Certified Ethical Hacker Exam Version Comparison. Version Comparison

Transcription

1 CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation of concepts and attacks Exclusive section for best practices to follow to protect information systems against various attacks New and rich presentation style with eye catching graphics Latest OS covered and a patched testing environment Well tested, result oriented, descriptive and analytical lab manual to evaluate the presented concepts No Document Document Page 1

2 Module Comparison of CEHv8 with CEHv7 Introduction to Ethical Hacking Hacking refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized or inappropriate access to the system resources. The topics highlighted in red under CEHv8 Module 01: Introduction to Ethical Hacking are the new additions. CEHv7 Module 01: Introduction to Ethical Hacking Data Breach Investigations Report Essential Terminologies Elements of Information Security Effects of Hacking on Business Who Is a Hacker? Hacking Phases Types of Attacks on a System Why Ethical Hacking is Necessary Skills of an Ethical Hacker Vulnerability Research What Is Penetration Testing? CEHv8 Module 01: Introduction to Ethical Hacking Data Breach Investigations Report Essential Terminologies Elements of Information Security Top Information Security Attack Vectors Motives, Goals, and Objectives of Information Security Attacks Information Security Threats Information Warfare IPv6 Security Threats Hacking vs. Ethical Hacking Effects of Hacking on Business Who Is a Hacker? Hacking Phases Types of Attacks on a System Why Ethical Hacking is Necessary Skills of an Ethical Hacker Incident Management Process Types of Security Policies Page 2

3 Vulnerability Research What Is Penetration Testing? Footprinting and Reconnaissance Footprinting refers to uncovering and collecting as much information as possible about a target network, for identifying various ways to intrude into an organization s network system. The topics highlighted in red under CEHv8 Module 02: Footprinting and Reconnaissance are the new additions. CEHv7 Module 02: Footprinting and Reconnaissance Footprinting Terminologies What Is Footprinting? Objectives of Footprinting Footprinting Threats Footprinting through Search Engines Website Footprinting Footprinting Competitive Intelligence Footprinting Using Google WHOIS Footprinting DNS Footprinting Network Footprinting Footprinting Tools Footprinting Countermeasures CEHv8 Module 02: Footprinting and Reconnaissance Footprinting Terminologies What Is Footprinting? Objectives of Footprinting Footprinting Threats Footprinting through Search Engines Website Footprinting Footprinting Competitive Intelligence Footprinting Using Google WHOIS Footprinting DNS Footprinting Network Footprinting Footprinting through Social Engineering Footprinting through Social Networking Sites Page 3

4 Footprinting Pen Testing Footprinting Tools Footprinting Countermeasures Footprinting Pen Testing Footprinting Terminologies What Is Footprinting? Scanning Networks Network scanning refers to a set of procedures for identifying hosts, ports, and services in a network. The topics highlighted in red under CEHv8 Module 03: Scanning Networks are the new additions CEHv7 Module 03: Scanning Networks Overview of Network Scanning CEH Scanning Methodology Checking for Live Systems Scanning Techniques IDS Evasion Techniques Banner Grabbing Vulnerability Scanning Drawing Network Diagrams Proxy Chaining HTTP Tunneling Techniques SSH Tunneling Anonymizers IP Spoofing Detection Techniques Scanning Countermeasures Scanning Pen Testing CEHv8 Module 03: Scanning Networks Overview of Network Scanning CEH Scanning Methodology Checking for Live Systems Scanning IPv6 Network Scanning Techniques IDS Evasion Techniques Banner Grabbing Vulnerability Scanning Drawing Network Diagrams Proxy Chaining HTTP Tunneling Techniques SSH Tunneling Anonymizers IP Spoofing Detection Techniques Scanning Countermeasures Scanning Pen Testing Latest Network Scanning Tools Added Page 4

5 6 more Labs Added Enumeration In the enumeration phase, attacker creates active connections to system and performs directed queries to gain more information about the target. The topics highlighted in red under CEHv8 Module 04: Enumeration are the new additions. CEHv7 Module 04: Enumeration What Is Enumeration? Techniques for Enumeration NetBIOS Enumeration Enumerate Systems Using Default Passwords SNMP Enumeration UNIX/Linux Enumeration LDAP Enumeration NTP Enumeration SMTP Enumeration DNS Enumeration Enumeration Countermeasures Enumeration Pen Testing CEHv8 Module 04: Enumeration What Is Enumeration? Techniques for Enumeration Services and Ports to Enumerate NetBIOS Enumeration Enumerate Systems Using Default Passwords SNMP Enumeration Working of SNMP UNIX/Linux Enumeration LDAP Enumeration NTP Enumeration SMTP Enumeration DNS Enumeration Enumeration Countermeasures Enumeration Pen Testing Latest Enumeration Tools Added 1 more Lab Added Page 5

6 System Hacking Password cracking techniques are used to recover passwords from computer systems. The topics highlighted in red under CEHv8 Module 05 System Hacking are the new additions. CEHv7 Module 05 System Hacking System Hacking: Goals CEH Hacking Methodology (CHM) Password Cracking Microsoft Authentication How to Defend against Password Cracking Privilege Escalation Types of Privilege Escalation Executing Applications Types of Keystroke Loggers and Spywares Anti-Keylogger and Anti-Spywares Detecting Rootkits NTFS Stream Manipulation Classification of Steganography Steganalysis Methods/Attacks on Steganography Covering Tracks Penetration Testing CEHv8 Module 05 System Hacking System Hacking: Goals CEH Hacking Methodology (CHM) Password Cracking Stealing Passwords Using Keyloggers Microsoft Authentication How to Defend against Password Cracking Privilege Escalation Types of Privilege Escalation Executing Applications Methodology of Attacker in using Remote Keylogger Types of Keystroke Loggers and Spywares Anti-Keylogger and Anti-Spywares Various methods to place a rootkit Detecting Rootkits NTFS Stream Manipulation Application of steganography Classification of Steganography Audio Steganography Methods Issues in Information hiding Steganalysis Methods/Attacks on Steganography Detecting Text, Image, Audio, and Video Steganography Covering Tracks Penetration Testing Page 6

7 Trojans and Backdoors It is a program in which the malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and cause damage, such as ruining the file allocation table on your hard disk. The topics highlighted in red under CEHv8 Module 06: Trojans and Backdoors are the new additions. CEHv7 Module 06: Trojans and Backdoors What Is a Trojan? What Do Trojan Creators Look For Indications of a Trojan Attack Common Ports used by Trojans How to Infect Systems Using a Trojan Different Ways a Trojan can Get into a System How to Deploy a Trojan Types of Trojans How to Detect Trojans Trojan Countermeasures Trojan Horse Construction Kit Anti-Trojan Software Pen Testing for Trojans and Backdoors CEHv8 Module 06: Trojans and Backdoors What Is a Trojan? What Do Trojan Creators Look For Indications of a Trojan Attack Common Ports used by Trojans How to Infect Systems Using a Trojan Different Ways a Trojan can Get into a System How to Deploy a Trojan Types of Trojans Trojan Analysis How to Detect Trojans Trojan Countermeasures Trojan Horse Construction Kit Anti-Trojan Software Pen Testing for Trojans and Backdoors Latest Trojan Detection Tools Added 2 more Labs Added Page 7

8 Viruses and Worms A virus is a self-replicating program that produces its own code by attaching copies of itself into other executable codes. The topics highlighted in red under CEHv8 Module 07: Viruses and Worms are the new additions. CEHv7 Module 07: Viruses and Worms Introduction to Viruses Stages of Virus Life Working of Viruses Indications of Virus Attack How does a Computer Get Infected by Viruses Types of Viruses Virus Maker Computer Worms Worm Analysis Worm Maker Malware Analysis Procedure Online Malware Analysis Services Virus and Worms Countermeasures Antivirus Tools Penetration Testing for Virus CEHv8 Module 07: Viruses and Worms Introduction to Viruses Stages of Virus Life Working of Viruses Common Techniques Used to Distribute Malware on the Web Indications of Virus Attack How does a Computer Get Infected by Viruses Virus Analysis Types of Viruses Virus Maker Computer Worms Worm Analysis Worm Maker Malware Analysis Procedure Online Malware Analysis Services Virus Detection Methods Virus and Worms Countermeasures Antivirus Tools Penetration Testing for Virus Page 8

9 Sniffers Packet sniffing is a process of monitoring and capturing all data packets passing through a given network using software (application) or hardware device. The topics highlighted in red under CEHv8 Module 08: Sniffing are the new additions. CEHv7 Module 08: Sniffers Packet Sniffing Sniffing Threats Types of Sniffing Attacks Hardware Protocol Analyzers MAC Flooding How DHCP Works Rogue DHCP Server Attack ARP Spoofing Techniques ARP Poisoning Tools How to Defend Against ARP Poisoning Spoofing Attack Threats How to Defend Against MAC Spoofing DNS Poisoning Techniques How to Defend Against DNS Spoofing Sniffing Tools Sniffing Pen Testing CEHv8 Module 08: Sniffing Packet Sniffing Sniffing Threats Types of Sniffing Attacks Hardware Protocol Analyzers IPv6 Addresses MAC Flooding How DHCP Works Rogue DHCP Server Attack ARP Spoofing Techniques ARP Poisoning Tools How to Defend Against ARP Poisoning Spoofing Attack Threats MAC Spoofing Technique IRDP Spoofing How to Defend Against MAC Spoofing DNS Poisoning Techniques How to Defend Against DNS Spoofing Sniffing Tools Sniffer Detection Technique Sniffing Pen Testing Page 9

10 Social Engineering Social engineering is the art of convincing people to reveal confidential information. Social engineers depend on the fact that people are unaware of their valuable information and are careless about protecting it. The topics highlighted in red under CEHv8 Module 09: Social Engineering are the new additions. CEHv7 Module 09: Social Engineering What Is Social Engineering? Factors that Make Companies Vulnerable to Attacks Warning Signs of an Attack Phases in a Social Engineering Attack Common Targets of Social Engineering Human-based Social Engineering Computer-based Social Engineering Social Engineering Through Impersonation on Social Networking Sites Identify Theft Social Engineering Countermeasures How to Detect Phishing s Identity Theft Countermeasures Social Engineering Pen Testing CEHv8 Module 09: Social Engineering What Is Social Engineering? Factors that Make Companies Vulnerable to Attacks Warning Signs of an Attack Phases in a Social Engineering Attack Common Targets of Social Engineering Human-based Social Engineering Computer-based Social Engineering Mobile-based Social Engineering Mobile-based Social Engineering Using SMS Social Engineering Through Impersonation on Social Networking Sites Identify Theft Social Engineering Countermeasures How to Detect Phishing s Identity Theft Countermeasures Social Engineering Pen Testing Social Engineering Toolkit Page 10

11 Denial of Service Denial of Service (DoS) is an attack on a computer or network that prevents legitimate use of its resources. The topics highlighted in red under CEHv8 Module 10: Denial-of-Service are the new additions. CEHv7 Module 10: Denial of Service What Is a Denial of Service Attack? What Are Distributed Denial of Service Attacks? Symptoms of a DoS Attack DoS Attack Techniques Botnet Botnet Ecosystem DDoS Attack Tools DoS Attack Tools Detection Techniques DoS/DDoS Countermeasure Techniques to Defend against Botnets Advanced DDoS Protection Appliances Denial of Service (DoS) Attack Penetration Testing CEHv8 Module 10: Denial-of-Service What Is a Denial of Service Attack? What Are Distributed Denial of Service Attacks? Symptoms of a DoS Attack DoS Attack Techniques Botnet Botnet Ecosystem Botnet Trojans DDoS Attack Tools DoS Attack Tools Detection Techniques DoS/DDoS Countermeasure Techniques to Defend against Botnets Advanced DDoS Protection Appliances Denial of Service (DoS) Attack Penetration Testing Latest DDoS and DoS attack tools added Latest DoS/DDoS Protection Tools added Page 11

12 Session Hijacking Session Hijacking refers to the exploitation of a valid computer session where an attacker takes over a session between two computers. The topics highlighted in red under CEHv8 Module 11: Session Hijacking are the new additions. CEHv7 Module 11: Session Hijacking What Is Session Hijacking? Why Session Hijacking Is Successful? Key Session Hijacking Techniques Brute Forcing Attack Session Hijacking Process Types of Session Hijacking Application Level Session Hijacking Session Sniffing Man-in-the-Middle Attack Network Level Session Hijacking TCP/IP Hijacking Session Hijacking Tools Protecting against Session Hijacking IPsec Architecture Session Hijacking Pen Testing CEHv8 Module 11: Session Hijacking What Is Session Hijacking? Why Session Hijacking Is Successful? Key Session Hijacking Techniques Brute Forcing Attack Session Hijacking Process Types of Session Hijacking Application Level Session Hijacking Session Sniffing Man-in-the-Middle Attack Network Level Session Hijacking TCP/IP Hijacking Session Hijacking Tools Protecting against Session Hijacking IPsec Architecture Session Hijacking Pen Testing Latest Session Hijacking Tools Added Page 12

13 Hacking Webservers Web server pen testing is used to identify, analyze, and report vulnerabilities such as authentication weaknesses, configuration errors, protocol related vulnerabilities, etc. in a web server. The topics highlighted in red under CEHv8 Module 12: Hacking Webservers are the new additions. CEHv7 Module 11: Session Hijacking IIS Webserver Architecture Why Web Servers are Compromised? Impact of Webserver Attacks Webserver Attacks Webserver Attack Methodology Webserver Attack Tools Metasploit Architecture Web Password Cracking Tool Countermeasures How to Defend Against Web Server Attacks Patch Management Patch Management Tools Webserver Pen Testing CEHv8 Module 11: Session Hijacking IIS Webserver Architecture Why Web Servers are Compromised? Impact of Webserver Attacks Webserver Attacks Webserver Attack Methodology Webserver Attack Tools Metasploit Architecture Web Password Cracking Tool Countermeasures How to Defend Against Web Server Attacks How to Defend against HTTP Response Splitting and Web Cache Poisoning Patch Management Patch Management Tools Latest Webserver Security Tools Added Latest Webserver Pen Testing Tools Added Webserver Pen Testing Page 13

14 Hacking Web Applications Web applications provide an interface between end users and web servers through a set of web pages that are generated at the server end or contain script code to be executed dynamically within the client web browser. The topics highlighted in red under CEHv8 Module 13: Hacking Web Applications are the new additions. CEHv7 Module 13: Hacking Web Applications How Web Applications Work Web Attack Vectors Web Application Threats Web App Hacking Methodology Footprint Web Infrastructure Hacking Web Servers Analyze Web Applications Attack Authentication Mechanism Attack Authorization Schemes Session Management Attack Attack Data Connectivity Attack Web App Client Attack Web Services Web Application Hacking Tools Countermeasures Web Application Security Tools Web Application Firewall Web Application Pen Testing CEHv8 Module 13: Hacking Web Applications How Web Applications Work Web Attack Vectors Web Application Threats Web App Hacking Methodology Footprint Web Infrastructure Hacking Web Servers Analyze Web Applications Attack Authentication Mechanism Attack Authorization Schemes Session Management Attack Attack Data Connectivity Attack Web App Client Attack Web Services Latest Web Application Hacking Tools Countermeasures Latest Web Application Security Tools Added Web Application Firewall Web Application Pen Testing Page 14

15 SQL Injection SQL Injection is the most common website vulnerability on the Internet. It is a flaw in Web Applications and not a database or web server issue. The topics highlighted in red under CEHv8 Module 14: SQL Injection are the new additions. CEHv7 Module 14: SQL Injection SQL Injection SQL Injection Attacks SQL Injection Detection SQL Injection Attack Characters Testing for SQL Injection Types of SQL Injection Blind SQL Injection SQL Injection Methodology Advanced SQL Injection Password Grabbing Network Reconnaissance Using SQL Injection SQL Injection Tools Evasion Technique How to Defend Against SQL Injection Attacks SQL Injection Detection Tools CEHv8 Module 14: SQL Injection SQL Injection SQL Injection Attacks SQL Injection Detection SQL Injection Attack Characters Testing for SQL Injection Types of SQL Injection Blind SQL Injection SQL Injection Methodology Advanced SQL Injection Bypass Website Logins Using SQL Injection Password Grabbing Network Reconnaissance Using SQL Injection Latest SQL Injection Tools Added Evasion Technique How to Defend Against SQL Injection Attacks Latest SQL Injection Detection Tools Added 2 more Labs Added Page 15

16 Hacking Wireless Networks Wi-Fi is developed on IEEE standards, and it is widely used in wireless communication. It provides wireless access to applications and data across a radio network. The topics highlighted in red under CEHv8 Module 15: Hacking Wireless Networks are the new additions. CEHv7 Module 15: Hacking Wireless Networks Types of Wireless Networks Wireless Terminologies Types of Wireless Encryption How to Break WEP Encryption Wireless Threats Footprint the Wireless Network GPS Mapping Wireless Traffic Analysis What Is Spectrum Analysis? How to Reveal Hidden SSIDs Crack Wi-Fi Encryption Wireless Hacking Tools Bluetooth Hacking How to BlueJack a Victim How to Defend Against Wireless Attacks Wireless Security Tools Wireless Penetration Testing CEHv8 Module 15: Hacking Wireless Networks Types of Wireless Networks Wireless Terminologies Types of Wireless Encryption How to Break WEP Encryption Wireless Threats Footprint the Wireless Network Mobile-based Wi-Fi Discovery Tools GPS Mapping Wireless Traffic Analysis What Is Spectrum Analysis? How to Reveal Hidden SSIDs Crack Wi-Fi Encryption Latest Wireless Hacking Tools Added Bluetooth Hacking How to BlueJack a Victim How to Defend Against Wireless Attacks Latest Wireless Security Tools Added Wireless Penetration Testing 1 more Lab Added Page 16

17 Hacking Mobile Platforms CEHv8 Module 16 Hacking Mobile Platforms is a new module which covers the following topics: CEHv8 Module 16 Hacking Mobile Platforms Mobile Attack Vectors Guidelines for Securing Windows OS Devices Mobile Platform Vulnerabilities and Blackberry Attack Vectors Risks Android OS Architecture Guidelines for Securing BlackBerry Devices Android Vulnerabilities Mobile Device Management (MDM) Android Trojans General Guidelines for Mobile Platform Security Securing Android Devices Mobile Protection Tools Jailbreaking ios Mobile Pen Testing Guidelines for Securing ios Devices Windows Phone 8 Architecture Evading IDS, Firewalls, and Honeypots An intrusion detection system (IDS) gathers and analyzes information from within a computer or a network, to identify the possible violations of security policy, including unauthorized access, as well as misuse. The topics highlighted in red under CEHv8 Module 17: Evading IDS, Firewalls, and Honeypots are the new additions. CEHv7 Module 16: Evading IDS, Firewalls, and Honeypots Ways to Detect an Intrusion Types of Intrusion Detection Systems General Indications of Intrusions Firewall Architecture Types of Firewall Firewall Identification CEHv8 Module 17: Evading IDS, Firewalls, and Honeypots Ways to Detect an Intrusion Types of Intrusion Detection Systems General Indications of Intrusions Firewall Architecture Types of Firewall Firewall Identification Page 17

18 How to Set Up a Honeypot Intrusion Detection Tools How Snort Works Firewalls Honeypot Tools Evading IDS Evading Firewalls Detecting Honeypots Firewall Evasion Tools Packet Fragment Generators Countermeasures Firewall/IDS Penetration Testing How to Set Up a Honeypot Latest Intrusion Detection Tools Added How Snort Works Firewalls Latest Honeypot Tools Added Evading IDS Evading Firewalls Detecting Honeypots Latest Firewall Evasion Tools Added Packet Fragment Generators Countermeasures Firewall/IDS Penetration Testing 1 more Lab Added Page 18

19 Buffer Overflow A generic buffer overflow occurs when a program tries to store more data in a buffer than it was intended to hold. The topics highlighted in red under CEHv8 Module 18: Buffer Overflow are the new additions. CEHv7 Module 17: Buffer Overflow Heap-Based Buffer Overflow Knowledge Required to Program Buffer Overflow Exploits Buffer Overflow Steps Overflow Using Format String Buffer Overflow Examples How to Mutate a Buffer Overflow Exploit Identifying Buffer Overflows How to Detect Buffer Overflows in a Program BoF Detection Tools Defense Against Buffer Overflows Buffer Overflow Security Tools Buffer Overflow Penetration Testing CEHv8 Module 18: Buffer Overflow Heap-Based Buffer Overflow Why Are Programs and Applications Vulnerable to Buffer Overflows? Knowledge Required to Program Buffer Overflow Exploits Buffer Overflow Steps Overflow Using Format String Buffer Overflow Examples How to Mutate a Buffer Overflow Exploit Identifying Buffer Overflows How to Detect Buffer Overflows in a Program Latest BoF Detection Tools Added Defense Against Buffer Overflows Programming Countermeasures Latest Buffer Overflow Security Tools Added Buffer Overflow Penetration Testing Page 19

20 Cryptography Cryptography is the conversion of data into a scrambled code that is decrypted and sent across a private or public network. The topics highlighted in red under CEHv8 Module 19: Cryptography are the new additions. CEHv7 Module 18: Cryptography Cryptography Encryption Algorithms Ciphers What Is SSH (Secure Shell)? Cryptography Tools Public Key Infrastructure (PKI) Certification Authorities Digital Signature Disk Encryption Disk Encryption Tool Cryptography Attacks Code Breaking Methodologies Cryptanalysis Tools Online MD5 Decryption Tools CEHv8 Module 19: Cryptography Cryptography Encryption Algorithms Ciphers What Is SSH (Secure Shell)? Latest Cryptography Tools Added Public Key Infrastructure (PKI) Certification Authorities Digital Signature Disk Encryption Disk Encryption Tool Cryptography Attacks Code Breaking Methodologies Latest Cryptanalysis Tools Added Online MD5 Decryption Tools 2 more Labs Added Page 20

21 Penetration Testing Penetration testing assesses the security model of the organization as a whole. It reveals potential consequences of a real attacker breaking into the network. The topics highlighted in red under CEHv8 Module 20: Penetration Testing are the new additions. CEHv7 Module 19: Penetration Testing Security Assessments Vulnerability Assessment What Should be Tested? ROI on Penetration Testing Types of Penetration Testing Common Penetration Testing Techniques Pre-Attack Phase Attack Phase Post-Attack Phase Penetration Testing Deliverable Templates Pen Testing Roadmap Web Application Testing Outsourcing Penetration Testing Services CEHv8 Module 20: Penetration Testing Security Assessments Vulnerability Assessment Introduction to Penetration Testing Comparing Security Audit, Vulnerability Assessment, and Penetration Testing What Should be Tested? ROI on Penetration Testing Types of Penetration Testing Common Penetration Testing Techniques Pre-Attack Phase Attack Phase Post-Attack Phase Penetration Testing Deliverable Templates Pen Testing Roadmap Web Application Testing Outsourcing Penetration Testing Services Page 21