS Interrgatin Tls Netwrk Ftprinting Lcate the Netwrk Range Tracerute Tracerute Analysis Tracerute Tls Ftprinting thrugh Scial Engineering Ftprinting thrugh Scial Engineering Cllect Infrmatin Using Eavesdrpping, Shulder Surfing, and Dumpster Diving Ftprinting Tls Ftprinting Tl Malteg Recn-ng Additinal Ftprinting Tls Ftprinting Cuntermeasures Ftprinting Penetratin Testing Ftprinting Pen Testing Page 5 f 46

6 Ftprinting Pen Testing Reprt Templates 3. Scanning Netwrks Overview f Netwrk Scanning TCP Cmmunicatin Flags TCP/IP Cmmunicatin Creating Custm Packet Using TCP Flags CEH Scanning Methdlgy Check fr Live Systems Checking fr Live Systems - ICMP Scanning Ping Sweep Check fr Open Prts Ping Sweep Tls SSDP Scanning Scanning IPv6 Netwrk Scanning Tl Nmap Hping2 / Hping3 Hping Cmmands Scanning Techniques TCP Cnnect / Full Open Scan Stealth Scan (Half-pen Scan) Inverse TCP Flag Scanning Xmas Scan ACK Flag Prbe Scanning IDLE/IPID Header Scan IDLE Scan: Step 1 IDLE Scan: Step 2 and 3 UDP Scanning ICMP Ech Scanning/List Scan Scanning Tl: NetScan Tls Pr Scanning Tls Scanning Tls fr Mbile Page 6 f 46

7 Prt Scanning Cuntermeasures Scanning Beynd IDS IDS Evasin Techniques SYN/FIN Scanning Using IP Fragments Banner Grabbing Banner Grabbing Tls Banner Grabbing Cuntermeasures Disabling r Changing Banner Hiding File Extensins frm Web Pages Scan fr Vulnerability Vulnerability Scanning Vulnerability Scanning Tl Nessus GAFI LanGuard Qualys FreeScan Netwrk Vulnerability Scanners Vulnerability Scanning Tls fr Mbile Draw Netwrk Diagrams Drawing Netwrk Diagrams Netwrk Discvery Tl Netwrk Tplgy Mapper OpManager and NetwrkView Netwrk Discvery and Mapping Tls Netwrk Discvery Tls fr Mbile Prepare Prxies Prxy Servers Prxy Chaining Prxy Tl Prxy Switcher Prxy Wrkbench TOR and CyberGhst Prxy Tls Prxy Tls fr Mbile Free Prxy Servers Intrductin t Annymizers Censrship Circumventin Tl: Tails Page 7 f 46

8 G-Zapper Annymizers Annymizers fr Mbile Spfing IP Address IP Spfing Detectin Techniques Direct TTL Prbes IP Identificatin Number TCP Flw Cntrl Methd IP Spfing Cuntermeasures Scanning Pen Testing 4. Enumeratin Enumeratin Cncepts What is Enumeratin? Techniques fr Enumeratin Services and Prts t Enumerate NetBIOS Enumeratin NetBIOS Enumeratin Tl SuperScan Hyena Winfingerprint NetBIOS Enumeratr and Nsauditr Netwrk Security Auditr Enumerating User Accunts Enumerating Shared Resurces Using Net View SNMP Enumeratin Wrking f SNMP Management Infrmatin Base (MIB) SNMP Enumeratin Tl OpUtils Engineer s Tlset SNMP Enumeratin Tls LDAP Enumeratin LDAP Enumeratin Tl: Sfterra LDAP Administratr LDAP Enumeratin Tls Page 8 f 46

9 NTP Enumeratin NTP Enumeratin Cmmands NTP Enumeratin Tls SMTP Enumeratin SMTP Enumeratin Tl: NetScanTls Pr Telnet Enumeratin DNS Zne Transfer Enumeratin Using NSLkup Enumeratin Cuntermeasures SMB Enumeratin Cuntermeasures Enumeratin Pen Testing 5. System Hacking Infrmatin at Hand Befre System Hacking Stage System Hacking: Gals CEH Hacking Methdlgy (CHM) CEH System Hacking Steps Cracking Passwrds Passwrd Cracking Types f Passwrd Attacks Nn-Electrnic Attacks Active Online Attack Dictinary, Brute Frcing and Rule-based Attack Passwrd Guessing Default Passwrds Active Online Attack: Trjan/Spyware/Keylgger Example f Active Online Attack Using USB Drive Hash Injectin Attack Passive Online Attack Wire Sniffing Man-in-the-Middle and Replay Attack Offline Attack Page 9 f 46

10 Rainbw Attacks Tls t Create Rainbw Tables: rtgen and Winrtgen Distributed Netwrk Attack Elcmsft Distributed Passwrd Recvery Micrsft Authenticatin Hw Hash Passwrds Are Stred in Windws SAM? NTLM Authenticatin Prcess Kerbers Authenticatin Passwrd Salting pwdump7 and fgdump Passwrd Cracking Tls L0phtCrack and Ophcrack Cain & Abel and RainbwCrack Passwrd Cracking Tls Passwrd Cracking Tl fr Mbile: FlexiSPY Passwrd Grabber Hw t Defend against Passwrd Cracking Implement and Enfrce Strng Security Plicy CEH System Hacking Steps Escalating Privileges Privilege Escalatin Privilege Escalatin Using DLL Hijacking Privilege Escalatin Tl: Active@ Passwrd Changer Privilege Escalatin Tls Hw t Defend Against Privilege Escalatin Executing Applicatins RemteExec PDQ Deply DameWare Remte Supprt Keylgger Types f Keystrke Lggers Hardware Keylggers Keylgger: All In One Keylgger Keylggers fr Windws Keylgger fr Mac: Amac Keylgger fr Mac Keylggers fr MAC Spyware Page 10 f 46

11 Spyware: Spytech SpyAgent Spyware: Pwer Spy 2014 What Des the Spyware D? Spyware USB Spyware: USBSpy Audi Spyware: Spy Vice Recrder and Sund Snper Vide Spyware: WebCam Recrder Cellphne Spyware: Mbile Spy Telephne/Cellphne Spyware GPS Spyware: SPYPhne GPS Spyware Hw t Defend Against Keylggers Anti-Keylgger: Zemana AntiLgger Anti-Keylgger Hw t Defend Against Spyware Hiding Files Rtkits Anti-Spyware: SUPERAntiSpyware Anti-Spyware Types f Rtkits Hw Rtkit Wrks Rtkit Avatar Necurs Azazel Detecting Rtkits ZerAccess Steps fr Detecting Rtkits Hw t Defend against Rtkits Anti-Rtkit: Stinger and UnHackMe Anti-Rtkits NTFS Data Stream Hw t Create NTFS Streams NTFS Stream Manipulatin Hw t Defend against NTFS Streams NTFS Stream Detectr: StreamArmr Page 11 f 46

12 NTFS Stream Detectrs What Is Stegangraphy? Classificatin f Stegangraphy Types f Stegangraphy based n Cver Medium Whitespace Stegangraphy Tl: SNOW Image Stegangraphy Least Significant Bit Insertin Masking and Filtering Algrithms and Transfrmatin Image Stegangraphy: QuickSteg Image Stegangraphy Tls Dcument Stegangraphy: wbsteg Dcument Stegangraphy Tls Vide Stegangraphy Vide Stegangraphy: OmniHide PRO and Masker Vide Stegangraphy Tls Audi Stegangraphy Audi Stegangraphy: DeepSund Audi Stegangraphy Tls Flder Stegangraphy: Invisible Secrets 4 Flder Stegangraphy Tls Spam/ Stegangraphy: Spam Mimic Stegangraphy Tls fr Mbile Phnes Steganalysis Steganalysis Methds/Attacks n Stegangraphy Detecting Text and Image Stegangraphy Detecting Audi and Vide Stegangraphy Stegangraphy Detectin Tl: Gargyle Investigatr Frensic Pr Stegangraphy Detectin Tls Cvering Tracks Cvering Tracks Disabling Auditing: Auditpl Clearing Lgs Manually Clearing Event Lgs Ways t Clear Online Tracks Cvering Tracks Tl: CCleaner Page 12 f 46

13 Cvering Tracks Tl: MRU-Blaster Track Cvering Tls Penetratin Testing Passwrd Cracking Privilege Escalatin Executing Applicatins Hiding Files Cvering Tracks 6. Malware Threats Intrductin t Malware Different Ways a Malware can Get int a System Cmmn Techniques Attackers Use t Distribute Malware n the Web Trjan Cncepts Financial Lss Due t Trjans What is a Trjan? Hw Hackers Use Trjans Cmmn Prts used by Trjans Hw t Infect Systems Using a Trjan Wrappers Dark Hrse Trjan Virus Maker Trjan Hrse Cnstructin Kit Crypters: AIO FUD Crypter, Hidden Sight Crypter, and Galaxy Crypter Crypters: Crigenic Crypter, Heaven Crypter, and SwayzCryptr Hw Attackers Deply a Trjan Explit Kit Explit Kit: Infinity Explit Kits: Phenix Explit Kit and Blackhle Explit Kit Explit Kits: Bleedinglife and Crimepack Evading Anti-Virus Techniques Types f Trjans Cmmand Shell Trjans Defacement Trjans Defacement Trjans: Restratr Page 13 f 46

14 Btnet Trjans Tr-based Btnet Trjans: ChewBacca Btnet Trjans: Skynet and CyberGate Prxy Server Trjans Prxy Server Trjan: W3bPrOxy Tr0j4nCr34t0r (Funny Name) FTP Trjans VNC Trjans VNC Trjans: WinVNC and VNC Stealer HTTP/HTTPS Trjans HTTP Trjan: HTTP RAT Shttpd Trjan - HTTPS (SSL) ICMP Tunneling Remte Access Trjans Optix Pr and MSucker BlackHle RAT and SSH - R.A.T njrat and Xtreme RAT SpyGate RAT and Punisher RAT DarkCmet RAT, Pandra RAT, and HellSpy RAT PrRat and Theef Hell Raiser Atelier Web Remte Cmmander Cvert Channel Trjan: CCTT E-banking Trjans Wrking f E-banking Trjans E-banking Trjan ZeuS and SpyEye Citadel Builder and Ice IX Destructive Trjans: M4sT3r Trjan Ntificatin Trjans Data Hiding Trjans (Encrypted Trjans) Virus and Wrms Cncepts Intrductin t Viruses Stages f Virus Life Wrking f Viruses: Infectin Phase Attack Phase Page 14 f 46

15 Why D Peple Create Cmputer Viruses Indicatins f Virus Attack Virus Haxes and Fake Antiviruses Ransmware Types f Viruses System r Bt Sectr Viruses File and Multipartite Viruses Macr Viruses Cluster Viruses Stealth/Tunneling Viruses Encryptin Viruses Plymrphic Cde Metamrphic Viruses File Overwriting r Cavity Viruses Sparse Infectr Viruses Cmpanin/Camuflage Viruses Shell Viruses File Extensin Viruses Add-n and Intrusive Viruses Transient and Terminate and Stay Resident Viruses Writing a Simple Virus Prgram Sam s Virus Generatr and JPS Virus Maker Andreinick05's Batch Virus Maker and DeadLine s Virus Maker Snic Bat - Batch File Virus Creatr and Pisn Virus Maker Cmputer Wrms Hw Is a Wrm Different frm a Virus? Cmputer Wrms: Ghst Eye Wrm Wrm Maker: Internet Wrm Maker Thing Malware Reverse Engineering What is Sheep Dip Cmputer? Anti-Virus Sensr Systems Malware Analysis Prcedure: Preparing Testbed Malware Analysis Prcedure Malware Analysis Tl: IDA Pr Online Malware Testing: VirusTtal Online Malware Analysis Services Page 15 f 46

16 Trjan Analysis: Neverquest Virus Analysis: Ransm Cryptlcker Wrm Analysis: Darllz (Internet f Things (IT) Wrm) Malware Detectin Hw t Detect Trjans Scanning fr Suspicius Prts Tls: TCPView and CurrPrts Scanning fr Suspicius Prcesses Prcess Mnitring Tl: What's Running Prcess Mnitring Tls Scanning fr Suspicius Registry Entries Registry Entry Mnitring Tl: RegScanner Registry Entry Mnitring Tls Scanning fr Suspicius Device Drivers Device Drivers Mnitring Tl: DriverView Device Drivers Mnitring Tls Scanning fr Suspicius Windws Services Windws Services Mnitring Tl: Windws Service Manager (SrvMan) Windws Services Mnitring Tls Scanning fr Suspicius Startup Prgrams Windws 8 Startup Registry Entries Startup Prgrams Mnitring Tl: Security AutRun Startup Prgrams Mnitring Tls Scanning fr Suspicius Files and Flders Files and Flder Integrity Checker: FastSum and WinMD5 Files and Flder Integrity Checker Scanning fr Suspicius Netwrk Activities Detecting Trjans and Wrms with Capsa Netwrk Analyzer Virus Detectin Methds Cuntermeasures Trjan Cuntermeasures Backdr Cuntermeasures Virus and Wrms Cuntermeasures Anti-Malware Sftware Anti-Trjan Sftware Page 16 f 46

17 TrjanHunter Emsisft Anti-Malware Anti-Trjan Sftware Cmpanin Antivirus: Immunet Anti-virus Tls Penetratin Testing Pen Testing fr Trjans and Backdrs Penetratin Testing fr Virus 7. Sniffing Sniffing Cncepts Netwrk Sniffing and Threats Hw a Sniffer Wrks Types f Sniffing Passive Sniffing Active Sniffing Hw an Attacker Hacks the Netwrk Using Sniffers Prtcls Vulnerable t Sniffing Sniffing in the Data Link Layer f the OSI Mdel Hardware Prtcl Analyzer Hardware Prtcl Analyzers SPAN Prt Wiretapping Lawful Interceptin Wiretapping Case Study: PRISM MAC Attacks MAC Address/CAM Table Hw CAM Wrks What Happens When CAM Table Is Full? MAC Flding Mac Flding Switches with macf Switch Prt Stealing Hw t Defend against MAC Attacks Page 17 f 46

18 DHCP Attacks Hw DHCP Wrks DHCP Request/Reply Messages IPv4 DHCP Packet Frmat DHCP Starvatin Attack DHCP Starvatin Attack Tls Rgue DHCP Server Attack Hw t Defend Against DHCP Starvatin and Rgue Server Attack ARP Pisning What Is Address Reslutin Prtcl (ARP)? ARP Spfing Attack Hw Des ARP Spfing Wrk Threats f ARP Pisning ARP Pisning Tl Cain & Abel and WinArpAttacker Ufasft Snif Hw t Defend Against ARP Pisning Cnfiguring DHCP Snping and Dynamic ARP Inspectin n Cisc Switches ARP Spfing Detectin: XArp Spfing Attack MAC Spfing/Duplicating MAC Spfing Technique: Windws MAC Spfing Tl: SMAC IRDP Spfing Hw t Defend Against MAC Spfing DNS Pisning DNS Pisning Techniques Intranet DNS Spfing Internet DNS Spfing Prxy Server DNS Pisning DNS Cache Pisning Hw t Defend Against DNS Spfing Sniffing Tls Sniffing Tl: Wireshark Fllw TCP Stream in Wireshark Display Filters in Wireshark Page 18 f 46

19 Additinal Wireshark Filters Sniffing Tl SteelCentral Packet Analyzer Tcpdump/Windump Packet Sniffing Tl: Capsa Netwrk Analyzer Netwrk Packet Analyzer OmniPeek Netwrk Analyzer Observer Sniff-O-Matic TCP/IP Packet Crafter: Clasft Packet Builder Netwrk Packet Analyzer: RSA NetWitness Investigatr Additinal Sniffing Tls Packet Sniffing Tls fr Mbile: Wi.cap. Netwrk Sniffer Pr and FaceNiff Cunter measures Hw t Defend Against Sniffing Sniffing Detectin Techniques Hw t Detect Sniffing Sniffer Detectin Technique Ping Methd ARP Methd DNS Methd Prmiscuus Detectin Tl PrmqryUI Nmap Sniffing Pen Testing 8. Scial Engineering Scial Engineering Cncepts What is Scial Engineering? Behavirs Vulnerable t Attacks Factrs that Make Cmpanies Vulnerable t Attacks Why Is Scial Engineering Effective? Warning Signs f an Attack Page 19 f 46

20 Phases in a Scial Engineering Attack Scial Engineering Techniques Types f Scial Engineering Human-based Scial Engineering Impersnatin Impersnatin Scenari Over-Helpfulness f Help Desk Third-party Authrizatin Tech Supprt Internal Emplyee/Client/Vendr Repairman Trusted Authrity Figure Eavesdrpping and Shulder Surfing Dumpster Diving Reverse Scial Engineering, Piggybacking, and Tailgating Watch these Mvies Watch this Mvie Cmputer-based Scial Engineering Phishing Spear Phishing Mbile-based Scial Engineering Publishing Malicius Apps Repackaging Legitimate Apps Fake Security Applicatins Using SMS Insider Attack Disgruntled Emplyee Preventing Insider Threats Cmmn Scial Engineering Targets and Defense Strategies Impersnatin n Scial Netwrking Sites Scial Engineering Thrugh Impersnatin n Scial Netwrking Sites Scial Engineering n Facebk Scial Engineering n LinkedIn and Twitter Risks f Scial Netwrking t Crprate Netwrks Identity Theft Identity Theft Statistics Page 20 f 46

21 Identify Theft Hw t Steal an Identity STEP 1 STEP 2 Cmparisn STEP 3 Real Steven Gets Huge Credit Card Statement Identity Theft - Serius Prblem Scial Engineering Cuntermeasures Hw t Detect Phishing s Anti-Phishing Tlbar Netcraft PhishTank Identity Theft Cuntermeasures Penetratin Testing Scial Engineering Pen Testing Using s Using Phne In Persn Scial Engineering Tlkit (SET) 9. Denial-f-Service DS/DDS Cncepts DDS Attack Trends What is a Denial f Service Attack? What Are Distributed Denial f Service Attacks? Hw Distributed Denial f Service Attacks Wrk DS/DDS Attack Techniques Basic Categries f DS/DDS Attack Vectrs DS/DDS Attack Techniques Bandwidth Attacks Service Request Flds Page 21 f 46

22 SYN Attack SYN Flding ICMP Fld Attack Peer-t-Peer Attacks Permanent Denial-f-Service Attack Applicatin Level Fld Attacks Distributed Reflectin Denial f Service (DRDS) Btnets Organized Cyber Crime: Organizatinal Chart Btnet A Typical Btnet Setup Btnet Ecsystem Scanning Methds fr Finding Vulnerable Machines Hw Malicius Cde Prpagates? Btnet Trjan Blackshades NET Cythsia Btnet and Andrmeda Bt PlugBt DDS Case Study DDS Attack Hackers Advertise Links t Dwnlad Btnet DS/DDS Attack Tls Pandra DDS Bt Tlkit Dereil and HOIC DS HTTP and BanglaDs DS and DDS Attack Tls DS and DDS Attack Tl fr Mbile AnDOSid Lw Orbit In Cannn (LOIC) Cunter-measures Detectin Techniques Activity Prfiling Wavelet Analysis Sequential Change-Pint Detectin DS/DDS Cuntermeasure Strategies DDS Attack Cuntermeasures Page 22 f 46

23 Prtect Secndary Victims Detect and Neutralize Handlers Detect Ptential Attacks Deflect Attacks Mitigate Attacks Pst-Attack Frensics Techniques t Defend against Btnets DS/DDS Cuntermeasures DS/DDS Prtectin at ISP Level Enabling TCP Intercept n Cisc IOS Sftware Advanced DDS Prtectin Appliances DS/DDS Prtectin Tls DS/DDS Prtectin Tl: FrtGuard Anti-DDS Firewall 2014 DS/DDS Prtectin Tls DS/DDS Attack Penetratin Testing 10. Sessin Hijacking Sessin Hijacking Cncepts What is Sessin Hijacking? Why Sessin Hijacking is Successful? Sessin Hijacking Prcess Packet Analysis f a Lcal Sessin Hijack Types f Sessin Hijacking Sessin Hijacking in OSI Mdel Spfing vs. Hijacking Applicatin Level Sessin Hijacking Cmprmising Sessin IDs using Sniffing Cmprmising Sessin IDs by Predicting Sessin Tken Hw t Predict a Sessin Tken Cmprmising Sessin IDs Using Man-in-the-Middle Attack Cmprmising Sessin IDs Using Man-in-the-Brwser Attack Steps t Perfrm Man-in-the-Brwser Attack Cmprmising Sessin IDs Using Client-side Attacks Page 23 f 46

24 Cmprmising Sessin IDs Using Client-side Attacks: Crss-site Script Attack Cmprmising Sessin IDs Using Client-side Attacks: Crss-site Request Frgery Attack Cmprmising Sessin IDs Using Sessin Replay Attack Cmprmising Sessin IDs Using Sessin Fixatin Sessin Fixatin Attack Sessin Hijacking Using Prxy Servers Netwrk-level Sessin Hijacking The 3-Way Handshake TCP/IP Hijacking TCP/IP Hijacking Prcess IP Spfing: Surce Ruted Packets RST Hijacking Blind Hijacking MiTM Attack Using Frged ICMP and ARP Spfing UDP Hijacking Sessin Hijacking Tls Sessin Hijacking Tl Zaprxy Burp Suite and Hijack Sessin Hijacking Tls Sessin Hijacking Tls fr Mbile: DridSheep and DridSniff Cunter-measures Sessin Hijacking Detectin Methds Prtecting against Sessin Hijacking Methds t Prevent Sessin Hijacking T be Fllwed by Web Develpers T be Fllwed by Web Users Appraches Vulnerable t Sessin Hijacking and their Preventative Slutins IPSec Mdes f IPsec IPsec Architecture IPsec Authenticatin and Cnfidentiality Cmpnents f IPsec Sessin Hijacking Pen Testing Page 24 f 46

25 11. Hacking Webservers Webserver Cncepts Web Server Security Issue Why Web Servers Are Cmprmised Impact f Webserver Attacks Open Surce Webserver Architecture IIS Webserver Architecture Webserver Attacks DS/DDS Attacks DNS Server Hijacking DNS Amplificatin Attack Directry Traversal Attacks Man-in-the-Middle/Sniffing Attack Phishing Attacks Website Defacement Webserver Miscnfiguratin Webserver Miscnfiguratin Example HTTP Respnse Splitting Attack Web Cache Pisning Attack SSH Brutefrce Attack Webserver Passwrd Cracking Webserver Passwrd Cracking Techniques Web Applicatin Attacks Attack Methdlgy Webserver Attack Methdlgy Infrmatin Gathering Infrmatin Gathering frm Rbts.txt File Webserver Ftprinting Webserver Ftprinting Tls Enumerating Webserver Infrmatin Using Nmap Webserver Attack Methdlgy Mirrring a Website Vulnerability Scanning Page 25 f 46

26 Sessin Hijacking Hacking Web Passwrds Webserver Attack Tls Metasplit Metasplit Architecture Metasplit Explit Mdule Metasplit Paylad Mdule Metasplit Auxiliary Mdule Metasplit NOPS Mdule Webserver Attack Tls: Wfetch Web Passwrd Cracking Tl: THC-Hydra and Brutus Cunter-measures Place Web Servers in Separate Secure Server Security Segment n Netwrk Cuntermeasures Patches and Updates Prtcls Accunts Files and Directries Detecting Web Server Hacking Attempts Hw t Defend Against Web Server Attacks Hw t Defend against HTTP Respnse Splitting and Web Cache Pisning Hw t Defend against DNS Hijacking Patch Management Patches and Htfixes What Is Patch Management? Identifying Apprpriate Surces fr Updates and Patches Installatin f a Patch Implementatin and Verificatin f a Security Patch r Upgrade Patch Management Tl: Micrsft Baseline Security Analyzer (MBSA) Patch Management Tls Webserver Security Tls Web Applicatin Security Scanner: Syhunt Dynamic and N-Stalker Web Applicatin Security Scanner Web Server Security Scanner: Wikt and Acunetix Web Vulnerability Scanner Web Server Malware Infectin Mnitring Tl HackAlert Page 26 f 46

27 QualysGuard Malware Detectin Webserver Security Tls Webserver Pen Testing Web Server Pen Testing Tl CORE Impact Pr Immunity CANVAS Arachni 12. Hacking Web Applicatins Web App Cncepts Intrductin t Web Applicatins Hw Web Applicatins Wrk? Web Applicatin Architecture Web 2.0 Applicatins Vulnerability Stack Web App Threats Unvalidated Input Parameter/Frm Tampering Directry Traversal Security Miscnfiguratin Injectin Flaws SQL Injectin Attacks Cmmand Injectin Attacks Cmmand Injectin Example File Injectin Attack What is LDAP Injectin? Hw LDAP Injectin Wrks? Hidden Field Manipulatin Attack Crss-Site Scripting (XSS) Attacks Hw XSS Attacks Wrk Crss-Site Scripting Attack Scenari: Attack via XSS Example: Attack via XSS Example: Stealing Users' Ckies Page 27 f 46

28 XSS Example: Sending an Unauthrized Request XSS Attack in Blg Psting XSS Attack in Cmment Field Websites Vulnerable t XSS Attack Crss-Site Request Frgery (CSRF) Attack Hw CSRF Attacks Wrk? Web Applicatin Denial-f-Service (DS) Attack Denial f Service (DS) Examples Buffer Overflw Attacks Ckie/Sessin Pisning Hw Ckie Pisning Wrks? Sessin Fixatin Attack CAPTCHA Attacks Insufficient Transprt Layer Prtectin Imprper Errr Handling Insecure Cryptgraphic Strage Brken Authenticatin and Sessin Management Unvalidated Redirects and Frwards Web Services Architecture Web Services Attack Web Services Ftprinting Attack Web Services XML Pisning Web App Hacking Methdlgy Ftprint Web Infrastructure Server Discvery Service Discvery Server Identificatin/Banner Grabbing Detecting Web App Firewalls and Prxies n Target Site Hidden Cntent Discvery Web Spidering Using Burp Suite Web Crawling Using Mzenda Web Agent Builder Attack Web Servers Hacking Web Servers Web Server Hacking Tl: WebInspect Analyze Web Applicatins Identify Entry Pints fr User Input Page 28 f 46

29 Identify Server-Side Technlgies Identify Server-Side Functinality Map the Attack Surface Attack Authenticatin Mechanism Username Enumeratin Passwrd Attacks Passwrd Functinality Explits Passwrd Guessing Brute-frcing Sessin Attacks: Sessin ID Predictin/ Brute-frcing Ckie Explitatin: Ckie Pisning Authrizatin Attack Schemes Authrizatin Attack HTTP Request Tampering Authrizatin Attack: Ckie Parameter Tampering Attack Sessin Management Mechanism Sessin Management Attack Attacking Sessin Tken Generatin Mechanism Attacking Sessin Tkens Handling Mechanism: Sessin Tken Sniffing Perfrm Injectin Attacks Injectin Attacks/Input Validatin Attacks Attack Data Cnnectivity Cnnectin String Injectin Cnnectin String Parameter Pllutin (CSPP) Attacks Cnnectin Pl DS Attack Web App Client Attack Web Services Web Services Prbing Attacks Web Service Attacks SOAP Injectin XML Injectin Web Services Parsing Attacks Web Service Attack Tl: sapui and XMLSpy Web Applicatin Hacking Tls Web Applicatin Hacking Tls Burp Suite Prfessinal Page 29 f 46

30 CkieDigger WebScarab Web Applicatin Hacking Tls Cuntermeasures Encding Schemes Hw t Defend Against SQL Injectin Attacks? Hw t Defend Against Cmmand Injectin Flaws? Hw t Defend Against XSS Attacks? Hw t Defend Against DS Attack? Hw t Defend Against Web Services Attack? Guidelines fr Secure CAPTCHA Implementatin Web Applicatin Cuntermeasures Hw t Defend Against Web Applicatin Attacks? Security Tls Web Applicatin Security Tl Acunetix Web Vulnerability Scanner Watcher Web Security Tl Netsparker N-Stalker Web Applicatin Security Scanner VampireScan Web Applicatin Security Tls Web Applicatin Firewall dtdefender ServerDefender VP Web Applicatin Firewall Web App Pen Testing Web Applicatin Pen Testing Infrmatin Gathering Cnfiguratin Management Testing Authenticatin Testing Sessin Management Testing Authrizatin Testing Data Validatin Testing Denial f Service Testing Web Services Testing AJAX Testing Page 30 f 46

31 Web Applicatin Pen Testing Framewrk Kali Linux Metasplit Brwser Explitatin Framewrk (BeEF) PwerSplit 13. SQL Injectin SQL Injectin Cncepts What is SQL Injectin? Why Bther abut SQL Injectin? Hw Web Applicatins Wrk? SQL Injectin and Server-side Technlgies Understanding HTTP Pst Request Example: Nrmal SQL Query Understanding an SQL Injectin Query Cde Analysis Example f a Web App Vulnerable t SQL Injectin BadPrductList.aspx Attack Analysis Example f SQL Injectin Updating Table Adding New Recrds Identifying the Table Name Deleting a Table Types f SQL Injectin Errr Based SQL Injectin Unin SQL Injectin Blind SQL Injectin N Errr Messages Returned Blind SQL Injectin: WAITFOR DELAY (YES r NO Respnse) Blean Explitatin Technique SQL Injectin Methdlgy Infrmatin Gathering and SQL Injectin Vulnerability Detectin Infrmatin Gathering Page 31 f 46

32 Identifying Data Entry Paths Extracting Infrmatin thrugh Errr Messages Testing fr SQL Injectin Additinal Methds t Detect SQL Injectin SQL Injectin Black Bx Pen Testing Surce Cde Review t Detect SQL Injectin Vulnerabilities Launch SQL Injectin Attacks Perfrm Unin SQL Injectin Perfrm Errr Based SQL Injectin Perfrm Errr Based SQL Injectin: Using Stred Prcedure Injectin Bypass Website Lgins Using SQL Injectin Perfrm Blind SQL Injectin Explitatin (MySQL) Blind SQL Injectin Extract Database User Extract Database Name Extract Clumn Name Extract Data frm ROWS Perfrm Duble Blind SQL Injectin - Classical Explitatin (MySQL) Perfrm Blind SQL Injectin Using Out f Band Explitatin Technique Expliting Secnd-Order SQL Injectin Advanced SQL Injectin SQL Injectin Tls BSQLHacker Database, Table, and Clumn Enumeratin Advanced Enumeratin Features f Different DBMSs Creating Database Accunts Passwrd Grabbing Grabbing SQL Server Hashes Extracting SQL Hashes (In a Single Statement) Transfer Database t Attacker's Machine Interacting with the Operating System Interacting with the File System Netwrk Recnnaissance Using SQL Injectin Netwrk Recnnaissance Full Query Page 32 f 46

33 Marathn Tl SQL Pwer Injectr Havij SQL Injectin Tls SQL Injectin Tl fr Mbile DridSQLi sqlmapchik Evasin Techniques Evading IDS Types f Signature Evasin Techniques Evasin Technique Sphisticated Matches Hex Encding Manipulating White Spaces In-line Cmment Char Encding String Cncatenatin Obfuscated Cdes Cunter-measures Hw t Defend Against SQL Injectin Attacks? Hw t Defend Against SQL Injectin Attacks: Use Type-Safe SQL Parameters Hw t Defend Against SQL Injectin Attacks SQL Injectin Detectin Tl dtdefender IBM Security AppScan WebCruiser Snrt Rule t Detect SQL Injectin Attacks SQL Injectin Detectin Tls 15. Hacking Wireless Netwrks Wireless Cncepts Wireless Terminlgies Wireless Netwrks Wi-Fi Netwrks at Hme and Public Places Page 33 f 46

34 Wireless Technlgy Statistics Types f Wireless Netwrks Wireless Standards Service Set Identifier (SSID) Wi-Fi Authenticatin Mdes Wi-Fi Authenticatin Prcess Using a Centralized Authenticatin Server Wi-Fi Chalking Wi-Fi Chalking Symbls Types f Wireless Antenna Parablic Grid Antenna Wireless Encryptin Types f Wireless Encryptin WEP Encryptin Hw WEP Wrks? What is WPA? Hw WPA Wrks? Tempral Keys What is WPA2? WEP vs. WPA vs. WPA2 WEP Issues Hw WPA2 Wrks? Weak Initializatin Vectrs (IV) Hw t Break WEP Encryptin? Hw t Break WPA Encryptin? Hw t Defend Against WPA Cracking? Wireless Threats Access Cntrl Attacks Integrity Attacks Cnfidentiality Attacks Availability Attacks Authenticatin Attacks Rgue Access Pint Attack Client Mis-assciatin Miscnfigured Access Pint Attack Unauthrized Assciatin Ad Hc Cnnectin Attack Page 34 f 46

35 HneySpt Access Pint Attack AP MAC Spfing Denial-f-Service Attack Jamming Signal Attack Wi-Fi Jamming Devices Wireless Hacking Methdlgy Wi-Fi Discvery Ftprint the Wireless Netwrk Find Wi-Fi Netwrks t Attack Wi-Fi Discvery Tl inssider and NetSurveyr Vistumbler and NetStumbler Wi-Fi Discvery Tls Mbile-based Wi-Fi Discvery Tl GPS Mapping GPS Mapping Tl WIGLE Skyhk Wi-Fi Htspt Finder Wi-Fi Finder WeFi Hw t Discver Wi-Fi Netwrk Using Wardriving? Wireless Traffic Analysis Wireless Cards and Chipsets Wi-Fi USB Dngle: AirPcap Wi-Fi Packet Sniffer Wireshark with AirPcap SteelCentral Packet Analyzer OmniPeek Netwrk Analyzer CmmView fr Wi-Fi What is Spectrum Analysis? Wi-Fi Packet Sniffers Launch Wireless Attacks Aircrack-ng Suite Hw t Reveal Hidden SSIDs Fragmentatin Attack Page 35 f 46

36 Hw t Launch MAC Spfing Attack? Denial f Service: Deauthenticatin and Disassciatin Attacks Man-in-the-Middle Attack MITM Attack Using Aircrack-ng Wireless ARP Pisning Attack Rgue Access Pint Evil Twin Crack Wi-Fi Encryptin Hw t Set Up a Fake Htspt (Evil Twin)? Hw t Crack WEP Using Aircrack Hw t Crack WPA-PSK Using Aircrack WPA Cracking Tl: KisMAC WEP Cracking Using Cain & Abel WPA Brute Frcing Using Cain & Abel WPA Cracking Tl: Elcmsft Wireless Security Auditr WEP/WPA Cracking Tls WEP/WPA Cracking Tl fr Mbile: Penetrate Pr Wireless Hacking Tls Wi-Fi Sniffer: Kismet Wardriving Tls RF Mnitring Tls Wi-Fi Traffic Analyzer Tls Wi-Fi Raw Packet Capturing and Spectrum Analyzing Tls Wireless Hacking Tls fr Mbile: HackWifi and Backtrack Simulatr Bluetth Hacking Bluetth Stack Bluetth Threats Hw t BlueJack a Victim? Bluetth Hacking Tl Super Bluetth Hack PhneSnp BlueScanner Bluetth Hacking Tls Cunter-measures Hw t Defend Against Bluetth Hacking? Hw t Detect and Blck Rgue AP? Page 36 f 46

37 Wireless Security Layers Hw t Defend Against Wireless Attacks? Wireless Security Tls Wireless Intrusin Preventin Systems Wireless IPS Deplyment Wi-Fi Security Auditing Tl AirMagnet WiFi Analyzer Mtrla s AirDefense Services Platfrm (ADSP) Adaptive Wireless IPS Aruba RFPrtect Wi-Fi Intrusin Preventin System Wi-Fi Predictive Planning Tls Wi-Fi Vulnerability Scanning Tls Bluetth Security Tl: Bluetth Firewall Wi-Fi Security Tls fr Mbile: Wifi Prtectr, WiFiGuard, and Wifi Inspectr Wi-Fi Pen Testing Wireless Penetratin Testing Wireless Penetratin Testing Framewrk Wi-Fi Pen Testing Framewrk Pen Testing LEAP Encrypted WLAN Pen Testing WPA/WPA2 Encrypted WLAN Pen Testing WEP Encrypted WLAN Pen Testing Unencrypted WLAN 16. Hacking Mbile Platfrms Mbile Platfrm Attack Vectrs Vulnerable Areas in Mbile Business Envirnment OWASP Mbile Tp 10 Risks Anatmy f a Mbile Attack Hw a Hacker can Prfit frm Mbile when Successfully Cmprmised Mbile Attack Vectrs Mbile Platfrm Vulnerabilities and Risks Security Issues Arising frm App Stres Page 37 f 46

38 App Sandbxing Issues Mbile Spam SMS Phishing Attack (SMiShing) (Targeted Attack Scan) Why SMS Phishing is Effective? SMS Phishing Attack Examples Pairing Mbile Devices n Open Bluetth and Wi-Fi Cnnectins Hacking Andrid OS Andrid OS Andrid OS Architecture Andrid Device Administratin API Andrid Vulnerabilities Andrid Rting Hacking ios Rting Andrid Phnes using SuperOneClick Rting Andrid Phnes Using Superbt Andrid Rting Tls Hacking Netwrks Using Netwrk Spfer Sessin Hijacking Using DridSheep Andrid-based Sniffer FaceNiff Packet Sniffer, tpacketcapture, and Andrid PCAP Andrid Trjan ZitM (ZeuS-in-the-Mbile) FakeTken and TRAMP.A Fakedefender and Obad FakeInst and OpFake AndrRAT and Dendrid Securing Andrid Devices Ggle Apps Device Plicy Remte Wipe Service: Remte Wipe Andrid Security Tl DridSheep Guard TrustG Mbile Security and Sphs Mbile Security 360 Security, AVL, and Avira Antivirus Security Andrid Vulnerability Scanner: X-Ray Andrid Device Tracking Tls Page 38 f 46

39 Apple ios Jailbreaking ios Types f Jailbreaking Jailbreaking Techniques App Platfrm fr Jailbraken Devices: Cydia Jailbreaking Tl: Pangu Untethered Jailbreaking f ios 7.1.1/7.1.2 Using Pangu fr Mac Jailbreaking Tls Redsn0w and Absinthe evasi0n7 and GeekSn0w Sn0wbreeze and PwnageTl LimeRa1n and Blackra1n Guidelines fr Securing ios Devices ios Device Tracking Tls Hacking Windws Phne OS Windws Phne 8 Architecture Secure Bt Prcess Guidelines fr Securing Windws OS Devices Windws OS Device Tracking Tl: FllwMee GPS Tracker Hacking BlackBerry BlackBerry Operating System BlackBerry Enterprise Slutin Architecture Blackberry Attack Vectrs Malicius Cde Signing JAD File Explits and Memry/ Prcesses Manipulatins Shrt Message Service (SMS) Explits Explits PIM Data Attacks and TCP/IP Cnnectins Vulnerabilities Guidelines fr Securing BlackBerry Devices BlackBerry Device Tracking Tls: MbileTracker and Psitin Lgic Blackberry Tracker Mbile Spyware: mspy and StealthGenie Mbile Spyware Mbile Device Management (MDM) MDM Slutin: MaaS360 Mbile Device Management (MDM) MDM Slutins Page 39 f 46

40 Bring Yur Own Device (BYOD) BYOD Risks BYOD Plicy Implementatin BYOD Security Guidelines fr Administratr BYOD Security Guidelines fr Emplyee Mbile Security Guidelines and Tls General Guidelines fr Mbile Platfrm Security Mbile Device Security Guidelines fr Administratr SMS Phishing Cuntermeasures Mbile Prtectin Tl BullGuard Mbile Security Lkut WISeID zips Mbile Prtectin Tls Mbile Anti-Spyware Mbile Pen Testing Andrid Phne Pen Testing iphne Pen Testing Windws Phne Pen Testing BlackBerry Pen Testing Mbile Pen Testing Tlkit zanti dsplit Hackde (The Hacker's Tlbx) 16. Evading IDS, Firewalls, and Hneypts IDS, Firewall and Hneypt Cncepts Intrusin Detectin Systems (IDS) and their Placement Hw IDS Wrks? Ways t Detect an Intrusin General Indicatins f Intrusins General Indicatins f System Intrusins Types f Intrusin Detectin Systems Page 40 f 46

41 Firewall System Integrity Verifiers (SIV) Firewall Architecture DeMilitarized Zne (DMZ) Types f Firewall Hneypt Packet Filtering Firewall Circuit-Level Gateway Firewall Applicatin-Level Firewall Stateful Multilayer Inspectin Firewall Types f Hneypts IDS, Firewall and Hneypt System Intrusin Detectin Tl: Snrt Snrt Rules Rule Actins and IP Prtcls The Directin Operatr and IP Addresses Prt Numbers Intrusin Detectin Systems: Tipping Pint Intrusin Detectin Tls Intrusin Detectin Tls fr Mbile Firewall ZneAlarm PRO Firewall 2015 Cmd Firewall Firewalls Firewalls fr Mbile: Andrid Firewall and Firewall ip Firewalls fr Mbile Hneypt Tl: KFSensr and SPECTER Hneypt Tls Hneypt Tl fr Mbile: HsTaGe Evading IDS Insertin Attack Evasin Denial-f-Service Attack (DS) Obfuscating False Psitive Generatin Sessin Splicing Page 41 f 46

42 Unicde Evasin Technique Fragmentatin Attack Overlapping Fragments Time-T-Live Attacks Invalid RST Packets Urgency Flag Plymrphic Shellcde ASCII Shellcde Applicatin-Layer Attacks Desynchrnizatin - Pre Cnnectin SYN Desynchrnizatin - Pst Cnnectin SYN Other Types f Evasin Evading Firewalls Firewall Identificatin Prt Scanning Firewalking Banner Grabbing IP Address Spfing Surce Ruting Tiny Fragments Bypass Blcked Sites Using IP Address in Place f URL Bypass Blcked Sites Using Annymus Website Surfing Sites Bypass a Firewall Using Prxy Server Bypassing Firewall thrugh ICMP Tunneling Methd Bypassing Firewall thrugh ACK Tunneling Methd Bypassing Firewall thrugh HTTP Tunneling Methd Why d I Need HTTP Tunneling HTTP Tunneling Tls HTTPrt and HTTHst Super Netwrk Tunnel HTTP-Tunnel Bypassing Firewall thrugh SSH Tunneling Methd SSH Tunneling Tl: Bitvise Bypassing Firewall thrugh External Systems Bypassing Firewall thrugh MITM Attack Bypassing Firewall thrugh Cntent Page 42 f 46

43 IDS/Firewall Evading Tls IDS/Firewall Evasin Tl Traffic IQ Prfessinal tcp-ver-dns IDS/Firewall Evasin Tls Packet Fragment Generatr: Clasft Packet Builder Packet Fragment Generatrs Detecting Hneypts Detecting Hneypts Hneypt Detecting Tl: Send-Safe Hneypt Hunter IDS/Firewall Evasin Cunter-measures Cuntermeasures Penetratin Testing Firewall/IDS Penetratin Testing Firewall Penetratin Testing IDS Penetratin Testing 17. Clud Cmputing Intrductin t Clud Cmputing Types f Clud Cmputing Services Separatin f Respnsibilities in Clud Clud Deplyment Mdels NIST Clud Cmputing Reference Architecture Clud Cmputing Benefits Understanding Virtualizatin Benefits f Virtualizatin in Clud Clud Cmputing Threats Clud Cmputing Attacks Service Hijacking using Scial Engineering Attacks Service Hijacking using Netwrk Sniffing Sessin Hijacking using XSS Attack Sessin Hijacking using Sessin Riding Dmain Name System (DNS) Attacks Side Channel Attacks r Crss-guest VM Breaches Page 43 f 46

44 Side Channel Attack Cuntermeasures SQL Injectin Attacks Cryptanalysis Attacks Cryptanalysis Attack Cuntermeasures Wrapping Attack Denial-f-Service (DS) and Distributed Denial-f-Service (DDS) Attacks Clud Security Clud Security Cntrl Layers Clud Security is the Respnsibility f bth Clud Prvider and Cnsumer Clud Cmputing Security Cnsideratins Placement f Security Cntrls in the Clud Best Practices fr Securing Clud NIST Recmmendatins fr Clud Security Organizatin/Prvider Clud Security Cmpliance Checklist Clud Security Tls Cre CludInspect CludPassage Hal Clud Security Tls Clud Penetratin Testing What is Clud Pen Testing? Key Cnsideratins fr Pen Testing in the Clud Scpe f Clud Pen Testing Clud Penetratin Testing Recmmendatins fr Clud Testing 18. Cryptgraphy Market Survey 2014: The Year f Encryptin Case Study: Heartbleed Case Study: Pdlebleed Cryptgraphy Cncepts Cryptgraphy Types f Cryptgraphy Gvernment Access t Keys (GAK) Encryptin Algrithms Ciphers Page 44 f 46

45 Data Encryptin Standard (DES) Advanced Encryptin Standard (AES) RC4, RC5, RC6 Algrithms The DSA and Related Signature Schemes RSA (Rivest Shamir Adleman) The RSA Signature Scheme Example f RSA Algrithm Message Digest (One-way Hash) Functins Message Digest Functin: MD5 Secure Hashing Algrithm (SHA) What is SSH (Secure Shell)? Cryptgraphy Tls MD5 Hash Calculatrs: HashCalc, MD5 Calculatr and HashMyFiles Hash Calculatrs fr Mbile: MD5 Hash Calculatr, Hash Drid, and Hash Calculatr Cryptgraphy Tl Advanced Encryptin Package 2014 BCTextEncder Cryptgraphy Tls Cryptgraphy Tls fr Mbile: Secret Space Encryptr, CryptSymm, and Cipher Sender Public Key Infrastructure(PKI) Certificatin Authrities Signed Certificate (CA) Vs. Self Signed Certificate Encryptin Digital Signature SSL (Secure Sckets Layer) Transprt Layer Security (TLS) Cryptgraphy Tlkit OpenSSL Keyczar Pretty Gd Privacy (PGP) Disk Encryptin Disk Encryptin Tls: Symantec Drive Encryptin and GiliSft Full Disk Encryptin Disk Encryptin Tls Page 45 f 46

46 Cryptgraphy Attacks Cde Breaking Methdlgies Brute-Frce Attack Meet-in-the-Middle Attack n Digital Signature Schemes Side Channel Attack Side Channel Attack - Scenari Cryptanalysis Tls Cryptanalysis Tl: CrypTl Cryptanalysis Tls Online MD5 Decryptin Tl Page 46 f 46